Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/4203F6BEE81011EC8E9CD897F1222468.roa
File:                     4203F6BEE81011EC8E9CD897F1222468.roa (raw, json)
Hash identifier:          wGbpEdFEYvMtHII/vuC8WIoQQsfAsKHUWD8rh/72Sd0=
Subject key identifier:   FF:8B:8D:EF:3E:BA:EE:73:37:44:F7:16:39:74:4F:A6:AE:87:7E:CE
Certificate issuer:       /CN=F369C94EAF/serialNumber=8272C2B8B3B389EE2B7BBD4FBD5509676F3279BB
Certificate serial:       0C
Authority key identifier: 82:72:C2:B8:B3:B3:89:EE:2B:7B:BD:4F:BD:55:09:67:6F:32:79:BB
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gnLCuLOzie4re71PvVUJZ28yebs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/4203F6BEE81011EC8E9CD897F1222468.roa
Signing time:             Thu 09 Jun 2022 16:21:47 +0000
ROA not before:           Thu 09 Jun 2022 16:21:43 +0000
ROA not after:            Wed 09 Jun 2032 16:21:43 +0000
asID:                     37280
IP address blocks:        41.76.197.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/gnLCuLOzie4re71PvVUJZ28yebs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/gnLCuLOzie4re71PvVUJZ28yebs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gnLCuLOzie4re71PvVUJZ28yebs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12 (0xc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369C94EAF/serialNumber=8272C2B8B3B389EE2B7BBD4FBD5509676F3279BB
        Validity
            Not Before: Jun  9 16:21:43 2022 GMT
            Not After : Jun  9 16:21:43 2032 GMT
        Subject: CN=62a21e1b-1e34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:93:23:2e:1a:ee:04:52:6c:84:9a:ca:82:28:
                    aa:ec:70:a7:37:13:fe:a6:63:f9:cf:b1:ae:2e:4e:
                    84:5d:5e:22:32:39:20:54:5c:a9:ae:01:4f:53:03:
                    15:c7:d9:2b:21:62:14:91:76:56:02:57:ee:4c:bf:
                    41:4c:88:cf:3c:b7:32:4c:b3:d8:a3:7d:0b:1a:79:
                    bc:c8:40:eb:ac:25:84:45:2f:6a:21:30:d3:ee:09:
                    b5:32:c6:14:16:49:34:22:c5:e0:11:c4:53:19:2e:
                    7b:6f:e8:14:00:41:e8:86:ac:54:75:58:4b:06:7d:
                    00:2d:2a:4f:5e:13:56:9a:1e:4f:10:0f:71:e6:2e:
                    d0:30:7d:77:3c:3a:ec:32:a6:1e:72:b5:bf:65:fe:
                    ae:0f:5e:87:42:fb:39:12:e7:a2:88:48:a0:e2:ab:
                    1a:9b:5a:90:a8:fa:7f:0e:86:f5:52:22:7c:ad:bd:
                    5b:27:b6:20:70:6b:09:e4:ca:b1:51:eb:a1:43:71:
                    a3:2c:a4:cc:7d:a9:b6:85:81:fc:c1:79:99:a6:79:
                    3b:be:29:d5:21:c8:18:79:a1:23:ed:b3:91:1b:68:
                    6d:10:d7:e2:48:2b:21:1a:25:c3:c4:9b:0c:11:1e:
                    35:b2:2e:2f:a9:59:75:7c:6e:40:18:4d:5b:8d:ce:
                    b1:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:8B:8D:EF:3E:BA:EE:73:37:44:F7:16:39:74:4F:A6:AE:87:7E:CE
            X509v3 Authority Key Identifier:
                keyid:82:72:C2:B8:B3:B3:89:EE:2B:7B:BD:4F:BD:55:09:67:6F:32:79:BB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/gnLCuLOzie4re71PvVUJZ28yebs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gnLCuLOzie4re71PvVUJZ28yebs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/4203F6BEE81011EC8E9CD897F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:bb:cf:af:81:18:11:7f:b6:62:66:e7:f6:c1:db:96:1a:99:
         e7:9a:da:df:b0:91:2d:f5:b7:cd:50:a6:dd:6a:83:ea:ab:88:
         41:23:41:75:0e:5b:fb:4a:68:8f:4a:89:74:8a:c5:5a:b0:28:
         02:a7:69:a8:b2:d9:f6:ae:9e:b6:e8:48:b6:a2:c5:4c:4b:21:
         d1:9c:b6:e0:a6:b4:b8:03:13:0b:d1:b4:a8:12:66:e0:e5:f5:
         21:6b:84:f2:22:0e:4c:48:ec:bd:8d:3d:34:bc:57:19:cd:49:
         ce:3e:c2:27:96:db:96:ab:bd:90:b6:6a:73:cd:f6:11:00:6c:
         bd:79:06:c8:69:53:d1:5a:7e:91:4c:99:fd:13:aa:51:d3:e8:
         91:76:01:c4:89:b6:50:59:b2:2a:f2:ea:26:39:4f:52:60:01:
         84:d9:7b:0b:1e:20:c5:3b:a0:dc:27:08:46:28:92:f1:fa:55:
         58:ac:ad:f3:ca:3d:3f:17:b8:97:11:30:e0:41:27:a1:ad:bc:
         ed:99:8b:d6:20:ca:c0:a0:8f:e2:16:f0:7b:01:94:75:98:7a:
         ae:32:fa:c4:8c:55:5e:d5:3f:e7:b5:5b:1f:6d:f5:b4:7e:f9:
         8b:0a:b1:d8:55:67:81:5d:48:10:49:b9:55:cc:e1:25:4e:91:
         50:cc:fc:69
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY5
Qzk0RUFGMTEwLwYDVQQFEyg4MjcyQzJCOEIzQjM4OUVFMkI3QkJENEZCRDU1MDk2
NzZGMzI3OUJCMB4XDTIyMDYwOTE2MjE0M1oXDTMyMDYwOTE2MjE0M1owGDEWMBQG
A1UEAwwNNjJhMjFlMWItMWUzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOTIy4a7gRSbISayoIoquxwpzcT/qZj+c+xri5OhF1eIjI5IFRcqa4BT1MD
FcfZKyFiFJF2VgJX7ky/QUyIzzy3Mkyz2KN9Cxp5vMhA66wlhEUvaiEw0+4JtTLG
FBZJNCLF4BHEUxkue2/oFABB6IasVHVYSwZ9AC0qT14TVpoeTxAPceYu0DB9dzw6
7DKmHnK1v2X+rg9eh0L7ORLnoohIoOKrGptakKj6fw6G9VIifK29Wye2IHBrCeTK
sVHroUNxoyykzH2ptoWB/MF5maZ5O74p1SHIGHmhI+2zkRtobRDX4kgrIRolw8Sb
DBEeNbIuL6lZdXxuQBhNW43OsbkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT/i43v
PrruczdE9xY5dE+mrod+zjAfBgNVHSMEGDAWgBSCcsK4s7OJ7it7vU+9VQlnbzJ5
uzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUM5NEUvRTlEN0Q4QUVFODBEMTFFQzk3N0M5NjkwRjEyMjI0NjgvZ25MQ3VM
T3ppZTRyZTcxUHZWVUpaMjh5ZWJzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ25MQ3VMT3ppZTRyZTcxUHZWVUpaMjh5ZWJzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUM5NEUvRTlEN0Q4QUVFODBEMTFFQzk3N0M5NjkwRjEy
MjI0NjgvNDIwM0Y2QkVFODEwMTFFQzhFOUNEODk3RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAClMxTANBgkqhkiG9w0BAQsF
AAOCAQEABLvPr4EYEX+2Ymbn9sHblhqZ55ra37CRLfW3zVCm3WqD6quIQSNBdQ5b
+0poj0qJdIrFWrAoAqdpqLLZ9q6etuhItqLFTEsh0Zy24Ka0uAMTC9G0qBJm4OX1
IWuE8iIOTEjsvY09NLxXGc1Jzj7CJ5bblqu9kLZqc832EQBsvXkGyGlT0Vp+kUyZ
/ROqUdPokXYBxIm2UFmyKvLqJjlPUmABhNl7Cx4gxTug3CcIRiiS8fpVWKyt88o9
Pxe4lxEw4EEnoa287ZmL1iDKwKCP4hbwewGUdZh6rjL6xIxVXtU/57VbH231tH75
iwqx2FVngV1IEEm5VczhJU6RUMz8aQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:17 2024 by rpki-client on console-ams.rpki-client.org