Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/12AB03542F8A11EEA9C615814AD9E6FC.roa
File:                     12AB03542F8A11EEA9C615814AD9E6FC.roa (raw, json)
Hash identifier:          Au6GhWbFzoo/NX0hAefl9hgJwBoDfLJyvzvQXsFvPR8=
Subject key identifier:   CE:11:D2:31:FC:42:C6:50:3C:D5:E0:60:37:A2:11:11:B6:63:90:74
Certificate issuer:       /CN=F3682104AF/serialNumber=8B1026953ECF7C4CE139FE9A59BDD7228A153544
Certificate serial:       04E2
Authority key identifier: 8B:10:26:95:3E:CF:7C:4C:E1:39:FE:9A:59:BD:D7:22:8A:15:35:44
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/12AB03542F8A11EEA9C615814AD9E6FC.roa
Signing time:             Mon 31 Jul 2023 10:07:36 +0000
ROA not before:           Mon 31 Jul 2023 10:07:32 +0000
ROA not after:            Fri 31 Jul 2043 10:07:32 +0000
asID:                     19905
IP address blocks:        41.139.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:06:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1250 (0x4e2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682104AF/serialNumber=8B1026953ECF7C4CE139FE9A59BDD7228A153544
        Validity
            Not Before: Jul 31 10:07:32 2023 GMT
            Not After : Jul 31 10:07:32 2043 GMT
        Subject: CN=64c787e8-add2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:46:96:a4:6b:3c:6d:17:8e:ac:ea:d1:2f:9f:
                    df:79:5c:e1:45:34:47:c9:fa:c6:50:a9:b5:2a:06:
                    d8:2c:4f:8f:9c:59:75:cd:6c:fa:e9:e0:9f:44:d3:
                    34:1c:8c:cf:ff:77:52:d9:f1:01:48:0f:02:b9:5c:
                    81:90:98:4c:fa:f1:42:bc:f1:8b:cc:7d:8d:46:df:
                    55:55:6e:ba:db:50:f6:61:ad:39:ab:b3:36:fb:e1:
                    4f:71:6a:0d:b3:63:f5:9e:50:40:8c:47:8d:01:cd:
                    d5:6c:70:79:5e:68:df:9f:eb:2e:ce:aa:aa:8c:cb:
                    9d:a1:d7:a2:c6:c9:3d:d5:3c:99:04:20:3e:b3:a5:
                    f0:48:1d:d2:a8:c7:c0:1f:3a:12:3b:01:09:5b:07:
                    dd:3c:c1:69:2a:ca:24:2a:d1:dc:7b:aa:cb:7c:7e:
                    f4:fc:7e:61:ae:91:7c:01:58:ab:e0:58:8d:c5:c4:
                    cc:d9:61:7b:8d:3e:c2:25:cf:92:ce:03:a2:3d:35:
                    f5:a5:cc:53:e9:0b:4c:e2:cd:c6:94:d3:c8:39:16:
                    f9:fd:d4:fd:67:15:38:c7:c3:7c:79:f8:b5:b3:ca:
                    41:57:8c:3f:a6:a9:a5:98:51:1c:f6:de:24:00:d1:
                    55:d7:76:5d:30:3e:d4:07:e5:68:42:a0:1d:a3:89:
                    a7:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:11:D2:31:FC:42:C6:50:3C:D5:E0:60:37:A2:11:11:B6:63:90:74
            X509v3 Authority Key Identifier:
                keyid:8B:10:26:95:3E:CF:7C:4C:E1:39:FE:9A:59:BD:D7:22:8A:15:35:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/12AB03542F8A11EEA9C615814AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.139.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         7f:6b:11:df:ba:5f:74:50:43:5a:fc:9e:da:ea:3f:85:c1:68:
         c9:59:09:ec:5e:19:df:51:ce:dc:e9:86:9d:e4:7d:2a:fe:5b:
         fb:c9:6c:f4:b1:99:eb:a6:37:d1:85:fa:30:9b:85:7e:bd:09:
         01:eb:2a:5a:e0:7d:4d:64:a0:93:55:1b:94:b1:14:0c:70:66:
         88:8d:b7:17:3e:46:04:ba:32:d7:b4:45:36:f2:43:76:6a:db:
         65:ef:56:b8:4f:a8:d1:b0:ef:5c:22:d9:89:c6:f4:d6:cb:a6:
         d9:91:4f:3c:f5:20:c0:51:5b:f8:3e:16:bd:08:d8:a7:60:fa:
         84:36:fb:7c:d8:30:f8:a0:43:f7:cf:91:90:5b:41:c6:f3:99:
         4d:3c:d2:ad:12:24:20:64:67:0c:0c:a1:e6:09:9e:a9:99:19:
         04:cd:70:4f:19:a8:af:54:8e:fc:6e:1a:ff:4f:fc:57:a6:69:
         9d:35:ef:88:eb:43:83:f4:de:38:b9:b5:be:7a:4f:9d:7f:04:
         53:c2:cd:8c:12:a6:83:e8:8b:9f:30:55:57:5c:c4:39:e8:9f:
         43:87:94:ac:f3:c8:6c:23:29:d8:53:de:ca:2c:29:d8:43:73:
         6f:eb:f6:8f:88:64:e4:c4:17:1d:73:29:2b:bd:f7:5c:e9:67:
         4c:86:6e:51
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBOIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODIxMDRBRjExMC8GA1UEBRMoOEIxMDI2OTUzRUNGN0M0Q0UxMzlGRTlBNTlCREQ3
MjI4QTE1MzU0NDAeFw0yMzA3MzExMDA3MzJaFw00MzA3MzExMDA3MzJaMBgxFjAU
BgNVBAMTDTY0Yzc4N2U4LWFkZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDRpakazxtF46s6tEvn995XOFFNEfJ+sZQqbUqBtgsT4+cWXXNbPrp4J9E
0zQcjM//d1LZ8QFIDwK5XIGQmEz68UK88YvMfY1G31VVbrrbUPZhrTmrszb74U9x
ag2zY/WeUECMR40BzdVscHleaN+f6y7OqqqMy52h16LGyT3VPJkEID6zpfBIHdKo
x8AfOhI7AQlbB908wWkqyiQq0dx7qst8fvT8fmGukXwBWKvgWI3FxMzZYXuNPsIl
z5LOA6I9NfWlzFPpC0zizcaU08g5Fvn91P1nFTjHw3x5+LWzykFXjD+mqaWYURz2
3iQA0VXXdl0wPtQH5WhCoB2jiadPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzhHS
MfxCxlA81eBgN6IREbZjkHQwHwYDVR0jBBgwFoAUixAmlT7PfEzhOf6aWb3XIooV
NUQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyMTA0LzA5Q0NCOTRDQTc2MzExRUFCQkMxOTExQ0Y4QUVBMjI4L2l4QW1s
VDdQZkV6aE9mNmFXYjNYSW9vVk5VUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2l4QW1sVDdQZkV6aE9mNmFXYjNYSW9vVk5VUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyMTA0LzA5Q0NCOTRDQTc2MzExRUFCQkMxOTExQ0Y4
QUVBMjI4LzEyQUIwMzU0MkY4QTExRUVBOUM2MTU4MTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAcpi4AwDQYJKoZIhvcNAQEL
BQADggEBAH9rEd+6X3RQQ1r8ntrqP4XBaMlZCexeGd9Rztzphp3kfSr+W/vJbPSx
meumN9GF+jCbhX69CQHrKlrgfU1koJNVG5SxFAxwZoiNtxc+RgS6Mte0RTbyQ3Zq
22XvVrhPqNGw71wi2YnG9NbLptmRTzz1IMBRW/g+Fr0I2Kdg+oQ2+3zYMPigQ/fP
kZBbQcbzmU080q0SJCBkZwwMoeYJnqmZGQTNcE8ZqK9UjvxuGv9P/FemaZ0174jr
Q4P03ji5tb56T51/BFPCzYwSpoPoi58wVVdcxDnon0OHlKzzyGwjKdhT3sosKdhD
c2/r9o+IZOTEFx1zKSu991zpZ0yGblE=
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:19:43 2024 by rpki-client on console-ams.rpki-client.org