Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/1B0A9C8E193C11EFA964BD07017001B1.roa
File:                     1B0A9C8E193C11EFA964BD07017001B1.roa (raw, json)
Hash identifier:          NAP2HUgvz/UnL9IaRYi5mpgMbBqnI4I0duHhEgFfKiU=
Subject key identifier:   5E:C7:53:74:2D:0B:93:F5:4D:23:74:05:5E:F1:53:F3:B6:F7:A0:AF
Certificate issuer:       /CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
Certificate serial:       0770
Authority key identifier: 98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/1B0A9C8E193C11EFA964BD07017001B1.roa
Signing time:             Thu 23 May 2024 19:39:01 +0000
ROA not before:           Thu 23 May 2024 19:38:58 +0000
ROA not after:            Sun 31 Dec 2034 19:38:58 +0000
asID:                     36982
IP address blocks:        154.114.25.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.mft
                          rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1904 (0x770)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
        Validity
            Not Before: May 23 19:38:58 2024 GMT
            Not After : Dec 31 19:38:58 2034 GMT
        Subject: CN=664f9b55-9423
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:f5:0c:be:45:0f:aa:f0:ff:d6:30:af:09:07:
                    74:ad:5e:8b:08:30:7d:2a:5e:8d:74:c3:80:71:c6:
                    c2:6a:5f:2f:ec:5d:98:9f:5f:67:09:aa:f5:0a:9b:
                    27:c8:89:c1:66:cd:f1:f5:dd:07:db:49:76:2f:6b:
                    57:8b:f5:b2:d1:41:a7:cf:cc:60:aa:9e:47:b4:6e:
                    f8:a1:0a:e8:f7:ca:77:88:75:74:e9:42:63:fc:81:
                    7a:ed:cc:42:72:05:9e:0d:25:29:f5:d0:e6:a1:f8:
                    5b:43:e3:a3:14:0d:bd:94:80:09:05:1f:08:8e:66:
                    54:33:c7:4e:c5:f3:7b:1b:ad:80:cf:28:c3:78:81:
                    63:a5:ed:0b:5b:c4:32:8f:45:ae:92:b7:9b:cb:79:
                    d3:be:3c:ab:4e:51:46:13:7e:4d:a9:cc:6e:c6:66:
                    ed:ad:7a:0f:ac:e9:6c:e1:29:03:cb:32:bd:9e:2c:
                    4c:9e:4a:f4:67:93:29:48:24:e8:89:ed:17:df:99:
                    e8:56:ff:1d:ac:0f:d4:66:fb:76:10:0a:d8:c6:e9:
                    f3:4b:37:a9:86:7a:5d:fe:e5:54:11:fa:5f:92:54:
                    4b:ae:57:0f:55:ef:10:04:00:66:ea:ea:85:67:0e:
                    91:7f:79:ff:90:3f:6e:6b:f3:11:36:c5:e4:f4:b0:
                    a8:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:C7:53:74:2D:0B:93:F5:4D:23:74:05:5E:F1:53:F3:B6:F7:A0:AF
            X509v3 Authority Key Identifier:
                keyid:98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/1B0A9C8E193C11EFA964BD07017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.114.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:80:fb:90:d6:fa:0d:a9:65:bc:33:1e:ee:a1:d3:e8:28:59:
         db:b7:ba:05:04:7b:c2:b9:7a:28:c5:ec:93:d1:00:75:9d:d3:
         ce:cd:bc:59:83:62:ca:0c:99:c9:9e:30:c8:f6:52:f4:40:f0:
         70:e3:32:fc:49:d1:0f:69:cc:e0:8e:5c:b0:9a:82:6c:2b:98:
         8e:31:75:98:fe:d0:d5:e1:a0:c6:c9:a1:ea:32:5b:d2:6a:8f:
         fd:a9:74:c2:18:ce:ea:c3:1a:1c:33:c2:01:74:ed:42:6c:c8:
         6c:b2:3f:c4:3e:0f:23:3f:9b:ee:fd:9f:cc:cd:73:1a:1f:00:
         0c:f3:3a:f3:92:12:52:ee:c1:9a:d6:de:08:68:d3:9e:3f:e0:
         4e:d6:b2:64:8e:50:64:d5:93:d0:63:54:54:3c:0f:96:84:35:
         5c:4b:74:1f:13:96:e2:39:5a:30:1d:21:4a:38:4d:d7:f0:f2:
         92:5f:b0:5f:4b:16:82:da:70:b1:38:aa:8a:66:0d:e7:43:ae:
         09:00:bf:b7:d4:6b:2b:c5:9a:08:53:73:c8:d2:ba:2c:a5:0b:
         6a:03:2c:c9:53:d6:56:e9:ef:04:b8:0b:b8:c9:96:41:cb:34:
         54:10:2a:d3:43:57:1d:65:be:ff:9c:99:5a:06:79:80:69:ed:
         fc:0d:de:a3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB3AwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjlGNEJBRjExMC8GA1UEBRMoOTgyMUM4NzIyMUQyNzBCNDJGRjlERDgyNjA0OEI5
OTJDMEUwRTNGODAeFw0yNDA1MjMxOTM4NThaFw0zNDEyMzExOTM4NThaMBgxFjAU
BgNVBAMTDTY2NGY5YjU1LTk0MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDF9Qy+RQ+q8P/WMK8JB3StXosIMH0qXo10w4BxxsJqXy/sXZifX2cJqvUK
myfIicFmzfH13QfbSXYva1eL9bLRQafPzGCqnke0bvihCuj3yneIdXTpQmP8gXrt
zEJyBZ4NJSn10Oah+FtD46MUDb2UgAkFHwiOZlQzx07F83sbrYDPKMN4gWOl7Qtb
xDKPRa6St5vLedO+PKtOUUYTfk2pzG7GZu2teg+s6WzhKQPLMr2eLEyeSvRnkylI
JOiJ7RffmehW/x2sD9Rm+3YQCtjG6fNLN6mGel3+5VQR+l+SVEuuVw9V7xAEAGbq
6oVnDpF/ef+QP25r8xE2xeT0sKg5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUXsdT
dC0Lk/VNI3QFXvFT87b3oK8wHwYDVR0jBBgwFoAUmCHIciHScLQv+d2CYEi5ksDg
4/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4QUVBMjI4L21DSElj
aUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL21DSEljaUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4
QUVBMjI4LzFCMEE5QzhFMTkzQzExRUZBOTY0QkQwNzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACachkwDQYJKoZIhvcNAQEL
BQADggEBAECA+5DW+g2pZbwzHu6h0+goWdu3ugUEe8K5eijF7JPRAHWd087NvFmD
YsoMmcmeMMj2UvRA8HDjMvxJ0Q9pzOCOXLCagmwrmI4xdZj+0NXhoMbJoeoyW9Jq
j/2pdMIYzurDGhwzwgF07UJsyGyyP8Q+DyM/m+79n8zNcxofAAzzOvOSElLuwZrW
3gho054/4E7WsmSOUGTVk9BjVFQ8D5aENVxLdB8TluI5WjAdIUo4Tdfw8pJfsF9L
FoLacLE4qopmDedDrgkAv7fUayvFmghTc8jSuiylC2oDLMlT1lbp7wS4C7jJlkHL
NFQQKtNDVx1lvv+cmVoGeYBp7fwN3qM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:21 2024 by rpki-client on console-ams.rpki-client.org