Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/D73BBE162E5911EEB860D55B4AD9E6FC.roa
File:                     D73BBE162E5911EEB860D55B4AD9E6FC.roa (raw, json)
Hash identifier:          hQ7osRSjDyeOgVXPz5/Xpqn6wWkoBgsdU4McssM8yBs=
Subject key identifier:   EB:EB:46:2B:A5:14:4B:7B:A2:28:2A:C5:C3:82:9E:3B:99:50:EB:F2
Certificate issuer:       /CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
Certificate serial:       04E3
Authority key identifier: AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/D73BBE162E5911EEB860D55B4AD9E6FC.roa
Signing time:             Sat 29 Jul 2023 21:49:49 +0000
ROA not before:           Sat 29 Jul 2023 21:49:46 +0000
ROA not after:            Sat 30 Jul 2033 21:49:46 +0000
asID:                     37119
IP address blocks:        105.173.160.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1251 (0x4e3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
        Validity
            Not Before: Jul 29 21:49:46 2023 GMT
            Not After : Jul 30 21:49:46 2033 GMT
        Subject: CN=64c5897d-826c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:95:33:ac:b0:15:74:cd:c1:50:ad:2a:63:95:
                    38:8a:57:ce:c0:c8:5c:83:ea:a9:4d:41:b4:7e:b2:
                    87:7c:5c:a9:f9:40:b8:be:68:2f:1b:11:f4:52:89:
                    47:56:dd:a2:61:db:50:11:d0:a9:28:df:41:20:65:
                    5f:a2:94:a4:76:60:3a:48:c0:d6:89:5d:02:a2:37:
                    53:1b:78:92:9e:5b:88:9e:3b:c5:0e:c7:e1:a6:40:
                    f4:fc:5c:a5:ab:de:54:15:19:b0:d6:a7:5d:43:96:
                    14:25:25:5a:f1:f1:b3:91:46:31:b7:13:50:55:1e:
                    13:e9:9e:f4:a3:e2:fc:0f:32:78:4b:3f:23:7d:30:
                    97:cf:24:e4:10:4c:6e:d7:ec:35:69:71:66:7d:6d:
                    47:9e:0f:73:d3:cb:c1:09:d6:8f:40:e7:84:84:bb:
                    4d:b3:c1:eb:cf:5d:5c:a9:f7:d3:54:f8:25:28:dd:
                    6e:cd:01:69:b1:c6:53:ca:47:67:79:07:d3:81:08:
                    41:5c:1a:80:11:6f:c2:a0:bc:b8:1c:e9:d4:08:9d:
                    da:4b:ec:31:a1:e4:b8:45:eb:e5:31:74:6c:0f:83:
                    c7:03:ed:d2:74:bc:fc:8e:f8:cd:80:de:0e:90:6a:
                    26:7e:1d:b7:8f:94:47:dd:66:ee:92:63:12:f7:51:
                    1c:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:EB:46:2B:A5:14:4B:7B:A2:28:2A:C5:C3:82:9E:3B:99:50:EB:F2
            X509v3 Authority Key Identifier:
                keyid:AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/D73BBE162E5911EEB860D55B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  105.173.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         44:0d:b1:f2:8d:0b:f0:86:2d:31:01:4d:b9:64:b2:0f:4c:85:
         9d:c6:b8:4c:64:e9:a9:6c:8b:d0:0e:7b:dd:11:e9:20:11:34:
         7d:70:ca:08:52:d4:71:de:35:b3:24:0e:96:6e:37:df:7e:5e:
         cd:e6:3e:6b:ed:44:ea:10:b2:e2:77:32:6f:79:0c:a9:7b:0d:
         c6:22:eb:e6:5a:e9:67:86:73:3d:c7:15:97:3a:3a:a1:6f:48:
         2d:03:70:d9:25:f4:c8:97:66:87:fb:0f:4c:83:da:88:64:11:
         76:09:72:bc:f0:66:86:9c:42:ed:45:f2:9d:07:52:aa:97:39:
         40:d3:9e:9a:fd:cc:b7:4e:91:c5:06:ad:c8:7a:79:95:af:c8:
         61:cd:ea:38:96:c4:a0:aa:92:45:f5:39:6a:39:12:b1:9c:11:
         a1:e6:82:5f:e1:8c:aa:25:d8:3c:0a:4a:bb:a9:8e:ac:84:b7:
         3a:30:3a:b8:0b:59:33:40:f9:04:d7:ee:c7:87:b2:a6:43:17:
         ac:5c:3c:ee:2f:7c:19:35:a5:60:f8:8e:eb:bd:25:7a:55:2b:
         a6:ed:dd:a0:b1:ae:ce:9c:59:f1:ef:cc:43:09:fa:23:cc:0a:
         d7:42:ff:31:0b:03:06:9c:2a:c5:40:64:cd:41:95:83:67:57:
         87:b8:24:f7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBOMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RDBGNTBBRjExMC8GA1UEBRMoQUU5OEE1RkRBRDJEQzlGNEZDMUJFNDdGNjY4NTdB
OEM0Nzk4ODEwMjAeFw0yMzA3MjkyMTQ5NDZaFw0zMzA3MzAyMTQ5NDZaMBgxFjAU
BgNVBAMTDTY0YzU4OTdkLTgyNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCllTOssBV0zcFQrSpjlTiKV87AyFyD6qlNQbR+sod8XKn5QLi+aC8bEfRS
iUdW3aJh21AR0Kko30EgZV+ilKR2YDpIwNaJXQKiN1MbeJKeW4ieO8UOx+GmQPT8
XKWr3lQVGbDWp11DlhQlJVrx8bORRjG3E1BVHhPpnvSj4vwPMnhLPyN9MJfPJOQQ
TG7X7DVpcWZ9bUeeD3PTy8EJ1o9A54SEu02zwevPXVyp99NU+CUo3W7NAWmxxlPK
R2d5B9OBCEFcGoARb8KgvLgc6dQIndpL7DGh5LhF6+UxdGwPg8cD7dJ0vPyO+M2A
3g6QaiZ+HbePlEfdZu6SYxL3URxRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6+tG
K6UUS3uiKCrFw4KeO5lQ6/IwHwYDVR0jBBgwFoAUrpil/a0tyfT8G+R/ZoV6jEeY
gQIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4QUVBMjI4L3JwaWxf
YTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JwaWxfYTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4
QUVBMjI4L0Q3M0JCRTE2MkU1OTExRUVCODYwRDU1QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAVpraAwDQYJKoZIhvcNAQEL
BQADggEBAEQNsfKNC/CGLTEBTblksg9MhZ3GuExk6alsi9AOe90R6SARNH1wyghS
1HHeNbMkDpZuN99+Xs3mPmvtROoQsuJ3Mm95DKl7DcYi6+Za6WeGcz3HFZc6OqFv
SC0DcNkl9MiXZof7D0yD2ohkEXYJcrzwZoacQu1F8p0HUqqXOUDTnpr9zLdOkcUG
rch6eZWvyGHN6jiWxKCqkkX1OWo5ErGcEaHmgl/hjKol2DwKSrupjqyEtzowOrgL
WTNA+QTX7seHsqZDF6xcPO4vfBk1pWD4juu9JXpVK6bt3aCxrs6cWfHvzEMJ+iPM
CtdC/zELAwacKsVAZM1BlYNnV4e4JPc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:18 2024 by rpki-client on console-fra.rpki-client.org