Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/59DC420403B711EF9611CE2C017001B1.roa
File:                     59DC420403B711EF9611CE2C017001B1.roa (raw, json)
Hash identifier:          EwVt1oXV0u0an9gRO+yk2dl6LPH6mygNRS8FSwAxo9Y=
Subject key identifier:   45:BC:60:F0:EB:CE:66:D8:D9:50:00:06:CD:B2:0B:94:8F:4B:B1:44
Certificate issuer:       /CN=F369DB5EAF/serialNumber=D3E2E0BCEB61FB9C4527826E610D467699D63E14
Certificate serial:       01EF
Authority key identifier: D3:E2:E0:BC:EB:61:FB:9C:45:27:82:6E:61:0D:46:76:99:D6:3E:14
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/59DC420403B711EF9611CE2C017001B1.roa
Signing time:             Fri 26 Apr 2024 10:25:49 +0000
ROA not before:           Fri 26 Apr 2024 10:25:46 +0000
ROA not after:            Thu 30 Apr 2043 10:25:46 +0000
asID:                     30988
IP address blocks:        41.73.138.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 23 May 2024 00:04:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 495 (0x1ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369DB5EAF/serialNumber=D3E2E0BCEB61FB9C4527826E610D467699D63E14
        Validity
            Not Before: Apr 26 10:25:46 2024 GMT
            Not After : Apr 30 10:25:46 2043 GMT
        Subject: CN=662b812d-49bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:92:f4:bc:64:4a:c6:c8:40:68:74:b5:9f:55:
                    8f:92:31:68:7e:5f:d3:96:78:91:75:84:16:f2:3d:
                    15:2c:0f:dd:a5:da:3c:32:87:ee:ff:b2:8f:86:4a:
                    df:06:3c:38:e0:b0:77:d6:3d:8f:ef:74:8b:9f:38:
                    7d:e5:6d:4f:80:f0:67:81:24:68:9e:79:9f:f0:2b:
                    85:1f:78:f0:97:b5:31:6d:a6:8a:32:21:62:76:0c:
                    c0:35:4f:4d:ec:8f:06:83:f3:33:d0:4d:11:65:69:
                    4a:f1:9c:67:3f:d9:44:9d:e5:66:d5:b6:57:82:ad:
                    05:b6:ac:46:15:57:15:3c:60:f1:88:7d:c0:47:d4:
                    ab:18:dd:7f:f0:51:f1:df:40:c5:0d:59:1f:18:fe:
                    85:bd:fb:36:3f:ad:bd:28:d3:f0:2d:dd:1c:c9:07:
                    db:48:f8:0c:d5:5d:10:57:ec:c1:ee:ce:af:16:c5:
                    6b:6d:95:06:84:76:d5:e4:d6:22:71:75:c7:5a:13:
                    3a:76:29:41:db:b8:68:72:f0:1e:88:a4:3e:1b:3c:
                    13:59:fd:b7:24:5e:b6:5a:8b:c9:df:f2:44:3a:b8:
                    01:45:83:f2:f0:a6:d7:dc:a7:42:74:17:4f:f2:bb:
                    3b:45:3b:93:f3:d2:9d:5e:f0:3a:ba:27:b5:49:75:
                    74:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:BC:60:F0:EB:CE:66:D8:D9:50:00:06:CD:B2:0B:94:8F:4B:B1:44
            X509v3 Authority Key Identifier:
                keyid:D3:E2:E0:BC:EB:61:FB:9C:45:27:82:6E:61:0D:46:76:99:D6:3E:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/59DC420403B711EF9611CE2C017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.73.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:84:76:8d:bc:90:1f:18:2e:79:1f:82:18:b0:1a:49:2e:ab:
         00:d3:95:14:e2:b0:d1:d7:84:ff:5e:78:37:11:d6:2c:3f:e3:
         50:d3:a5:39:6f:f9:1e:53:82:cd:10:04:fe:71:17:97:f9:7f:
         ae:d2:3d:9d:4d:57:eb:60:a2:03:ea:68:69:46:32:42:fe:cb:
         4f:40:93:42:a9:e7:04:6c:bd:17:0b:87:f2:c6:af:ed:22:27:
         12:c7:b7:1a:b2:52:72:80:d7:ca:2b:e7:41:e5:e4:1d:16:87:
         d9:51:ec:49:35:c7:d6:3d:e5:1a:2a:d5:ed:78:18:8e:57:19:
         5c:c6:b7:93:b5:62:32:b8:70:78:18:86:7c:4e:d5:e2:3d:e2:
         73:fc:69:1b:cd:c4:4a:a6:41:a1:18:a8:46:c3:b1:f6:8d:4e:
         6f:91:d2:6f:9c:a5:7b:53:53:b3:30:7e:6b:ad:65:98:3e:44:
         c8:f8:d7:f4:a3:3a:cf:71:39:92:c0:98:8f:83:a9:47:6d:15:
         58:c1:2e:82:0b:d1:bf:b4:db:f5:74:56:1b:c4:7d:11:bc:f4:
         db:13:14:57:37:f6:12:89:7e:14:a3:b1:99:4a:d5:b0:64:57:
         4f:86:9b:89:e6:6d:4a:6e:c8:50:9f:eb:b0:a8:ba:54:97:88:
         a9:fa:21:b7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAe8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OURCNUVBRjExMC8GA1UEBRMoRDNFMkUwQkNFQjYxRkI5QzQ1Mjc4MjZFNjEwRDQ2
NzY5OUQ2M0UxNDAeFw0yNDA0MjYxMDI1NDZaFw00MzA0MzAxMDI1NDZaMBgxFjAU
BgNVBAMTDTY2MmI4MTJkLTQ5YmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDqkvS8ZErGyEBodLWfVY+SMWh+X9OWeJF1hBbyPRUsD92l2jwyh+7/so+G
St8GPDjgsHfWPY/vdIufOH3lbU+A8GeBJGieeZ/wK4UfePCXtTFtpooyIWJ2DMA1
T03sjwaD8zPQTRFlaUrxnGc/2USd5WbVtleCrQW2rEYVVxU8YPGIfcBH1KsY3X/w
UfHfQMUNWR8Y/oW9+zY/rb0o0/At3RzJB9tI+AzVXRBX7MHuzq8WxWttlQaEdtXk
1iJxdcdaEzp2KUHbuGhy8B6IpD4bPBNZ/bckXrZai8nf8kQ6uAFFg/Lwptfcp0J0
F0/yuztFO5Pz0p1e8Dq6J7VJdXRbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQURbxg
8OvOZtjZUAAGzbILlI9LsUQwHwYDVR0jBBgwFoAU0+LgvOth+5xFJ4JuYQ1GdpnW
PhQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlEQjVFL0QxRUE1OTE0QkYzMTExRURBN0U3MTdEMEYxMjIyNDY4LzAtTGd2
T3RoLTV4Rko0SnVZUTFHZHBuV1BoUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzAtTGd2T3RoLTV4Rko0SnVZUTFHZHBuV1BoUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlEQjVFL0QxRUE1OTE0QkYzMTExRURBN0U3MTdEMEYx
MjIyNDY4LzU5REM0MjA0MDNCNzExRUY5NjExQ0UyQzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAApSYowDQYJKoZIhvcNAQEL
BQADggEBALqEdo28kB8YLnkfghiwGkkuqwDTlRTisNHXhP9eeDcR1iw/41DTpTlv
+R5Tgs0QBP5xF5f5f67SPZ1NV+tgogPqaGlGMkL+y09Ak0Kp5wRsvRcLh/LGr+0i
JxLHtxqyUnKA18or50Hl5B0Wh9lR7Ek1x9Y95Roq1e14GI5XGVzGt5O1YjK4cHgY
hnxO1eI94nP8aRvNxEqmQaEYqEbDsfaNTm+R0m+cpXtTU7MwfmutZZg+RMj41/Sj
Os9xOZLAmI+DqUdtFVjBLoIL0b+02/V0VhvEfRG89NsTFFc39hKJfhSjsZlK1bBk
V0+Gm4nmbUpuyFCf67CoulSXiKn6Ibc=
-----END CERTIFICATE-----