Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BBF41/14CDF8B210D611EE958C0F154AD9E6FC/D6A352521C2511EE9164F55A4AD9E6FC.roa
File:                     D6A352521C2511EE9164F55A4AD9E6FC.roa (raw, json)
Hash identifier:          He2Venw8taiOIZNG5L2+aSFbOwse3tT4XMAeuZ2rfyQ=
Subject key identifier:   51:98:8E:CF:57:32:3D:2E:30:B9:A0:E1:F0:6D:D1:89:06:60:16:41
Certificate issuer:       /CN=F36BBF41AF/serialNumber=3F677F3A18ACAAE6C97F81F99AE8794654E0410B
Certificate serial:       38
Authority key identifier: 3F:67:7F:3A:18:AC:AA:E6:C9:7F:81:F9:9A:E8:79:46:54:E0:41:0B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/P2d_OhisqubJf4H5muh5RlTgQQs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BBF41/14CDF8B210D611EE958C0F154AD9E6FC/D6A352521C2511EE9164F55A4AD9E6FC.roa
Signing time:             Thu 06 Jul 2023 17:52:14 +0000
ROA not before:           Thu 06 Jul 2023 17:52:09 +0000
ROA not after:            Wed 06 Jul 2033 17:52:09 +0000
asID:                     37105
IP address blocks:        197.184.0.0/15 maxlen: 15

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BBF41/14CDF8B210D611EE958C0F154AD9E6FC/P2d_OhisqubJf4H5muh5RlTgQQs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BBF41/14CDF8B210D611EE958C0F154AD9E6FC/P2d_OhisqubJf4H5muh5RlTgQQs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/P2d_OhisqubJf4H5muh5RlTgQQs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56 (0x38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BBF41AF/serialNumber=3F677F3A18ACAAE6C97F81F99AE8794654E0410B
        Validity
            Not Before: Jul  6 17:52:09 2023 GMT
            Not After : Jul  6 17:52:09 2033 GMT
        Subject: CN=64a6ff4d-2646
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:00:a7:ff:ed:a0:9a:e1:0b:8c:f1:3b:20:17:
                    ce:46:fd:e0:0a:54:af:f6:1d:58:ab:78:ea:46:f4:
                    31:fc:da:08:d3:d3:49:e1:3a:9d:2c:fd:9f:70:ef:
                    c9:51:b4:3e:73:75:39:67:73:39:76:9c:5b:6d:bf:
                    69:db:22:a5:1e:ff:03:9e:2d:f5:09:4e:bf:b0:c4:
                    c1:eb:15:c1:81:9f:6d:50:9b:39:a5:00:65:8e:81:
                    43:1e:e4:cf:b8:10:50:02:8c:87:09:61:67:a0:67:
                    8d:78:8d:6b:59:43:07:b1:b1:ff:2f:d1:f2:f9:f5:
                    59:23:75:aa:55:75:d0:7f:60:ca:d6:2a:08:aa:99:
                    cc:e5:6e:1f:58:99:ec:02:a0:2a:b9:bc:27:c8:2a:
                    e9:76:d6:52:18:32:98:ad:7e:03:a3:0f:36:37:62:
                    bb:fd:68:5c:e6:5d:62:58:e3:ac:7f:23:db:62:fe:
                    e6:90:7b:18:86:ec:a6:63:a2:f8:66:80:eb:d6:7e:
                    01:4b:ef:21:2c:75:0b:7b:ae:03:06:3c:18:4a:53:
                    aa:ca:a4:f3:93:c1:0a:77:83:30:60:18:b1:6c:1a:
                    22:da:25:6e:77:5f:cd:e5:71:ee:98:14:37:8f:68:
                    90:ae:d3:7e:8c:de:cb:9d:54:a4:01:84:2b:eb:27:
                    7e:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:98:8E:CF:57:32:3D:2E:30:B9:A0:E1:F0:6D:D1:89:06:60:16:41
            X509v3 Authority Key Identifier:
                keyid:3F:67:7F:3A:18:AC:AA:E6:C9:7F:81:F9:9A:E8:79:46:54:E0:41:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BBF41/14CDF8B210D611EE958C0F154AD9E6FC/P2d_OhisqubJf4H5muh5RlTgQQs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/P2d_OhisqubJf4H5muh5RlTgQQs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BBF41/14CDF8B210D611EE958C0F154AD9E6FC/D6A352521C2511EE9164F55A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.184.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         41:6b:f0:e7:76:d0:b7:fd:f2:2a:e5:c8:06:90:12:89:b1:1a:
         64:e3:6f:ce:c3:10:f2:7b:1f:92:97:80:6f:9e:cb:d8:20:96:
         84:fa:be:a7:e3:06:08:6b:0c:be:9d:d6:7a:89:4d:41:e5:c2:
         43:63:89:f4:7f:d0:bc:b1:f9:bf:b0:95:1f:18:b7:b8:ba:f3:
         a2:52:5b:43:cd:26:df:88:2a:88:05:d3:a9:a1:f2:76:77:66:
         e0:ac:c1:d0:3f:18:68:ae:b5:1c:09:b0:50:71:88:ad:a3:f2:
         6d:be:15:f1:de:a3:b0:4e:3f:d4:03:11:bd:99:50:4b:2d:78:
         cf:e2:1a:dc:9e:99:35:dd:d4:c7:f3:97:fe:60:26:95:bd:22:
         59:bd:e8:6c:e1:23:01:a0:0d:5a:ab:16:e4:62:13:54:16:e0:
         2d:4d:b8:73:ff:77:3d:5e:43:7a:42:2b:cf:49:48:56:62:c0:
         0f:48:e4:06:9f:31:c6:5f:0f:f4:a8:91:b3:1b:a7:9c:b9:f5:
         80:d7:a4:8a:27:61:d7:04:d1:70:71:d1:8a:cd:df:78:7f:44:
         45:31:55:ca:5a:9e:97:7c:ed:1e:8b:83:3d:bc:71:48:6d:30:
         e3:96:19:26:41:56:ac:cf:b8:24:6c:ba:a7:30:7b:20:d0:ef:
         9c:a9:68:6c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBODANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
QkY0MUFGMTEwLwYDVQQFEygzRjY3N0YzQTE4QUNBQUU2Qzk3RjgxRjk5QUU4Nzk0
NjU0RTA0MTBCMB4XDTIzMDcwNjE3NTIwOVoXDTMzMDcwNjE3NTIwOVowGDEWMBQG
A1UEAxMNNjRhNmZmNGQtMjY0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYAp//toJrhC4zxOyAXzkb94ApUr/YdWKt46kb0MfzaCNPTSeE6nSz9n3Dv
yVG0PnN1OWdzOXacW22/adsipR7/A54t9QlOv7DEwesVwYGfbVCbOaUAZY6BQx7k
z7gQUAKMhwlhZ6BnjXiNa1lDB7Gx/y/R8vn1WSN1qlV10H9gytYqCKqZzOVuH1iZ
7AKgKrm8J8gq6XbWUhgymK1+A6MPNjdiu/1oXOZdYljjrH8j22L+5pB7GIbspmOi
+GaA69Z+AUvvISx1C3uuAwY8GEpTqsqk85PBCneDMGAYsWwaItolbndfzeVx7pgU
N49okK7Tfozey51UpAGEK+snfgUCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBRRmI7P
VzI9LjC5oOHwbdGJBmAWQTAfBgNVHSMEGDAWgBQ/Z386GKyq5sl/gfma6HlGVOBB
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkJGNDEvMTRDREY4QjIxMEQ2MTFFRTk1OEMwRjE1NEFEOUU2RkMvUDJkX09o
aXNxdWJKZjRINW11aDVSbFRnUVFzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUDJkX09oaXNxdWJKZjRINW11aDVSbFRnUVFzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkJGNDEvMTRDREY4QjIxMEQ2MTFFRTk1OEMwRjE1NEFE
OUU2RkMvRDZBMzUyNTIxQzI1MTFFRTkxNjRGNTVBNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcW4MA0GCSqGSIb3DQEBCwUA
A4IBAQBBa/DndtC3/fIq5cgGkBKJsRpk42/OwxDyex+Sl4BvnsvYIJaE+r6n4wYI
awy+ndZ6iU1B5cJDY4n0f9C8sfm/sJUfGLe4uvOiUltDzSbfiCqIBdOpofJ2d2bg
rMHQPxhorrUcCbBQcYito/JtvhXx3qOwTj/UAxG9mVBLLXjP4hrcnpk13dTH85f+
YCaVvSJZvehs4SMBoA1aqxbkYhNUFuAtTbhz/3c9XkN6QivPSUhWYsAPSOQGnzHG
Xw/0qJGzG6ecufWA16SKJ2HXBNFwcdGKzd94f0RFMVXKWp6XfO0ei4M9vHFIbTDj
lhkmQVasz7gkbLqnMHsg0O+cqWhs
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:22 2024 by rpki-client on console-ams.rpki-client.org