Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/815164B47E8411EC9AC14C6F5A40D577.roa
File:                     815164B47E8411EC9AC14C6F5A40D577.roa (raw, json)
Hash identifier:          lzrEzC54fkEwG1VgX/zXOiGIVwd8U+22U6iBwSLlzUo=
Subject key identifier:   43:58:99:F5:0B:42:38:C0:16:6E:00:EB:D9:18:11:AC:11:F5:A8:7E
Certificate issuer:       /CN=F369AFDDAF/serialNumber=E7C680360024EDB9F3451DC913EA33059BC904A5
Certificate serial:       013D
Authority key identifier: E7:C6:80:36:00:24:ED:B9:F3:45:1D:C9:13:EA:33:05:9B:C9:04:A5
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/58aANgAk7bnzRR3JE-ozBZvJBKU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/815164B47E8411EC9AC14C6F5A40D577.roa
Signing time:             Wed 26 Jan 2022 08:46:51 +0000
ROA not before:           Wed 26 Jan 2022 08:46:48 +0000
ROA not after:            Mon 26 Jan 2032 08:46:48 +0000
asID:                     327980
IP address blocks:        41.216.177.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/58aANgAk7bnzRR3JE-ozBZvJBKU.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/58aANgAk7bnzRR3JE-ozBZvJBKU.mft
                          rsync://rpki.afrinic.net/repository/afrinic/58aANgAk7bnzRR3JE-ozBZvJBKU.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 317 (0x13d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369AFDDAF/serialNumber=E7C680360024EDB9F3451DC913EA33059BC904A5
        Validity
            Not Before: Jan 26 08:46:48 2022 GMT
            Not After : Jan 26 08:46:48 2032 GMT
        Subject: CN=61f10a7b-6f32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:97:bd:2f:5c:fb:91:c5:7d:fb:5b:45:c9:d6:
                    65:97:a0:5e:4a:af:05:3f:97:ff:0f:df:1f:71:da:
                    e1:df:9a:f6:17:1f:96:10:14:a1:ae:73:66:67:9c:
                    c9:4f:dc:e0:e0:ae:85:4f:fb:07:9e:e6:0a:7f:10:
                    2f:24:d8:c4:fc:63:ee:15:c9:bf:5a:87:a9:8f:07:
                    69:35:1c:69:ac:f8:4e:cf:92:de:5a:97:49:fe:cc:
                    32:06:bc:ca:b7:2e:ac:ef:a5:13:59:a2:c7:f9:f4:
                    01:43:a7:a3:20:05:1c:30:fd:8d:ea:a0:58:22:16:
                    1b:2c:ae:f5:40:ad:3f:88:fc:f1:23:ae:75:cc:69:
                    20:02:14:96:e7:04:fa:e5:05:12:1b:e4:eb:ed:63:
                    fd:7a:b7:7a:e2:60:ec:90:d9:4d:00:14:13:e8:04:
                    cd:35:09:02:5b:44:9b:36:28:a5:d5:e9:44:9e:68:
                    4e:c5:dc:de:c6:8c:86:d2:af:d6:2c:68:ff:5b:4c:
                    12:65:60:38:ce:f0:d4:96:c6:e3:7c:9a:3e:ec:a2:
                    33:32:b3:3c:ce:65:41:a2:c7:95:65:8c:21:86:7b:
                    65:6f:79:78:a2:46:82:76:6c:e2:d4:9b:29:40:f9:
                    89:f0:49:af:74:82:0f:ed:7f:6a:4f:ee:6e:71:1d:
                    6c:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:58:99:F5:0B:42:38:C0:16:6E:00:EB:D9:18:11:AC:11:F5:A8:7E
            X509v3 Authority Key Identifier:
                keyid:E7:C6:80:36:00:24:ED:B9:F3:45:1D:C9:13:EA:33:05:9B:C9:04:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/58aANgAk7bnzRR3JE-ozBZvJBKU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/58aANgAk7bnzRR3JE-ozBZvJBKU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369AFDD/3DB42DDAC1F211EBBA2FF03EF8AEA228/815164B47E8411EC9AC14C6F5A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.216.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:02:f4:ce:76:7d:71:26:26:25:0f:2e:f7:18:3d:f6:34:10:
         f3:1d:46:7c:53:b0:2e:9d:36:63:21:50:3c:79:70:c6:a0:22:
         1a:18:70:49:87:3c:22:03:ea:a6:35:4c:ca:25:b2:86:4f:e9:
         4e:8e:f5:c0:c0:f1:76:fa:b0:2a:d8:47:93:11:b4:36:d8:40:
         48:57:d6:dd:dd:3d:61:cd:3b:ab:7e:eb:7c:c6:dc:18:91:03:
         53:69:e0:d5:5b:14:81:df:a1:4a:fd:21:2b:93:67:51:9b:5e:
         c5:b3:e0:08:e4:b4:ba:c6:3f:7b:49:54:ba:65:ee:9c:22:66:
         b1:b4:b9:85:5f:ed:eb:83:ba:0c:dd:58:bd:d8:b5:8e:35:a2:
         81:1e:2f:59:a8:6f:70:72:fc:5f:c2:22:0a:cd:dd:ef:24:b3:
         eb:f9:96:ff:3f:d2:c5:f7:80:5c:b5:de:f4:c3:7f:e7:0a:d4:
         92:65:4d:8a:c8:8d:3b:b9:41:bb:8d:f1:65:86:a6:b4:e2:71:
         39:0f:b4:c7:c1:ca:4e:f9:de:2c:d0:6e:93:b6:41:49:7d:8c:
         47:b1:d0:2f:83:f9:50:64:27:b3:d8:58:71:82:88:7f:82:55:
         a0:ab:03:12:8b:3e:d6:25:a2:a8:5e:b0:2b:33:f7:cb:05:7b:
         60:22:f0:db
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAT0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OUFGRERBRjExMC8GA1UEBRMoRTdDNjgwMzYwMDI0RURCOUYzNDUxREM5MTNFQTMz
MDU5QkM5MDRBNTAeFw0yMjAxMjYwODQ2NDhaFw0zMjAxMjYwODQ2NDhaMBgxFjAU
BgNVBAMMDTYxZjEwYTdiLTZmMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRl70vXPuRxX37W0XJ1mWXoF5KrwU/l/8P3x9x2uHfmvYXH5YQFKGuc2Zn
nMlP3ODgroVP+wee5gp/EC8k2MT8Y+4Vyb9ah6mPB2k1HGms+E7Pkt5al0n+zDIG
vMq3LqzvpRNZosf59AFDp6MgBRww/Y3qoFgiFhssrvVArT+I/PEjrnXMaSACFJbn
BPrlBRIb5OvtY/16t3riYOyQ2U0AFBPoBM01CQJbRJs2KKXV6USeaE7F3N7GjIbS
r9YsaP9bTBJlYDjO8NSWxuN8mj7sojMyszzOZUGix5VljCGGe2VveXiiRoJ2bOLU
mylA+YnwSa90gg/tf2pP7m5xHWzxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQ1iZ
9QtCOMAWbgDr2RgRrBH1qH4wHwYDVR0jBBgwFoAU58aANgAk7bnzRR3JE+ozBZvJ
BKUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlBRkRELzNEQjQyRERBQzFGMjExRUJCQTJGRjAzRUY4QUVBMjI4LzU4YUFO
Z0FrN2JuelJSM0pFLW96Qlp2SkJLVS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzU4YUFOZ0FrN2JuelJSM0pFLW96Qlp2SkJLVS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlBRkRELzNEQjQyRERBQzFGMjExRUJCQTJGRjAzRUY4
QUVBMjI4LzgxNTE2NEI0N0U4NDExRUM5QUMxNEM2RjVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp2LEwDQYJKoZIhvcNAQEL
BQADggEBAGcC9M52fXEmJiUPLvcYPfY0EPMdRnxTsC6dNmMhUDx5cMagIhoYcEmH
PCID6qY1TMolsoZP6U6O9cDA8Xb6sCrYR5MRtDbYQEhX1t3dPWHNO6t+63zG3BiR
A1Np4NVbFIHfoUr9ISuTZ1GbXsWz4AjktLrGP3tJVLpl7pwiZrG0uYVf7euDugzd
WL3YtY41ooEeL1mob3By/F/CIgrN3e8ks+v5lv8/0sX3gFy13vTDf+cK1JJlTYrI
jTu5QbuN8WWGprTicTkPtMfByk753izQbpO2QUl9jEex0C+D+VBkJ7PYWHGCiH+C
VaCrAxKLPtYloqhesCsz98sFe2Ai8Ns=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org