Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/7DF1A778B90E11EDBC79B1B8F1222468.roa
File:                     7DF1A778B90E11EDBC79B1B8F1222468.roa (raw, json)
Hash identifier:          k3GwCfINv0mvGU/BLwW/oIfhjiuTSdQ3PzvAnkVobV8=
Subject key identifier:   07:7E:B7:BA:FD:69:0F:FC:60:2C:0C:FB:F8:87:B0:AE:58:20:1D:A6
Certificate issuer:       /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial:       25
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/7DF1A778B90E11EDBC79B1B8F1222468.roa
Signing time:             Thu 02 Mar 2023 15:25:41 +0000
ROA not before:           Thu 02 Mar 2023 15:25:38 +0000
ROA not after:            Mon 02 Mar 2026 15:25:38 +0000
asID:                     33763
IP address blocks:        197.234.110.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 37 (0x25)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
        Validity
            Not Before: Mar  2 15:25:38 2023 GMT
            Not After : Mar  2 15:25:38 2026 GMT
        Subject: CN=6400bff5-2094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:3e:bc:0b:0e:57:c0:8e:93:5c:f5:39:3c:95:
                    cc:c6:21:18:2c:a0:1f:62:2b:68:7f:f1:2c:2e:e3:
                    ef:db:00:32:fd:e4:86:bf:69:ef:e8:95:18:36:29:
                    84:cc:65:40:53:59:78:de:ab:27:ae:bc:4a:ae:58:
                    a7:1a:9e:b2:3f:ca:f9:be:3e:0d:0f:f1:c4:8a:a5:
                    80:97:27:32:4c:f8:c3:ff:b9:01:00:0e:b9:b5:7b:
                    c9:63:64:b6:98:c8:f1:64:22:06:18:d9:b5:87:bd:
                    14:b5:ec:ce:20:ec:ab:7a:38:9e:2f:ca:10:7d:da:
                    8d:49:04:2f:ff:fa:36:cb:89:fd:df:d1:ad:a0:5e:
                    17:fa:13:28:fb:ff:3d:7d:51:14:e4:ba:7f:ee:d7:
                    77:e7:73:f9:86:44:85:70:d1:a0:0e:e5:89:20:29:
                    a4:3b:b0:d6:32:41:36:04:fb:96:86:0f:11:3b:af:
                    d3:88:54:e6:74:c3:f2:96:d2:63:7c:7f:f0:54:29:
                    bf:8c:64:75:42:74:d8:9c:ef:10:00:5f:8d:9a:5d:
                    d2:5b:61:46:1b:b4:38:ff:eb:04:8b:ec:ef:c8:0d:
                    40:bd:72:14:a0:a6:51:ad:58:d6:fb:1b:4c:2a:7b:
                    a3:ab:b7:9f:70:6a:e0:c3:76:ae:c5:f7:2f:2c:97:
                    1c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:7E:B7:BA:FD:69:0F:FC:60:2C:0C:FB:F8:87:B0:AE:58:20:1D:A6
            X509v3 Authority Key Identifier:
                keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/7DF1A778B90E11EDBC79B1B8F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.234.110.0/23

    Signature Algorithm: sha256WithRSAEncryption
         65:36:af:45:ee:65:84:c4:b3:4d:7a:a1:4a:7d:7e:f0:9c:07:
         d2:4f:28:ed:da:2a:d5:1d:77:aa:1f:cc:7e:4e:99:c9:78:ec:
         cc:15:3d:66:d5:f4:d9:8c:1d:69:ed:90:77:22:66:97:6a:50:
         e9:8d:7c:9c:f5:05:7e:31:41:22:31:8b:cb:b3:a8:57:c4:87:
         f0:68:58:e7:1d:06:87:a1:3a:30:d2:bc:75:f1:09:79:bb:66:
         ab:1f:10:9e:a5:74:e6:12:22:aa:a1:f4:0f:86:6f:30:d2:92:
         d3:b2:56:80:60:68:56:f7:79:76:ae:6c:6f:8c:c2:71:6b:9d:
         58:47:63:a8:a3:b6:d1:02:c6:29:09:92:97:74:d2:a6:22:bb:
         d6:75:8f:a3:f1:f5:f5:0d:a7:61:82:7c:7c:02:a4:db:77:86:
         ec:1e:d9:a0:43:c8:cf:04:07:f1:54:e9:d8:88:32:bf:c3:74:
         42:49:f3:42:9f:28:e1:22:72:ab:64:fe:11:e6:57:2c:cb:d1:
         c7:8c:18:bf:76:51:84:fe:b0:12:a7:f7:c1:53:1d:7a:23:6f:
         23:50:a2:c2:7b:be:a5:dc:08:a9:92:88:21:a3:59:2a:1f:d4:
         59:d7:36:ad:75:4b:29:bd:d2:7b:f5:ba:7b:4b:48:b5:2a:2b:
         5f:d6:26:67
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FGMTEwLwYDVQQFEygzRDZFRDkwNTAzN0M4M0M1NzM3ODBCMENDREM3MEQ1
RDhDRUYwMzhCMB4XDTIzMDMwMjE1MjUzOFoXDTI2MDMwMjE1MjUzOFowGDEWMBQG
A1UEAwwNNjQwMGJmZjUtMjA5NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALA+vAsOV8COk1z1OTyVzMYhGCygH2IraH/xLC7j79sAMv3khr9p7+iVGDYp
hMxlQFNZeN6rJ668Sq5Ypxqesj/K+b4+DQ/xxIqlgJcnMkz4w/+5AQAOubV7yWNk
tpjI8WQiBhjZtYe9FLXsziDsq3o4ni/KEH3ajUkEL//6NsuJ/d/RraBeF/oTKPv/
PX1RFOS6f+7Xd+dz+YZEhXDRoA7liSAppDuw1jJBNgT7loYPETuv04hU5nTD8pbS
Y3x/8FQpv4xkdUJ02JzvEABfjZpd0lthRhu0OP/rBIvs78gNQL1yFKCmUa1Y1vsb
TCp7o6u3n3Bq4MN2rsX3LyyXHFUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQHfre6
/WkP/GAsDPv4h7CuWCAdpjAfBgNVHSMEGDAWgBQ9btkFA3yDxXN4CwzNxw1djO8D
izAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEyMjI0NjgvUFc3WkJR
TjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFc3WkJRTjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEy
MjI0NjgvN0RGMUE3NzhCOTBFMTFFREJDNzlCMUI4RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcXqbjANBgkqhkiG9w0BAQsF
AAOCAQEAZTavRe5lhMSzTXqhSn1+8JwH0k8o7doq1R13qh/Mfk6ZyXjszBU9ZtX0
2Ywdae2QdyJml2pQ6Y18nPUFfjFBIjGLy7OoV8SH8GhY5x0Gh6E6MNK8dfEJebtm
qx8QnqV05hIiqqH0D4ZvMNKS07JWgGBoVvd5dq5sb4zCcWudWEdjqKO20QLGKQmS
l3TSpiK71nWPo/H19Q2nYYJ8fAKk23eG7B7ZoEPIzwQH8VTp2Igyv8N0QknzQp8o
4SJyq2T+EeZXLMvRx4wYv3ZRhP6wEqf3wVMdeiNvI1Ciwnu+pdwIqZKIIaNZKh/U
Wdc2rXVLKb3Se/W6e0tItSorX9YmZw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org