Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/EA41EC7093D411EE8FEF2613D25BE465.roa
File:                     EA41EC7093D411EE8FEF2613D25BE465.roa (raw, json)
Hash identifier:          mgAUVvuqZ9BEj+xQEUbj7eA9ZXfOP6eHELa4G3Wf8pg=
Subject key identifier:   0D:4D:B4:57:86:95:2D:83:07:E2:D2:CD:CC:93:17:80:3C:4C:94:DD
Certificate issuer:       /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial:       023F
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/EA41EC7093D411EE8FEF2613D25BE465.roa
Signing time:             Wed 06 Dec 2023 01:15:17 +0000
ROA not before:           Wed 06 Dec 2023 01:15:13 +0000
ROA not after:            Tue 06 Dec 2033 01:15:13 +0000
asID:                     25818
IP address blocks:        196.1.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 575 (0x23f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
        Validity
            Not Before: Dec  6 01:15:13 2023 GMT
            Not After : Dec  6 01:15:13 2033 GMT
        Subject: CN=656fcb25-d0e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e0:23:71:8e:99:e8:b9:87:d4:1b:31:2b:cc:
                    f4:20:ca:c5:fc:44:40:2a:8b:22:b5:ff:92:5a:42:
                    77:5f:24:28:24:16:e0:1f:0c:b8:5f:68:1d:ae:b0:
                    ae:49:23:62:78:6f:65:a9:fc:b7:db:d6:fe:b4:48:
                    f0:d1:26:c3:da:da:da:f5:e9:95:93:dd:4e:b3:06:
                    37:b6:69:ff:dc:1e:86:a5:21:90:26:05:06:cb:7d:
                    dd:0d:65:b6:b4:77:25:e1:a6:12:81:1d:53:96:ac:
                    39:8e:81:c6:a1:59:27:e4:42:25:9d:6b:e1:53:56:
                    a0:05:ac:d1:94:aa:86:1f:8a:78:d2:8e:9b:b7:13:
                    01:1c:f8:cf:aa:ae:42:6e:c8:2a:37:e3:84:8b:3d:
                    49:e1:8c:d1:d3:40:d6:77:2e:8b:3a:50:98:c4:d0:
                    66:da:ad:ef:71:70:3f:55:56:36:b0:85:e0:a4:dd:
                    cb:09:e0:93:48:6b:7c:fc:00:d0:91:59:6a:9f:5f:
                    d9:52:89:63:13:50:d3:08:44:83:80:5e:f3:d1:08:
                    b2:4f:21:3b:67:de:cc:6b:08:e1:a7:31:2d:1e:15:
                    2a:e0:47:f5:49:a0:bf:5e:73:a7:60:38:cd:fe:50:
                    c9:d5:6d:8d:4e:b9:da:30:79:36:0f:ce:f8:46:95:
                    32:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:4D:B4:57:86:95:2D:83:07:E2:D2:CD:CC:93:17:80:3C:4C:94:DD
            X509v3 Authority Key Identifier:
                keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/EA41EC7093D411EE8FEF2613D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.1.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:5b:30:74:38:08:b8:59:a8:50:ab:d2:d4:af:ac:ae:11:36:
         97:97:63:59:c4:74:89:7a:7f:21:51:15:59:6d:81:3a:c3:5a:
         ed:70:34:79:16:3c:ac:52:55:ef:b2:dd:07:93:1e:76:2c:f9:
         cc:4d:07:2c:0f:3d:58:e2:42:89:04:a4:bb:84:8c:79:74:9f:
         dc:b0:b4:0d:d5:98:90:aa:21:7d:b9:62:9e:ab:f9:5c:00:d0:
         29:85:b8:f8:67:5e:5f:ea:75:4f:bc:e3:7e:3e:86:f3:1f:63:
         fd:e7:da:1f:3e:0a:39:73:f4:09:11:18:c8:14:fa:3d:f4:b5:
         8e:2e:7c:2d:7c:4c:a9:59:93:32:52:35:77:72:f7:5e:6c:5b:
         71:f7:87:4a:29:ee:df:0b:6b:c6:f4:25:78:ac:53:6d:8e:47:
         80:0f:f0:ea:ce:f1:88:b3:3e:b5:4e:3b:31:d9:41:08:be:db:
         4a:64:66:d9:2f:8b:3e:a4:85:6d:e3:67:47:be:e8:03:f5:3f:
         a0:02:6d:0b:fb:eb:de:e8:20:fc:d4:73:26:d5:cc:f3:85:48:
         b6:e2:3a:3a:fe:10:2f:83:c9:61:68:c1:a8:c2:0a:4c:bd:c1:
         cc:89:da:80:a7:7a:cc:cb:01:7f:86:aa:88:1f:85:8f:60:df:
         9a:7f:87:4d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAj8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yMzEyMDYwMTE1MTNaFw0zMzEyMDYwMTE1MTNaMBgxFjAU
BgNVBAMTDTY1NmZjYjI1LWQwZTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDV4CNxjpnouYfUGzErzPQgysX8REAqiyK1/5JaQndfJCgkFuAfDLhfaB2u
sK5JI2J4b2Wp/Lfb1v60SPDRJsPa2tr16ZWT3U6zBje2af/cHoalIZAmBQbLfd0N
Zba0dyXhphKBHVOWrDmOgcahWSfkQiWda+FTVqAFrNGUqoYfinjSjpu3EwEc+M+q
rkJuyCo344SLPUnhjNHTQNZ3Los6UJjE0Gbare9xcD9VVjawheCk3csJ4JNIa3z8
ANCRWWqfX9lSiWMTUNMIRIOAXvPRCLJPITtn3sxrCOGnMS0eFSrgR/VJoL9ec6dg
OM3+UMnVbY1OudoweTYPzvhGlTJRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUDU20
V4aVLYMH4tLNzJMXgDxMlN0wHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4L0VBNDFFQzcwOTNENDExRUU4RkVGMjYxM0QyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEAZowDQYJKoZIhvcNAQEL
BQADggEBAD1bMHQ4CLhZqFCr0tSvrK4RNpeXY1nEdIl6fyFRFVltgTrDWu1wNHkW
PKxSVe+y3QeTHnYs+cxNBywPPVjiQokEpLuEjHl0n9ywtA3VmJCqIX25Yp6r+VwA
0CmFuPhnXl/qdU+8434+hvMfY/3n2h8+Cjlz9AkRGMgU+j30tY4ufC18TKlZkzJS
NXdy915sW3H3h0op7t8La8b0JXisU22OR4AP8OrO8YizPrVOOzHZQQi+20pkZtkv
iz6khW3jZ0e+6AP1P6ACbQv7697oIPzUcybVzPOFSLbiOjr+EC+DyWFowajCCky9
wcyJ2oCneszLAX+GqogfhY9g35p/h00=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org