Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/6ACEB450DCA911EEAA5099C0775412E6.roa
File:                     6ACEB450DCA911EEAA5099C0775412E6.roa (raw, json)
Hash identifier:          lQoHfDG4SwKGUz+fTylurLuEm8PMYSt5yFZEEzPq1uU=
Subject key identifier:   4F:DE:A4:04:56:20:91:FF:24:91:CD:3F:CE:72:F3:E9:F4:04:C0:EB
Certificate issuer:       /CN=F36A41A0AF/serialNumber=5F228C46BEF2B4CBA94CB29F10C3680EE2883DB3
Certificate serial:       0127
Authority key identifier: 5F:22:8C:46:BE:F2:B4:CB:A9:4C:B2:9F:10:C3:68:0E:E2:88:3D:B3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/XyKMRr7ytMupTLKfEMNoDuKIPbM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/6ACEB450DCA911EEAA5099C0775412E6.roa
Signing time:             Thu 07 Mar 2024 17:37:49 +0000
ROA not before:           Thu 07 Mar 2024 17:37:46 +0000
ROA not after:            Fri 07 Mar 2025 17:37:46 +0000
asID:                     37613
IP address blocks:        41.242.113.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/XyKMRr7ytMupTLKfEMNoDuKIPbM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/XyKMRr7ytMupTLKfEMNoDuKIPbM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/XyKMRr7ytMupTLKfEMNoDuKIPbM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 295 (0x127)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A41A0AF/serialNumber=5F228C46BEF2B4CBA94CB29F10C3680EE2883DB3
        Validity
            Not Before: Mar  7 17:37:46 2024 GMT
            Not After : Mar  7 17:37:46 2025 GMT
        Subject: CN=65e9fb6d-887e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ad:1f:fd:6b:56:a2:6c:f9:72:24:e6:27:5c:
                    25:25:18:77:f8:2b:c5:a5:41:75:6d:62:bc:67:5c:
                    ec:a1:26:23:7f:90:c4:6a:8e:e2:54:53:c0:17:53:
                    bd:0f:c5:9c:ad:cc:ba:81:1e:12:78:c8:e3:a1:d8:
                    4f:64:9a:17:8a:a8:c0:c3:d0:91:0a:b7:85:cd:f7:
                    45:6f:e0:d9:0c:8a:6a:39:53:3f:f8:ff:d6:45:bc:
                    aa:67:36:82:7e:fd:b5:74:33:08:3c:22:5e:fc:61:
                    dc:20:1c:c5:3a:f9:83:9a:1d:8a:74:20:d8:29:16:
                    d8:0b:b0:81:3f:f4:21:53:32:57:ff:40:b5:f3:8d:
                    6d:0e:e4:e2:68:1e:36:65:37:ed:4b:87:8c:c0:bd:
                    5c:e8:35:4e:19:a4:ab:da:8a:58:93:f9:ee:4f:a8:
                    f9:a0:37:f8:c7:33:c8:56:7f:51:40:7c:56:d1:e1:
                    29:2d:16:01:c3:2b:21:6c:ac:b1:1d:94:b6:77:4e:
                    15:09:d3:30:0e:03:72:ea:ec:b6:b3:9d:9e:4b:99:
                    27:80:d8:2a:6d:36:86:30:26:14:a4:58:fe:fc:9a:
                    a7:f6:a1:8e:76:79:6f:d3:d0:4f:70:b7:f9:8d:9d:
                    7e:a5:65:b2:f3:c6:ab:31:37:6f:a5:19:fd:7e:d1:
                    93:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:DE:A4:04:56:20:91:FF:24:91:CD:3F:CE:72:F3:E9:F4:04:C0:EB
            X509v3 Authority Key Identifier:
                keyid:5F:22:8C:46:BE:F2:B4:CB:A9:4C:B2:9F:10:C3:68:0E:E2:88:3D:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/XyKMRr7ytMupTLKfEMNoDuKIPbM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XyKMRr7ytMupTLKfEMNoDuKIPbM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A41A0/F063CE320A9711EEB9B425234AD9E6FC/6ACEB450DCA911EEAA5099C0775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.242.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:f8:89:2f:6e:ad:76:e6:7b:c8:de:73:57:a4:3b:32:93:99:
         44:e9:c5:92:fe:10:70:82:2e:7d:ec:ad:6f:2c:0e:85:48:e1:
         bc:9f:b3:90:73:38:ff:76:2a:a0:59:56:dd:64:00:15:d0:39:
         f8:ec:99:55:78:34:50:1f:57:98:03:c9:69:31:ca:3b:a2:76:
         d7:5c:6b:14:fd:3a:9b:a9:2b:d5:b3:40:33:e1:6f:86:46:28:
         89:e6:24:03:28:f3:50:5d:23:dd:20:ee:40:e4:f9:1b:5d:1f:
         d1:4c:9d:d4:a0:54:96:b5:0b:42:2c:b2:46:d6:47:33:f2:cf:
         a1:bb:11:34:3e:e4:69:81:f2:71:cd:50:23:ef:de:e2:1e:97:
         d0:8b:d6:40:1e:79:04:be:4f:ce:77:3b:15:2f:0c:0e:9c:53:
         a5:8f:fb:08:fe:a1:74:41:8b:c9:0a:53:7f:fb:74:1e:05:aa:
         59:da:e4:9c:e8:a0:c5:f8:f4:3e:06:05:3a:64:78:87:33:e0:
         8f:c7:4a:d5:e0:95:c4:2d:f4:77:c6:81:8a:99:42:05:14:c9:
         ed:b2:15:67:04:3e:0e:de:86:7a:a9:87:99:8d:76:b0:74:08:
         71:06:6c:ff:ad:ae:a2:42:67:1a:e6:56:7b:0b:51:d6:66:f6:
         a8:a2:54:d2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAScwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQxQTBBRjExMC8GA1UEBRMoNUYyMjhDNDZCRUYyQjRDQkE5NENCMjlGMTBDMzY4
MEVFMjg4M0RCMzAeFw0yNDAzMDcxNzM3NDZaFw0yNTAzMDcxNzM3NDZaMBgxFjAU
BgNVBAMTDTY1ZTlmYjZkLTg4N2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCxrR/9a1aibPlyJOYnXCUlGHf4K8WlQXVtYrxnXOyhJiN/kMRqjuJUU8AX
U70PxZytzLqBHhJ4yOOh2E9kmheKqMDD0JEKt4XN90Vv4NkMimo5Uz/4/9ZFvKpn
NoJ+/bV0Mwg8Il78YdwgHMU6+YOaHYp0INgpFtgLsIE/9CFTMlf/QLXzjW0O5OJo
HjZlN+1Lh4zAvVzoNU4ZpKvailiT+e5PqPmgN/jHM8hWf1FAfFbR4SktFgHDKyFs
rLEdlLZ3ThUJ0zAOA3Lq7LaznZ5LmSeA2CptNoYwJhSkWP78mqf2oY52eW/T0E9w
t/mNnX6lZbLzxqsxN2+lGf1+0ZP/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUT96k
BFYgkf8kkc0/znLz6fQEwOswHwYDVR0jBBgwFoAUXyKMRr7ytMupTLKfEMNoDuKI
PbMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0MUEwL0YwNjNDRTMyMEE5NzExRUVCOUI0MjUyMzRBRDlFNkZDL1h5S01S
cjd5dE11cFRMS2ZFTU5vRHVLSVBiTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1h5S01Scjd5dE11cFRMS2ZFTU5vRHVLSVBiTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE0MUEwL0YwNjNDRTMyMEE5NzExRUVCOUI0MjUyMzRB
RDlFNkZDLzZBQ0VCNDUwRENBOTExRUVBQTUwOTlDMDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp8nEwDQYJKoZIhvcNAQEL
BQADggEBAB/4iS9urXbme8jec1ekOzKTmUTpxZL+EHCCLn3srW8sDoVI4byfs5Bz
OP92KqBZVt1kABXQOfjsmVV4NFAfV5gDyWkxyjuidtdcaxT9OpupK9WzQDPhb4ZG
KInmJAMo81BdI90g7kDk+RtdH9FMndSgVJa1C0IsskbWRzPyz6G7ETQ+5GmB8nHN
UCPv3uIel9CL1kAeeQS+T853OxUvDA6cU6WP+wj+oXRBi8kKU3/7dB4Fqlna5Jzo
oMX49D4GBTpkeIcz4I/HStXglcQt9HfGgYqZQgUUye2yFWcEPg7ehnqph5mNdrB0
CHEGbP+trqJCZxrmVnsLUdZm9qiiVNI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org