Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/601EE27C193B11EFA08C1D02017001B1.roa
File:                     601EE27C193B11EFA08C1D02017001B1.roa (raw, json)
Hash identifier:          ntBI0CCcAp11C7pv36CUdwbbK/+TRzaLEh5A3QLQq80=
Subject key identifier:   4F:5A:9C:55:24:74:33:F8:BE:F7:89:95:F9:6D:00:1C:BA:99:65:5C
Certificate issuer:       /CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
Certificate serial:       0766
Authority key identifier: 98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/601EE27C193B11EFA08C1D02017001B1.roa
Signing time:             Thu 23 May 2024 19:33:48 +0000
ROA not before:           Thu 23 May 2024 19:33:44 +0000
ROA not after:            Sun 31 Dec 2034 19:33:44 +0000
asID:                     37501
IP address blocks:        196.21.182.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.mft
                          rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1894 (0x766)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
        Validity
            Not Before: May 23 19:33:44 2024 GMT
            Not After : Dec 31 19:33:44 2034 GMT
        Subject: CN=664f9a1c-9d22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ad:0c:3a:f5:5a:58:65:99:02:11:4f:19:ad:
                    09:50:90:5c:b7:ae:4a:57:52:53:d9:f7:57:e1:09:
                    7e:ad:f2:4c:70:cb:00:72:98:d2:6c:11:fb:fd:4f:
                    3e:33:c7:56:56:b1:6d:b2:37:c9:a6:93:1b:ec:13:
                    0e:37:09:1d:1c:17:bb:ff:7c:88:b5:6d:81:6f:8d:
                    53:86:58:1b:3d:86:14:e4:20:ca:5a:84:ea:89:0e:
                    6a:21:8b:00:c4:7b:65:d7:de:60:a3:99:e9:55:0b:
                    91:f8:7a:20:b6:9b:ef:80:9a:1a:83:dc:a4:05:97:
                    c6:8b:9b:66:fd:fa:bc:64:1d:26:6a:99:2d:1c:1a:
                    19:9c:51:c8:42:d6:57:68:1a:3b:19:74:05:ea:8d:
                    22:b8:27:fa:7d:cc:c2:e5:bb:3a:1d:a7:fa:56:f8:
                    06:e5:1b:b6:cf:0e:84:16:50:df:a5:01:e3:c6:dc:
                    bf:d8:a6:d7:41:f0:e8:23:3b:2b:19:a5:5c:46:da:
                    94:ae:78:f1:fa:9a:88:e2:56:c1:4a:ae:da:ce:1c:
                    a9:55:96:f2:bf:f7:ae:2b:f5:f4:12:3e:73:67:b9:
                    52:5e:d7:50:b3:4a:2f:3d:f3:fe:f0:2f:c1:c5:20:
                    86:5d:d4:f2:0c:14:42:36:38:8b:f1:e0:0d:44:93:
                    da:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:5A:9C:55:24:74:33:F8:BE:F7:89:95:F9:6D:00:1C:BA:99:65:5C
            X509v3 Authority Key Identifier:
                keyid:98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/601EE27C193B11EFA08C1D02017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.21.182.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:9e:54:78:f5:97:a2:dc:00:6d:99:70:48:14:11:10:33:15:
         09:5f:bb:42:7c:93:13:f5:3e:ef:ae:c4:f5:55:37:7e:61:c1:
         ea:30:3b:91:57:47:06:0b:b0:b8:37:b3:88:52:fc:1a:5b:7c:
         93:81:49:90:62:d5:9a:fb:b4:4a:be:52:0f:a8:08:a6:90:25:
         c9:19:cc:19:93:6e:b4:77:b0:ce:f7:56:cc:ed:04:8b:2d:08:
         b9:77:43:42:81:8d:59:d6:35:a2:8e:48:15:5b:8b:ce:0e:8a:
         5a:8e:f9:d1:8f:6a:29:dc:a9:62:08:33:4b:14:3b:9d:2d:a6:
         ab:31:54:9f:e4:3d:dc:94:92:ee:0d:2d:91:28:ec:9f:8c:85:
         76:f2:f0:3a:11:d9:dd:0f:ad:bf:50:f9:95:16:81:7e:46:17:
         23:95:4c:c1:d4:3b:33:52:ab:38:92:e7:5b:2c:cb:42:f1:6f:
         af:25:53:f4:1e:53:2b:9f:71:26:56:19:15:60:06:2f:17:64:
         b4:b9:de:06:8a:1f:a6:44:21:e5:51:0b:82:15:b6:3d:66:18:
         58:61:94:a5:82:41:61:7f:01:23:77:23:cf:c0:be:6c:0a:6b:
         d2:71:61:80:ea:47:90:3d:74:72:c0:6a:55:f1:fc:e2:da:8e:
         95:60:3d:b8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB2YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjlGNEJBRjExMC8GA1UEBRMoOTgyMUM4NzIyMUQyNzBCNDJGRjlERDgyNjA0OEI5
OTJDMEUwRTNGODAeFw0yNDA1MjMxOTMzNDRaFw0zNDEyMzExOTMzNDRaMBgxFjAU
BgNVBAMTDTY2NGY5YTFjLTlkMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7rQw69VpYZZkCEU8ZrQlQkFy3rkpXUlPZ91fhCX6t8kxwywBymNJsEfv9
Tz4zx1ZWsW2yN8mmkxvsEw43CR0cF7v/fIi1bYFvjVOGWBs9hhTkIMpahOqJDmoh
iwDEe2XX3mCjmelVC5H4eiC2m++AmhqD3KQFl8aLm2b9+rxkHSZqmS0cGhmcUchC
1ldoGjsZdAXqjSK4J/p9zMLluzodp/pW+AblG7bPDoQWUN+lAePG3L/YptdB8Ogj
OysZpVxG2pSuePH6mojiVsFKrtrOHKlVlvK/964r9fQSPnNnuVJe11CzSi898/7w
L8HFIIZd1PIMFEI2OIvx4A1Ek9qNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUT1qc
VSR0M/i+94mV+W0AHLqZZVwwHwYDVR0jBBgwFoAUmCHIciHScLQv+d2CYEi5ksDg
4/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4QUVBMjI4L21DSElj
aUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL21DSEljaUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4
QUVBMjI4LzYwMUVFMjdDMTkzQjExRUZBMDhDMUQwMjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHEFbYwDQYJKoZIhvcNAQEL
BQADggEBAB+eVHj1l6LcAG2ZcEgUERAzFQlfu0J8kxP1Pu+uxPVVN35hweowO5FX
RwYLsLg3s4hS/BpbfJOBSZBi1Zr7tEq+Ug+oCKaQJckZzBmTbrR3sM73VsztBIst
CLl3Q0KBjVnWNaKOSBVbi84OilqO+dGPaincqWIIM0sUO50tpqsxVJ/kPdyUku4N
LZEo7J+MhXby8DoR2d0Prb9Q+ZUWgX5GFyOVTMHUOzNSqziS51ssy0Lxb68lU/Qe
UyufcSZWGRVgBi8XZLS53gaKH6ZEIeVRC4IVtj1mGFhhlKWCQWF/ASN3I8/AvmwK
a9JxYYDqR5A9dHLAalXx/OLajpVgPbg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:21 2024 by rpki-client on console-ams.rpki-client.org