Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/258EC7AC02E911EF84DA781F017001B1.roa
File:                     258EC7AC02E911EF84DA781F017001B1.roa (raw, json)
Hash identifier:          MKLHz01B1hcRnrm1BW8ZdbgoDIWCXXjJPB+3zMRkn5k=
Subject key identifier:   A6:33:F3:08:9D:4C:D9:A0:9B:AD:C0:3A:BF:82:0A:30:EA:B6:EC:09
Certificate issuer:       /CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
Certificate serial:       06
Authority key identifier: 4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/258EC7AC02E911EF84DA781F017001B1.roa
Signing time:             Thu 25 Apr 2024 09:49:45 +0000
ROA not before:           Thu 25 Apr 2024 09:49:42 +0000
ROA not after:            Sat 25 Apr 2026 09:49:42 +0000
asID:                     36867
IP address blocks:        196.1.124.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.mft
                          rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
        Validity
            Not Before: Apr 25 09:49:42 2024 GMT
            Not After : Apr 25 09:49:42 2026 GMT
        Subject: CN=662a2739-3e49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:37:c2:ef:d1:4e:bf:63:96:2a:58:55:a6:82:
                    8d:b9:75:aa:0e:45:d0:ae:dc:fa:e0:6a:d2:c2:96:
                    a0:3f:09:9a:b2:8f:08:0e:3e:43:5c:05:4e:5c:b3:
                    da:13:0d:8f:a9:03:c9:ca:76:b1:82:8a:b9:10:7f:
                    e1:6c:ae:97:45:b9:15:75:3b:00:4d:4b:1f:f4:6c:
                    7a:25:37:fb:51:8f:a2:55:01:db:c9:d1:5f:2f:80:
                    9b:3d:7f:76:3e:71:38:55:bf:67:96:d4:bb:4a:51:
                    ee:0c:75:90:cf:ff:ee:14:29:1e:36:40:51:28:f8:
                    4f:9f:17:10:2f:e3:d0:20:07:94:20:63:fb:b7:8a:
                    4d:3f:a9:a3:1e:01:49:04:4b:f7:e2:19:1e:75:9d:
                    a5:b8:b8:6f:39:8d:71:6f:92:db:3e:0d:c9:6c:cb:
                    54:61:14:88:74:02:c3:4c:13:6c:c7:d0:81:e0:5e:
                    9e:97:18:f2:72:26:ea:5c:a7:de:94:bc:f9:be:d2:
                    e8:7d:6b:ef:4c:09:2b:bc:e0:c1:b9:90:78:ab:c5:
                    7a:71:7a:52:0c:a0:4b:97:c2:55:cd:6b:8b:cc:0f:
                    9b:03:79:70:75:32:cc:dc:9f:99:d6:f9:7f:77:31:
                    65:b5:14:02:42:7b:89:77:a5:da:d8:96:b2:ac:5d:
                    5e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:33:F3:08:9D:4C:D9:A0:9B:AD:C0:3A:BF:82:0A:30:EA:B6:EC:09
            X509v3 Authority Key Identifier:
                keyid:4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/258EC7AC02E911EF84DA781F017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.1.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:c6:3b:7e:92:e9:ea:35:6c:13:bb:40:da:f5:4e:b9:93:36:
         77:e9:b6:0f:2c:dc:19:ce:db:70:b0:10:24:a1:b8:66:4a:eb:
         d4:4c:df:2c:76:7a:6b:44:0a:0e:66:fa:a4:df:61:44:33:2e:
         f2:39:44:0e:8b:35:10:13:ad:c3:5d:da:d0:95:ab:4d:77:3e:
         30:b9:e1:3f:bb:f7:f6:b4:7e:e8:54:d4:ac:4d:02:a6:4b:46:
         c4:08:7f:48:d8:74:f4:4b:98:fc:52:9d:f4:00:1e:5b:13:6b:
         71:3d:d6:c9:63:f0:d7:0c:7c:9b:b0:6c:ed:3b:53:79:47:a3:
         6a:b1:e3:c5:24:f7:66:b4:43:07:ac:79:7c:6f:fb:fb:e5:c5:
         f6:68:4a:f9:f4:d2:52:69:c7:e8:d8:43:95:44:1c:21:ff:56:
         bd:89:6e:be:f6:1f:a2:36:45:6d:42:94:f9:c3:52:f6:08:02:
         de:af:e8:3b:f9:9a:c1:35:e1:c2:81:7c:a0:97:bd:f0:24:19:
         d4:d3:ba:01:4b:15:60:a2:7f:1d:62:31:ed:cc:ba:05:5c:0f:
         58:df:22:a1:80:35:2c:3e:37:9a:ed:5d:42:0a:59:05:c9:9e:
         ee:da:84:3d:f0:c5:86:93:f1:17:7a:df:df:52:af:c7:e3:2a:
         83:ac:6d:d2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NzAyMUFGMTEwLwYDVQQFEyg0QjQ4NjYyMDA0MDg5RjVCQjY4MTk0QUIwNEI4MzBD
RDQzM0EyQjcwMB4XDTI0MDQyNTA5NDk0MloXDTI2MDQyNTA5NDk0MlowGDEWMBQG
A1UEAxMNNjYyYTI3MzktM2U0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANw3wu/RTr9jlipYVaaCjbl1qg5F0K7c+uBq0sKWoD8JmrKPCA4+Q1wFTlyz
2hMNj6kDycp2sYKKuRB/4Wyul0W5FXU7AE1LH/RseiU3+1GPolUB28nRXy+Amz1/
dj5xOFW/Z5bUu0pR7gx1kM//7hQpHjZAUSj4T58XEC/j0CAHlCBj+7eKTT+pox4B
SQRL9+IZHnWdpbi4bzmNcW+S2z4NyWzLVGEUiHQCw0wTbMfQgeBenpcY8nIm6lyn
3pS8+b7S6H1r70wJK7zgwbmQeKvFenF6UgygS5fCVc1ri8wPmwN5cHUyzNyfmdb5
f3cxZbUUAkJ7iXel2tiWsqxdXocCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSmM/MI
nUzZoJutwDq/ggow6rbsCTAfBgNVHSMEGDAWgBRLSGYgBAifW7aBlKsEuDDNQzor
cDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3MDAxQjEvUzBobUlB
UUluMXUyZ1pTckJMZ3d6VU02SzNBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUzBobUlBUUluMXUyZ1pTckJMZ3d6VU02SzNBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3
MDAxQjEvMjU4RUM3QUMwMkU5MTFFRjg0REE3ODFGMDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMQBfDANBgkqhkiG9w0BAQsF
AAOCAQEAHMY7fpLp6jVsE7tA2vVOuZM2d+m2DyzcGc7bcLAQJKG4Zkrr1EzfLHZ6
a0QKDmb6pN9hRDMu8jlEDos1EBOtw13a0JWrTXc+MLnhP7v39rR+6FTUrE0CpktG
xAh/SNh09EuY/FKd9AAeWxNrcT3WyWPw1wx8m7Bs7TtTeUejarHjxST3ZrRDB6x5
fG/7++XF9mhK+fTSUmnH6NhDlUQcIf9WvYluvvYfojZFbUKU+cNS9ggC3q/oO/ma
wTXhwoF8oJe98CQZ1NO6AUsVYKJ/HWIx7cy6BVwPWN8ioYA1LD43mu1dQgpZBcme
7tqEPfDFhpPxF3rf31Kvx+Mqg6xt0g==
-----END CERTIFICATE-----
Generated at Sun Nov 24 04:29:38 2024 by rpki-client on console-fra.rpki-client.org