Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/2A3F25CA461211EDA2ED7DD4F1222468.roa
File:                     2A3F25CA461211EDA2ED7DD4F1222468.roa (raw, json)
Hash identifier:          lvPd6VTKcLMhU/3Nl8dyjCE5frGwG4hqXNXwJymfNBg=
Subject key identifier:   75:CF:7F:F7:45:B9:DD:A6:BC:45:46:EA:E5:4D:59:56:B7:FA:9E:EC
Certificate issuer:       /CN=F36A9688AF/serialNumber=D7AE645AF9E5B6E222AE3E19429974BBD8656941
Certificate serial:       01A5
Authority key identifier: D7:AE:64:5A:F9:E5:B6:E2:22:AE:3E:19:42:99:74:BB:D8:65:69:41
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/165kWvnltuIirj4ZQpl0u9hlaUE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/2A3F25CA461211EDA2ED7DD4F1222468.roa
Signing time:             Fri 07 Oct 2022 07:32:15 +0000
ROA not before:           Fri 07 Oct 2022 07:32:11 +0000
ROA not after:            Mon 07 Oct 2030 07:32:11 +0000
asID:                     11157
IP address blocks:        196.3.151.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/165kWvnltuIirj4ZQpl0u9hlaUE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/165kWvnltuIirj4ZQpl0u9hlaUE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/165kWvnltuIirj4ZQpl0u9hlaUE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 421 (0x1a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A9688AF/serialNumber=D7AE645AF9E5B6E222AE3E19429974BBD8656941
        Validity
            Not Before: Oct  7 07:32:11 2022 GMT
            Not After : Oct  7 07:32:11 2030 GMT
        Subject: CN=633fd5ff-a36e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:cd:c0:ee:76:c5:c9:10:9b:62:46:fe:e9:f2:
                    6f:24:36:50:6b:cb:f4:1e:17:ae:b0:d9:f8:f8:07:
                    81:3b:cb:74:85:79:42:78:86:38:67:da:d2:f9:54:
                    52:5e:be:82:a7:97:da:12:67:26:f5:b0:aa:19:23:
                    c6:97:56:cd:35:05:e6:d5:e8:5e:d5:5d:af:8f:60:
                    69:45:b1:aa:6c:99:89:19:e9:71:f2:ed:34:a0:28:
                    09:54:59:1c:a4:e5:d8:52:44:2f:61:e2:3a:b8:f5:
                    0c:47:d5:ca:c2:30:d4:3e:f8:6e:2a:1a:51:d6:07:
                    84:51:04:47:37:ae:80:5e:29:bc:15:76:3d:98:16:
                    3e:09:74:43:8d:86:18:b1:85:bd:c4:4e:28:e3:e9:
                    76:36:3f:df:47:e7:ee:58:bb:63:e5:83:f9:3e:e0:
                    cb:76:bd:73:47:e8:0b:f3:ba:59:6c:8b:04:74:98:
                    06:7d:9c:61:6a:4c:af:ef:09:a0:64:f5:12:7f:e0:
                    7e:72:e9:c3:39:a4:43:3b:f7:5b:37:af:df:11:69:
                    a8:96:87:83:f7:53:28:21:c3:ba:73:21:8e:ae:61:
                    e4:18:40:9c:82:39:bd:5c:d5:c3:71:aa:39:bb:72:
                    e7:df:a8:97:49:f5:29:a4:93:8d:4c:c7:ad:08:e3:
                    fa:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:CF:7F:F7:45:B9:DD:A6:BC:45:46:EA:E5:4D:59:56:B7:FA:9E:EC
            X509v3 Authority Key Identifier:
                keyid:D7:AE:64:5A:F9:E5:B6:E2:22:AE:3E:19:42:99:74:BB:D8:65:69:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/165kWvnltuIirj4ZQpl0u9hlaUE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/165kWvnltuIirj4ZQpl0u9hlaUE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/2A3F25CA461211EDA2ED7DD4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.3.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c6:4c:66:c6:16:9f:61:c7:4f:04:8f:89:92:e2:48:78:52:ed:
         5b:b0:11:8f:dc:a0:e5:bb:08:0b:e6:40:18:21:ef:71:44:58:
         40:59:59:6b:c3:eb:a6:2d:e4:30:2b:fa:ef:5d:3d:ab:ec:0d:
         f3:22:c3:fe:9c:cb:45:32:37:61:83:aa:a4:80:73:90:90:54:
         63:31:6b:f9:93:b1:6f:bd:0c:52:53:0b:e4:a2:92:0e:b5:82:
         04:85:51:af:12:0c:df:a0:f4:b2:7c:64:65:2b:33:bf:23:43:
         2d:c3:1a:19:ca:05:16:9b:45:22:0f:a2:a8:fa:fe:d6:b4:5d:
         07:18:11:29:72:6b:97:1d:d8:7d:7a:02:fd:d0:f9:4f:58:f3:
         f6:ac:a4:fd:bc:0a:eb:6d:b4:68:d6:ee:a3:df:2d:e5:ed:8f:
         2d:a3:1d:29:62:df:ac:a3:a1:7a:e4:76:fc:e4:0c:b3:a5:d1:
         ea:ca:3f:2d:c4:8d:86:6e:5a:9f:b5:ae:20:99:3e:a9:7d:c7:
         4b:5e:66:52:6a:b7:d3:62:0f:bb:d8:84:dc:03:72:e3:c2:88:
         e4:1c:ae:52:5d:1b:f8:8e:3e:f5:b5:13:a9:69:ce:dd:41:62:
         ce:9f:15:6b:94:9e:a0:b3:57:2b:be:cb:45:0f:e6:d3:0e:14:
         5b:6f:6f:91
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAaUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QTk2ODhBRjExMC8GA1UEBRMoRDdBRTY0NUFGOUU1QjZFMjIyQUUzRTE5NDI5OTc0
QkJEODY1Njk0MTAeFw0yMjEwMDcwNzMyMTFaFw0zMDEwMDcwNzMyMTFaMBgxFjAU
BgNVBAMMDTYzM2ZkNWZmLWEzNmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8zcDudsXJEJtiRv7p8m8kNlBry/QeF66w2fj4B4E7y3SFeUJ4hjhn2tL5
VFJevoKnl9oSZyb1sKoZI8aXVs01BebV6F7VXa+PYGlFsapsmYkZ6XHy7TSgKAlU
WRyk5dhSRC9h4jq49QxH1crCMNQ++G4qGlHWB4RRBEc3roBeKbwVdj2YFj4JdEON
hhixhb3ETijj6XY2P99H5+5Yu2Plg/k+4Mt2vXNH6AvzullsiwR0mAZ9nGFqTK/v
CaBk9RJ/4H5y6cM5pEM791s3r98RaaiWh4P3Uyghw7pzIY6uYeQYQJyCOb1c1cNx
qjm7cuffqJdJ9Smkk41Mx60I4/olAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdc9/
90W53aa8RUbq5U1ZVrf6nuwwHwYDVR0jBBgwFoAU165kWvnltuIirj4ZQpl0u9hl
aUEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE5Njg4LzEyMDcyRkU2RkZFODExRUJCMTkyRkIwOUQ4QTAxNENFLzE2NWtX
dm5sdHVJaXJqNFpRcGwwdTlobGFVRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzE2NWtXdm5sdHVJaXJqNFpRcGwwdTlobGFVRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE5Njg4LzEyMDcyRkU2RkZFODExRUJCMTkyRkIwOUQ4
QTAxNENFLzJBM0YyNUNBNDYxMjExRURBMkVEN0RENEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEA5cwDQYJKoZIhvcNAQEL
BQADggEBAMZMZsYWn2HHTwSPiZLiSHhS7VuwEY/coOW7CAvmQBgh73FEWEBZWWvD
66Yt5DAr+u9dPavsDfMiw/6cy0UyN2GDqqSAc5CQVGMxa/mTsW+9DFJTC+Sikg61
ggSFUa8SDN+g9LJ8ZGUrM78jQy3DGhnKBRabRSIPoqj6/ta0XQcYESlya5cd2H16
Av3Q+U9Y8/aspP28CutttGjW7qPfLeXtjy2jHSli36yjoXrkdvzkDLOl0erKPy3E
jYZuWp+1riCZPql9x0teZlJqt9NiD7vYhNwDcuPCiOQcrlJdG/iOPvW1E6lpzt1B
Ys6fFWuUnqCzVyu+y0UP5tMOFFtvb5E=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:48:41 2024 by rpki-client on console-ams.rpki-client.org