Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/6DC4A582C99B11EEAA679266775412E6.roa
File:                     6DC4A582C99B11EEAA679266775412E6.roa (raw, json)
Hash identifier:          MjTKJFnfxwa+7JMBxkfxSEbP+ssgAMkXFxn505219tQ=
Subject key identifier:   74:BE:0D:27:FE:10:6F:E9:13:82:3B:9F:4D:36:33:7C:DE:BE:10:5C
Certificate issuer:       /CN=F36B33A4AF/serialNumber=3E0CE63D60455BD65BAA3154BE81206C67E69D44
Certificate serial:       0581
Authority key identifier: 3E:0C:E6:3D:60:45:5B:D6:5B:AA:31:54:BE:81:20:6C:67:E6:9D:44
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/6DC4A582C99B11EEAA679266775412E6.roa
Signing time:             Mon 12 Feb 2024 11:39:50 +0000
ROA not before:           Mon 12 Feb 2024 11:39:46 +0000
ROA not after:            Wed 12 Feb 2048 11:39:46 +0000
asID:                     37098
IP address blocks:        41.216.229.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1409 (0x581)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B33A4AF/serialNumber=3E0CE63D60455BD65BAA3154BE81206C67E69D44
        Validity
            Not Before: Feb 12 11:39:46 2024 GMT
            Not After : Feb 12 11:39:46 2048 GMT
        Subject: CN=65ca0385-a32c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:d0:f3:4d:29:76:60:34:2b:7d:a4:5a:d1:b3:
                    e0:83:02:a5:2d:a3:72:e6:98:b0:68:dc:cd:7c:68:
                    9c:93:1b:1d:19:f8:d5:a1:6f:64:3d:cd:02:ed:f5:
                    bd:31:e3:d3:de:77:5f:84:62:a4:67:e1:2b:56:b8:
                    43:2b:e5:6d:b0:e8:0b:9e:30:92:46:33:7b:c0:a1:
                    bb:71:c9:bd:ff:8a:ff:5a:d5:a6:b5:49:0b:6e:da:
                    4d:47:63:44:c9:36:32:c2:2f:d5:85:46:0b:ef:22:
                    f4:bd:8e:a1:85:9e:f8:c3:fd:bb:0d:60:4a:25:82:
                    f2:25:39:dd:53:0d:20:5f:a7:49:bd:06:2e:6e:59:
                    bd:b1:aa:27:2b:d8:9e:51:fa:f3:c2:7a:7f:c6:02:
                    be:b9:b8:6c:f0:de:e2:a3:41:da:71:ea:b3:02:19:
                    4c:8f:5c:58:7c:e8:0f:d3:04:5a:76:39:cf:4a:f0:
                    82:f1:c3:67:ff:56:6d:f9:39:ca:1c:0b:ea:f1:fa:
                    c2:2e:4c:66:94:c5:cf:15:65:8e:c5:cd:60:ef:48:
                    43:a0:cc:bc:c5:d5:03:33:1d:6d:e0:90:b5:60:3c:
                    f7:5d:e7:4e:80:e2:b1:3e:40:f3:80:59:a0:88:5b:
                    a0:d5:ca:56:95:ed:f2:7a:5a:f7:ad:90:d2:22:86:
                    9e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:BE:0D:27:FE:10:6F:E9:13:82:3B:9F:4D:36:33:7C:DE:BE:10:5C
            X509v3 Authority Key Identifier:
                keyid:3E:0C:E6:3D:60:45:5B:D6:5B:AA:31:54:BE:81:20:6C:67:E6:9D:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/6DC4A582C99B11EEAA679266775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.216.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:20:04:f8:1e:89:46:06:7e:48:ae:43:2a:25:0f:b9:72:c5:
         c2:75:b6:e3:d7:cf:35:49:3a:35:de:6a:65:ab:a6:7c:54:d0:
         e0:df:35:c2:b4:85:db:f4:6d:34:60:07:73:de:e3:4e:5f:2b:
         ce:18:b6:af:25:ed:f2:40:4b:63:51:4b:d9:36:01:31:6d:8b:
         7b:1d:1a:b4:51:c8:f9:ac:9a:8e:a1:a9:c6:fa:61:d9:29:e5:
         aa:01:93:a8:75:ce:b8:c5:86:cd:a1:1a:7d:bf:82:5a:2e:3a:
         0f:8c:a0:8e:ed:50:2d:ac:6a:4d:c8:b2:3c:31:45:7f:9d:24:
         7c:8c:d5:a0:b1:c8:6a:e8:f5:fb:b7:be:c6:63:90:89:1e:e7:
         e1:7b:e2:5c:a6:c6:ec:5e:3a:7d:da:4f:5e:8d:07:1d:3f:a6:
         1b:52:e9:d3:df:a0:fd:ad:40:8e:96:f2:2d:07:c5:3b:0a:19:
         17:b5:04:41:51:f7:cf:c2:79:62:37:cb:b1:ea:bc:b9:9b:e1:
         ed:c2:81:9f:4b:e5:2e:80:bb:98:46:87:fd:e3:e2:19:56:6f:
         29:27:28:b4:29:90:ef:8f:88:74:0f:b5:4b:16:e8:58:be:1d:
         ac:ee:54:73:71:17:b5:2c:7b:b4:e6:9b:f7:be:3f:54:ed:bc:
         cb:b7:ce:05
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBYEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjMzQTRBRjExMC8GA1UEBRMoM0UwQ0U2M0Q2MDQ1NUJENjVCQUEzMTU0QkU4MTIw
NkM2N0U2OUQ0NDAeFw0yNDAyMTIxMTM5NDZaFw00ODAyMTIxMTM5NDZaMBgxFjAU
BgNVBAMTDTY1Y2EwMzg1LWEzMmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC50PNNKXZgNCt9pFrRs+CDAqUto3LmmLBo3M18aJyTGx0Z+NWhb2Q9zQLt
9b0x49Ped1+EYqRn4StWuEMr5W2w6AueMJJGM3vAobtxyb3/iv9a1aa1SQtu2k1H
Y0TJNjLCL9WFRgvvIvS9jqGFnvjD/bsNYEolgvIlOd1TDSBfp0m9Bi5uWb2xqicr
2J5R+vPCen/GAr65uGzw3uKjQdpx6rMCGUyPXFh86A/TBFp2Oc9K8ILxw2f/Vm35
OcocC+rx+sIuTGaUxc8VZY7FzWDvSEOgzLzF1QMzHW3gkLVgPPdd506A4rE+QPOA
WaCIW6DVylaV7fJ6WvetkNIihp6VAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdL4N
J/4Qb+kTgjufTTYzfN6+EFwwHwYDVR0jBBgwFoAUPgzmPWBFW9ZbqjFUvoEgbGfm
nUQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkIzM0E0LzJFNzQzNzgyQTFBQzExRUE5RkVCQzM3NEY4QUVBMjI4L1Bnem1Q
V0JGVzlaYnFqRlV2b0VnYkdmbW5VUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1Bnem1QV0JGVzlaYnFqRlV2b0VnYkdmbW5VUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkIzM0E0LzJFNzQzNzgyQTFBQzExRUE5RkVCQzM3NEY4
QUVBMjI4LzZEQzRBNTgyQzk5QjExRUVBQTY3OTI2Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp2OUwDQYJKoZIhvcNAQEL
BQADggEBAEggBPgeiUYGfkiuQyolD7lyxcJ1tuPXzzVJOjXeamWrpnxU0ODfNcK0
hdv0bTRgB3Pe405fK84Ytq8l7fJAS2NRS9k2ATFti3sdGrRRyPmsmo6hqcb6Ydkp
5aoBk6h1zrjFhs2hGn2/glouOg+MoI7tUC2sak3IsjwxRX+dJHyM1aCxyGro9fu3
vsZjkIke5+F74lymxuxeOn3aT16NBx0/phtS6dPfoP2tQI6W8i0HxTsKGRe1BEFR
98/CeWI3y7HqvLmb4e3CgZ9L5S6Au5hGh/3j4hlWbyknKLQpkO+PiHQPtUsW6Fi+
HazuVHNxF7Use7Tmm/e+P1TtvMu3zgU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:14 2024 by rpki-client on console-fra.rpki-client.org