Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/F4E7AB82052811EE94115E454AD9E6FC.roa
File:                     F4E7AB82052811EE94115E454AD9E6FC.roa (raw, json)
Hash identifier:          0f6Udr5nVgdqIgPgxaXYb0TifWritIk3wQmsNXYsjss=
Subject key identifier:   F9:87:09:2D:51:4E:C2:1F:E7:D2:69:92:DB:E7:09:63:4C:D7:CD:A9
Certificate issuer:       /CN=F3681ED0AF/serialNumber=4A83F31B1B0604CA6D0B72A453DAA3EB587B4C82
Certificate serial:       4F
Authority key identifier: 4A:83:F3:1B:1B:06:04:CA:6D:0B:72:A4:53:DA:A3:EB:58:7B:4C:82
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/F4E7AB82052811EE94115E454AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 11:46:36 +0000
ROA not before:           Wed 07 Jun 2023 11:46:32 +0000
ROA not after:            Wed 08 Jun 2033 11:46:32 +0000
asID:                     30986
IP address blocks:        41.189.160.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79 (0x4f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3681ED0AF/serialNumber=4A83F31B1B0604CA6D0B72A453DAA3EB587B4C82
        Validity
            Not Before: Jun  7 11:46:32 2023 GMT
            Not After : Jun  8 11:46:32 2033 GMT
        Subject: CN=64806e1c-1fce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c0:bd:b8:79:62:3a:c4:f1:45:70:1c:28:aa:
                    ac:52:c0:e6:67:91:0c:0e:29:28:6b:2e:4e:0d:eb:
                    15:19:8a:d9:73:55:29:66:10:e4:18:63:ab:cb:52:
                    ba:fa:69:57:72:f9:ce:4e:15:43:83:1d:92:ce:d7:
                    8d:04:5b:2a:65:f9:12:8b:2b:85:d6:e1:43:c6:5a:
                    78:e2:a5:f0:18:48:47:e8:95:2a:ff:a7:00:e3:51:
                    66:f2:67:89:24:13:08:65:24:fe:a4:1c:26:34:49:
                    da:a9:8f:a1:f4:57:9c:6a:d7:99:1c:85:e0:10:d7:
                    ff:88:62:99:3e:59:62:9e:1e:89:0f:4b:d2:c8:59:
                    d1:bc:37:16:c3:20:b6:6e:81:7f:3a:da:6a:de:63:
                    a1:9d:d3:2e:e1:ad:00:d4:62:98:35:3d:27:9c:98:
                    66:81:cc:28:14:70:23:ab:5d:49:8f:d1:82:fe:61:
                    87:ef:29:8c:36:ec:44:6e:13:70:c5:5e:67:a9:8b:
                    cf:cc:a5:65:18:4a:1e:fc:32:04:e6:c7:47:7c:c3:
                    c9:99:e5:9a:80:cb:6a:7d:06:8d:86:a7:6f:97:c8:
                    08:41:d5:b6:63:7b:d7:fd:10:14:df:6d:31:d2:90:
                    f2:7d:2c:cb:40:1d:36:71:3d:45:a9:58:36:8a:aa:
                    ec:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:87:09:2D:51:4E:C2:1F:E7:D2:69:92:DB:E7:09:63:4C:D7:CD:A9
            X509v3 Authority Key Identifier:
                keyid:4A:83:F3:1B:1B:06:04:CA:6D:0B:72:A4:53:DA:A3:EB:58:7B:4C:82

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/F4E7AB82052811EE94115E454AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.189.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         01:4b:32:f9:98:74:d0:3a:b8:91:91:24:29:7c:45:10:af:0d:
         a4:af:fe:f0:19:f0:64:45:39:90:cf:b5:ef:ce:72:ba:ce:d7:
         a1:d0:ae:16:61:b6:0e:2b:cd:34:a9:35:65:c8:74:41:c1:62:
         c1:b8:26:ff:0e:4e:a8:65:4f:2b:83:47:ce:1b:98:b5:69:d2:
         30:54:6b:55:84:85:81:6d:5e:67:f1:57:39:c7:85:02:f7:26:
         ce:db:8f:94:89:0a:22:d9:2a:ad:33:c5:6b:89:56:a9:49:76:
         11:5b:3b:7d:11:60:4e:77:7e:55:ed:f1:e8:24:12:98:d7:26:
         db:62:7c:91:93:e9:42:7a:9e:5c:1f:55:92:85:9b:94:8d:e4:
         53:63:ee:2a:0c:f0:da:2e:af:88:e8:33:c2:8f:5e:a1:0c:69:
         85:61:d5:eb:43:79:96:14:70:81:47:01:f5:37:bb:8d:5b:9c:
         33:ff:f8:0f:a0:17:e5:c3:b6:3e:c2:fe:6b:d9:84:39:ce:7b:
         74:a2:97:1f:cc:ac:c0:34:4f:fe:4e:6d:28:6d:08:b4:f9:9a:
         6a:27:09:5f:a7:ec:e8:0f:69:74:d6:31:62:e2:40:dd:13:1c:
         ce:97:5b:f9:8b:27:56:31:8b:50:26:f2:4e:6c:a7:e3:74:d9:
         a6:60:63:a7
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBTzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
MUVEMEFGMTEwLwYDVQQFEyg0QTgzRjMxQjFCMDYwNENBNkQwQjcyQTQ1M0RBQTNF
QjU4N0I0QzgyMB4XDTIzMDYwNzExNDYzMloXDTMzMDYwODExNDYzMlowGDEWMBQG
A1UEAxMNNjQ4MDZlMWMtMWZjZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnAvbh5YjrE8UVwHCiqrFLA5meRDA4pKGsuTg3rFRmK2XNVKWYQ5Bhjq8tS
uvppV3L5zk4VQ4Mdks7XjQRbKmX5EosrhdbhQ8ZaeOKl8BhIR+iVKv+nAONRZvJn
iSQTCGUk/qQcJjRJ2qmPofRXnGrXmRyF4BDX/4himT5ZYp4eiQ9L0shZ0bw3FsMg
tm6Bfzraat5joZ3TLuGtANRimDU9J5yYZoHMKBRwI6tdSY/Rgv5hh+8pjDbsRG4T
cMVeZ6mLz8ylZRhKHvwyBObHR3zDyZnlmoDLan0GjYanb5fICEHVtmN71/0QFN9t
MdKQ8n0sy0AdNnE9RalYNoqq7DECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT5hwkt
UU7CH+fSaZLb5wljTNfNqTAfBgNVHSMEGDAWgBRKg/MbGwYEym0LcqRT2qPrWHtM
gjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODFFRDAvNTI1MUMwNzhDRTI0MTFFREEwOTJEMEFDRjEyMjI0NjgvU29Qekd4
c0dCTXB0QzNLa1U5cWo2MWg3VElJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU29Qekd4c0dCTXB0QzNLa1U5cWo2MWg3VElJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODFFRDAvNTI1MUMwNzhDRTI0MTFFREEwOTJEMEFDRjEy
MjI0NjgvRjRFN0FCODIwNTI4MTFFRTk0MTE1RTQ1NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBSm9oDANBgkqhkiG9w0BAQsF
AAOCAQEAAUsy+Zh00Dq4kZEkKXxFEK8NpK/+8BnwZEU5kM+1785yus7XodCuFmG2
DivNNKk1Zch0QcFiwbgm/w5OqGVPK4NHzhuYtWnSMFRrVYSFgW1eZ/FXOceFAvcm
ztuPlIkKItkqrTPFa4lWqUl2EVs7fRFgTnd+Ve3x6CQSmNcm22J8kZPpQnqeXB9V
koWblI3kU2PuKgzw2i6viOgzwo9eoQxphWHV60N5lhRwgUcB9Te7jVucM//4D6AX
5cO2PsL+a9mEOc57dKKXH8yswDRP/k5tKG0ItPmaaicJX6fs6A9pdNYxYuJA3RMc
zpdb+YsnVjGLUCbyTmyn43TZpmBjpw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:45 2024 by rpki-client on console-ams.rpki-client.org