Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CF917/0D7561E6E27811ECBD71BBD6F1222468/8D821A46E27D11EC910C5FE7F1222468.roa
File:                     8D821A46E27D11EC910C5FE7F1222468.roa (raw, json)
Hash identifier:          SAMEC16Py+IoiSI7F5Ex2r1l/iOMkLjXkAmgSNHvFfU=
Subject key identifier:   CF:E2:E5:94:6C:9E:51:CF:F2:20:2E:92:F4:3D:3C:29:FE:6E:6E:54
Certificate issuer:       /CN=F36CF917AF/serialNumber=5A98A11302BA1C49AABC60D502CB750C599107C3
Certificate serial:       02
Authority key identifier: 5A:98:A1:13:02:BA:1C:49:AA:BC:60:D5:02:CB:75:0C:59:91:07:C3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/WpihEwK6HEmqvGDVAst1DFmRB8M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36CF917/0D7561E6E27811ECBD71BBD6F1222468/8D821A46E27D11EC910C5FE7F1222468.roa
Signing time:             Thu 02 Jun 2022 14:09:02 +0000
ROA not before:           Thu 02 Jun 2022 14:08:58 +0000
ROA not after:            Mon 02 Aug 2032 14:08:58 +0000
asID:                     37294
IP address blocks:        41.78.248.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36CF917/0D7561E6E27811ECBD71BBD6F1222468/WpihEwK6HEmqvGDVAst1DFmRB8M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36CF917/0D7561E6E27811ECBD71BBD6F1222468/WpihEwK6HEmqvGDVAst1DFmRB8M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/WpihEwK6HEmqvGDVAst1DFmRB8M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36CF917AF/serialNumber=5A98A11302BA1C49AABC60D502CB750C599107C3
        Validity
            Not Before: Jun  2 14:08:58 2022 GMT
            Not After : Aug  2 14:08:58 2032 GMT
        Subject: CN=6298c47d-0e2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:5c:4f:75:cb:a4:35:73:d1:1a:d3:ac:50:0c:
                    2f:dc:ff:9c:20:4f:b2:8d:15:b3:96:25:a0:ae:d6:
                    77:33:a8:c5:50:da:71:70:7a:c6:95:ff:4b:61:c0:
                    23:ef:97:e6:cc:41:30:13:23:64:9f:6d:cb:d6:26:
                    70:19:ee:72:1b:1d:d9:0e:c1:eb:9c:3d:bc:8a:84:
                    fd:12:27:f4:13:61:bc:6b:4d:a2:be:72:e1:cb:21:
                    92:cb:51:50:94:f5:e8:e6:8a:0d:a7:d9:06:57:a3:
                    9a:90:6d:c1:6d:22:e5:cb:20:a9:c2:c4:4b:1c:69:
                    d9:63:03:ac:26:01:e2:d9:4f:c9:e7:47:ea:5c:2d:
                    21:6e:f9:33:76:28:77:f9:98:1e:bf:d0:4b:66:74:
                    74:bc:1b:80:30:c5:4a:ab:9a:2e:8e:68:66:63:85:
                    7b:7d:10:7d:db:c7:a3:ae:dd:a3:53:07:80:54:ab:
                    31:11:9c:3b:af:a2:fc:7d:ff:44:7d:6f:2c:7e:f9:
                    a5:c0:13:07:a0:c0:a6:69:62:f3:6a:45:eb:16:a2:
                    61:9e:59:63:d5:fa:eb:1e:58:84:5a:18:b0:64:33:
                    9d:56:c5:14:e8:36:38:b7:8c:bd:62:f9:85:c0:1d:
                    e0:4e:74:07:fc:d4:c7:41:5e:41:90:4f:5f:88:f4:
                    c3:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:E2:E5:94:6C:9E:51:CF:F2:20:2E:92:F4:3D:3C:29:FE:6E:6E:54
            X509v3 Authority Key Identifier:
                keyid:5A:98:A1:13:02:BA:1C:49:AA:BC:60:D5:02:CB:75:0C:59:91:07:C3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36CF917/0D7561E6E27811ECBD71BBD6F1222468/WpihEwK6HEmqvGDVAst1DFmRB8M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/WpihEwK6HEmqvGDVAst1DFmRB8M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CF917/0D7561E6E27811ECBD71BBD6F1222468/8D821A46E27D11EC910C5FE7F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.78.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:b3:64:dc:84:5b:63:f1:d4:f4:53:2c:e0:18:f3:31:2b:2b:
         e8:c2:4f:66:1a:4f:70:be:f9:3e:8d:61:5b:5e:ef:6e:31:27:
         3c:44:60:32:33:38:fc:7b:e7:ed:3b:46:b1:e3:55:ed:4d:96:
         51:f8:6b:d5:16:c4:42:f8:ba:56:b7:4b:4a:ed:04:c9:82:8a:
         ed:d0:aa:dd:4e:93:ec:8c:77:68:6d:a4:5f:df:67:9f:4f:4e:
         3d:9d:6f:45:0a:7e:9c:68:a9:55:e0:dd:9d:5d:e1:ba:eb:b6:
         ab:ab:fe:ae:cd:fb:7a:e1:71:10:20:3e:3e:11:08:59:0b:27:
         84:a9:19:07:63:b6:89:cb:bb:e3:ce:1d:ad:69:36:9c:5b:a0:
         ea:ca:ef:63:12:e8:e5:d3:1e:fa:2c:91:3f:94:52:15:0f:a5:
         b0:e3:d5:8d:05:d3:8d:05:c0:0e:bd:c0:8e:11:14:4a:87:af:
         44:d9:7f:02:a5:9f:58:10:33:d9:85:5b:16:8a:44:f1:b1:ed:
         5c:04:0c:bd:d5:87:b5:a2:53:84:c3:cb:ee:b8:44:12:a7:07:
         2e:f5:d1:7d:f1:b3:54:77:8b:9a:36:ab:8f:fe:97:cf:a9:2f:
         3a:22:ec:2a:16:ed:17:29:c4:b9:1a:a7:e0:f3:ad:0f:f1:47:
         d0:dd:66:68
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZD
RjkxN0FGMTEwLwYDVQQFEyg1QTk4QTExMzAyQkExQzQ5QUFCQzYwRDUwMkNCNzUw
QzU5OTEwN0MzMB4XDTIyMDYwMjE0MDg1OFoXDTMyMDgwMjE0MDg1OFowGDEWMBQG
A1UEAwwNNjI5OGM0N2QtMGUyYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlcT3XLpDVz0RrTrFAML9z/nCBPso0Vs5YloK7WdzOoxVDacXB6xpX/S2HA
I++X5sxBMBMjZJ9ty9YmcBnuchsd2Q7B65w9vIqE/RIn9BNhvGtNor5y4cshkstR
UJT16OaKDafZBlejmpBtwW0i5csgqcLESxxp2WMDrCYB4tlPyedH6lwtIW75M3Yo
d/mYHr/QS2Z0dLwbgDDFSquaLo5oZmOFe30QfdvHo67do1MHgFSrMRGcO6+i/H3/
RH1vLH75pcATB6DApmli82pF6xaiYZ5ZY9X66x5YhFoYsGQznVbFFOg2OLeMvWL5
hcAd4E50B/zUx0FeQZBPX4j0wyECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTP4uWU
bJ5Rz/IgLpL0PTwp/m5uVDAfBgNVHSMEGDAWgBRamKETArocSaq8YNUCy3UMWZEH
wzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0Y5MTcvMEQ3NTYxRTZFMjc4MTFFQ0JENzFCQkQ2RjEyMjI0NjgvV3BpaEV3
SzZIRW1xdkdEVkFzdDFERm1SQjhNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvV3BpaEV3SzZIRW1xdkdEVkFzdDFERm1SQjhNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0Y5MTcvMEQ3NTYxRTZFMjc4MTFFQ0JENzFCQkQ2RjEy
MjI0NjgvOEQ4MjFBNDZFMjdEMTFFQzkxMEM1RkU3RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAilO+DANBgkqhkiG9w0BAQsF
AAOCAQEAOrNk3IRbY/HU9FMs4BjzMSsr6MJPZhpPcL75Po1hW17vbjEnPERgMjM4
/Hvn7TtGseNV7U2WUfhr1RbEQvi6VrdLSu0EyYKK7dCq3U6T7Ix3aG2kX99nn09O
PZ1vRQp+nGipVeDdnV3huuu2q6v+rs37euFxECA+PhEIWQsnhKkZB2O2icu7484d
rWk2nFug6srvYxLo5dMe+iyRP5RSFQ+lsOPVjQXTjQXADr3AjhEUSoevRNl/AqWf
WBAz2YVbFopE8bHtXAQMvdWHtaJThMPL7rhEEqcHLvXRffGzVHeLmjarj/6Xz6kv
OiLsKhbtFynEuRqn4POtD/FH0N1maA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:27 2024 by rpki-client on console-ams.rpki-client.org