Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/3EDE4EDCDCA911EE8D2A60C0775412E6.roa
File:                     3EDE4EDCDCA911EE8D2A60C0775412E6.roa (raw, json)
Hash identifier:          Ya8PIBHzrdD8mhWsEVPNP139XPPa9x52b97glOFNBCU=
Subject key identifier:   88:F2:CA:19:22:59:80:46:B8:D1:4B:9A:F6:36:DB:86:54:8B:76:9F
Certificate issuer:       /CN=F36A41A0AF/serialNumber=5F228C46BEF2B4CBA94CB29F10C3680EE2883DB3
Certificate serial:       0125
Authority key identifier: 5F:22:8C:46:BE:F2:B4:CB:A9:4C:B2:9F:10:C3:68:0E:E2:88:3D:B3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/XyKMRr7ytMupTLKfEMNoDuKIPbM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/3EDE4EDCDCA911EE8D2A60C0775412E6.roa
Signing time:             Thu 07 Mar 2024 17:36:36 +0000
ROA not before:           Thu 07 Mar 2024 17:36:32 +0000
ROA not after:            Fri 07 Mar 2025 17:36:32 +0000
asID:                     37613
IP address blocks:        41.242.114.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/XyKMRr7ytMupTLKfEMNoDuKIPbM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/XyKMRr7ytMupTLKfEMNoDuKIPbM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/XyKMRr7ytMupTLKfEMNoDuKIPbM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 293 (0x125)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A41A0AF/serialNumber=5F228C46BEF2B4CBA94CB29F10C3680EE2883DB3
        Validity
            Not Before: Mar  7 17:36:32 2024 GMT
            Not After : Mar  7 17:36:32 2025 GMT
        Subject: CN=65e9fb24-f4e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:cf:ae:e5:9d:62:11:b6:d6:3b:d3:40:1d:e7:
                    ff:fb:2c:af:3f:b8:7a:27:4f:e2:f8:79:67:a5:4c:
                    d2:85:b6:e3:f4:6b:1f:26:74:16:48:ee:bb:56:a8:
                    2a:dc:4e:13:f1:0d:eb:0d:05:8c:4b:07:5d:a8:7f:
                    17:39:8f:56:60:d5:e6:18:0f:19:96:1a:a9:e6:83:
                    4f:e8:90:89:00:1f:e0:6a:80:0c:de:75:d3:52:cc:
                    b9:bf:56:65:f2:11:1d:20:45:27:28:72:f7:17:7d:
                    66:97:c7:19:33:c6:9f:51:7f:c2:50:ae:91:41:85:
                    e5:e0:18:7d:a6:48:e2:97:04:9d:29:1f:54:47:15:
                    9f:21:39:79:0b:8c:58:3c:44:ef:76:4c:74:b2:a4:
                    25:12:c8:eb:05:18:bb:e3:b8:0d:cb:54:26:be:ef:
                    5a:54:10:23:9c:29:09:23:7d:1e:3d:3b:79:04:a1:
                    c3:46:e7:53:9b:62:fe:dd:9e:47:ab:0b:9e:71:a4:
                    81:3c:cf:44:db:08:09:da:79:6f:97:90:54:e5:27:
                    5f:59:50:47:78:c0:cb:77:bf:75:91:e5:f3:4a:46:
                    ba:48:1e:ca:93:98:43:06:03:b5:7c:13:82:af:20:
                    34:6c:3b:ee:95:c3:07:48:0c:8a:5e:68:2a:b1:53:
                    b9:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:F2:CA:19:22:59:80:46:B8:D1:4B:9A:F6:36:DB:86:54:8B:76:9F
            X509v3 Authority Key Identifier:
                keyid:5F:22:8C:46:BE:F2:B4:CB:A9:4C:B2:9F:10:C3:68:0E:E2:88:3D:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/XyKMRr7ytMupTLKfEMNoDuKIPbM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XyKMRr7ytMupTLKfEMNoDuKIPbM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/3EDE4EDCDCA911EE8D2A60C0775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.242.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:f1:62:b8:55:30:a2:a9:0b:f3:d3:27:57:1c:63:1b:e5:24:
         fc:50:df:fa:15:ce:ea:fa:06:d5:8a:fa:ea:ef:1b:57:5b:e3:
         87:d4:87:ac:08:d1:29:41:ad:6a:3c:69:2c:d7:5a:41:3d:d6:
         b8:fb:84:53:81:df:ac:e9:90:0c:d9:42:97:83:50:25:e7:90:
         de:3b:43:f3:7c:8f:88:67:89:e2:6a:44:3f:30:ac:3e:85:e3:
         54:52:d8:34:b2:7e:b1:72:67:61:9d:71:b7:f4:9c:03:32:97:
         28:22:d1:68:0a:36:18:dd:71:8b:ab:f6:04:86:1a:9b:64:87:
         1a:25:34:aa:38:12:41:b0:85:6e:06:6c:be:d3:c2:0a:3c:b2:
         58:8b:49:1e:07:d1:8a:73:07:ba:d3:93:f2:49:a3:c4:d1:4b:
         a7:85:48:3f:26:4f:e7:0f:06:83:2f:89:ca:40:d7:ee:60:7a:
         d5:32:32:35:3b:7f:88:fd:36:be:ee:53:a5:4f:9a:29:44:d8:
         10:7a:a2:ab:56:4e:aa:e0:f4:54:12:97:dd:23:aa:a7:0a:fd:
         1a:9f:1c:76:91:b2:fe:bc:45:9a:23:e2:f2:c5:70:44:d8:f3:
         f2:8e:d2:4f:11:89:4b:ba:29:1a:ae:1b:12:62:5d:42:6f:85:
         3f:9c:f1:8d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICASUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQxQTBBRjExMC8GA1UEBRMoNUYyMjhDNDZCRUYyQjRDQkE5NENCMjlGMTBDMzY4
MEVFMjg4M0RCMzAeFw0yNDAzMDcxNzM2MzJaFw0yNTAzMDcxNzM2MzJaMBgxFjAU
BgNVBAMTDTY1ZTlmYjI0LWY0ZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDpz67lnWIRttY700Ad5//7LK8/uHonT+L4eWelTNKFtuP0ax8mdBZI7rtW
qCrcThPxDesNBYxLB12ofxc5j1Zg1eYYDxmWGqnmg0/okIkAH+BqgAzeddNSzLm/
VmXyER0gRScocvcXfWaXxxkzxp9Rf8JQrpFBheXgGH2mSOKXBJ0pH1RHFZ8hOXkL
jFg8RO92THSypCUSyOsFGLvjuA3LVCa+71pUECOcKQkjfR49O3kEocNG51ObYv7d
nkerC55xpIE8z0TbCAnaeW+XkFTlJ19ZUEd4wMt3v3WR5fNKRrpIHsqTmEMGA7V8
E4KvIDRsO+6VwwdIDIpeaCqxU7n1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUiPLK
GSJZgEa40Uua9jbbhlSLdp8wHwYDVR0jBBgwFoAUXyKMRr7ytMupTLKfEMNoDuKI
PbMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0MUEwL0YwNjNDRTMyMEE5NzExRUVCOUI0MjUyMzRBRDlFNkZDL1h5S01S
cjd5dE11cFRMS2ZFTU5vRHVLSVBiTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1h5S01Scjd5dE11cFRMS2ZFTU5vRHVLSVBiTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE0MUEwL0YwNjNDRTMyMEE5NzExRUVCOUI0MjUyMzRB
RDlFNkZDLzNFREU0RURDRENBOTExRUU4RDJBNjBDMDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp8nIwDQYJKoZIhvcNAQEL
BQADggEBADHxYrhVMKKpC/PTJ1ccYxvlJPxQ3/oVzur6BtWK+urvG1db44fUh6wI
0SlBrWo8aSzXWkE91rj7hFOB36zpkAzZQpeDUCXnkN47Q/N8j4hnieJqRD8wrD6F
41RS2DSyfrFyZ2Gdcbf0nAMylygi0WgKNhjdcYur9gSGGptkhxolNKo4EkGwhW4G
bL7Twgo8sliLSR4H0YpzB7rTk/JJo8TRS6eFSD8mT+cPBoMvicpA1+5getUyMjU7
f4j9Nr7uU6VPmilE2BB6oqtWTqrg9FQSl90jqqcK/RqfHHaRsv68RZoj4vLFcETY
8/KO0k8RiUu6KRquGxJiXUJvhT+c8Y0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org