Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367EEA2/908F26B42EB411EE82869D784AD9E6FC/43172C202F6711EEBE578C1B4AD9E6FC.roa
File:                     43172C202F6711EEBE578C1B4AD9E6FC.roa (raw, json)
Hash identifier:          olt87M5UNUaEOcxzcw5wRYVy43osgJdjsy53S5VrdrA=
Subject key identifier:   E6:E6:DB:F4:D8:FE:A2:98:CC:65:88:C5:81:21:35:64:47:97:F6:B6
Certificate issuer:       /CN=F367EEA2AF/serialNumber=92D15924230909F29C024B8D5F62D658974A28C6
Certificate serial:       06
Authority key identifier: 92:D1:59:24:23:09:09:F2:9C:02:4B:8D:5F:62:D6:58:97:4A:28:C6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/ktFZJCMJCfKcAkuNX2LWWJdKKMY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/908F26B42EB411EE82869D784AD9E6FC/43172C202F6711EEBE578C1B4AD9E6FC.roa
Signing time:             Mon 31 Jul 2023 05:58:25 +0000
ROA not before:           Mon 31 Jul 2023 05:58:14 +0000
ROA not after:            Fri 31 Jul 2043 05:58:14 +0000
asID:                     37697
IP address blocks:        196.10.148.0/24 maxlen: 24
                          2c0f:ea68::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/908F26B42EB411EE82869D784AD9E6FC/ktFZJCMJCfKcAkuNX2LWWJdKKMY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/908F26B42EB411EE82869D784AD9E6FC/ktFZJCMJCfKcAkuNX2LWWJdKKMY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/ktFZJCMJCfKcAkuNX2LWWJdKKMY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367EEA2AF/serialNumber=92D15924230909F29C024B8D5F62D658974A28C6
        Validity
            Not Before: Jul 31 05:58:14 2023 GMT
            Not After : Jul 31 05:58:14 2043 GMT
        Subject: CN=64c74d81-254d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:23:3e:bd:cf:15:62:42:89:c4:50:9e:56:e5:
                    cb:7a:07:c9:d4:8c:43:74:f5:df:6c:80:84:a1:37:
                    79:99:19:28:d5:a5:fb:c6:18:a5:35:2b:16:69:3c:
                    b3:fe:31:77:46:c8:35:6b:ac:8f:bc:e8:1a:22:fb:
                    55:46:5a:9f:d3:1c:85:ef:83:b1:b6:e9:da:5f:6e:
                    c9:9f:c0:ab:05:67:d8:40:ca:a6:9f:17:1a:73:02:
                    2e:a7:08:d3:45:03:e4:37:6f:24:13:f9:7a:d2:02:
                    4f:0e:bd:32:f7:28:5b:e9:fc:6c:71:86:03:77:b8:
                    81:c3:d9:28:26:e5:50:7b:d7:7d:1b:93:ff:3b:d4:
                    6e:34:45:bf:df:eb:30:74:eb:94:b7:6e:27:46:f2:
                    9f:6e:02:c8:1b:85:03:0f:ba:25:13:4a:83:b0:b4:
                    e9:59:37:d7:e7:35:f8:7f:b1:bc:01:78:69:bc:1c:
                    a8:ac:43:39:9b:ff:93:76:1d:49:9a:23:68:1d:11:
                    79:d9:4c:97:50:bd:98:ec:ce:f3:bf:7f:c0:0c:c4:
                    08:cf:8c:fe:4d:e2:39:43:00:ef:c2:92:b8:97:4b:
                    38:a7:2c:27:b1:fb:c2:6e:26:63:2e:99:6a:4b:d3:
                    0d:72:14:3b:97:df:db:dd:12:68:67:fa:9b:10:4a:
                    43:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:E6:DB:F4:D8:FE:A2:98:CC:65:88:C5:81:21:35:64:47:97:F6:B6
            X509v3 Authority Key Identifier:
                keyid:92:D1:59:24:23:09:09:F2:9C:02:4B:8D:5F:62:D6:58:97:4A:28:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/908F26B42EB411EE82869D784AD9E6FC/ktFZJCMJCfKcAkuNX2LWWJdKKMY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ktFZJCMJCfKcAkuNX2LWWJdKKMY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/908F26B42EB411EE82869D784AD9E6FC/43172C202F6711EEBE578C1B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.10.148.0/24
                IPv6:
                  2c0f:ea68::/32

    Signature Algorithm: sha256WithRSAEncryption
         4d:c6:1e:89:e8:7c:34:66:73:6e:ec:41:22:bd:d0:cb:0a:f1:
         16:87:cf:e8:2c:6f:91:9c:46:99:77:50:04:d6:64:59:77:c8:
         b5:e3:8c:21:d3:dc:50:19:f6:cd:94:6a:d9:66:99:a9:68:12:
         e8:a1:2a:85:dc:e0:82:e4:6b:1d:23:6a:7a:dc:18:1c:24:39:
         9f:72:5b:f0:17:bb:76:ba:3a:1d:c8:6c:26:49:b8:52:f0:8c:
         b2:09:94:c1:67:02:e8:44:90:ce:28:40:5f:c3:84:b0:8d:d3:
         ff:5c:25:a0:e9:bd:26:3e:34:86:f0:70:02:f8:df:01:7b:98:
         76:fa:74:de:ae:2e:eb:ca:c8:0b:d6:46:5f:3f:19:0e:30:e3:
         a7:9a:0c:fb:b3:0d:a2:73:65:89:05:f6:72:06:18:d9:a9:bc:
         31:b7:2d:d2:99:18:94:74:69:0e:87:d3:25:78:81:56:45:a7:
         d1:af:b0:ac:2f:cb:15:14:f8:33:58:81:1d:67:d4:6c:6f:7b:
         47:ed:2c:5a:d4:aa:e7:6e:9c:53:fa:15:1b:ab:5d:db:ef:ec:
         58:78:a5:92:d3:32:5a:99:d9:3d:d7:e4:18:7c:db:81:5b:5f:
         85:1a:5e:c0:71:ac:74:b3:90:11:7c:14:78:38:86:e6:4d:ef:
         0d:27:a4:c3
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
RUVBMkFGMTEwLwYDVQQFEyg5MkQxNTkyNDIzMDkwOUYyOUMwMjRCOEQ1RjYyRDY1
ODk3NEEyOEM2MB4XDTIzMDczMTA1NTgxNFoXDTQzMDczMTA1NTgxNFowGDEWMBQG
A1UEAxMNNjRjNzRkODEtMjU0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8jPr3PFWJCicRQnlbly3oHydSMQ3T132yAhKE3eZkZKNWl+8YYpTUrFmk8
s/4xd0bINWusj7zoGiL7VUZan9Mche+Dsbbp2l9uyZ/AqwVn2EDKpp8XGnMCLqcI
00UD5DdvJBP5etICTw69MvcoW+n8bHGGA3e4gcPZKCblUHvXfRuT/zvUbjRFv9/r
MHTrlLduJ0byn24CyBuFAw+6JRNKg7C06Vk31+c1+H+xvAF4abwcqKxDOZv/k3Yd
SZojaB0RedlMl1C9mOzO879/wAzECM+M/k3iOUMA78KSuJdLOKcsJ7H7wm4mYy6Z
akvTDXIUO5ff290SaGf6mxBKQ+UCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTm5tv0
2P6imMxliMWBITVkR5f2tjAfBgNVHSMEGDAWgBSS0VkkIwkJ8pwCS41fYtZYl0oo
xjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0VFQTIvOTA4RjI2QjQyRUI0MTFFRTgyODY5RDc4NEFEOUU2RkMva3RGWkpD
TUpDZktjQWt1TlgyTFdXSmRLS01ZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMva3RGWkpDTUpDZktjQWt1TlgyTFdXSmRLS01ZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0VFQTIvOTA4RjI2QjQyRUI0MTFFRTgyODY5RDc4NEFE
OUU2RkMvNDMxNzJDMjAyRjY3MTFFRUJFNTc4QzFCNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMQKlDANBAIAAjAHAwUALA/q
aDANBgkqhkiG9w0BAQsFAAOCAQEATcYeieh8NGZzbuxBIr3QywrxFofP6CxvkZxG
mXdQBNZkWXfIteOMIdPcUBn2zZRq2WaZqWgS6KEqhdzgguRrHSNqetwYHCQ5n3Jb
8Be7dro6HchsJkm4UvCMsgmUwWcC6ESQzihAX8OEsI3T/1wloOm9Jj40hvBwAvjf
AXuYdvp03q4u68rIC9ZGXz8ZDjDjp5oM+7MNonNliQX2cgYY2am8Mbct0pkYlHRp
DofTJXiBVkWn0a+wrC/LFRT4M1iBHWfUbG97R+0sWtSq526cU/oVG6td2+/sWHil
ktMyWpnZPdfkGHzbgVtfhRpewHGsdLOQEXwUeDiG5k3vDSekww==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org