Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/78866038732811EEA03F81784AD9E6FC.roa
File:                     78866038732811EEA03F81784AD9E6FC.roa (raw, json)
Hash identifier:          O0OZfBN76S8f3hTfdG+0rk9lnBRwZ9klNP8Bx/GC6so=
Subject key identifier:   E4:AD:2F:E1:4A:7F:34:3C:83:0D:DC:50:4D:DA:05:36:92:5C:C2:E2
Certificate issuer:       /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial:       020D
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/78866038732811EEA03F81784AD9E6FC.roa
Signing time:             Wed 25 Oct 2023 11:20:15 +0000
ROA not before:           Wed 25 Oct 2023 11:20:12 +0000
ROA not after:            Fri 25 Oct 2030 11:20:12 +0000
asID:                     25818
IP address blocks:        196.32.8.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 525 (0x20d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
        Validity
            Not Before: Oct 25 11:20:12 2023 GMT
            Not After : Oct 25 11:20:12 2030 GMT
        Subject: CN=6538f9ef-ea71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:48:03:f5:0b:a9:96:85:d2:54:e3:47:63:90:
                    cc:48:e8:f2:5f:d2:39:b8:0e:f0:5a:d9:fb:dd:68:
                    0a:04:48:95:29:d8:ed:e3:93:93:e5:e8:93:11:b0:
                    8e:7f:7f:5b:75:bc:94:09:c9:db:56:72:46:2c:53:
                    3a:b4:b0:df:9d:01:c3:19:0b:0f:40:41:83:fe:fa:
                    5a:2d:88:8a:ba:36:a7:c3:b0:74:a6:46:ca:8f:09:
                    f5:1e:20:1a:94:c7:a5:92:c0:e2:3b:65:53:22:15:
                    a9:2a:9a:c0:8d:f4:ef:17:a5:d9:4c:7b:24:ba:17:
                    b7:aa:b6:72:bc:d4:83:19:56:b8:7e:d2:68:f5:75:
                    b1:9c:71:83:73:5f:8c:ca:22:d0:cc:d2:d2:97:05:
                    a8:27:db:0f:41:7d:3d:2a:67:16:98:40:c3:0e:ff:
                    12:8e:84:f3:82:66:7f:7a:63:b5:e4:e2:4b:78:01:
                    4c:7c:2f:66:5b:eb:30:8d:a4:70:cb:6a:40:8d:34:
                    dd:9e:33:d6:15:8e:11:29:df:f6:74:4d:07:cc:eb:
                    89:fe:1c:ad:e1:a4:47:d1:7e:9c:35:79:8c:9a:82:
                    56:7d:c2:a4:29:ce:9d:fc:ae:18:26:a7:8f:e3:da:
                    45:e4:59:88:8f:3e:d3:a1:7f:f9:0a:1d:07:e9:e9:
                    09:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:AD:2F:E1:4A:7F:34:3C:83:0D:DC:50:4D:DA:05:36:92:5C:C2:E2
            X509v3 Authority Key Identifier:
                keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/78866038732811EEA03F81784AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.32.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         75:e6:21:bb:6d:c6:e2:ee:88:ea:81:ca:b0:4e:5a:fc:da:18:
         0e:5b:0e:9f:7e:b3:84:46:b0:78:d1:da:fd:ac:38:86:52:59:
         9f:5c:1f:96:6e:0d:d1:3d:04:47:e5:73:22:d8:de:99:4d:6e:
         78:e0:b7:cc:0f:cc:42:c9:46:7b:87:8d:57:4c:d5:e2:8b:b9:
         d0:c6:00:4d:54:db:87:93:63:c5:df:bf:c5:c0:5d:dc:83:df:
         fb:9e:fd:5c:21:f1:e6:21:2e:a8:88:27:2a:78:64:41:3c:f7:
         ca:4b:4a:d0:dc:67:a7:81:42:98:f7:ba:99:95:a2:85:bc:ec:
         36:ce:6d:6e:80:ad:ab:57:54:2c:9f:c4:63:fa:8e:a1:fc:0d:
         71:f8:61:9a:ab:1c:c3:9e:d5:58:1c:90:02:eb:1c:9c:a1:ac:
         4f:fe:5b:ac:89:10:b1:0e:be:b3:92:e4:0b:e5:06:03:c4:ea:
         f5:a0:f3:3c:8a:d9:69:af:25:23:a1:c2:9f:7f:bb:bd:9a:3b:
         8a:c6:ea:fc:c4:cd:bc:98:a9:ce:17:bc:7b:e5:b5:42:e9:33:
         de:9a:3e:cd:55:63:74:c3:76:ba:df:2c:2f:93:3f:a1:90:01:
         a2:cf:07:10:23:f8:b8:dd:d9:e4:93:a0:23:a1:45:76:8c:e4:
         49:c8:d9:3f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAg0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yMzEwMjUxMTIwMTJaFw0zMDEwMjUxMTIwMTJaMBgxFjAU
BgNVBAMTDTY1MzhmOWVmLWVhNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFSAP1C6mWhdJU40djkMxI6PJf0jm4DvBa2fvdaAoESJUp2O3jk5Pl6JMR
sI5/f1t1vJQJydtWckYsUzq0sN+dAcMZCw9AQYP++lotiIq6NqfDsHSmRsqPCfUe
IBqUx6WSwOI7ZVMiFakqmsCN9O8XpdlMeyS6F7eqtnK81IMZVrh+0mj1dbGccYNz
X4zKItDM0tKXBagn2w9BfT0qZxaYQMMO/xKOhPOCZn96Y7Xk4kt4AUx8L2Zb6zCN
pHDLakCNNN2eM9YVjhEp3/Z0TQfM64n+HK3hpEfRfpw1eYyaglZ9wqQpzp38rhgm
p4/j2kXkWYiPPtOhf/kKHQfp6QljAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU5K0v
4Up/NDyDDdxQTdoFNpJcwuIwHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4Lzc4ODY2MDM4NzMyODExRUVBMDNGODE3ODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPEIAgwDQYJKoZIhvcNAQEL
BQADggEBAHXmIbttxuLuiOqByrBOWvzaGA5bDp9+s4RGsHjR2v2sOIZSWZ9cH5Zu
DdE9BEflcyLY3plNbnjgt8wPzELJRnuHjVdM1eKLudDGAE1U24eTY8Xfv8XAXdyD
3/ue/Vwh8eYhLqiIJyp4ZEE898pLStDcZ6eBQpj3upmVooW87DbObW6AratXVCyf
xGP6jqH8DXH4YZqrHMOe1VgckALrHJyhrE/+W6yJELEOvrOS5AvlBgPE6vWg8zyK
2WmvJSOhwp9/u72aO4rG6vzEzbyYqc4XvHvltULpM96aPs1VY3TDdrrfLC+TP6GQ
AaLPBxAj+Ljd2eSToCOhRXaM5EnI2T8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:15 2024 by rpki-client on console-ams.rpki-client.org