Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/7E1978023EBB11ED99AE00D9F1222468.roa
File:                     7E1978023EBB11ED99AE00D9F1222468.roa (raw, json)
Hash identifier:          cx8qX9tYkmL7yvZ47yq96Q/Hlj2KKN10K0+d0zr+Wg8=
Subject key identifier:   02:95:F8:92:6D:97:8B:AA:23:77:EB:16:12:57:11:4A:B8:A5:83:F0
Certificate issuer:       /CN=F369BAF0AF/serialNumber=27319BFD9C6EC5953E5629599AFFE2D26A9404F2
Certificate serial:       0168
Authority key identifier: 27:31:9B:FD:9C:6E:C5:95:3E:56:29:59:9A:FF:E2:D2:6A:94:04:F2
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/7E1978023EBB11ED99AE00D9F1222468.roa
Signing time:             Tue 27 Sep 2022 23:24:11 +0000
ROA not before:           Wed 28 Sep 2022 23:24:06 +0000
ROA not after:            Mon 18 Jan 2027 23:24:06 +0000
asID:                     328068
IP address blocks:        196.61.224.0/22 maxlen: 22
                          196.61.224.0/23 maxlen: 23
                          196.61.226.0/23 maxlen: 23
                          196.61.226.0/24 maxlen: 24
                          196.61.227.0/24 maxlen: 24
                          196.61.228.0/24 maxlen: 24
                          196.61.229.0/24 maxlen: 24
                          196.61.230.0/24 maxlen: 24
                          196.61.231.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 360 (0x168)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369BAF0AF/serialNumber=27319BFD9C6EC5953E5629599AFFE2D26A9404F2
        Validity
            Not Before: Sep 28 23:24:06 2022 GMT
            Not After : Jan 18 23:24:06 2027 GMT
        Subject: CN=6333861b-bbbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:59:a4:9b:a6:3d:3a:09:9b:6a:25:00:c5:ac:
                    31:00:55:4d:6f:65:c8:48:49:95:00:c0:04:33:ce:
                    bf:50:70:9e:09:24:e1:a7:9c:75:47:ac:e6:c8:fb:
                    b2:05:44:50:f9:f9:b9:28:e9:6b:5c:91:7e:52:84:
                    30:f4:dc:1f:01:27:3c:ba:b7:9b:43:f2:0b:a9:58:
                    59:70:16:27:a3:40:1b:f1:3c:6d:b7:bb:15:8b:a5:
                    ac:67:86:40:76:b8:ba:15:43:84:a7:23:d0:59:44:
                    0b:c8:f4:d0:bc:19:04:7c:41:11:f8:4f:20:a0:d4:
                    da:2a:4f:1e:ea:26:2c:af:5f:06:3a:81:5b:8e:bd:
                    86:31:f7:e8:95:eb:0d:ea:db:ba:ed:37:05:48:3b:
                    35:d3:fa:d4:ab:d1:2b:09:4e:57:59:11:23:2c:30:
                    ab:38:bf:c4:15:2b:46:4f:a2:71:87:b9:87:8b:71:
                    d0:f1:0a:0f:e2:1f:00:8e:cb:11:12:d4:ed:1d:0b:
                    3d:24:ec:da:fd:ab:a3:e0:d5:d1:01:6b:60:a3:c4:
                    53:10:02:fd:e4:92:2b:a6:39:c4:46:0c:0e:b5:9c:
                    67:ea:7c:46:41:6f:61:f5:67:74:10:77:ab:85:11:
                    3c:bb:c5:6e:f1:f5:c6:89:f5:e9:60:c8:97:92:34:
                    30:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:95:F8:92:6D:97:8B:AA:23:77:EB:16:12:57:11:4A:B8:A5:83:F0
            X509v3 Authority Key Identifier:
                keyid:27:31:9B:FD:9C:6E:C5:95:3E:56:29:59:9A:FF:E2:D2:6A:94:04:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/7E1978023EBB11ED99AE00D9F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.61.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         71:ae:b4:01:d6:22:9a:b4:b6:17:56:3a:a9:7a:4b:91:e1:57:
         5d:8d:ad:e6:38:2c:12:b9:b6:42:a5:59:64:07:93:2b:15:65:
         3d:a7:e3:50:5c:d7:2c:d0:75:59:f0:7f:6e:a4:77:75:2c:e8:
         49:3b:a6:e8:d7:46:cd:55:19:e5:5e:0d:3a:c8:51:6d:83:10:
         c8:50:12:d9:27:4d:85:a7:b9:33:3e:f6:1a:0d:e8:27:db:60:
         d6:03:11:62:f8:10:e4:87:95:7c:32:e7:82:17:7f:fc:fc:74:
         52:ff:00:5a:45:b7:35:bc:46:f0:27:d2:36:0c:17:01:2a:07:
         dc:69:b5:c1:63:cb:9d:9f:a8:c7:95:37:e3:59:85:15:3e:9f:
         7b:ae:86:b0:1a:a9:b2:04:88:e2:99:ae:9c:da:71:67:b9:b5:
         d7:96:00:e8:a2:4d:16:82:34:84:68:20:fa:d6:34:76:2b:d5:
         91:9b:2c:3a:c3:b3:1a:f3:86:c2:44:79:62:72:7c:11:41:b3:
         9c:0c:56:ad:2e:05:9d:65:86:38:80:9b:1f:4d:d4:8d:14:ac:
         b6:d2:05:0c:ff:ee:05:07:76:b1:91:14:5e:6a:81:40:ca:60:
         86:01:c3:95:9d:98:17:1e:73:dc:55:e2:25:15:06:ae:e4:f9:
         44:17:82:bf
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAWgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OUJBRjBBRjExMC8GA1UEBRMoMjczMTlCRkQ5QzZFQzU5NTNFNTYyOTU5OUFGRkUy
RDI2QTk0MDRGMjAeFw0yMjA5MjgyMzI0MDZaFw0yNzAxMTgyMzI0MDZaMBgxFjAU
BgNVBAMMDTYzMzM4NjFiLWJiYmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEWaSbpj06CZtqJQDFrDEAVU1vZchISZUAwAQzzr9QcJ4JJOGnnHVHrObI
+7IFRFD5+bko6WtckX5ShDD03B8BJzy6t5tD8gupWFlwFiejQBvxPG23uxWLpaxn
hkB2uLoVQ4SnI9BZRAvI9NC8GQR8QRH4TyCg1NoqTx7qJiyvXwY6gVuOvYYx9+iV
6w3q27rtNwVIOzXT+tSr0SsJTldZESMsMKs4v8QVK0ZPonGHuYeLcdDxCg/iHwCO
yxES1O0dCz0k7Nr9q6Pg1dEBa2CjxFMQAv3kkiumOcRGDA61nGfqfEZBb2H1Z3QQ
d6uFETy7xW7x9caJ9elgyJeSNDCdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUApX4
km2Xi6ojd+sWElcRSrilg/AwHwYDVR0jBBgwFoAUJzGb/ZxuxZU+VilZmv/i0mqU
BPIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlCQUYwLzEyOTg0NDM2MkNCQjExRUNCMkQ4MzY2RUQ4QTAxNENFL0p6R2Jf
Wnh1eFpVLVZpbFptdl9pMG1xVUJQSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0p6R2JfWnh1eFpVLVZpbFptdl9pMG1xVUJQSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlCQUYwLzEyOTg0NDM2MkNCQjExRUNCMkQ4MzY2RUQ4
QTAxNENFLzdFMTk3ODAyM0VCQjExRUQ5OUFFMDBEOUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPEPeAwDQYJKoZIhvcNAQEL
BQADggEBAHGutAHWIpq0thdWOql6S5HhV12NreY4LBK5tkKlWWQHkysVZT2n41Bc
1yzQdVnwf26kd3Us6Ek7pujXRs1VGeVeDTrIUW2DEMhQEtknTYWnuTM+9hoN6Cfb
YNYDEWL4EOSHlXwy54IXf/z8dFL/AFpFtzW8RvAn0jYMFwEqB9xptcFjy52fqMeV
N+NZhRU+n3uuhrAaqbIEiOKZrpzacWe5tdeWAOiiTRaCNIRoIPrWNHYr1ZGbLDrD
sxrzhsJEeWJyfBFBs5wMVq0uBZ1lhjiAmx9N1I0UrLbSBQz/7gUHdrGRFF5qgUDK
YIYBw5WdmBcec9xV4iUVBq7k+UQXgr8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:17 2024 by rpki-client on console-ams.rpki-client.org