Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/1DEB7B6C613B11EEB5C645474AD9E6FC.roa
File:                     1DEB7B6C613B11EEB5C645474AD9E6FC.roa (raw, json)
Hash identifier:          /ErXEoW0e3+UCMayKYaaeAaWHsb5XTpte5tdQ4ZnfGA=
Subject key identifier:   78:84:88:9B:7E:1C:BB:90:CA:1B:B4:98:0E:11:F2:B9:1C:5C:C2:AE
Certificate issuer:       /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial:       0114
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/1DEB7B6C613B11EEB5C645474AD9E6FC.roa
Signing time:             Mon 02 Oct 2023 15:48:23 +0000
ROA not before:           Mon 02 Oct 2023 15:48:19 +0000
ROA not after:            Fri 02 Oct 2026 15:48:19 +0000
asID:                     33763
IP address blocks:        197.234.112.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 276 (0x114)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
        Validity
            Not Before: Oct  2 15:48:19 2023 GMT
            Not After : Oct  2 15:48:19 2026 GMT
        Subject: CN=651ae647-0625
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ef:7f:a7:2d:0b:17:ee:4b:88:2b:8d:6f:f2:
                    20:2c:97:ea:89:6c:d5:04:f2:ba:23:39:2b:86:f6:
                    9d:1c:e7:84:01:db:a9:0b:dd:95:24:50:96:b7:59:
                    47:64:78:d3:7e:ca:78:20:3b:e4:a7:13:95:ce:bb:
                    be:b1:e2:2b:03:3f:3f:c7:6d:53:92:d1:93:c0:33:
                    cb:93:6b:b4:67:31:7c:c3:50:e8:38:b2:fb:2a:31:
                    b3:bf:34:af:05:74:24:42:bd:03:c2:9a:a4:bd:5a:
                    ee:e7:f3:e4:9b:f8:34:b1:14:34:f0:23:50:d8:ef:
                    ce:df:a0:27:7f:57:5d:0f:69:58:00:bd:5f:e5:ff:
                    8e:cd:59:17:a9:17:fc:5e:3a:e4:f7:29:37:6d:e6:
                    18:b8:1b:53:98:06:bf:34:31:12:c2:18:9e:b6:05:
                    fc:a3:4e:7a:aa:8b:c1:54:a2:c0:39:bc:29:af:92:
                    7b:6b:7f:14:b2:77:a6:53:72:59:6e:19:73:01:86:
                    f1:48:ef:2b:a4:1a:56:fc:bc:4b:f7:63:8b:5f:db:
                    dc:f5:77:a1:81:30:68:3c:f2:c0:32:cc:fc:35:73:
                    97:70:5e:4c:78:e2:78:0e:f1:a5:20:53:ca:61:c8:
                    73:37:9f:dd:e4:0b:c0:af:7e:cf:ad:97:83:fc:cb:
                    61:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:84:88:9B:7E:1C:BB:90:CA:1B:B4:98:0E:11:F2:B9:1C:5C:C2:AE
            X509v3 Authority Key Identifier:
                keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/1DEB7B6C613B11EEB5C645474AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.234.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         2f:fa:d8:8d:fc:94:a3:e0:01:44:39:cc:96:77:29:e4:ad:7e:
         74:d8:fd:84:ee:3b:e8:9c:7f:b2:74:d6:23:5f:13:13:95:34:
         26:ae:c7:cc:a4:41:fb:bf:1b:6c:cd:bc:56:24:d7:f8:c6:c7:
         a2:91:b0:98:2c:6e:a3:f1:33:38:e1:9d:c4:44:fd:91:0b:c7:
         ed:d9:44:7b:c6:40:a9:67:dc:01:fb:73:64:ae:c2:cf:c8:97:
         f8:31:f9:e2:96:8f:ab:6d:05:98:6c:28:97:0a:4b:6b:d4:d1:
         3e:dc:58:41:0e:5e:56:bd:ed:e0:2e:3e:c0:03:bd:dc:65:7e:
         30:16:4d:b8:c5:39:24:43:19:f3:d7:70:01:da:34:61:7b:c2:
         35:02:43:12:02:d8:dc:57:3e:fa:77:06:4a:fb:cf:2f:93:f0:
         a6:1c:2f:d4:77:85:22:44:d1:71:fe:41:06:32:58:48:e9:d7:
         fe:41:cc:37:8e:23:d5:d3:ec:f2:df:8e:bd:42:c8:9f:96:4d:
         c7:d6:83:ce:21:ff:5a:1f:b7:e9:5e:0b:71:9a:4c:16:15:a8:
         ee:6e:1d:5b:09:bc:a4:96:aa:57:4e:e1:2f:19:71:6b:24:e9:
         13:4f:fd:d3:ba:61:75:ac:a1:46:46:91:06:14:c3:a6:c8:6d:
         40:33:c1:8d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICARQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODg2QjNBRjExMC8GA1UEBRMoM0Q2RUQ5MDUwMzdDODNDNTczNzgwQjBDQ0RDNzBE
NUQ4Q0VGMDM4QjAeFw0yMzEwMDIxNTQ4MTlaFw0yNjEwMDIxNTQ4MTlaMBgxFjAU
BgNVBAMTDTY1MWFlNjQ3LTA2MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDD73+nLQsX7kuIK41v8iAsl+qJbNUE8rojOSuG9p0c54QB26kL3ZUkUJa3
WUdkeNN+ynggO+SnE5XOu76x4isDPz/HbVOS0ZPAM8uTa7RnMXzDUOg4svsqMbO/
NK8FdCRCvQPCmqS9Wu7n8+Sb+DSxFDTwI1DY787foCd/V10PaVgAvV/l/47NWRep
F/xeOuT3KTdt5hi4G1OYBr80MRLCGJ62BfyjTnqqi8FUosA5vCmvkntrfxSyd6ZT
clluGXMBhvFI7yukGlb8vEv3Y4tf29z1d6GBMGg88sAyzPw1c5dwXkx44ngO8aUg
U8phyHM3n93kC8Cvfs+tl4P8y2G1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUeISI
m34cu5DKG7SYDhHyuRxcwq4wHwYDVR0jBBgwFoAUPW7ZBQN8g8VzeAsMzccNXYzv
A4swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjg4NkIzLzM1MzVDQTFBQjhFRjExRURBOUIzNDFEQUYxMjIyNDY4L1BXN1pC
UU44ZzhWemVBc016Y2NOWFl6dkE0cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1BXN1pCUU44ZzhWemVBc016Y2NOWFl6dkE0cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjg4NkIzLzM1MzVDQTFBQjhFRjExRURBOUIzNDFEQUYx
MjIyNDY4LzFERUI3QjZDNjEzQjExRUVCNUM2NDU0NzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATF6nAwDQYJKoZIhvcNAQEL
BQADggEBAC/62I38lKPgAUQ5zJZ3KeStfnTY/YTuO+icf7J01iNfExOVNCaux8yk
Qfu/G2zNvFYk1/jGx6KRsJgsbqPxMzjhncRE/ZELx+3ZRHvGQKln3AH7c2Suws/I
l/gx+eKWj6ttBZhsKJcKS2vU0T7cWEEOXla97eAuPsADvdxlfjAWTbjFOSRDGfPX
cAHaNGF7wjUCQxIC2NxXPvp3Bkr7zy+T8KYcL9R3hSJE0XH+QQYyWEjp1/5BzDeO
I9XT7PLfjr1CyJ+WTcfWg84h/1oft+leC3GaTBYVqO5uHVsJvKSWqldO4S8ZcWsk
6RNP/dO6YXWsoUZGkQYUw6bIbUAzwY0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org