Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/3BD19BC6CEBF11ECB35C83CFF1222468.roa
File:                     3BD19BC6CEBF11ECB35C83CFF1222468.roa (raw, json)
Hash identifier:          OQiLL3s4QK6PIepNSEVRJXRwc92W6fxDSAwcYtXxCQ0=
Subject key identifier:   76:2B:C1:22:AA:4E:E0:B6:11:D3:AA:2C:0E:E3:7D:84:9E:A6:84:95
Certificate issuer:       /CN=F369C738AF/serialNumber=01E61C3F96466A5909985476E88479BB7D4112F6
Certificate serial:       0274
Authority key identifier: 01:E6:1C:3F:96:46:6A:59:09:98:54:76:E8:84:79:BB:7D:41:12:F6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/AeYcP5ZGalkJmFR26IR5u31BEvY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/3BD19BC6CEBF11ECB35C83CFF1222468.roa
Signing time:             Sun 08 May 2022 11:08:48 +0000
ROA not before:           Sun 08 May 2022 11:08:44 +0000
ROA not after:            Sat 08 May 2032 11:08:44 +0000
asID:                     15706
IP address blocks:        41.209.64.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AeYcP5ZGalkJmFR26IR5u31BEvY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AeYcP5ZGalkJmFR26IR5u31BEvY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/AeYcP5ZGalkJmFR26IR5u31BEvY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 628 (0x274)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369C738AF/serialNumber=01E61C3F96466A5909985476E88479BB7D4112F6
        Validity
            Not Before: May  8 11:08:44 2022 GMT
            Not After : May  8 11:08:44 2032 GMT
        Subject: CN=6277a4c0-ef37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:20:18:06:ab:32:35:59:ce:6d:4b:60:32:c6:
                    84:da:2a:0d:22:57:90:d5:cf:17:9a:79:1a:21:54:
                    c4:fa:32:a7:55:f8:a3:dd:1a:45:9f:44:4e:76:14:
                    3a:12:3d:8b:4e:13:8b:41:45:a9:92:49:f3:45:f3:
                    68:e2:f8:5a:69:92:5f:43:fb:9f:19:f0:9f:1b:e9:
                    8e:39:b7:40:0f:24:0b:6f:49:f0:50:4f:ce:f9:d2:
                    ad:49:9b:fa:49:c5:f4:df:6b:db:f1:23:24:84:36:
                    41:0f:97:37:ef:e6:fb:05:99:c3:53:bc:ed:ef:e0:
                    84:66:ec:f8:f0:3b:09:e2:ff:3e:7b:1c:ed:04:2a:
                    39:33:12:1c:68:d1:fe:ff:75:ca:de:26:7a:38:e6:
                    34:54:fe:5c:b1:c9:f1:83:fb:e4:e4:14:c4:a1:a5:
                    eb:9b:e6:0e:37:96:80:f5:cb:fe:08:d5:66:f1:3d:
                    d9:97:a3:85:2a:51:08:c2:8c:1a:9e:13:a4:07:da:
                    5b:66:17:bd:fc:0b:5b:6b:63:6a:fa:4a:c3:7b:9a:
                    9d:73:aa:6e:2d:de:24:ec:d7:57:d6:82:97:f7:37:
                    09:8c:b3:92:72:95:36:c4:56:d6:d3:bb:b8:0e:ba:
                    fd:5b:e1:e9:a6:01:ec:5d:af:47:0a:b4:fc:80:a2:
                    19:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:2B:C1:22:AA:4E:E0:B6:11:D3:AA:2C:0E:E3:7D:84:9E:A6:84:95
            X509v3 Authority Key Identifier:
                keyid:01:E6:1C:3F:96:46:6A:59:09:98:54:76:E8:84:79:BB:7D:41:12:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AeYcP5ZGalkJmFR26IR5u31BEvY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/AeYcP5ZGalkJmFR26IR5u31BEvY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/3BD19BC6CEBF11ECB35C83CFF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.209.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         1b:e4:d1:0b:46:1e:ac:3a:58:97:5d:d1:77:29:bb:75:3b:35:
         d2:90:92:a5:80:d7:ce:17:78:c6:03:cb:2b:8d:8d:f3:8f:ce:
         0d:f4:fb:95:04:49:68:94:00:cc:4a:65:db:b0:51:a7:ea:01:
         c2:54:63:59:16:9d:73:eb:0c:25:f3:66:71:d2:71:b7:a8:0d:
         a6:d8:1d:4b:37:e9:0d:b8:06:91:05:3b:78:ac:5e:79:de:5c:
         d7:6b:51:b0:80:79:0a:58:77:a1:29:7b:c6:c4:0e:8b:6a:ca:
         d7:8a:59:07:42:8d:ab:50:6b:ea:ae:14:bb:5f:0b:d0:8c:47:
         b7:5b:ba:45:84:30:96:f2:8d:9b:94:2b:1c:c8:5b:b3:03:13:
         a8:73:87:60:dc:04:d0:00:9a:9e:8a:36:7c:b5:63:05:3e:39:
         e0:9b:91:c9:9e:73:23:cc:33:b6:59:c8:b0:ba:88:7e:ff:b6:
         87:43:2f:64:77:e3:9d:19:7d:69:8a:fe:be:8c:5f:75:bb:52:
         fb:a0:f1:58:1e:ad:6b:8c:d4:90:86:6b:ad:b6:57:74:20:f9:
         04:ce:6e:16:a8:86:74:31:55:62:42:73:ba:76:61:e5:e6:03:
         14:90:6d:9d:4c:d8:c6:08:3c:d2:fc:52:a6:e6:39:01:6d:26:
         d9:38:b4:62
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAnQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OUM3MzhBRjExMC8GA1UEBRMoMDFFNjFDM0Y5NjQ2NkE1OTA5OTg1NDc2RTg4NDc5
QkI3RDQxMTJGNjAeFw0yMjA1MDgxMTA4NDRaFw0zMjA1MDgxMTA4NDRaMBgxFjAU
BgNVBAMMDTYyNzdhNGMwLWVmMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDyIBgGqzI1Wc5tS2AyxoTaKg0iV5DVzxeaeRohVMT6MqdV+KPdGkWfRE52
FDoSPYtOE4tBRamSSfNF82ji+Fppkl9D+58Z8J8b6Y45t0APJAtvSfBQT8750q1J
m/pJxfTfa9vxIySENkEPlzfv5vsFmcNTvO3v4IRm7PjwOwni/z57HO0EKjkzEhxo
0f7/dcreJno45jRU/lyxyfGD++TkFMShpeub5g43loD1y/4I1WbxPdmXo4UqUQjC
jBqeE6QH2ltmF738C1trY2r6SsN7mp1zqm4t3iTs11fWgpf3NwmMs5JylTbEVtbT
u7gOuv1b4emmAexdr0cKtPyAohmvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdivB
IqpO4LYR06osDuN9hJ6mhJUwHwYDVR0jBBgwFoAUAeYcP5ZGalkJmFR26IR5u31B
EvYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlDNzM4LzdBMEFCRjAwRUVBOTExRUFBMjg3RDkxQkY4QUVBMjI4L0FlWWNQ
NVpHYWxrSm1GUjI2SVI1dTMxQkV2WS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0FlWWNQNVpHYWxrSm1GUjI2SVI1dTMxQkV2WS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlDNzM4LzdBMEFCRjAwRUVBOTExRUFBMjg3RDkxQkY4
QUVBMjI4LzNCRDE5QkM2Q0VCRjExRUNCMzVDODNDRkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAYp0UAwDQYJKoZIhvcNAQEL
BQADggEBABvk0QtGHqw6WJdd0Xcpu3U7NdKQkqWA184XeMYDyyuNjfOPzg30+5UE
SWiUAMxKZduwUafqAcJUY1kWnXPrDCXzZnHScbeoDabYHUs36Q24BpEFO3isXnne
XNdrUbCAeQpYd6Epe8bEDotqyteKWQdCjatQa+quFLtfC9CMR7dbukWEMJbyjZuU
KxzIW7MDE6hzh2DcBNAAmp6KNny1YwU+OeCbkcmecyPMM7ZZyLC6iH7/todDL2R3
450ZfWmK/r6MX3W7Uvug8VgerWuM1JCGa622V3Qg+QTObhaohnQxVWJCc7p2YeXm
AxSQbZ1M2MYIPNL8UqbmOQFtJtk4tGI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:13 2024 by rpki-client on console-fra.rpki-client.org