Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/443359E8C99B11EEB7426E66775412E6.roa
File:                     443359E8C99B11EEB7426E66775412E6.roa (raw, json)
Hash identifier:          eJwP1UmHsKDVGDi3xz1KEXx8NcHlZwtcW4ClWms4mh8=
Subject key identifier:   BA:DD:1C:61:0B:77:91:C0:4E:03:29:64:87:1B:EF:1F:F1:F0:6B:BF
Certificate issuer:       /CN=F36B33A4AF/serialNumber=3E0CE63D60455BD65BAA3154BE81206C67E69D44
Certificate serial:       057F
Authority key identifier: 3E:0C:E6:3D:60:45:5B:D6:5B:AA:31:54:BE:81:20:6C:67:E6:9D:44
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/443359E8C99B11EEB7426E66775412E6.roa
Signing time:             Mon 12 Feb 2024 11:38:40 +0000
ROA not before:           Mon 12 Feb 2024 11:38:36 +0000
ROA not after:            Wed 12 Feb 2048 11:38:36 +0000
asID:                     37098
IP address blocks:        41.216.228.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1407 (0x57f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B33A4AF/serialNumber=3E0CE63D60455BD65BAA3154BE81206C67E69D44
        Validity
            Not Before: Feb 12 11:38:36 2024 GMT
            Not After : Feb 12 11:38:36 2048 GMT
        Subject: CN=65ca0340-c84c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:34:de:eb:3d:2c:5e:22:25:4c:99:ac:23:22:
                    0e:4c:db:28:48:45:5b:db:e8:03:18:70:a8:d6:2c:
                    c2:b5:bb:0a:ca:40:00:55:9e:a3:ec:0b:80:c7:19:
                    c7:67:0c:b7:96:20:f2:9e:1f:e3:39:33:b3:84:4f:
                    0b:a2:80:7d:4f:61:ac:09:b7:9d:20:39:3e:e3:06:
                    87:1e:3e:ee:15:fb:1b:fe:24:33:6d:2e:eb:0d:57:
                    25:d3:bf:1c:19:07:a4:7a:79:6d:8e:7d:eb:04:b1:
                    fa:72:c0:b3:28:78:4f:01:7d:be:15:15:ec:4b:0d:
                    e7:07:50:ff:ec:f1:ff:4c:78:c6:6f:b2:f2:43:d5:
                    37:f4:d6:6d:36:f5:1a:b6:a2:f9:b2:85:b2:7e:b5:
                    4c:ea:48:fd:bb:8f:59:51:58:6e:3e:a4:f3:ea:d4:
                    5c:17:e7:3b:81:b6:d5:42:c8:42:6e:0d:c0:b4:4f:
                    4e:9f:9c:01:da:f8:0e:e6:d5:98:c2:94:22:84:90:
                    09:8f:25:67:f9:fc:e1:9b:5e:77:50:e1:7a:03:52:
                    b1:84:14:72:64:bb:66:6f:6c:21:23:cb:66:c4:cb:
                    3d:ca:f9:18:72:31:43:9a:b4:46:8b:6a:9e:e3:d5:
                    96:91:99:5c:05:66:b8:b8:71:ca:27:54:79:a8:79:
                    7d:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:DD:1C:61:0B:77:91:C0:4E:03:29:64:87:1B:EF:1F:F1:F0:6B:BF
            X509v3 Authority Key Identifier:
                keyid:3E:0C:E6:3D:60:45:5B:D6:5B:AA:31:54:BE:81:20:6C:67:E6:9D:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/443359E8C99B11EEB7426E66775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.216.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:24:bc:94:94:92:40:ee:20:31:9c:c6:e7:ad:7f:d0:d2:22:
         e8:92:2f:e3:32:73:26:b4:46:aa:0d:f2:e8:f2:76:17:64:bd:
         bc:45:0f:81:d8:f5:15:3d:5d:8c:01:03:01:e1:db:0f:98:ab:
         50:58:48:02:bc:37:49:71:b2:65:91:ef:6f:ef:1f:92:68:a4:
         a7:8a:34:2b:cf:5e:b4:9e:e2:e8:f9:4f:ee:36:cd:5b:51:92:
         4a:e7:dc:48:24:89:3d:42:d7:fe:d5:9d:42:3b:a3:4d:25:77:
         73:ae:bc:39:b5:b6:38:25:26:28:a0:05:0b:5b:8d:2e:13:24:
         13:88:1f:1b:cc:ec:5a:85:f8:c6:6a:83:39:3f:58:e3:8d:b5:
         d7:52:98:a6:6d:d6:cf:f1:5b:8d:fa:f0:c0:f8:38:2f:04:91:
         bf:d2:6d:5e:b1:3c:e2:6a:8d:9a:1d:ff:d9:c3:24:72:7f:e2:
         68:6e:2b:6d:8f:ba:7d:8d:80:f2:06:87:5f:92:e7:88:51:89:
         09:0c:45:72:a5:b4:4b:3e:82:4c:2e:49:f5:7b:86:52:7c:ee:
         37:8b:50:5d:a7:fa:b0:76:4a:34:a9:b5:6e:78:0b:41:ae:80:
         29:c0:7e:cb:d1:03:a3:a4:36:c9:c9:ac:fc:7e:b6:3e:e4:f5:
         77:eb:59:91
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBX8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjMzQTRBRjExMC8GA1UEBRMoM0UwQ0U2M0Q2MDQ1NUJENjVCQUEzMTU0QkU4MTIw
NkM2N0U2OUQ0NDAeFw0yNDAyMTIxMTM4MzZaFw00ODAyMTIxMTM4MzZaMBgxFjAU
BgNVBAMTDTY1Y2EwMzQwLWM4NGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDBNN7rPSxeIiVMmawjIg5M2yhIRVvb6AMYcKjWLMK1uwrKQABVnqPsC4DH
GcdnDLeWIPKeH+M5M7OETwuigH1PYawJt50gOT7jBocePu4V+xv+JDNtLusNVyXT
vxwZB6R6eW2OfesEsfpywLMoeE8Bfb4VFexLDecHUP/s8f9MeMZvsvJD1Tf01m02
9Rq2ovmyhbJ+tUzqSP27j1lRWG4+pPPq1FwX5zuBttVCyEJuDcC0T06fnAHa+A7m
1ZjClCKEkAmPJWf5/OGbXndQ4XoDUrGEFHJku2ZvbCEjy2bEyz3K+RhyMUOatEaL
ap7j1ZaRmVwFZri4cconVHmoeX0bAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUut0c
YQt3kcBOAylkhxvvH/Hwa78wHwYDVR0jBBgwFoAUPgzmPWBFW9ZbqjFUvoEgbGfm
nUQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkIzM0E0LzJFNzQzNzgyQTFBQzExRUE5RkVCQzM3NEY4QUVBMjI4L1Bnem1Q
V0JGVzlaYnFqRlV2b0VnYkdmbW5VUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1Bnem1QV0JGVzlaYnFqRlV2b0VnYkdmbW5VUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkIzM0E0LzJFNzQzNzgyQTFBQzExRUE5RkVCQzM3NEY4
QUVBMjI4LzQ0MzM1OUU4Qzk5QjExRUVCNzQyNkU2Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp2OQwDQYJKoZIhvcNAQEL
BQADggEBAKUkvJSUkkDuIDGcxuetf9DSIuiSL+Mycya0RqoN8ujydhdkvbxFD4HY
9RU9XYwBAwHh2w+Yq1BYSAK8N0lxsmWR72/vH5JopKeKNCvPXrSe4uj5T+42zVtR
kkrn3EgkiT1C1/7VnUI7o00ld3OuvDm1tjglJiigBQtbjS4TJBOIHxvM7FqF+MZq
gzk/WOONtddSmKZt1s/xW4368MD4OC8Ekb/SbV6xPOJqjZod/9nDJHJ/4mhuK22P
un2NgPIGh1+S54hRiQkMRXKltEs+gkwuSfV7hlJ87jeLUF2n+rB2SjSptW54C0Gu
gCnAfsvRA6OkNsnJrPx+tj7k9XfrWZE=
-----END CERTIFICATE-----
Generated at Mon Jun 17 02:12:04 2024 by rpki-client on console-ams.rpki-client.org