Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/2986AA742D1F11ED80553694F1222468.roa
File:                     2986AA742D1F11ED80553694F1222468.roa (raw, json)
Hash identifier:          k/pZPcK4mbEaTzMdMQoO2iiJYX2nlpbZfqRbx3IuK68=
Subject key identifier:   59:F6:5F:E3:B5:B9:68:BF:EF:EA:5D:C5:1D:E8:59:33:4F:04:7E:A8
Certificate issuer:       /CN=F36A4459AF/serialNumber=84BC22A14BB5F889BC10A22CF17C9C19B519B288
Certificate serial:       08
Authority key identifier: 84:BC:22:A1:4B:B5:F8:89:BC:10:A2:2C:F1:7C:9C:19:B5:19:B2:88
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hLwioUu1-Im8EKIs8XycGbUZsog.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/2986AA742D1F11ED80553694F1222468.roa
Signing time:             Mon 05 Sep 2022 13:32:18 +0000
ROA not before:           Mon 05 Sep 2022 13:32:15 +0000
ROA not after:            Sun 05 Sep 2032 13:32:15 +0000
asID:                     37638
IP address blocks:        41.190.232.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/hLwioUu1-Im8EKIs8XycGbUZsog.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/hLwioUu1-Im8EKIs8XycGbUZsog.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hLwioUu1-Im8EKIs8XycGbUZsog.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A4459AF/serialNumber=84BC22A14BB5F889BC10A22CF17C9C19B519B288
        Validity
            Not Before: Sep  5 13:32:15 2022 GMT
            Not After : Sep  5 13:32:15 2032 GMT
        Subject: CN=6315fa62-ab55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:44:74:36:2a:f3:20:06:92:8e:fe:33:2a:6d:
                    d0:23:a7:93:1d:8f:30:73:43:fc:fd:7f:de:bf:73:
                    47:af:ed:9e:86:c9:d4:02:0d:78:ec:bb:26:08:fe:
                    4d:a8:27:52:4c:d1:e9:d3:65:aa:bc:70:83:87:08:
                    54:43:37:24:7b:bd:93:3a:eb:f6:8f:2e:a3:4d:30:
                    27:ea:c9:e3:30:0b:73:95:76:95:44:f2:c4:cb:02:
                    b0:8d:b7:20:04:47:ff:37:7e:dd:cd:4f:c7:24:95:
                    80:51:6b:a4:61:09:7d:8e:69:15:bb:8c:b0:6e:ea:
                    11:fc:fc:99:c0:7d:79:3b:0c:9d:08:b3:95:7a:d7:
                    7a:e8:8c:9a:8a:b8:d5:df:5c:06:f6:82:7c:6b:03:
                    d9:79:af:ad:e2:5e:0b:db:51:bf:16:02:11:41:e5:
                    17:a5:a4:a1:53:fe:71:69:48:77:43:b9:71:89:8b:
                    8b:30:50:35:ab:31:b3:fc:44:99:e1:ce:0a:dd:ab:
                    49:22:3d:a5:cd:74:f6:b4:ae:59:ad:d4:54:fc:a2:
                    0c:14:72:60:06:04:a2:e4:25:14:31:7a:52:62:1b:
                    ed:53:c1:85:64:b9:bc:9c:5d:46:b5:52:55:4a:1a:
                    b0:79:88:77:22:ae:f4:c2:a9:c3:f8:df:eb:93:ac:
                    05:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:F6:5F:E3:B5:B9:68:BF:EF:EA:5D:C5:1D:E8:59:33:4F:04:7E:A8
            X509v3 Authority Key Identifier:
                keyid:84:BC:22:A1:4B:B5:F8:89:BC:10:A2:2C:F1:7C:9C:19:B5:19:B2:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/hLwioUu1-Im8EKIs8XycGbUZsog.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hLwioUu1-Im8EKIs8XycGbUZsog.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A4459/CDD74D762D1B11EDBE00888BF1222468/2986AA742D1F11ED80553694F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.190.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5f:02:36:55:48:d3:9f:b7:aa:9c:48:72:b2:ce:af:43:14:ad:
         f9:10:23:7b:8e:e8:5e:32:40:ec:a6:03:60:f8:25:98:9c:c4:
         18:ec:27:e4:e1:8d:a7:43:c1:e2:8c:ed:be:6e:23:6d:5e:60:
         ea:fd:59:67:91:93:b2:2c:11:b6:b5:29:28:4c:1d:60:8b:96:
         a0:50:2b:10:fa:f6:5f:30:b2:c5:b9:bd:75:70:60:25:d0:50:
         d5:0e:22:d7:ea:3d:25:8b:c3:04:31:8a:11:6b:f5:7d:10:85:
         9b:0d:6d:fa:87:bc:ea:6d:ae:a4:b7:d3:b5:6a:35:9a:0f:61:
         bf:6d:17:4c:4b:4a:a8:14:77:45:0d:c7:d3:bf:97:e2:47:cd:
         3b:a0:e8:36:d6:39:4f:78:3c:6b:ce:5a:eb:40:de:84:06:5a:
         3d:d1:90:25:23:55:0b:98:56:44:72:ea:e9:56:e5:66:09:d6:
         3a:a9:9d:a0:85:5b:01:65:7c:86:30:5e:01:e1:8f:cc:b7:f5:
         d1:d0:c0:0e:74:9f:99:1d:87:a4:c7:a3:3c:e5:48:71:bd:25:
         1b:0e:0d:7c:5f:70:b9:29:0a:a7:a4:2b:c8:0f:9f:cb:4f:60:
         02:73:d0:76:f1:f2:b3:a0:dc:d4:b8:de:da:d8:9f:01:33:d7:
         f2:23:58:25
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZB
NDQ1OUFGMTEwLwYDVQQFEyg4NEJDMjJBMTRCQjVGODg5QkMxMEEyMkNGMTdDOUMx
OUI1MTlCMjg4MB4XDTIyMDkwNTEzMzIxNVoXDTMyMDkwNTEzMzIxNVowGDEWMBQG
A1UEAwwNNjMxNWZhNjItYWI1NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFEdDYq8yAGko7+Mypt0COnkx2PMHND/P1/3r9zR6/tnobJ1AINeOy7Jgj+
TagnUkzR6dNlqrxwg4cIVEM3JHu9kzrr9o8uo00wJ+rJ4zALc5V2lUTyxMsCsI23
IARH/zd+3c1PxySVgFFrpGEJfY5pFbuMsG7qEfz8mcB9eTsMnQizlXrXeuiMmoq4
1d9cBvaCfGsD2XmvreJeC9tRvxYCEUHlF6WkoVP+cWlId0O5cYmLizBQNasxs/xE
meHOCt2rSSI9pc109rSuWa3UVPyiDBRyYAYEouQlFDF6UmIb7VPBhWS5vJxdRrVS
VUoasHmIdyKu9MKpw/jf65OsBSUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRZ9l/j
tblov+/qXcUd6FkzTwR+qDAfBgNVHSMEGDAWgBSEvCKhS7X4ibwQoizxfJwZtRmy
iDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTQ0NTkvQ0RENzRENzYyRDFCMTFFREJFMDA4ODhCRjEyMjI0NjgvaEx3aW9V
dTEtSW04RUtJczhYeWNHYlVac29nLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaEx3aW9VdTEtSW04RUtJczhYeWNHYlVac29nLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTQ0NTkvQ0RENzRENzYyRDFCMTFFREJFMDA4ODhCRjEy
MjI0NjgvMjk4NkFBNzQyRDFGMTFFRDgwNTUzNjk0RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEASm+6DANBgkqhkiG9w0BAQsF
AAOCAQEAXwI2VUjTn7eqnEhyss6vQxSt+RAje47oXjJA7KYDYPglmJzEGOwn5OGN
p0PB4oztvm4jbV5g6v1ZZ5GTsiwRtrUpKEwdYIuWoFArEPr2XzCyxbm9dXBgJdBQ
1Q4i1+o9JYvDBDGKEWv1fRCFmw1t+oe86m2upLfTtWo1mg9hv20XTEtKqBR3RQ3H
07+X4kfNO6DoNtY5T3g8a85a60DehAZaPdGQJSNVC5hWRHLq6VblZgnWOqmdoIVb
AWV8hjBeAeGPzLf10dDADnSfmR2HpMejPOVIcb0lGw4NfF9wuSkKp6QryA+fy09g
AnPQdvHys6Dc1Lje2tifATPX8iNYJQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org