Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/839545FC193B11EFACD26F02017001B1.roa
File:                     839545FC193B11EFACD26F02017001B1.roa (raw, json)
Hash identifier:          czlg8CfEAltZYLywfxFoeA7yscJbiONGYvSH2E6y30A=
Subject key identifier:   66:48:5A:38:03:99:4B:C6:F4:4E:2E:77:52:35:22:50:FC:F6:BD:0D
Certificate issuer:       /CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
Certificate serial:       0768
Authority key identifier: 98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/839545FC193B11EFACD26F02017001B1.roa
Signing time:             Thu 23 May 2024 19:34:47 +0000
ROA not before:           Thu 23 May 2024 19:34:44 +0000
ROA not after:            Sun 31 Dec 2034 19:34:44 +0000
asID:                     37501
IP address blocks:        196.21.184.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.mft
                          rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1896 (0x768)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
        Validity
            Not Before: May 23 19:34:44 2024 GMT
            Not After : Dec 31 19:34:44 2034 GMT
        Subject: CN=664f9a57-1cac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a4:cf:33:47:33:83:20:65:4d:76:96:41:af:
                    39:fc:bc:87:43:91:c7:51:50:1f:38:45:7e:17:d9:
                    0c:da:71:94:8a:7c:7f:0b:d5:e1:fe:b9:f3:1d:72:
                    b1:d3:73:5b:67:d6:b5:fd:de:a1:2d:d7:54:29:a5:
                    d6:84:b6:c9:73:94:18:c1:48:cf:a4:57:5a:a1:15:
                    87:ac:ed:65:c8:40:99:c0:88:f8:ee:61:38:6d:ec:
                    ad:ad:26:b9:31:f6:de:0d:4f:dd:58:ed:17:4b:48:
                    c1:fc:29:fa:8f:3a:85:68:6f:bd:32:a1:8a:45:b0:
                    a7:d6:1d:98:ab:b5:a0:ed:dd:b3:39:25:05:d7:4a:
                    77:d1:66:27:75:98:64:a6:fb:de:b8:64:6e:d7:11:
                    6a:5f:55:f3:fe:13:2f:ef:90:b8:2c:e6:b7:9a:76:
                    f2:8c:44:cf:e5:18:69:86:de:97:05:f3:56:bb:37:
                    3a:8b:3c:d5:39:03:b4:9d:de:74:1a:a1:fc:5f:ba:
                    ab:d7:37:20:16:27:e9:f0:bb:25:02:e7:48:c8:d7:
                    16:73:84:92:ec:7e:49:68:19:74:f6:3e:cf:22:ad:
                    de:48:3f:8b:3c:b2:71:25:59:1e:01:8e:f7:c2:5e:
                    3d:e1:b6:a3:19:01:a4:57:9d:45:b3:9e:dc:cd:31:
                    db:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:48:5A:38:03:99:4B:C6:F4:4E:2E:77:52:35:22:50:FC:F6:BD:0D
            X509v3 Authority Key Identifier:
                keyid:98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/839545FC193B11EFACD26F02017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.21.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:86:bf:48:dd:2a:28:b8:ba:4a:fd:53:98:a7:32:70:c6:e3:
         06:df:93:60:df:8b:a7:63:12:56:5e:83:87:b4:80:68:f3:a8:
         d5:7c:34:9a:2a:55:63:cf:f8:80:3d:9f:ea:c7:29:64:1e:87:
         09:07:19:cc:32:db:be:4b:21:4c:93:36:08:3d:1a:79:45:86:
         a8:99:45:41:b8:ac:75:7f:d2:f8:d6:a6:0d:19:a5:e3:02:50:
         7d:7c:78:59:53:0e:f7:66:a0:48:9e:ee:3c:f5:00:01:5d:a1:
         2e:0c:24:e3:63:88:53:21:db:4f:7d:d4:88:42:b8:5f:78:79:
         e4:b7:1b:57:31:6f:41:f1:a9:82:57:22:7c:05:04:7e:35:d4:
         fe:e9:a5:2c:15:55:aa:b6:b5:da:9c:e4:f4:a8:3c:a0:20:a8:
         d2:10:18:62:3c:96:db:d2:76:50:d2:9a:88:75:73:61:a0:63:
         7e:a4:e1:1e:ec:a5:1c:f9:71:90:17:6a:6f:ec:78:84:4c:7d:
         80:7f:0c:55:d3:df:3f:76:38:0e:80:4a:d9:30:6c:42:f3:c2:
         37:93:77:f2:77:f0:30:dd:ec:1c:0f:13:79:bc:db:68:f0:e3:
         5f:78:b5:23:81:02:ea:f6:2c:ed:4e:90:e3:79:b9:5c:b5:84:
         ba:d2:48:15
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB2gwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjlGNEJBRjExMC8GA1UEBRMoOTgyMUM4NzIyMUQyNzBCNDJGRjlERDgyNjA0OEI5
OTJDMEUwRTNGODAeFw0yNDA1MjMxOTM0NDRaFw0zNDEyMzExOTM0NDRaMBgxFjAU
BgNVBAMTDTY2NGY5YTU3LTFjYWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCepM8zRzODIGVNdpZBrzn8vIdDkcdRUB84RX4X2QzacZSKfH8L1eH+ufMd
crHTc1tn1rX93qEt11QppdaEtslzlBjBSM+kV1qhFYes7WXIQJnAiPjuYTht7K2t
Jrkx9t4NT91Y7RdLSMH8KfqPOoVob70yoYpFsKfWHZirtaDt3bM5JQXXSnfRZid1
mGSm+964ZG7XEWpfVfP+Ey/vkLgs5readvKMRM/lGGmG3pcF81a7NzqLPNU5A7Sd
3nQaofxfuqvXNyAWJ+nwuyUC50jI1xZzhJLsfkloGXT2Ps8ird5IP4s8snElWR4B
jvfCXj3htqMZAaRXnUWzntzNMdtpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZkha
OAOZS8b0Ti53UjUiUPz2vQ0wHwYDVR0jBBgwFoAUmCHIciHScLQv+d2CYEi5ksDg
4/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4QUVBMjI4L21DSElj
aUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL21DSEljaUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4
QUVBMjI4LzgzOTU0NUZDMTkzQjExRUZBQ0QyNkYwMjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEFbgwDQYJKoZIhvcNAQEL
BQADggEBAEiGv0jdKii4ukr9U5inMnDG4wbfk2Dfi6djElZeg4e0gGjzqNV8NJoq
VWPP+IA9n+rHKWQehwkHGcwy275LIUyTNgg9GnlFhqiZRUG4rHV/0vjWpg0ZpeMC
UH18eFlTDvdmoEie7jz1AAFdoS4MJONjiFMh20991IhCuF94eeS3G1cxb0HxqYJX
InwFBH411P7ppSwVVaq2tdqc5PSoPKAgqNIQGGI8ltvSdlDSmoh1c2GgY36k4R7s
pRz5cZAXam/seIRMfYB/DFXT3z92OA6AStkwbELzwjeTd/J38DDd7BwPE3m822jw
4194tSOBAur2LO1OkON5uVy1hLrSSBU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:14 2024 by rpki-client on console-fra.rpki-client.org