Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/04046444181E11EFAEE9FC6F017001B1.roa
File:                     04046444181E11EFAEE9FC6F017001B1.roa (raw, json)
Hash identifier:          Bmr9RFUMYwMluDn47Xr62rRvVuIPy+J/XTHta98qV6w=
Subject key identifier:   96:1F:07:A7:68:68:7B:EB:8C:06:1A:8D:4F:04:B3:43:EC:FD:0B:EB
Certificate issuer:       /CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
Certificate serial:       0748
Authority key identifier: 98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/04046444181E11EFAEE9FC6F017001B1.roa
Signing time:             Wed 22 May 2024 09:31:07 +0000
ROA not before:           Wed 22 May 2024 09:31:03 +0000
ROA not after:            Sun 31 Dec 2034 09:31:03 +0000
asID:                     2018
IP address blocks:        196.21.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.mft
                          rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1864 (0x748)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
        Validity
            Not Before: May 22 09:31:03 2024 GMT
            Not After : Dec 31 09:31:03 2034 GMT
        Subject: CN=664dbb5b-3446
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:5e:b6:19:3d:34:0e:72:26:2e:2f:c7:ad:01:
                    51:02:06:a7:b3:c6:81:57:29:e2:eb:9e:a2:de:38:
                    40:ae:56:1f:35:46:88:8b:6f:e8:7e:4c:a9:4e:4d:
                    6e:f2:19:c2:6b:cb:ef:ae:09:ef:bd:12:52:d8:05:
                    2f:52:ff:5a:16:0f:17:99:7d:e5:d0:6b:16:bb:13:
                    39:1f:cf:af:5a:83:cb:41:c1:93:51:fb:c2:c2:83:
                    53:03:9e:4d:44:2a:73:6f:75:72:87:6e:ca:1c:89:
                    dd:e5:64:a7:ed:33:ed:ea:fa:5b:05:d0:bc:1c:06:
                    c6:16:85:3f:4f:a4:cf:2b:ca:c1:81:9d:5b:3d:02:
                    e9:cd:2d:ee:a2:53:7c:9c:2e:52:1b:a8:3a:ad:bc:
                    23:6b:99:3c:52:d5:54:dd:1f:ca:4f:eb:8b:6d:ad:
                    fb:5e:22:8b:82:a2:a8:fd:b3:0a:92:95:dd:da:37:
                    45:45:2f:0f:30:df:06:ad:b9:06:47:4a:88:b5:cd:
                    55:40:1b:ee:ef:c4:4b:94:5f:a9:74:52:28:8a:16:
                    4f:37:f3:63:16:4b:24:62:17:b1:8f:85:72:99:50:
                    66:d1:46:29:23:1f:d9:1f:11:40:8e:f9:b1:2c:53:
                    01:86:aa:15:e9:1b:44:62:49:e9:c9:11:f6:56:d8:
                    cc:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:1F:07:A7:68:68:7B:EB:8C:06:1A:8D:4F:04:B3:43:EC:FD:0B:EB
            X509v3 Authority Key Identifier:
                keyid:98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/04046444181E11EFAEE9FC6F017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.21.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5e:14:7c:69:e8:78:7d:1b:f4:2e:0b:87:c7:42:48:fb:14:59:
         76:35:3d:24:3b:b2:d8:9f:76:6a:d5:8b:d6:5f:04:48:bc:56:
         69:a5:fa:bd:18:7d:bc:40:57:b6:78:23:06:60:92:31:59:31:
         15:d7:3a:ff:6f:6c:d9:24:fa:6e:cb:10:57:d4:3d:15:f6:46:
         fa:fd:20:41:b7:23:af:8a:45:f4:3b:40:d6:fd:eb:95:bf:2c:
         b1:a5:22:52:e2:46:02:fa:b4:28:fa:9f:12:02:db:37:97:8b:
         b4:a4:16:e8:24:58:f4:09:1f:d4:dc:74:0c:51:94:15:04:c2:
         5f:42:67:6f:da:21:d9:03:2a:05:90:99:45:70:e2:d6:08:c8:
         d6:db:f6:94:f9:b0:40:7c:a9:14:cc:f4:d2:80:ad:69:a0:73:
         55:b4:0a:d6:9c:5b:51:58:79:7a:45:54:e6:bb:7f:0d:5e:fc:
         a8:fa:09:58:8d:97:63:00:b4:03:f5:9d:fe:de:e6:9e:9f:37:
         8f:cd:24:78:1a:39:3d:4b:e0:87:cf:72:78:b6:7e:5e:70:f5:
         7f:57:af:b4:fe:fa:e3:71:e7:e2:01:31:b3:c9:d9:6c:73:a8:
         26:35:39:91:26:94:ec:5d:c2:e4:13:cf:42:a1:fb:f3:33:e4:
         08:02:9e:2c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICB0gwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjlGNEJBRjExMC8GA1UEBRMoOTgyMUM4NzIyMUQyNzBCNDJGRjlERDgyNjA0OEI5
OTJDMEUwRTNGODAeFw0yNDA1MjIwOTMxMDNaFw0zNDEyMzEwOTMxMDNaMBgxFjAU
BgNVBAMTDTY2NGRiYjViLTM0NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQClXrYZPTQOciYuL8etAVECBqezxoFXKeLrnqLeOECuVh81RoiLb+h+TKlO
TW7yGcJry++uCe+9ElLYBS9S/1oWDxeZfeXQaxa7Ezkfz69ag8tBwZNR+8LCg1MD
nk1EKnNvdXKHbsocid3lZKftM+3q+lsF0LwcBsYWhT9PpM8rysGBnVs9AunNLe6i
U3ycLlIbqDqtvCNrmTxS1VTdH8pP64ttrfteIouCoqj9swqSld3aN0VFLw8w3wat
uQZHSoi1zVVAG+7vxEuUX6l0UiiKFk8382MWSyRiF7GPhXKZUGbRRikjH9kfEUCO
+bEsUwGGqhXpG0RiSenJEfZW2Mx1AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUlh8H
p2hoe+uMBhqNTwSzQ+z9C+swHwYDVR0jBBgwFoAUmCHIciHScLQv+d2CYEi5ksDg
4/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4QUVBMjI4L21DSElj
aUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL21DSEljaUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4
QUVBMjI4LzA0MDQ2NDQ0MTgxRTExRUZBRUU5RkM2RjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDEFTANBgkqhkiG9w0BAQsF
AAOCAQEAXhR8aeh4fRv0LguHx0JI+xRZdjU9JDuy2J92atWL1l8ESLxWaaX6vRh9
vEBXtngjBmCSMVkxFdc6/29s2ST6bssQV9Q9FfZG+v0gQbcjr4pF9DtA1v3rlb8s
saUiUuJGAvq0KPqfEgLbN5eLtKQW6CRY9Akf1Nx0DFGUFQTCX0Jnb9oh2QMqBZCZ
RXDi1gjI1tv2lPmwQHypFMz00oCtaaBzVbQK1pxbUVh5ekVU5rt/DV78qPoJWI2X
YwC0A/Wd/t7mnp83j80keBo5PUvgh89yeLZ+XnD1f1evtP7643Hn4gExs8nZbHOo
JjU5kSaU7F3C5BPPQqH78zPkCAKeLA==
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:03:13 2024 by rpki-client on console-fra.rpki-client.org