Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/CB4AFBFAFC5311EC9724A380F1222468.roa
File:                     CB4AFBFAFC5311EC9724A380F1222468.roa (raw, json)
Hash identifier:          2sFMoTvQJl4L9hfB3Yyl+kk4dzHhxa7IIdirIWzz6+4=
Subject key identifier:   42:9F:01:6C:D4:3F:E0:15:89:BC:73:EE:0F:AD:EA:FC:A8:1E:FE:0A
Certificate issuer:       /CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
Certificate serial:       047B
Authority key identifier: 98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/CB4AFBFAFC5311EC9724A380F1222468.roa
Signing time:             Tue 05 Jul 2022 11:15:36 +0000
ROA not before:           Tue 05 Jul 2022 11:15:33 +0000
ROA not after:            Mon 05 Jul 2032 11:15:33 +0000
asID:                     37501
IP address blocks:        196.21.40.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.mft
                          rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1147 (0x47b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
        Validity
            Not Before: Jul  5 11:15:33 2022 GMT
            Not After : Jul  5 11:15:33 2032 GMT
        Subject: CN=62c41d58-a90f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:28:a4:4a:42:c1:e5:6e:99:74:11:3e:e6:bd:
                    d4:b4:62:ff:4f:d9:de:87:2e:23:fe:de:75:38:cc:
                    fc:28:84:54:2f:ce:c1:72:9c:80:ce:da:6f:79:67:
                    9e:ae:1c:ef:77:37:b4:b1:7b:f2:4c:9e:16:31:7a:
                    b7:8d:c9:96:a4:9a:83:6a:eb:ec:e8:83:93:7d:d0:
                    9e:17:4b:08:9c:92:e6:66:65:72:da:d8:da:b9:4c:
                    a5:42:21:99:33:77:f5:22:c2:59:8a:1c:f0:ef:c5:
                    30:55:2d:8c:ab:c3:7d:5f:17:99:e6:e7:11:b1:38:
                    d5:2c:b8:71:79:fe:0c:1a:9a:e3:57:3a:52:15:57:
                    09:35:45:5e:bf:99:83:30:49:a2:ea:93:0f:32:3f:
                    94:ae:32:0f:86:6c:cd:53:d7:09:47:a1:08:d8:ec:
                    2a:50:3b:6c:88:88:14:8c:e3:de:ae:f1:b5:37:39:
                    17:86:90:41:4e:d2:0b:cb:3b:60:de:5a:a3:f2:4c:
                    e2:96:be:1a:84:fc:e5:6b:a2:7b:e0:1a:f0:db:03:
                    ca:41:94:93:7b:3e:7c:37:4d:14:b8:bb:03:70:a9:
                    26:41:29:6c:fe:b3:ea:77:60:1e:2d:89:a9:f9:ec:
                    cf:87:5c:b1:a1:b4:b2:2d:4b:f8:ba:2e:fe:18:6b:
                    cc:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:9F:01:6C:D4:3F:E0:15:89:BC:73:EE:0F:AD:EA:FC:A8:1E:FE:0A
            X509v3 Authority Key Identifier:
                keyid:98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/CB4AFBFAFC5311EC9724A380F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.21.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:80:6f:af:4b:76:69:a4:92:ca:0d:2a:a9:8f:30:3c:1d:00:
         98:87:2a:54:45:38:95:09:75:07:80:99:8d:b8:27:95:dd:53:
         31:16:3f:5a:89:36:fa:47:b9:3b:c8:f5:79:6c:d9:1b:78:8b:
         98:0b:42:38:46:92:48:58:3c:c9:65:05:69:4b:d5:1f:ab:92:
         29:df:f3:60:52:27:14:49:fb:2d:f1:ee:51:91:47:ea:05:45:
         26:5e:9c:25:5a:e8:d5:a5:f5:fe:5f:87:95:eb:83:d9:78:b8:
         b8:68:ce:8c:9a:db:ea:9c:3e:6a:ad:eb:56:35:40:f5:8f:80:
         f7:bf:b7:63:22:a8:d6:86:1e:f2:cf:22:c5:e8:9c:63:f4:39:
         a0:2b:b2:8a:74:22:9e:bb:66:1e:29:4d:e0:4b:a4:e5:4a:90:
         2f:a1:8a:67:87:2b:d3:1f:48:9b:d1:4b:ca:9a:35:86:b8:95:
         0b:61:6a:d6:cc:b0:8d:99:2a:2d:1d:45:82:7d:fc:b5:d6:22:
         0e:8d:f7:f9:80:18:da:de:7a:aa:d6:fc:30:29:82:3b:d9:e4:
         a4:47:d3:ca:21:f4:fa:14:69:76:4e:d4:46:71:5d:39:3d:44:
         2b:8f:eb:a6:f2:8f:e1:84:8c:ac:6f:e7:3c:6a:65:a6:0e:5a:
         52:bb:6f:c5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBHswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QjlGNEJBRjExMC8GA1UEBRMoOTgyMUM4NzIyMUQyNzBCNDJGRjlERDgyNjA0OEI5
OTJDMEUwRTNGODAeFw0yMjA3MDUxMTE1MzNaFw0zMjA3MDUxMTE1MzNaMBgxFjAU
BgNVBAMMDTYyYzQxZDU4LWE5MGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDKKRKQsHlbpl0ET7mvdS0Yv9P2d6HLiP+3nU4zPwohFQvzsFynIDO2m95
Z56uHO93N7Sxe/JMnhYxereNyZakmoNq6+zog5N90J4XSwickuZmZXLa2Nq5TKVC
IZkzd/UiwlmKHPDvxTBVLYyrw31fF5nm5xGxONUsuHF5/gwamuNXOlIVVwk1RV6/
mYMwSaLqkw8yP5SuMg+GbM1T1wlHoQjY7CpQO2yIiBSM496u8bU3OReGkEFO0gvL
O2DeWqPyTOKWvhqE/OVronvgGvDbA8pBlJN7Pnw3TRS4uwNwqSZBKWz+s+p3YB4t
ian57M+HXLGhtLItS/i6Lv4Ya8ybAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQp8B
bNQ/4BWJvHPuD63q/Kge/gowHwYDVR0jBBgwFoAUmCHIciHScLQv+d2CYEi5ksDg
4/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4QUVBMjI4L21DSElj
aUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL21DSEljaUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4
QUVBMjI4L0NCNEFGQkZBRkM1MzExRUM5NzI0QTM4MEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEFSgwDQYJKoZIhvcNAQEL
BQADggEBAHqAb69LdmmkksoNKqmPMDwdAJiHKlRFOJUJdQeAmY24J5XdUzEWP1qJ
NvpHuTvI9Xls2Rt4i5gLQjhGkkhYPMllBWlL1R+rkinf82BSJxRJ+y3x7lGRR+oF
RSZenCVa6NWl9f5fh5Xrg9l4uLhozoya2+qcPmqt61Y1QPWPgPe/t2MiqNaGHvLP
IsXonGP0OaArsop0Ip67Zh4pTeBLpOVKkC+himeHK9MfSJvRS8qaNYa4lQthatbM
sI2ZKi0dRYJ9/LXWIg6N9/mAGNreeqrW/DApgjvZ5KRH08oh9PoUaXZO1EZxXTk9
RCuP66byj+GEjKxv5zxqZaYOWlK7b8U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:15 2024 by rpki-client on console-fra.rpki-client.org