Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36ADFB8/17B4B1A8E95D11EB87F37562D8A014CE/5F9884A0E96111EBA296A268D8A014CE.roa
File:                     5F9884A0E96111EBA296A268D8A014CE.roa (raw, json)
Hash identifier:          oHX1wRxcUjOM6pdvDW91dfv+WMRWunLoT5VhgVlB8+c=
Subject key identifier:   AB:8E:6B:8A:2D:5E:B3:89:F2:41:8B:AC:0A:13:80:BC:BB:11:16:CB
Certificate issuer:       /CN=F36ADFB8AF/serialNumber=F6808454A14F336EC5D05B445658850EBBFD6565
Certificate serial:       05
Authority key identifier: F6:80:84:54:A1:4F:33:6E:C5:D0:5B:44:56:58:85:0E:BB:FD:65:65
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9oCEVKFPM27F0FtEVliFDrv9ZWU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36ADFB8/17B4B1A8E95D11EB87F37562D8A014CE/5F9884A0E96111EBA296A268D8A014CE.roa
Signing time:             Tue 20 Jul 2021 13:50:07 +0000
ROA not before:           Tue 20 Jul 2021 13:50:01 +0000
ROA not after:            Sat 19 Jul 2025 13:50:01 +0000
asID:                     37352
IP address blocks:        41.79.76.0/22 maxlen: 24
                          102.220.84.0/22 maxlen: 24
                          2c0f:f9d8::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36ADFB8/17B4B1A8E95D11EB87F37562D8A014CE/9oCEVKFPM27F0FtEVliFDrv9ZWU.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36ADFB8/17B4B1A8E95D11EB87F37562D8A014CE/9oCEVKFPM27F0FtEVliFDrv9ZWU.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9oCEVKFPM27F0FtEVliFDrv9ZWU.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36ADFB8AF/serialNumber=F6808454A14F336EC5D05B445658850EBBFD6565
        Validity
            Not Before: Jul 20 13:50:01 2021 GMT
            Not After : Jul 19 13:50:01 2025 GMT
        Subject: CN=60f6d48f-63ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b8:82:d9:29:7f:2f:93:76:a2:30:02:be:ff:
                    a2:e2:52:fe:e5:3c:b3:35:da:cf:34:95:5d:e3:0c:
                    18:cb:1b:6a:7a:d8:ae:6b:87:41:86:8e:47:d3:48:
                    39:fb:36:b6:bf:a7:d7:0f:8b:c2:b1:97:d3:a3:5b:
                    40:35:be:78:2f:ca:c7:15:dd:16:2a:a5:e4:35:56:
                    c2:ed:ac:81:89:99:de:5c:02:69:ad:d2:ac:78:d6:
                    84:ff:77:20:08:35:97:5d:5c:08:38:a5:c1:15:95:
                    81:b4:a2:e4:e8:8d:7b:7a:bb:b5:8b:fb:9e:cf:e8:
                    13:3c:25:ab:70:ce:87:d3:d5:81:d7:11:40:e6:67:
                    4c:e0:f3:ef:23:7d:ae:ef:40:7e:ea:d1:0c:b9:a2:
                    57:ba:8e:b9:45:7d:60:a2:d1:7d:aa:e3:bf:3e:75:
                    d7:48:9f:6c:a5:29:fa:9c:62:18:9f:60:74:c2:de:
                    fb:37:db:54:1b:7a:96:a9:78:6b:5f:49:cc:15:20:
                    28:2a:a3:2c:8c:29:c9:d7:fd:3f:da:2e:44:fb:44:
                    d9:92:60:97:6e:53:fb:8d:b1:a2:9a:e3:f4:84:fe:
                    cc:74:ab:d0:8d:23:84:b9:f2:3f:3b:e8:ea:c1:e8:
                    b0:46:e8:c7:1b:3a:cb:08:7b:d8:fd:19:e8:f2:f8:
                    5c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:8E:6B:8A:2D:5E:B3:89:F2:41:8B:AC:0A:13:80:BC:BB:11:16:CB
            X509v3 Authority Key Identifier:
                keyid:F6:80:84:54:A1:4F:33:6E:C5:D0:5B:44:56:58:85:0E:BB:FD:65:65

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36ADFB8/17B4B1A8E95D11EB87F37562D8A014CE/9oCEVKFPM27F0FtEVliFDrv9ZWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9oCEVKFPM27F0FtEVliFDrv9ZWU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36ADFB8/17B4B1A8E95D11EB87F37562D8A014CE/5F9884A0E96111EBA296A268D8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.79.76.0/22
                  102.220.84.0/22
                IPv6:
                  2c0f:f9d8::/32

    Signature Algorithm: sha256WithRSAEncryption
         11:61:77:52:2b:c0:16:74:20:d0:98:2b:48:55:10:8f:15:78:
         db:23:f9:2f:56:55:27:af:14:2c:bc:d6:cf:1e:3d:b9:d2:8a:
         59:ed:21:eb:dc:2e:ec:05:ba:06:a9:c8:8f:47:e4:f5:7c:8c:
         80:ca:37:4e:50:c7:99:ed:91:f6:c6:27:89:09:25:26:e4:9b:
         65:ea:45:1b:0d:ed:c3:68:b4:4f:ac:80:68:5a:e2:3d:47:53:
         87:5e:3b:17:09:94:3e:48:97:0f:f6:e3:49:34:c0:08:83:40:
         c8:5f:5d:0e:75:25:56:3b:70:8a:aa:60:cb:f1:ca:80:10:a0:
         d6:58:5a:a3:1e:aa:4a:60:ae:1b:7d:5a:79:9f:14:e6:5d:32:
         4f:45:45:b6:73:f1:a1:f3:ed:fb:f9:f8:33:d8:d6:84:13:c3:
         72:d5:d2:3d:fc:8e:38:3e:0b:8f:d5:43:0d:60:b9:f9:81:86:
         28:e2:34:cc:28:57:40:cd:40:0c:38:89:4b:0b:b4:57:4f:f2:
         e0:76:50:48:60:c8:5e:ee:55:e6:e9:57:e6:9e:b5:c9:9d:e8:
         e4:e7:80:85:8d:02:d2:d3:ef:f7:75:3d:88:9a:54:a8:36:04:
         3e:1d:ea:8a:50:6a:e9:74:9d:c8:17:aa:bb:28:e8:6d:45:07:
         53:d1:73:a7
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZB
REZCOEFGMTEwLwYDVQQFEyhGNjgwODQ1NEExNEYzMzZFQzVEMDVCNDQ1NjU4ODUw
RUJCRkQ2NTY1MB4XDTIxMDcyMDEzNTAwMVoXDTI1MDcxOTEzNTAwMVowGDEWMBQG
A1UEAwwNNjBmNmQ0OGYtNjNhZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALO4gtkpfy+TdqIwAr7/ouJS/uU8szXazzSVXeMMGMsbanrYrmuHQYaOR9NI
Ofs2tr+n1w+LwrGX06NbQDW+eC/KxxXdFiql5DVWwu2sgYmZ3lwCaa3SrHjWhP93
IAg1l11cCDilwRWVgbSi5OiNe3q7tYv7ns/oEzwlq3DOh9PVgdcRQOZnTODz7yN9
ru9AfurRDLmiV7qOuUV9YKLRfarjvz5110ifbKUp+pxiGJ9gdMLe+zfbVBt6lql4
a19JzBUgKCqjLIwpydf9P9ouRPtE2ZJgl25T+42xoprj9IT+zHSr0I0jhLnyPzvo
6sHosEboxxs6ywh72P0Z6PL4XGkCAwEAAaOCArowggK2MB0GA1UdDgQWBBSrjmuK
LV6zifJBi6wKE4C8uxEWyzAfBgNVHSMEGDAWgBT2gIRUoU8zbsXQW0RWWIUOu/1l
ZTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QURGQjgvMTdCNEIxQThFOTVEMTFFQjg3RjM3NTYyRDhBMDE0Q0UvOW9DRVZL
RlBNMjdGMEZ0RVZsaUZEcnY5WldVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOW9DRVZLRlBNMjdGMEZ0RVZsaUZEcnY5WldVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QURGQjgvMTdCNEIxQThFOTVEMTFFQjg3RjM3NTYyRDhB
MDE0Q0UvNUY5ODg0QTBFOTYxMTFFQkEyOTZBMjY4RDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAilPTAMEAmbcVDANBAIAAjAH
AwUALA/52DANBgkqhkiG9w0BAQsFAAOCAQEAEWF3UivAFnQg0JgrSFUQjxV42yP5
L1ZVJ68ULLzWzx49udKKWe0h69wu7AW6BqnIj0fk9XyMgMo3TlDHme2R9sYniQkl
JuSbZepFGw3tw2i0T6yAaFriPUdTh147FwmUPkiXD/bjSTTACINAyF9dDnUlVjtw
iqpgy/HKgBCg1lhaox6qSmCuG31aeZ8U5l0yT0VFtnPxofPt+/n4M9jWhBPDctXS
PfyOOD4Lj9VDDWC5+YGGKOI0zChXQM1ADDiJSwu0V0/y4HZQSGDIXu5V5ulX5p61
yZ3o5OeAhY0C0tPv93U9iJpUqDYEPh3qilBq6XSdyBequyjobUUHU9Fzpw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org