Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/576C22AE7E8611EC922DA0745A40D577.roa
File:                     576C22AE7E8611EC922DA0745A40D577.roa (raw, json)
Hash identifier:          fI4Qh0NFogb9+0OEoPEIfCjcX0dFIIKFdVkXaRwGoKo=
Subject key identifier:   62:F5:9B:CA:50:83:AD:63:08:4E:7F:4F:E2:E7:61:85:61:2E:08:ED
Certificate issuer:       /CN=F369AFDDAF/serialNumber=E7C680360024EDB9F3451DC913EA33059BC904A5
Certificate serial:       014F
Authority key identifier: E7:C6:80:36:00:24:ED:B9:F3:45:1D:C9:13:EA:33:05:9B:C9:04:A5
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/58aANgAk7bnzRR3JE-ozBZvJBKU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/576C22AE7E8611EC922DA0745A40D577.roa
Signing time:             Wed 26 Jan 2022 09:00:00 +0000
ROA not before:           Wed 26 Jan 2022 08:59:56 +0000
ROA not after:            Mon 26 Jan 2032 08:59:56 +0000
asID:                     327980
IP address blocks:        41.216.186.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/58aANgAk7bnzRR3JE-ozBZvJBKU.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/58aANgAk7bnzRR3JE-ozBZvJBKU.mft
                          rsync://rpki.afrinic.net/repository/afrinic/58aANgAk7bnzRR3JE-ozBZvJBKU.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 335 (0x14f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369AFDDAF/serialNumber=E7C680360024EDB9F3451DC913EA33059BC904A5
        Validity
            Not Before: Jan 26 08:59:56 2022 GMT
            Not After : Jan 26 08:59:56 2032 GMT
        Subject: CN=61f10d90-e1e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:0f:c9:97:4f:71:78:75:c5:90:1f:91:b6:7f:
                    7b:fc:84:a4:de:60:18:d4:a1:f4:19:a6:cb:03:c4:
                    b5:e7:fd:34:39:2a:b0:59:25:7d:4c:ea:bd:66:7d:
                    77:74:0a:a4:b8:12:2d:c2:5d:94:42:26:26:a8:28:
                    e7:ac:c1:8b:a6:0b:f6:0d:09:ea:b5:c0:89:cb:5a:
                    77:5b:8a:fb:51:f6:bb:de:37:b4:2d:3e:b9:08:52:
                    95:2c:68:dd:92:63:69:2a:77:ad:51:ca:6a:f9:5c:
                    2a:93:d0:7d:14:d7:f6:f2:8a:f3:fb:f6:c7:21:b2:
                    41:e1:55:96:da:c8:41:19:8d:8e:64:da:ed:ed:1a:
                    82:2d:7f:eb:30:70:55:ec:fc:2e:f3:db:e7:9c:4b:
                    48:55:ae:94:ac:db:07:84:76:38:65:84:14:2d:fa:
                    84:f2:bd:86:f4:63:b7:f7:1f:dd:80:c7:9c:d5:03:
                    5c:10:24:21:2b:53:eb:a9:71:f9:c3:74:e1:41:23:
                    06:4b:f4:00:50:be:24:ef:c5:47:43:23:ea:4e:03:
                    ae:81:93:87:7d:64:d0:ff:c0:43:8f:75:b0:26:a1:
                    24:9a:dd:73:03:28:65:01:12:4f:60:0f:67:26:8d:
                    ce:f0:87:55:94:d9:f4:e7:cb:d9:bf:37:40:99:fc:
                    b7:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:F5:9B:CA:50:83:AD:63:08:4E:7F:4F:E2:E7:61:85:61:2E:08:ED
            X509v3 Authority Key Identifier:
                keyid:E7:C6:80:36:00:24:ED:B9:F3:45:1D:C9:13:EA:33:05:9B:C9:04:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/58aANgAk7bnzRR3JE-ozBZvJBKU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/58aANgAk7bnzRR3JE-ozBZvJBKU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/576C22AE7E8611EC922DA0745A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.216.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:47:fd:20:7f:ee:de:53:44:5c:3e:d2:ee:7d:06:09:d3:21:
         cf:a1:c9:22:ea:6e:a0:c4:72:c2:95:0f:05:39:a7:e9:70:63:
         56:87:91:80:b6:d1:f2:03:05:fb:47:d2:7f:20:a3:25:b3:3f:
         63:77:dc:58:eb:0f:10:ce:43:a7:9b:36:d8:8a:ce:45:0c:87:
         14:96:64:b2:0c:6d:4b:5c:10:9e:83:ef:3b:92:ad:3b:eb:97:
         9c:3c:73:09:70:5f:e6:9c:87:60:c8:c9:41:19:55:69:0e:53:
         69:2a:83:9b:aa:b6:93:eb:cd:1a:56:c7:6c:e9:b9:63:a5:ca:
         6c:b6:5b:c6:f4:d8:a7:61:c8:9d:51:0e:23:39:50:20:e1:b8:
         53:bd:38:4b:34:0a:78:77:ba:a5:92:cf:5e:33:aa:b2:a2:21:
         1f:b1:bf:0a:2d:c5:45:00:a7:e8:4f:30:b8:69:a1:e3:3e:59:
         58:1a:05:49:6f:d7:6e:03:09:b8:30:80:42:9a:ef:bd:31:7a:
         e2:03:9c:c3:c1:a9:48:6d:68:64:23:28:a7:6e:fd:67:9c:4e:
         9f:97:36:f0:dc:63:59:6a:1f:ac:36:a0:c5:46:10:94:19:4e:
         45:b6:39:da:b1:ec:0f:1d:5c:f1:df:4d:15:66:34:16:c2:b0:
         11:b5:3d:69
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAU8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OUFGRERBRjExMC8GA1UEBRMoRTdDNjgwMzYwMDI0RURCOUYzNDUxREM5MTNFQTMz
MDU5QkM5MDRBNTAeFw0yMjAxMjYwODU5NTZaFw0zMjAxMjYwODU5NTZaMBgxFjAU
BgNVBAMMDTYxZjEwZDkwLWUxZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCYD8mXT3F4dcWQH5G2f3v8hKTeYBjUofQZpssDxLXn/TQ5KrBZJX1M6r1m
fXd0CqS4Ei3CXZRCJiaoKOeswYumC/YNCeq1wInLWndbivtR9rveN7QtPrkIUpUs
aN2SY2kqd61Rymr5XCqT0H0U1/byivP79schskHhVZbayEEZjY5k2u3tGoItf+sw
cFXs/C7z2+ecS0hVrpSs2weEdjhlhBQt+oTyvYb0Y7f3H92Ax5zVA1wQJCErU+up
cfnDdOFBIwZL9ABQviTvxUdDI+pOA66Bk4d9ZND/wEOPdbAmoSSa3XMDKGUBEk9g
D2cmjc7wh1WU2fTny9m/N0CZ/LeHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYvWb
ylCDrWMITn9P4udhhWEuCO0wHwYDVR0jBBgwFoAU58aANgAk7bnzRR3JE+ozBZvJ
BKUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlBRkRELzNEQjQyRERBQzFGMjExRUJCQTJGRjAzRUY4QUVBMjI4LzU4YUFO
Z0FrN2JuelJSM0pFLW96Qlp2SkJLVS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzU4YUFOZ0FrN2JuelJSM0pFLW96Qlp2SkJLVS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlBRkRELzNEQjQyRERBQzFGMjExRUJCQTJGRjAzRUY4
QUVBMjI4LzU3NkMyMkFFN0U4NjExRUM5MjJEQTA3NDVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp2LowDQYJKoZIhvcNAQEL
BQADggEBAGJH/SB/7t5TRFw+0u59BgnTIc+hySLqbqDEcsKVDwU5p+lwY1aHkYC2
0fIDBftH0n8goyWzP2N33FjrDxDOQ6ebNtiKzkUMhxSWZLIMbUtcEJ6D7zuSrTvr
l5w8cwlwX+ach2DIyUEZVWkOU2kqg5uqtpPrzRpWx2zpuWOlymy2W8b02KdhyJ1R
DiM5UCDhuFO9OEs0Cnh3uqWSz14zqrKiIR+xvwotxUUAp+hPMLhpoeM+WVgaBUlv
124DCbgwgEKa770xeuIDnMPBqUhtaGQjKKdu/WecTp+XNvDcY1lqH6w2oMVGEJQZ
TkW2Odqx7A8dXPHfTRVmNBbCsBG1PWk=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:48:39 2024 by rpki-client on console-ams.rpki-client.org