Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/A3E68908C99D11EEBCDBDD69775412E6.roa
File:                     A3E68908C99D11EEBCDBDD69775412E6.roa (raw, json)
Hash identifier:          JHGShobNFQwFQaj9FU3+SLnUbdV9/2sN3XHwcPWqTIc=
Subject key identifier:   19:DE:35:0B:D6:7F:05:89:93:6A:B1:0B:6C:24:73:CE:BF:A4:51:18
Certificate issuer:       /CN=F36B33A4AF/serialNumber=3E0CE63D60455BD65BAA3154BE81206C67E69D44
Certificate serial:       058B
Authority key identifier: 3E:0C:E6:3D:60:45:5B:D6:5B:AA:31:54:BE:81:20:6C:67:E6:9D:44
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/A3E68908C99D11EEBCDBDD69775412E6.roa
Signing time:             Mon 12 Feb 2024 11:55:39 +0000
ROA not before:           Mon 12 Feb 2024 11:55:36 +0000
ROA not after:            Wed 12 Feb 2048 11:55:36 +0000
asID:                     37098
IP address blocks:        154.66.123.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 20 Jun 2024 00:05:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1419 (0x58b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B33A4AF/serialNumber=3E0CE63D60455BD65BAA3154BE81206C67E69D44
        Validity
            Not Before: Feb 12 11:55:36 2024 GMT
            Not After : Feb 12 11:55:36 2048 GMT
        Subject: CN=65ca073b-eccb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:99:8b:23:cc:34:5b:da:2f:b8:39:21:29:0f:
                    27:36:66:28:03:57:8d:ba:ef:af:f4:81:6c:a2:52:
                    e9:cf:c4:a6:3a:82:e1:79:50:04:b9:6c:95:ff:85:
                    56:bb:25:00:a3:24:97:44:f5:b6:e3:fc:05:a0:42:
                    db:3b:6c:cc:da:ab:fc:36:30:ce:60:81:ba:d7:76:
                    27:73:75:8f:7f:97:fa:24:b3:c5:de:37:20:52:bd:
                    2e:aa:f4:b6:b2:03:dc:2f:2e:8d:f3:86:b9:c4:1b:
                    d3:46:75:cd:4f:fa:66:4a:d8:dd:41:da:37:20:c9:
                    59:84:11:08:c5:6e:84:a3:96:a6:d1:08:1d:73:b9:
                    fe:28:3b:b0:71:0b:88:64:0c:79:90:38:29:72:37:
                    f6:c9:c6:af:63:ce:8e:b1:69:8a:56:dd:81:db:cd:
                    67:7c:b9:e5:49:0c:48:4f:12:8f:d6:7f:a2:a0:a7:
                    89:3c:9c:e5:2f:6b:2f:09:b4:5c:6e:ec:3b:fd:3d:
                    f8:7f:c3:be:cc:c7:9d:8b:ee:3c:99:42:84:36:11:
                    82:67:6f:91:65:0a:80:ef:fd:9c:4b:18:ef:8e:14:
                    8c:91:18:24:fd:52:5f:d3:13:7d:d3:a6:4b:72:c9:
                    05:64:36:4c:28:29:59:d5:0b:55:9f:fe:05:0f:e3:
                    fe:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:DE:35:0B:D6:7F:05:89:93:6A:B1:0B:6C:24:73:CE:BF:A4:51:18
            X509v3 Authority Key Identifier:
                keyid:3E:0C:E6:3D:60:45:5B:D6:5B:AA:31:54:BE:81:20:6C:67:E6:9D:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/A3E68908C99D11EEBCDBDD69775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.66.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:c3:da:1d:5c:f0:7b:69:00:00:62:09:e9:2e:e9:b5:c5:d6:
         fa:d1:ad:84:58:74:6a:24:c2:3c:52:78:cc:37:62:fc:38:54:
         1e:4a:17:8b:df:bf:2e:95:11:f2:b8:75:42:4c:66:8c:94:b0:
         fc:c8:c1:7c:1c:c5:65:b7:e9:7d:7b:81:0e:18:b8:08:de:76:
         2e:f0:27:98:89:a3:28:5d:66:bc:b6:08:f6:a0:51:7f:86:0b:
         d7:b7:25:c8:f8:71:1c:32:18:d2:1c:60:55:cc:a3:fc:04:4b:
         f9:34:4a:52:61:2c:02:e8:d4:ae:ae:64:d6:ae:51:79:c4:52:
         ff:d8:3c:ec:98:40:e9:19:cd:72:87:dc:ca:a4:55:0f:e3:62:
         b6:8c:24:2c:12:b6:40:3f:61:39:06:d0:f3:84:68:85:ab:b2:
         3f:13:de:23:2b:ef:63:2b:02:86:23:a0:8f:ad:43:14:87:38:
         21:7f:f4:00:74:45:8c:f3:b4:76:ff:92:d5:d5:1a:30:0d:69:
         16:34:c7:31:c0:96:8e:59:b7:2f:74:d2:3d:f0:ef:a5:26:28:
         5a:1f:a3:f3:df:ef:af:37:28:7f:0d:bf:ba:c9:d3:41:f5:b2:
         05:ad:00:cc:e4:23:94:b4:18:37:3d:72:23:5a:ca:eb:39:dd:
         77:30:ad:d1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBYswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjMzQTRBRjExMC8GA1UEBRMoM0UwQ0U2M0Q2MDQ1NUJENjVCQUEzMTU0QkU4MTIw
NkM2N0U2OUQ0NDAeFw0yNDAyMTIxMTU1MzZaFw00ODAyMTIxMTU1MzZaMBgxFjAU
BgNVBAMTDTY1Y2EwNzNiLWVjY2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5mYsjzDRb2i+4OSEpDyc2ZigDV42676/0gWyiUunPxKY6guF5UAS5bJX/
hVa7JQCjJJdE9bbj/AWgQts7bMzaq/w2MM5ggbrXdidzdY9/l/oks8XeNyBSvS6q
9LayA9wvLo3zhrnEG9NGdc1P+mZK2N1B2jcgyVmEEQjFboSjlqbRCB1zuf4oO7Bx
C4hkDHmQOClyN/bJxq9jzo6xaYpW3YHbzWd8ueVJDEhPEo/Wf6Kgp4k8nOUvay8J
tFxu7Dv9Pfh/w77Mx52L7jyZQoQ2EYJnb5FlCoDv/ZxLGO+OFIyRGCT9Ul/TE33T
pktyyQVkNkwoKVnVC1Wf/gUP4/6hAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGd41
C9Z/BYmTarELbCRzzr+kURgwHwYDVR0jBBgwFoAUPgzmPWBFW9ZbqjFUvoEgbGfm
nUQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkIzM0E0LzJFNzQzNzgyQTFBQzExRUE5RkVCQzM3NEY4QUVBMjI4L1Bnem1Q
V0JGVzlaYnFqRlV2b0VnYkdmbW5VUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1Bnem1QV0JGVzlaYnFqRlV2b0VnYkdmbW5VUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkIzM0E0LzJFNzQzNzgyQTFBQzExRUE5RkVCQzM3NEY4
QUVBMjI4L0EzRTY4OTA4Qzk5RDExRUVCQ0RCREQ2OTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaQnswDQYJKoZIhvcNAQEL
BQADggEBABDD2h1c8HtpAABiCeku6bXF1vrRrYRYdGokwjxSeMw3Yvw4VB5KF4vf
vy6VEfK4dUJMZoyUsPzIwXwcxWW36X17gQ4YuAjedi7wJ5iJoyhdZry2CPagUX+G
C9e3Jcj4cRwyGNIcYFXMo/wES/k0SlJhLALo1K6uZNauUXnEUv/YPOyYQOkZzXKH
3MqkVQ/jYraMJCwStkA/YTkG0POEaIWrsj8T3iMr72MrAoYjoI+tQxSHOCF/9AB0
RYzztHb/ktXVGjANaRY0xzHAlo5Zty900j3w76UmKFofo/Pf7683KH8Nv7rJ00H1
sgWtAMzkI5S0GDc9ciNayus53XcwrdE=
-----END CERTIFICATE-----
Generated at Tue Jun 18 01:55:20 2024 by rpki-client on console-fra.rpki-client.org