Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/24554486C9F911ECB39679CEF1222468.roa
File:                     24554486C9F911ECB39679CEF1222468.roa (raw, json)
Hash identifier:          XsnSZz8OGPdhLfHSwPrQf7FThXHRJnZONeqAKHHP2C4=
Subject key identifier:   8D:C7:34:7A:28:05:36:8C:FC:E4:33:B5:38:75:D4:33:F9:42:94:64
Certificate issuer:       /CN=F369F2FAAF/serialNumber=9478315A1E5C5615A9228BBECA48A396870B847E
Certificate serial:       28
Authority key identifier: 94:78:31:5A:1E:5C:56:15:A9:22:8B:BE:CA:48:A3:96:87:0B:84:7E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/lHgxWh5cVhWpIou-ykijlocLhH4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/24554486C9F911ECB39679CEF1222468.roa
Signing time:             Mon 02 May 2022 09:20:44 +0000
ROA not before:           Mon 02 May 2022 09:20:40 +0000
ROA not after:            Tue 13 Apr 2027 09:20:40 +0000
asID:                     22750
IP address blocks:        197.211.128.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/lHgxWh5cVhWpIou-ykijlocLhH4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/lHgxWh5cVhWpIou-ykijlocLhH4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/lHgxWh5cVhWpIou-ykijlocLhH4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40 (0x28)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369F2FAAF/serialNumber=9478315A1E5C5615A9228BBECA48A396870B847E
        Validity
            Not Before: May  2 09:20:40 2022 GMT
            Not After : Apr 13 09:20:40 2027 GMT
        Subject: CN=626fa26b-dfef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:3a:e8:90:c0:ed:5d:27:54:10:e9:32:83:b4:
                    cc:4b:d9:90:b9:05:36:b7:da:23:ea:36:9c:a0:98:
                    16:41:97:a2:4b:e9:6c:e6:e4:93:49:6f:69:17:b9:
                    61:97:a0:b0:e5:93:35:59:89:e2:f3:33:9d:dc:fa:
                    4c:22:3e:48:1f:0f:51:52:e0:62:8d:99:f6:bf:6d:
                    f5:b1:a0:05:07:64:f6:b2:b3:22:1b:05:aa:ba:05:
                    94:62:c0:39:fc:1d:be:43:32:ed:41:c2:66:cf:41:
                    eb:b2:70:0e:d7:63:f7:71:d9:3d:24:d3:7f:45:9a:
                    f5:cb:1a:2f:e1:32:e6:b2:47:76:dd:5f:11:40:36:
                    85:15:ab:99:f0:7b:97:5f:46:fa:0b:01:6b:7a:df:
                    14:e1:d8:6a:f6:c8:10:fa:09:e9:0a:ce:cf:2c:aa:
                    d1:14:df:61:a9:75:d8:4b:52:00:73:a4:52:bd:a2:
                    0e:21:76:09:50:f1:bb:5d:b2:50:2a:a0:bd:4b:50:
                    72:60:7c:6f:e6:8f:6a:2d:13:52:22:9b:1b:f6:7c:
                    45:4d:3c:6c:5f:e3:1e:66:7d:16:8b:40:84:a7:5f:
                    09:05:df:26:26:03:22:bc:0d:8d:90:bc:ad:1f:06:
                    38:75:c2:f3:83:fc:32:1c:e1:ae:cd:d9:dc:54:79:
                    b3:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:C7:34:7A:28:05:36:8C:FC:E4:33:B5:38:75:D4:33:F9:42:94:64
            X509v3 Authority Key Identifier:
                keyid:94:78:31:5A:1E:5C:56:15:A9:22:8B:BE:CA:48:A3:96:87:0B:84:7E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/lHgxWh5cVhWpIou-ykijlocLhH4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/lHgxWh5cVhWpIou-ykijlocLhH4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/24554486C9F911ECB39679CEF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.211.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         80:99:77:95:76:c2:29:ff:73:1e:cf:f7:cf:a1:a4:7e:59:3c:
         ec:b1:5a:70:d0:7f:7d:0c:d8:a9:d7:24:11:88:0e:f6:e3:9c:
         d0:73:c2:8d:7e:87:e6:c6:97:83:64:e9:e9:ae:b4:8c:4e:38:
         19:78:60:3e:96:c0:3d:7c:41:47:74:93:b1:3a:70:78:ad:86:
         91:fd:65:43:ad:88:01:5a:d6:a6:42:23:ff:c9:fd:e9:72:d8:
         cd:25:cc:0d:e6:c4:9e:31:4b:12:ad:bd:cc:d6:da:48:fb:60:
         f2:d1:6d:ac:7a:36:f3:3d:83:f2:c2:e2:e0:5f:18:42:8b:fc:
         b2:86:f2:11:8d:e6:85:5a:50:05:c1:6e:1a:a8:5e:d3:0f:a0:
         dd:77:0a:6d:2c:19:74:82:e6:34:bf:0c:dc:fe:4b:e7:09:56:
         70:11:b1:40:b7:f9:b3:2e:76:f8:7f:f6:3f:77:24:0c:33:b5:
         e1:ed:b4:3e:46:7d:88:56:f8:3f:cf:cc:c2:38:0a:4d:d6:93:
         57:86:5f:bf:c1:9c:82:67:97:96:8d:89:b1:e8:80:64:ec:d6:
         84:56:23:c0:a3:15:fc:fd:09:c0:69:c2:02:56:7d:2e:c0:97:
         a3:12:6e:83:86:9f:83:dc:6b:db:b6:b4:c2:99:38:42:ce:89:
         d7:e9:4e:93
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBKDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY5
RjJGQUFGMTEwLwYDVQQFEyg5NDc4MzE1QTFFNUM1NjE1QTkyMjhCQkVDQTQ4QTM5
Njg3MEI4NDdFMB4XDTIyMDUwMjA5MjA0MFoXDTI3MDQxMzA5MjA0MFowGDEWMBQG
A1UEAwwNNjI2ZmEyNmItZGZlZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO866JDA7V0nVBDpMoO0zEvZkLkFNrfaI+o2nKCYFkGXokvpbObkk0lvaRe5
YZegsOWTNVmJ4vMzndz6TCI+SB8PUVLgYo2Z9r9t9bGgBQdk9rKzIhsFqroFlGLA
OfwdvkMy7UHCZs9B67JwDtdj93HZPSTTf0Wa9csaL+Ey5rJHdt1fEUA2hRWrmfB7
l19G+gsBa3rfFOHYavbIEPoJ6QrOzyyq0RTfYal12EtSAHOkUr2iDiF2CVDxu12y
UCqgvUtQcmB8b+aPai0TUiKbG/Z8RU08bF/jHmZ9FotAhKdfCQXfJiYDIrwNjZC8
rR8GOHXC84P8Mhzhrs3Z3FR5swsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSNxzR6
KAU2jPzkM7U4ddQz+UKUZDAfBgNVHSMEGDAWgBSUeDFaHlxWFakii77KSKOWhwuE
fjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUYyRkEvNjlCMDVDQkFCQjBDMTFFQ0E3REM2NUJCNUE0MEQ1NzcvbEhneFdo
NWNWaFdwSW91LXlraWpsb2NMaEg0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbEhneFdoNWNWaFdwSW91LXlraWpsb2NMaEg0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUYyRkEvNjlCMDVDQkFCQjBDMTFFQ0E3REM2NUJCNUE0
MEQ1NzcvMjQ1NTQ0ODZDOUY5MTFFQ0IzOTY3OUNFRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBsXTgDANBgkqhkiG9w0BAQsF
AAOCAQEAgJl3lXbCKf9zHs/3z6Gkflk87LFacNB/fQzYqdckEYgO9uOc0HPCjX6H
5saXg2Tp6a60jE44GXhgPpbAPXxBR3STsTpweK2Gkf1lQ62IAVrWpkIj/8n96XLY
zSXMDebEnjFLEq29zNbaSPtg8tFtrHo28z2D8sLi4F8YQov8sobyEY3mhVpQBcFu
Gqhe0w+g3XcKbSwZdILmNL8M3P5L5wlWcBGxQLf5sy52+H/2P3ckDDO14e20PkZ9
iFb4P8/MwjgKTdaTV4Zfv8GcgmeXlo2JseiAZOzWhFYjwKMV/P0JwGnCAlZ9LsCX
oxJug4afg9xr27a0wpk4Qs6J1+lOkw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:00:09 2024 by rpki-client on console-fra.rpki-client.org