Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/0CDD5F3CB91711EEB1AAD090775412E6.roa
File:                     0CDD5F3CB91711EEB1AAD090775412E6.roa (raw, json)
Hash identifier:          fIeogtbVHebaWJFqwZgG7oLm/IxLe2gNCJE8qm7UqBY=
Subject key identifier:   AD:4D:96:82:62:E7:00:D7:D9:A4:49:5B:95:60:E3:7E:BF:F5:FD:A8
Certificate issuer:       /CN=F36974EEAF/serialNumber=9C7A278DAD89ED63E93E25219B4CDA00B1006193
Certificate serial:       037C
Authority key identifier: 9C:7A:27:8D:AD:89:ED:63:E9:3E:25:21:9B:4C:DA:00:B1:00:61:93
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/nHonja2J7WPpPiUhm0zaALEAYZM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/0CDD5F3CB91711EEB1AAD090775412E6.roa
Signing time:             Mon 22 Jan 2024 11:11:55 +0000
ROA not before:           Mon 22 Jan 2024 11:11:51 +0000
ROA not after:            Tue 21 Jan 2025 11:11:51 +0000
asID:                     24691
IP address blocks:        41.207.160.0/19 maxlen: 24
                          196.168.0.0/14 maxlen: 24
                          197.148.96.0/19 maxlen: 24
                          2c0f:f578::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/nHonja2J7WPpPiUhm0zaALEAYZM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/nHonja2J7WPpPiUhm0zaALEAYZM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/nHonja2J7WPpPiUhm0zaALEAYZM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 892 (0x37c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36974EEAF/serialNumber=9C7A278DAD89ED63E93E25219B4CDA00B1006193
        Validity
            Not Before: Jan 22 11:11:51 2024 GMT
            Not After : Jan 21 11:11:51 2025 GMT
        Subject: CN=65ae4d7b-f6e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:31:44:8e:b5:40:96:e1:e1:1d:cc:36:2a:a3:
                    5a:79:df:87:a5:34:8e:fd:73:e1:55:42:eb:85:fc:
                    0e:e5:ee:84:bf:bb:01:a6:98:ac:75:37:35:54:28:
                    91:7e:d1:54:40:e4:75:48:9a:32:62:ff:af:72:04:
                    9e:83:cd:22:f1:f5:d8:89:95:6a:dd:e8:24:90:06:
                    b0:8c:ae:61:64:86:92:75:39:7e:3f:37:90:cc:b5:
                    67:ac:e4:fc:89:42:5d:26:06:db:82:5a:5c:fe:2d:
                    9a:76:bd:52:86:d2:05:ec:73:08:9e:4e:b0:23:f7:
                    95:fa:3b:fc:46:3d:aa:cc:f8:99:6b:bb:2c:b2:6d:
                    f8:a0:30:8f:f3:e6:1d:8a:08:43:3a:cb:f8:42:a9:
                    67:66:60:73:28:16:09:6c:3c:06:68:68:69:15:9c:
                    e8:f6:0d:dc:fd:4c:66:53:80:2b:0f:5f:bc:bb:f7:
                    0b:0e:4b:f7:29:5f:de:32:b3:b9:04:99:06:3b:9a:
                    7e:db:1b:80:42:42:3e:71:79:f4:49:72:98:fc:b0:
                    a5:bb:f2:c7:5d:ca:7e:4b:91:16:aa:f1:a6:97:99:
                    84:5a:0c:24:dd:e4:4c:da:ba:a2:ef:de:cd:ee:49:
                    55:c6:86:17:7f:96:6d:72:82:67:02:da:8e:8e:f5:
                    e6:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:4D:96:82:62:E7:00:D7:D9:A4:49:5B:95:60:E3:7E:BF:F5:FD:A8
            X509v3 Authority Key Identifier:
                keyid:9C:7A:27:8D:AD:89:ED:63:E9:3E:25:21:9B:4C:DA:00:B1:00:61:93

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/nHonja2J7WPpPiUhm0zaALEAYZM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/nHonja2J7WPpPiUhm0zaALEAYZM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/0CDD5F3CB91711EEB1AAD090775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.207.160.0/19
                  196.168.0.0/14
                  197.148.96.0/19
                IPv6:
                  2c0f:f578::/32

    Signature Algorithm: sha256WithRSAEncryption
         7e:66:8a:15:01:13:42:b6:96:eb:50:2f:93:7a:60:e5:61:e2:
         de:91:05:61:01:09:e1:b5:15:3c:56:c7:44:cb:97:44:00:13:
         64:a4:49:a4:0c:a7:ce:10:05:a6:d1:8a:1d:31:d2:82:2e:92:
         87:27:84:f8:c2:d3:6a:8f:1b:cc:d2:15:fd:96:38:71:45:b9:
         e9:d4:55:a3:6e:97:7f:8f:40:49:5d:76:a2:0b:1a:f7:0c:8b:
         5a:a1:61:18:31:d2:3d:f6:7d:69:9a:a5:07:3e:f2:93:c0:ff:
         1e:2d:48:aa:7c:a9:e0:49:55:0d:ba:ac:22:25:52:9f:a2:ea:
         19:c3:1e:6e:c4:ea:de:60:ac:d6:54:f7:47:5a:4d:09:19:55:
         77:c6:89:8d:18:fd:c8:25:d0:15:a4:d8:f5:c8:99:93:83:47:
         0e:c7:50:7d:98:ae:e7:68:fb:ff:82:94:9b:db:7c:ea:55:8d:
         b5:97:89:59:06:31:c5:88:ff:8d:8f:83:d6:e2:7a:d6:2c:40:
         ef:51:ec:4d:1a:6d:b9:d6:05:66:48:db:d5:ad:ad:94:94:dc:
         ac:48:dd:08:f8:13:87:d5:ab:10:12:75:bd:f0:49:30:3b:06:
         7e:66:77:5b:52:94:14:53:79:3a:39:35:06:96:1c:ae:7e:96:
         f3:49:1a:4c
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICA3wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTc0RUVBRjExMC8GA1UEBRMoOUM3QTI3OERBRDg5RUQ2M0U5M0UyNTIxOUI0Q0RB
MDBCMTAwNjE5MzAeFw0yNDAxMjIxMTExNTFaFw0yNTAxMjExMTExNTFaMBgxFjAU
BgNVBAMTDTY1YWU0ZDdiLWY2ZTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDHMUSOtUCW4eEdzDYqo1p534elNI79c+FVQuuF/A7l7oS/uwGmmKx1NzVU
KJF+0VRA5HVImjJi/69yBJ6DzSLx9diJlWrd6CSQBrCMrmFkhpJ1OX4/N5DMtWes
5PyJQl0mBtuCWlz+LZp2vVKG0gXscwieTrAj95X6O/xGParM+JlruyyybfigMI/z
5h2KCEM6y/hCqWdmYHMoFglsPAZoaGkVnOj2Ddz9TGZTgCsPX7y79wsOS/cpX94y
s7kEmQY7mn7bG4BCQj5xefRJcpj8sKW78sddyn5LkRaq8aaXmYRaDCTd5EzauqLv
3s3uSVXGhhd/lm1ygmcC2o6O9ebDAgMBAAGjggK/MIICuzAdBgNVHQ4EFgQUrU2W
gmLnANfZpElblWDjfr/1/agwHwYDVR0jBBgwFoAUnHonja2J7WPpPiUhm0zaALEA
YZMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk3NEVFL0ZEOTA2OTEwMTU4MTExRUNCMDgxMDc3MUQ4QTAxNENFL25Ib25q
YTJKN1dQcFBpVWhtMHphQUxFQVlaTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL25Ib25qYTJKN1dQcFBpVWhtMHphQUxFQVlaTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk3NEVFL0ZEOTA2OTEwMTU4MTExRUNCMDgxMDc3MUQ4
QTAxNENFLzBDREQ1RjNDQjkxNzExRUVCMUFBRDA5MDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOQYIKwYBBQUHAQcBAf8EKjAoMBcEAgABMBEDBAUpz6ADAwLEqAMEBcWUYDAN
BAIAAjAHAwUALA/1eDANBgkqhkiG9w0BAQsFAAOCAQEAfmaKFQETQraW61Avk3pg
5WHi3pEFYQEJ4bUVPFbHRMuXRAATZKRJpAynzhAFptGKHTHSgi6ShyeE+MLTao8b
zNIV/ZY4cUW56dRVo26Xf49ASV12ogsa9wyLWqFhGDHSPfZ9aZqlBz7yk8D/Hi1I
qnyp4ElVDbqsIiVSn6LqGcMebsTq3mCs1lT3R1pNCRlVd8aJjRj9yCXQFaTY9ciZ
k4NHDsdQfZiu52j7/4KUm9t86lWNtZeJWQYxxYj/jY+D1uJ61ixA71HsTRptudYF
Zkjb1a2tlJTcrEjdCPgTh9WrEBJ1vfBJMDsGfmZ3W1KUFFN5Ojk1BpYcrn6W80ka
TA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:15 2024 by rpki-client on console-ams.rpki-client.org