Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/E1837E5AF24311EE883862C9775412E6.roa
File:                     E1837E5AF24311EE883862C9775412E6.roa (raw, json)
Hash identifier:          jqNH3huKCT5kT+AUi/uqzdedHx3wpcmsGIeRoxqgiaw=
Subject key identifier:   87:F1:4C:88:78:33:C9:0F:E5:7C:14:EA:87:98:9F:2E:B2:61:B4:1D
Certificate issuer:       /CN=F36B33A4AF/serialNumber=3E0CE63D60455BD65BAA3154BE81206C67E69D44
Certificate serial:       05D4
Authority key identifier: 3E:0C:E6:3D:60:45:5B:D6:5B:AA:31:54:BE:81:20:6C:67:E6:9D:44
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/E1837E5AF24311EE883862C9775412E6.roa
Signing time:             Thu 04 Apr 2024 05:26:26 +0000
ROA not before:           Thu 04 Apr 2024 05:26:22 +0000
ROA not after:            Wed 12 Feb 2048 05:26:22 +0000
asID:                     37098
IP address blocks:        154.66.121.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1492 (0x5d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B33A4AF/serialNumber=3E0CE63D60455BD65BAA3154BE81206C67E69D44
        Validity
            Not Before: Apr  4 05:26:22 2024 GMT
            Not After : Feb 12 05:26:22 2048 GMT
        Subject: CN=660e3a01-4572
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:bb:26:d1:12:3d:b5:cc:9a:bf:23:d6:d3:e5:
                    f7:da:a6:9a:36:73:dc:55:ad:e2:5a:66:4b:79:f3:
                    18:9c:9f:28:3f:fc:47:cc:e9:14:3a:6e:4c:84:c7:
                    50:f4:b5:3b:db:dd:be:b5:dc:d4:51:12:c2:2a:2b:
                    5e:85:10:93:5c:91:61:a1:7f:01:36:8c:67:c5:36:
                    f3:4f:e3:99:29:7a:36:c5:24:bc:10:a5:de:f3:f3:
                    47:ca:8e:1f:a1:33:ca:3d:2b:ae:7c:c8:37:07:13:
                    49:56:f8:40:14:ba:68:58:78:05:8c:85:0b:7f:6b:
                    b5:7d:b0:a0:0c:48:4c:d1:1b:d8:30:80:c3:ba:3c:
                    dc:3b:d8:1d:b9:fe:76:2c:1e:25:81:0c:86:55:3a:
                    15:07:b0:0e:55:7e:dc:1f:a8:3b:d1:8e:78:34:84:
                    75:55:51:e2:82:c5:ee:a4:09:8f:e5:89:42:d3:c7:
                    ad:07:23:5b:24:36:b8:92:9f:3c:bd:47:2c:92:35:
                    1d:59:b8:cb:3b:f8:21:bf:46:29:76:a8:44:e3:4a:
                    72:36:41:35:17:fb:d0:b6:7e:3d:f6:c8:91:3b:2f:
                    0b:db:88:9b:0a:d1:9d:2d:f7:00:1d:1c:c9:c8:8e:
                    f1:24:18:98:47:53:02:85:29:21:7a:c1:4a:7b:60:
                    f1:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:F1:4C:88:78:33:C9:0F:E5:7C:14:EA:87:98:9F:2E:B2:61:B4:1D
            X509v3 Authority Key Identifier:
                keyid:3E:0C:E6:3D:60:45:5B:D6:5B:AA:31:54:BE:81:20:6C:67:E6:9D:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PgzmPWBFW9ZbqjFUvoEgbGfmnUQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B33A4/2E743782A1AC11EA9FEBC374F8AEA228/E1837E5AF24311EE883862C9775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.66.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:8e:af:aa:36:e2:ba:bf:6e:4e:6c:9a:d3:91:19:7c:d4:b3:
         7a:fe:f3:8e:07:08:ea:52:95:e1:55:0a:12:b4:91:b1:61:f6:
         66:3b:f4:93:b1:fc:f6:d7:cf:9e:1e:bd:2a:50:f2:02:ee:63:
         21:41:22:67:ce:a5:f0:28:bd:80:91:ff:1a:19:0e:85:9f:5d:
         49:30:d4:06:91:58:33:ef:77:5c:b1:16:da:dd:2d:a5:6c:9c:
         dd:ec:43:96:66:31:24:5e:f7:67:56:87:b4:05:1d:be:be:58:
         20:c5:ac:0a:1f:c0:8b:88:e2:43:2c:08:d4:d0:44:44:aa:8f:
         47:ac:5b:26:87:33:c1:c6:0d:ea:c2:cc:be:8d:af:7b:1c:fe:
         eb:1e:95:52:00:4a:57:54:b9:94:97:82:e8:b7:08:0d:f0:49:
         be:bc:a1:93:f7:7b:11:44:51:c5:1e:c1:fb:02:55:d6:c1:cf:
         8f:f1:14:fc:94:64:5e:3e:f9:18:a8:5b:a1:76:0a:f2:c7:2b:
         fc:6b:e1:28:f4:77:60:44:3c:70:7b:4e:c4:8a:2c:3a:8f:28:
         ad:d2:01:44:f3:5a:8e:31:c4:72:f2:9d:18:c7:72:9f:0a:92:
         5e:6d:cf:64:53:50:41:ba:b2:e5:39:b7:fd:02:62:c2:47:1b:
         aa:f8:86:1f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBdQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjMzQTRBRjExMC8GA1UEBRMoM0UwQ0U2M0Q2MDQ1NUJENjVCQUEzMTU0QkU4MTIw
NkM2N0U2OUQ0NDAeFw0yNDA0MDQwNTI2MjJaFw00ODAyMTIwNTI2MjJaMBgxFjAU
BgNVBAMTDTY2MGUzYTAxLTQ1NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDXuybREj21zJq/I9bT5ffappo2c9xVreJaZkt58xicnyg//EfM6RQ6bkyE
x1D0tTvb3b613NRREsIqK16FEJNckWGhfwE2jGfFNvNP45kpejbFJLwQpd7z80fK
jh+hM8o9K658yDcHE0lW+EAUumhYeAWMhQt/a7V9sKAMSEzRG9gwgMO6PNw72B25
/nYsHiWBDIZVOhUHsA5VftwfqDvRjng0hHVVUeKCxe6kCY/liULTx60HI1skNriS
nzy9RyySNR1ZuMs7+CG/Ril2qETjSnI2QTUX+9C2fj32yJE7LwvbiJsK0Z0t9wAd
HMnIjvEkGJhHUwKFKSF6wUp7YPELAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUh/FM
iHgzyQ/lfBTqh5ifLrJhtB0wHwYDVR0jBBgwFoAUPgzmPWBFW9ZbqjFUvoEgbGfm
nUQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkIzM0E0LzJFNzQzNzgyQTFBQzExRUE5RkVCQzM3NEY4QUVBMjI4L1Bnem1Q
V0JGVzlaYnFqRlV2b0VnYkdmbW5VUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1Bnem1QV0JGVzlaYnFqRlV2b0VnYkdmbW5VUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkIzM0E0LzJFNzQzNzgyQTFBQzExRUE5RkVCQzM3NEY4
QUVBMjI4L0UxODM3RTVBRjI0MzExRUU4ODM4NjJDOTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaQnkwDQYJKoZIhvcNAQEL
BQADggEBAJ+Or6o24rq/bk5smtORGXzUs3r+844HCOpSleFVChK0kbFh9mY79JOx
/PbXz54evSpQ8gLuYyFBImfOpfAovYCR/xoZDoWfXUkw1AaRWDPvd1yxFtrdLaVs
nN3sQ5ZmMSRe92dWh7QFHb6+WCDFrAofwIuI4kMsCNTQRESqj0esWyaHM8HGDerC
zL6Nr3sc/uselVIASldUuZSXgui3CA3wSb68oZP3exFEUcUewfsCVdbBz4/xFPyU
ZF4++RioW6F2CvLHK/xr4Sj0d2BEPHB7TsSKLDqPKK3SAUTzWo4xxHLynRjHcp8K
kl5tz2RTUEG6suU5t/0CYsJHG6r4hh8=
-----END CERTIFICATE-----
Generated at Mon Jun 17 02:12:04 2024 by rpki-client on console-ams.rpki-client.org