Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/8736A6742E5911EEB3D31C5B4AD9E6FC.roa
File:                     8736A6742E5911EEB3D31C5B4AD9E6FC.roa (raw, json)
Hash identifier:          +3AbS1h3qtTKoP7jUtkf/AZloXhh8+D85YKn9vTwpAI=
Subject key identifier:   9D:8D:90:34:F2:54:69:2F:C1:74:05:D0:46:64:5D:AD:B0:0C:E2:BF
Certificate issuer:       /CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
Certificate serial:       04E1
Authority key identifier: AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/8736A6742E5911EEB3D31C5B4AD9E6FC.roa
Signing time:             Sat 29 Jul 2023 21:47:35 +0000
ROA not before:           Sat 29 Jul 2023 21:47:31 +0000
ROA not after:            Sat 30 Jul 2033 21:47:31 +0000
asID:                     37119
IP address blocks:        105.173.128.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1249 (0x4e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
        Validity
            Not Before: Jul 29 21:47:31 2023 GMT
            Not After : Jul 30 21:47:31 2033 GMT
        Subject: CN=64c588f7-b30e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7a:57:a3:7e:fe:13:a7:16:3e:6e:98:be:2a:
                    93:96:54:89:df:d5:60:b2:e8:55:1e:4a:d8:ac:78:
                    dd:1c:b1:df:c0:a6:c5:ef:14:da:e5:92:eb:5d:32:
                    a3:9e:98:31:79:5f:69:ab:e2:ab:1e:88:d0:f4:85:
                    62:8d:33:ee:f4:35:c0:47:e2:50:da:82:60:90:1d:
                    7f:52:05:12:d1:99:52:99:7b:78:6e:e8:0f:8d:d7:
                    86:53:1d:bb:99:e2:2b:a0:4c:1d:6c:0c:a2:65:7c:
                    63:e6:1d:b8:e3:a9:fa:a5:bd:4e:d0:b3:87:28:70:
                    33:6f:eb:b8:0d:83:5c:47:ec:42:f2:7d:1e:6d:c3:
                    da:d4:d7:94:d3:4f:bf:76:35:4d:57:0f:39:39:d2:
                    51:cc:b1:dd:ae:bc:7b:3a:90:48:7e:22:9f:8d:61:
                    7f:90:46:47:2f:a3:6b:3a:a8:d1:0f:d8:a5:d4:83:
                    03:5e:4c:72:53:0a:ed:1b:3c:ba:5f:29:dc:fa:f6:
                    cd:c3:f9:29:ec:7b:d1:86:b0:0f:3d:92:90:f2:bd:
                    18:61:22:08:ef:e4:5d:e3:54:bc:e7:cd:eb:28:7b:
                    07:1a:3d:f9:92:e5:01:6d:92:ba:54:93:02:6e:18:
                    cd:fa:d6:b3:ea:16:13:33:8a:1c:46:33:f0:8d:d5:
                    49:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:8D:90:34:F2:54:69:2F:C1:74:05:D0:46:64:5D:AD:B0:0C:E2:BF
            X509v3 Authority Key Identifier:
                keyid:AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/8736A6742E5911EEB3D31C5B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  105.173.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         95:11:18:ae:92:32:63:15:38:24:37:fb:2d:48:37:2d:97:0a:
         0c:c8:1e:99:77:57:d5:d1:f0:ea:5d:0c:04:d1:08:76:a7:b8:
         0e:c0:17:86:87:84:1b:11:51:52:fa:ae:dd:d3:89:ba:e2:97:
         d3:36:ff:4c:46:62:3e:8e:49:74:cb:ae:40:57:2c:7f:6e:51:
         0f:ce:10:da:c5:45:07:82:4b:d4:f0:aa:53:16:89:67:c6:4b:
         c6:a8:ca:b4:35:56:e2:be:1e:15:c1:ac:4a:9e:6b:56:c8:04:
         30:43:b0:ff:54:a8:e3:e0:56:3d:58:82:13:1b:63:85:3e:e9:
         10:09:db:6d:95:18:7a:6f:1e:1c:6a:20:eb:56:c0:7c:e2:9f:
         57:94:c5:2b:6a:ca:e7:8f:8e:59:4e:3a:93:22:57:0e:92:0c:
         82:5c:4e:dd:1f:3d:b9:8a:b7:4a:8d:cd:5b:8b:d9:a0:f5:8e:
         79:21:3c:61:e1:2a:af:5f:d5:29:ff:fa:4b:5b:10:bf:d3:c3:
         28:e1:5a:ca:96:88:2e:5b:84:d7:61:7f:b7:c5:1a:b9:2b:31:
         87:6e:31:24:6b:9e:1d:05:4b:a0:cc:71:e6:90:2d:07:44:7d:
         ba:4c:23:0e:18:a0:97:d7:08:45:9a:9b:36:8e:f1:67:6e:03:
         78:9f:cf:77
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBOEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RDBGNTBBRjExMC8GA1UEBRMoQUU5OEE1RkRBRDJEQzlGNEZDMUJFNDdGNjY4NTdB
OEM0Nzk4ODEwMjAeFw0yMzA3MjkyMTQ3MzFaFw0zMzA3MzAyMTQ3MzFaMBgxFjAU
BgNVBAMTDTY0YzU4OGY3LWIzMGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/elejfv4TpxY+bpi+KpOWVInf1WCy6FUeStiseN0csd/ApsXvFNrlkutd
MqOemDF5X2mr4qseiND0hWKNM+70NcBH4lDagmCQHX9SBRLRmVKZe3hu6A+N14ZT
HbuZ4iugTB1sDKJlfGPmHbjjqfqlvU7Qs4cocDNv67gNg1xH7ELyfR5tw9rU15TT
T792NU1XDzk50lHMsd2uvHs6kEh+Ip+NYX+QRkcvo2s6qNEP2KXUgwNeTHJTCu0b
PLpfKdz69s3D+Snse9GGsA89kpDyvRhhIgjv5F3jVLznzesoewcaPfmS5QFtkrpU
kwJuGM361rPqFhMzihxGM/CN1UnDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUnY2Q
NPJUaS/BdAXQRmRdrbAM4r8wHwYDVR0jBBgwFoAUrpil/a0tyfT8G+R/ZoV6jEeY
gQIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4QUVBMjI4L3JwaWxf
YTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JwaWxfYTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4
QUVBMjI4Lzg3MzZBNjc0MkU1OTExRUVCM0QzMUM1QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAVprYAwDQYJKoZIhvcNAQEL
BQADggEBAJURGK6SMmMVOCQ3+y1INy2XCgzIHpl3V9XR8OpdDATRCHanuA7AF4aH
hBsRUVL6rt3Tibril9M2/0xGYj6OSXTLrkBXLH9uUQ/OENrFRQeCS9TwqlMWiWfG
S8aoyrQ1VuK+HhXBrEqea1bIBDBDsP9UqOPgVj1YghMbY4U+6RAJ222VGHpvHhxq
IOtWwHzin1eUxStqyuePjllOOpMiVw6SDIJcTt0fPbmKt0qNzVuL2aD1jnkhPGHh
Kq9f1Sn/+ktbEL/TwyjhWsqWiC5bhNdhf7fFGrkrMYduMSRrnh0FS6DMceaQLQdE
fbpMIw4YoJfXCEWamzaO8WduA3ifz3c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:18 2024 by rpki-client on console-fra.rpki-client.org