Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/126EAE268F4E11EEAECC1E62D25BE465.roa
File:                     126EAE268F4E11EEAECC1E62D25BE465.roa (raw, json)
Hash identifier:          RVoLCOu04kDM3ma5697yf0ycFSMBgw51El1f03RGHNo=
Subject key identifier:   ED:F0:34:EB:7B:4E:EF:BC:2C:8E:EC:A1:3E:67:2B:02:FE:10:0C:01
Certificate issuer:       /CN=F369591CAF/serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Certificate serial:       0139
Authority key identifier: C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/126EAE268F4E11EEAECC1E62D25BE465.roa
Signing time:             Thu 30 Nov 2023 06:59:57 +0000
ROA not before:           Thu 30 Nov 2023 06:59:54 +0000
ROA not after:            Sun 30 Nov 2025 06:59:54 +0000
asID:                     15964
IP address blocks:        41.204.77.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 313 (0x139)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369591CAF/serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
        Validity
            Not Before: Nov 30 06:59:54 2023 GMT
            Not After : Nov 30 06:59:54 2025 GMT
        Subject: CN=656832ed-7fa1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:f2:1b:41:09:9c:76:1a:8f:b9:a4:66:29:57:
                    69:41:cb:34:86:a2:97:ca:0e:ad:d7:01:bf:1c:2c:
                    41:c4:88:38:37:52:1b:f6:76:e7:31:28:18:59:9f:
                    d8:6e:5e:50:0d:b0:14:5a:5a:bf:b7:ed:ca:69:f3:
                    6d:95:bb:d4:0b:2e:b7:bf:15:aa:92:b0:b4:95:77:
                    3d:45:bd:61:68:1b:17:69:da:88:93:30:c8:81:d9:
                    e7:f6:14:c2:01:32:f0:78:38:a7:50:ff:8b:bd:30:
                    82:eb:8e:d0:c3:01:6d:9e:7a:b2:1f:a1:86:73:8f:
                    98:4c:9d:5b:ec:09:10:5d:c4:8c:df:be:30:f3:1e:
                    be:d3:aa:d4:33:4a:b3:ca:c9:1f:b2:d0:44:df:ec:
                    db:f9:1b:95:19:df:b0:0e:67:39:e2:0a:12:a0:fb:
                    fa:7b:b2:c4:9c:68:70:04:14:52:16:e3:7f:db:17:
                    40:eb:85:1b:b0:65:30:06:50:15:f5:7c:8d:76:13:
                    c0:72:2d:95:6e:6f:69:90:8b:81:7b:3e:5a:75:cc:
                    a1:33:84:f9:61:f2:0a:f3:d6:f7:6c:1a:85:b7:4f:
                    e1:f1:4b:2b:af:36:9d:5d:7c:c2:f2:14:d5:d5:8a:
                    ab:31:1c:27:b0:97:89:21:14:fe:65:dd:09:3c:72:
                    db:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:F0:34:EB:7B:4E:EF:BC:2C:8E:EC:A1:3E:67:2B:02:FE:10:0C:01
            X509v3 Authority Key Identifier:
                keyid:C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/126EAE268F4E11EEAECC1E62D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.204.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:a8:ad:83:1f:a7:af:73:35:f0:dc:be:38:9f:3f:0b:06:a9:
         97:8e:43:85:52:50:19:c0:b2:ad:cb:f0:67:33:0f:8d:ad:08:
         17:a2:23:6b:9d:52:ac:f6:77:52:06:12:d2:d2:b3:46:c6:bf:
         22:a9:67:0c:6f:93:ca:67:c1:43:8d:a9:13:38:1f:7b:9c:33:
         d6:ff:fa:7a:9c:f4:bd:56:33:c4:23:28:41:46:f5:b5:0d:0c:
         fc:87:9a:b9:91:39:97:06:48:a7:ba:01:ab:55:04:2e:b2:88:
         f2:51:e3:6b:df:4d:98:8d:f2:24:bf:66:b9:2f:2f:55:e7:20:
         3a:33:2c:27:ae:a9:cd:d8:e3:6b:da:ff:94:79:16:80:a2:5c:
         17:10:78:10:76:07:23:41:21:28:7b:bc:ff:fb:03:9b:92:2b:
         ed:4c:55:79:2e:c5:b0:df:80:4f:8c:9b:da:5a:d6:49:bb:f9:
         31:92:ec:e8:16:47:1c:5b:b5:81:99:10:ca:97:4a:b9:29:6d:
         ea:82:74:aa:c0:ba:f1:46:37:09:60:7c:5f:fd:27:c6:59:cc:
         2b:a4:95:14:be:91:fc:e3:5f:b6:d1:85:db:e0:41:0c:79:2a:
         9f:3c:24:11:51:6d:55:8d:bf:5c:48:57:aa:03:af:95:58:a4:
         88:d8:a2:2d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICATkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTU5MUNBRjExMC8GA1UEBRMoQzEwOTBEMzdEQTlGRkVFRTFBOUMyMjlCQUZGMTE5
MEJEMjJFODkzNDAeFw0yMzExMzAwNjU5NTRaFw0yNTExMzAwNjU5NTRaMBgxFjAU
BgNVBAMTDTY1NjgzMmVkLTdmYTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDG8htBCZx2Go+5pGYpV2lByzSGopfKDq3XAb8cLEHEiDg3Uhv2ducxKBhZ
n9huXlANsBRaWr+37cpp822Vu9QLLre/FaqSsLSVdz1FvWFoGxdp2oiTMMiB2ef2
FMIBMvB4OKdQ/4u9MILrjtDDAW2eerIfoYZzj5hMnVvsCRBdxIzfvjDzHr7TqtQz
SrPKyR+y0ETf7Nv5G5UZ37AOZzniChKg+/p7ssScaHAEFFIW43/bF0DrhRuwZTAG
UBX1fI12E8ByLZVub2mQi4F7Plp1zKEzhPlh8grz1vdsGoW3T+HxSyuvNp1dfMLy
FNXViqsxHCewl4khFP5l3Qk8ctsxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU7fA0
63tO77wsjuyhPmcrAv4QDAEwHwYDVR0jBBgwFoAUwQkNN9qf/u4anCKbr/EZC9Iu
iTQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYxMjIyNDY4L3dRa05O
OXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dRa05OOXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYx
MjIyNDY4LzEyNkVBRTI2OEY0RTExRUVBRUNDMUU2MkQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAApzE0wDQYJKoZIhvcNAQEL
BQADggEBAHCorYMfp69zNfDcvjifPwsGqZeOQ4VSUBnAsq3L8GczD42tCBeiI2ud
Uqz2d1IGEtLSs0bGvyKpZwxvk8pnwUONqRM4H3ucM9b/+nqc9L1WM8QjKEFG9bUN
DPyHmrmROZcGSKe6AatVBC6yiPJR42vfTZiN8iS/ZrkvL1XnIDozLCeuqc3Y42va
/5R5FoCiXBcQeBB2ByNBISh7vP/7A5uSK+1MVXkuxbDfgE+Mm9pa1km7+TGS7OgW
RxxbtYGZEMqXSrkpbeqCdKrAuvFGNwlgfF/9J8ZZzCuklRS+kfzjX7bRhdvgQQx5
Kp88JBFRbVWNv1xIV6oDr5VYpIjYoi0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org