Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/1445B006B90611ED953613A0F1222468.roa
File:                     1445B006B90611ED953613A0F1222468.roa (raw, json)
Hash identifier:          E2Pi3VCICYk9gP/HP2vBzXaAEevEu5qcMVBYIRi4msY=
Subject key identifier:   99:AC:4A:15:6B:72:42:FC:34:3D:44:6E:71:44:00:E3:76:45:50:4C
Certificate issuer:       /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial:       17
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/1445B006B90611ED953613A0F1222468.roa
Signing time:             Thu 02 Mar 2023 14:25:28 +0000
ROA not before:           Thu 02 Mar 2023 14:25:24 +0000
ROA not after:            Mon 02 Mar 2026 14:25:24 +0000
asID:                     33763
IP address blocks:        41.218.112.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23 (0x17)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
        Validity
            Not Before: Mar  2 14:25:24 2023 GMT
            Not After : Mar  2 14:25:24 2026 GMT
        Subject: CN=6400b1d8-66b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:cc:67:4c:a8:e8:52:b5:be:73:89:1f:11:8f:
                    3b:6a:7a:16:a3:32:9f:b2:6c:24:72:27:93:9d:fd:
                    a8:1d:28:f1:51:ca:4d:cd:5c:38:23:67:e7:6f:2f:
                    34:f2:7c:f1:15:fd:db:fb:e2:19:bc:e5:7f:7a:82:
                    b9:89:33:02:49:f4:e7:9e:94:62:39:70:5a:2d:20:
                    f2:bb:04:15:71:31:6f:75:0b:74:45:c3:20:e8:83:
                    89:be:01:21:b6:a3:98:b3:9f:4b:87:5c:b3:2d:27:
                    a0:d3:b9:70:7c:0e:30:e6:27:6d:06:13:a2:ec:0d:
                    89:9c:b2:57:f9:66:60:97:e9:a4:4e:2a:65:ea:05:
                    15:a4:7f:ca:0f:53:c7:23:ca:54:43:b5:7d:bf:4c:
                    10:c7:39:a2:f7:5c:06:c1:17:76:53:9d:0a:28:4b:
                    3f:2c:63:6d:22:ca:12:4c:70:d1:c5:ee:3c:a6:d9:
                    c8:12:f5:f0:18:ed:bb:bf:13:b5:2c:dd:20:5c:6f:
                    61:0b:3e:e4:ca:49:a5:ae:0b:28:ef:24:8f:8e:40:
                    3a:05:2a:f0:23:2b:d3:f6:1c:24:1e:2a:02:31:2c:
                    f6:6d:87:4e:ff:cb:5a:2c:df:6d:02:26:8e:0b:70:
                    cb:ac:2d:7d:3d:c8:c8:1c:d1:ed:6d:17:e9:13:d9:
                    67:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:AC:4A:15:6B:72:42:FC:34:3D:44:6E:71:44:00:E3:76:45:50:4C
            X509v3 Authority Key Identifier:
                keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/1445B006B90611ED953613A0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.218.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         03:4a:dc:62:00:a0:1f:a6:48:49:8f:cf:9a:b5:78:7b:bb:7b:
         8c:71:e1:70:fa:25:c6:cb:b9:44:2e:b4:88:90:3e:d9:58:2c:
         8d:81:ab:ad:a9:c5:de:7f:55:d6:15:3e:34:b3:1c:04:10:a4:
         04:a5:60:20:22:1c:04:ea:62:22:7c:74:dc:8c:c7:a7:46:d8:
         6d:d3:5a:8e:1d:cc:1e:0d:60:7e:c3:b4:cb:f8:a0:12:8f:e5:
         75:37:93:96:93:19:5b:0a:2f:18:05:ed:00:a3:fe:22:8a:da:
         20:e2:4d:42:9a:a8:22:1a:a2:71:c8:a8:ce:f0:d8:8d:0c:dd:
         28:52:fc:e2:7f:97:82:53:55:6b:30:07:2b:d1:8f:69:81:65:
         a4:4f:2d:f7:07:3b:e9:65:ac:21:fa:27:67:34:50:f6:e6:93:
         6d:a0:54:8a:25:29:9b:9c:85:73:9a:74:eb:b8:e5:08:f7:46:
         a9:d5:69:e8:eb:b5:cd:84:91:5e:1f:c5:7c:d7:25:c2:3b:df:
         03:74:22:c5:cf:cf:7f:d3:67:82:19:09:3d:a6:46:2c:a0:6b:
         2c:4a:ec:56:e5:84:02:fe:c1:22:37:c5:b7:a9:ad:cd:e5:6c:
         b5:4a:2f:77:b9:42:82:d7:0f:8e:ff:ab:60:17:cf:a0:3f:87:
         a1:06:25:19
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FGMTEwLwYDVQQFEygzRDZFRDkwNTAzN0M4M0M1NzM3ODBCMENDREM3MEQ1
RDhDRUYwMzhCMB4XDTIzMDMwMjE0MjUyNFoXDTI2MDMwMjE0MjUyNFowGDEWMBQG
A1UEAwwNNjQwMGIxZDgtNjZiNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrMZ0yo6FK1vnOJHxGPO2p6FqMyn7JsJHInk539qB0o8VHKTc1cOCNn528v
NPJ88RX92/viGbzlf3qCuYkzAkn0556UYjlwWi0g8rsEFXExb3ULdEXDIOiDib4B
IbajmLOfS4dcsy0noNO5cHwOMOYnbQYTouwNiZyyV/lmYJfppE4qZeoFFaR/yg9T
xyPKVEO1fb9MEMc5ovdcBsEXdlOdCihLPyxjbSLKEkxw0cXuPKbZyBL18Bjtu78T
tSzdIFxvYQs+5MpJpa4LKO8kj45AOgUq8CMr0/YcJB4qAjEs9m2HTv/LWizfbQIm
jgtwy6wtfT3IyBzR7W0X6RPZZ5MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSZrEoV
a3JC/DQ9RG5xRADjdkVQTDAfBgNVHSMEGDAWgBQ9btkFA3yDxXN4CwzNxw1djO8D
izAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEyMjI0NjgvUFc3WkJR
TjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFc3WkJRTjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEy
MjI0NjgvMTQ0NUIwMDZCOTA2MTFFRDk1MzYxM0EwRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBCnacDANBgkqhkiG9w0BAQsF
AAOCAQEAA0rcYgCgH6ZISY/PmrV4e7t7jHHhcPolxsu5RC60iJA+2VgsjYGrranF
3n9V1hU+NLMcBBCkBKVgICIcBOpiInx03IzHp0bYbdNajh3MHg1gfsO0y/igEo/l
dTeTlpMZWwovGAXtAKP+IoraIOJNQpqoIhqicciozvDYjQzdKFL84n+XglNVazAH
K9GPaYFlpE8t9wc76WWsIfonZzRQ9uaTbaBUiiUpm5yFc5p067jlCPdGqdVp6Ou1
zYSRXh/FfNclwjvfA3Qixc/Pf9NnghkJPaZGLKBrLErsVuWEAv7BIjfFt6mtzeVs
tUovd7lCgtcPjv+rYBfPoD+HoQYlGQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org