Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AF4DC1D2CEC011ECA479F5D3F1222468.roa
File:                     AF4DC1D2CEC011ECA479F5D3F1222468.roa (raw, json)
Hash identifier:          QVVfkdm1Ps59DY37Vr5B9x+xZ3oQL5mjOfgaIXuN1I8=
Subject key identifier:   65:B4:E6:1D:E9:2D:F6:E3:85:0E:2F:6B:B9:88:E4:A4:10:A5:DF:94
Certificate issuer:       /CN=F369C738AF/serialNumber=01E61C3F96466A5909985476E88479BB7D4112F6
Certificate serial:       0276
Authority key identifier: 01:E6:1C:3F:96:46:6A:59:09:98:54:76:E8:84:79:BB:7D:41:12:F6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/AeYcP5ZGalkJmFR26IR5u31BEvY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AF4DC1D2CEC011ECA479F5D3F1222468.roa
Signing time:             Sun 08 May 2022 11:19:11 +0000
ROA not before:           Sun 08 May 2022 11:19:08 +0000
ROA not after:            Sat 08 May 2032 11:19:08 +0000
asID:                     15706
IP address blocks:        41.218.0.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AeYcP5ZGalkJmFR26IR5u31BEvY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AeYcP5ZGalkJmFR26IR5u31BEvY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/AeYcP5ZGalkJmFR26IR5u31BEvY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 630 (0x276)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369C738AF/serialNumber=01E61C3F96466A5909985476E88479BB7D4112F6
        Validity
            Not Before: May  8 11:19:08 2022 GMT
            Not After : May  8 11:19:08 2032 GMT
        Subject: CN=6277a72f-b3e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ed:67:92:db:38:a5:4c:26:3c:15:0f:27:ac:
                    9f:34:eb:d9:a4:06:24:d2:df:96:62:d5:27:ff:85:
                    1b:bf:c6:7c:1d:c1:ad:90:c4:8d:55:88:38:a6:a0:
                    ef:68:79:a7:9c:36:87:9a:f3:5c:88:d3:de:ed:1c:
                    20:c2:db:12:6a:f8:c3:70:75:81:f0:a8:e3:ad:9b:
                    0f:1d:85:f7:c0:75:5e:3e:0f:3c:a7:89:10:0f:cd:
                    37:22:bc:fa:1a:77:ba:91:bf:b1:ed:7d:17:ee:cd:
                    4e:98:1a:ea:dd:5a:7d:e3:ae:fa:89:dc:f6:1a:de:
                    1f:aa:fb:4b:79:80:35:70:05:8f:9e:e9:2b:22:96:
                    3a:fb:59:4f:9d:62:1f:82:06:23:f0:6a:85:f9:0c:
                    2c:8c:21:50:26:ae:14:5e:fe:d7:7a:33:6f:45:a1:
                    90:42:2b:f0:85:c1:44:61:cc:93:2c:1b:99:f3:4c:
                    d1:2b:f8:ef:68:75:a6:38:fe:0b:65:6b:f1:63:12:
                    a8:95:7e:9a:4b:0f:31:58:93:b5:fc:98:17:49:75:
                    94:1a:62:f1:64:38:15:73:c2:ec:02:cc:fc:4d:c1:
                    e3:71:a3:64:2c:43:5a:53:b4:9d:a7:5e:91:1c:4f:
                    94:63:4f:43:81:f6:23:74:a8:a6:2d:07:bb:59:b1:
                    2a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:B4:E6:1D:E9:2D:F6:E3:85:0E:2F:6B:B9:88:E4:A4:10:A5:DF:94
            X509v3 Authority Key Identifier:
                keyid:01:E6:1C:3F:96:46:6A:59:09:98:54:76:E8:84:79:BB:7D:41:12:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AeYcP5ZGalkJmFR26IR5u31BEvY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/AeYcP5ZGalkJmFR26IR5u31BEvY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AF4DC1D2CEC011ECA479F5D3F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.218.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         40:e5:c4:42:93:89:03:9e:43:b3:3e:60:65:8d:ba:8d:a9:65:
         ed:69:d4:a1:15:eb:8f:4a:c7:34:d5:5d:5e:e2:64:03:77:6a:
         6b:3d:61:8f:8c:d6:56:01:75:1b:f5:8f:2a:5e:63:a4:d2:cf:
         e2:5e:77:db:e8:02:2c:ce:39:85:fa:6d:2f:78:db:cd:ce:f7:
         4d:de:78:a6:65:3b:1c:59:ea:72:cf:7e:cb:a5:2d:9a:9f:fe:
         fa:c6:f6:65:99:74:83:4e:1e:75:a8:a4:d1:a9:30:85:f4:fa:
         85:17:7e:bf:09:2c:3a:a6:33:e1:28:af:5a:24:09:8b:32:ac:
         54:cf:db:01:0d:bf:cc:87:12:f5:38:59:30:f7:62:51:ed:0a:
         c6:9e:4c:96:60:73:da:48:de:51:d7:51:39:2d:ba:ba:ba:8e:
         14:ad:39:d0:3e:6f:e0:6a:40:39:15:49:d4:f6:1b:8f:91:ed:
         d7:7c:d7:15:19:85:f4:c1:0e:e7:ee:2d:1f:9a:12:4c:df:b1:
         91:c5:a0:65:a9:69:94:ac:a2:75:00:10:f4:e7:1a:e8:12:f9:
         fa:a9:c0:78:4e:fc:b0:e5:76:81:53:76:6a:5e:a8:1a:80:9d:
         bc:42:e1:fe:fb:ac:b3:d8:76:5e:8c:0d:15:11:37:a5:3b:2c:
         f3:e9:b7:67
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAnYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OUM3MzhBRjExMC8GA1UEBRMoMDFFNjFDM0Y5NjQ2NkE1OTA5OTg1NDc2RTg4NDc5
QkI3RDQxMTJGNjAeFw0yMjA1MDgxMTE5MDhaFw0zMjA1MDgxMTE5MDhaMBgxFjAU
BgNVBAMMDTYyNzdhNzJmLWIzZTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDP7WeS2zilTCY8FQ8nrJ8069mkBiTS35Zi1Sf/hRu/xnwdwa2QxI1ViDim
oO9oeaecNoea81yI097tHCDC2xJq+MNwdYHwqOOtmw8dhffAdV4+DzyniRAPzTci
vPoad7qRv7HtfRfuzU6YGurdWn3jrvqJ3PYa3h+q+0t5gDVwBY+e6Ssiljr7WU+d
Yh+CBiPwaoX5DCyMIVAmrhRe/td6M29FoZBCK/CFwURhzJMsG5nzTNEr+O9odaY4
/gtla/FjEqiVfppLDzFYk7X8mBdJdZQaYvFkOBVzwuwCzPxNweNxo2QsQ1pTtJ2n
XpEcT5RjT0OB9iN0qKYtB7tZsSqFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZbTm
Hekt9uOFDi9ruYjkpBCl35QwHwYDVR0jBBgwFoAUAeYcP5ZGalkJmFR26IR5u31B
EvYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlDNzM4LzdBMEFCRjAwRUVBOTExRUFBMjg3RDkxQkY4QUVBMjI4L0FlWWNQ
NVpHYWxrSm1GUjI2SVI1dTMxQkV2WS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0FlWWNQNVpHYWxrSm1GUjI2SVI1dTMxQkV2WS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlDNzM4LzdBMEFCRjAwRUVBOTExRUFBMjg3RDkxQkY4
QUVBMjI4L0FGNERDMUQyQ0VDMDExRUNBNDc5RjVEM0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAYp2gAwDQYJKoZIhvcNAQEL
BQADggEBAEDlxEKTiQOeQ7M+YGWNuo2pZe1p1KEV649KxzTVXV7iZAN3ams9YY+M
1lYBdRv1jypeY6TSz+Jed9voAizOOYX6bS94283O903eeKZlOxxZ6nLPfsulLZqf
/vrG9mWZdINOHnWopNGpMIX0+oUXfr8JLDqmM+Eor1okCYsyrFTP2wENv8yHEvU4
WTD3YlHtCsaeTJZgc9pI3lHXUTkturq6jhStOdA+b+BqQDkVSdT2G4+R7dd81xUZ
hfTBDufuLR+aEkzfsZHFoGWpaZSsonUAEPTnGugS+fqpwHhO/LDldoFTdmpeqBqA
nbxC4f77rLPYdl6MDRURN6U7LPPpt2c=
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:03:02 2024 by rpki-client on console-ams.rpki-client.org