Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D4684/8E89028ACDA511EB92DBCF3CF8AEA228/FD43C8202B8311EE93547A4C4AD9E6FC.roa
File:                     FD43C8202B8311EE93547A4C4AD9E6FC.roa (raw, json)
Hash identifier:          8yaGaM1egL+uydoPZmB7d8Zk6w6hMgcQ49/tkbhqyrk=
Subject key identifier:   BF:52:3B:E4:9D:27:97:8B:02:59:E4:58:F1:32:22:2F:95:79:90:8F
Certificate issuer:       /CN=F36D4684AF/serialNumber=B9D73914770F5F38E2F178B574F69562194E8B04
Certificate serial:       031E
Authority key identifier: B9:D7:39:14:77:0F:5F:38:E2:F1:78:B5:74:F6:95:62:19:4E:8B:04
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/udc5FHcPXzji8Xi1dPaVYhlOiwQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D4684/8E89028ACDA511EB92DBCF3CF8AEA228/FD43C8202B8311EE93547A4C4AD9E6FC.roa
Signing time:             Wed 26 Jul 2023 07:13:59 +0000
ROA not before:           Wed 26 Jul 2023 07:13:55 +0000
ROA not after:            Fri 26 Jul 2030 07:13:55 +0000
asID:                     37333
IP address blocks:        41.76.32.0/21 maxlen: 24
                          41.77.200.0/21 maxlen: 24
                          41.138.64.0/21 maxlen: 24
                          102.67.48.0/21 maxlen: 24
                          154.73.240.0/21 maxlen: 24
                          2c0f:fba0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D4684/8E89028ACDA511EB92DBCF3CF8AEA228/udc5FHcPXzji8Xi1dPaVYhlOiwQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D4684/8E89028ACDA511EB92DBCF3CF8AEA228/udc5FHcPXzji8Xi1dPaVYhlOiwQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/udc5FHcPXzji8Xi1dPaVYhlOiwQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 798 (0x31e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D4684AF/serialNumber=B9D73914770F5F38E2F178B574F69562194E8B04
        Validity
            Not Before: Jul 26 07:13:55 2023 GMT
            Not After : Jul 26 07:13:55 2030 GMT
        Subject: CN=64c0c7b6-560d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ab:2f:81:ae:c4:48:31:63:48:a4:f4:ce:b4:
                    71:84:42:0b:b0:c3:53:42:e6:6c:c2:b4:52:b5:8b:
                    dd:db:ef:c1:70:ba:7b:1a:50:d5:af:cc:26:08:5b:
                    32:66:de:7b:36:77:d0:ea:d9:93:d9:4e:df:17:f6:
                    7e:aa:68:0c:88:ad:07:66:58:d8:cb:2b:9a:4a:a9:
                    f0:7f:05:69:f8:f0:fc:a9:e0:cb:72:26:52:a5:96:
                    a5:1b:5a:14:28:7e:b4:8e:d0:44:5e:4e:32:01:23:
                    44:69:c7:01:da:42:16:92:6e:69:51:8f:7f:42:35:
                    70:bc:cc:92:55:75:66:7c:04:bc:6c:3c:62:74:17:
                    56:a9:22:54:65:62:6a:59:bc:62:f7:a2:b6:19:4e:
                    a9:95:3a:b6:4d:b2:fb:42:9d:52:ce:82:95:16:ce:
                    2b:af:9d:e2:ed:1f:93:00:51:88:93:78:2e:e9:e8:
                    60:4f:ae:b3:f7:20:07:c0:a2:cc:c4:eb:51:d4:c6:
                    96:66:6c:59:35:3e:45:ac:d5:32:7a:c3:aa:a8:b0:
                    ac:50:41:2a:2f:52:f3:c0:1d:dd:38:e2:0b:02:aa:
                    17:1e:86:09:f4:6c:03:58:45:d8:5a:02:3e:cd:71:
                    5f:a6:1b:57:e1:ab:b1:dc:5f:2e:8c:ae:48:b1:4d:
                    4a:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:52:3B:E4:9D:27:97:8B:02:59:E4:58:F1:32:22:2F:95:79:90:8F
            X509v3 Authority Key Identifier:
                keyid:B9:D7:39:14:77:0F:5F:38:E2:F1:78:B5:74:F6:95:62:19:4E:8B:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D4684/8E89028ACDA511EB92DBCF3CF8AEA228/udc5FHcPXzji8Xi1dPaVYhlOiwQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/udc5FHcPXzji8Xi1dPaVYhlOiwQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D4684/8E89028ACDA511EB92DBCF3CF8AEA228/FD43C8202B8311EE93547A4C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.32.0/21
                  41.77.200.0/21
                  41.138.64.0/21
                  102.67.48.0/21
                  154.73.240.0/21
                IPv6:
                  2c0f:fba0::/32

    Signature Algorithm: sha256WithRSAEncryption
         13:4d:b2:4f:39:dd:8c:73:2d:a2:92:b9:23:64:c5:20:b2:29:
         ab:8c:5b:d4:c2:fc:cd:ca:7d:0e:8c:42:23:30:79:31:a0:c0:
         d6:3d:af:5a:43:9b:3f:5c:06:83:86:18:2a:ee:0d:9e:93:2f:
         ce:4e:4e:f5:12:ea:59:80:7f:5f:53:f9:9e:a8:1f:d2:95:fa:
         78:48:cc:c8:3e:6e:20:b8:55:4e:e9:36:33:34:d6:3f:09:f7:
         73:c3:c9:dd:c9:51:8c:d3:3e:b3:30:bf:a3:88:01:6f:73:9c:
         cf:31:37:81:4f:87:f9:c7:4f:e6:c7:51:19:20:82:60:0a:d9:
         34:d6:47:eb:59:e2:a2:aa:2c:13:b9:6c:17:dd:35:0f:0c:69:
         78:71:4f:3b:73:6b:98:55:7e:30:a2:5d:13:c4:27:ff:3b:dd:
         06:49:47:e3:44:b3:9b:f0:3f:8f:45:8a:e2:b8:a9:92:a6:cd:
         87:e4:ee:34:66:c3:71:f8:e7:1b:e5:18:bf:27:75:8d:34:d2:
         98:1a:be:e2:e5:8e:a1:22:c0:3d:de:0f:6c:e3:cd:de:c8:cb:
         5a:24:6b:e7:99:ea:62:a3:c6:2e:fb:1e:38:b4:ed:a6:b5:9c:
         77:77:24:1b:d6:a8:13:0c:4c:04:55:57:84:96:02:e1:fd:d7:
         35:1d:04:b5
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICAx4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RDQ2ODRBRjExMC8GA1UEBRMoQjlENzM5MTQ3NzBGNUYzOEUyRjE3OEI1NzRGNjk1
NjIxOTRFOEIwNDAeFw0yMzA3MjYwNzEzNTVaFw0zMDA3MjYwNzEzNTVaMBgxFjAU
BgNVBAMTDTY0YzBjN2I2LTU2MGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9qy+BrsRIMWNIpPTOtHGEQguww1NC5mzCtFK1i93b78FwunsaUNWvzCYI
WzJm3ns2d9Dq2ZPZTt8X9n6qaAyIrQdmWNjLK5pKqfB/BWn48Pyp4MtyJlKllqUb
WhQofrSO0EReTjIBI0RpxwHaQhaSbmlRj39CNXC8zJJVdWZ8BLxsPGJ0F1apIlRl
YmpZvGL3orYZTqmVOrZNsvtCnVLOgpUWziuvneLtH5MAUYiTeC7p6GBPrrP3IAfA
oszE61HUxpZmbFk1PkWs1TJ6w6qosKxQQSovUvPAHd044gsCqhcehgn0bANYRdha
Aj7NcV+mG1fhq7HcXy6MrkixTUrbAgMBAAGjggLMMIICyDAdBgNVHQ4EFgQUv1I7
5J0nl4sCWeRY8TIiL5V5kI8wHwYDVR0jBBgwFoAUudc5FHcPXzji8Xi1dPaVYhlO
iwQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQ0Njg0LzhFODkwMjhBQ0RBNTExRUI5MkRCQ0YzQ0Y4QUVBMjI4L3VkYzVG
SGNQWHpqaThYaTFkUGFWWWhsT2l3US5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3VkYzVGSGNQWHpqaThYaTFkUGFWWWhsT2l3US5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQ0Njg0LzhFODkwMjhBQ0RBNTExRUI5MkRCQ0YzQ0Y4
QUVBMjI4L0ZENDNDODIwMkI4MzExRUU5MzU0N0E0QzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAMpTCADBAMpTcgDBAMpikAD
BANmQzADBAOaSfAwDQQCAAIwBwMFACwP+6AwDQYJKoZIhvcNAQELBQADggEBABNN
sk853YxzLaKSuSNkxSCyKauMW9TC/M3KfQ6MQiMweTGgwNY9r1pDmz9cBoOGGCru
DZ6TL85OTvUS6lmAf19T+Z6oH9KV+nhIzMg+biC4VU7pNjM01j8J93PDyd3JUYzT
PrMwv6OIAW9znM8xN4FPh/nHT+bHURkggmAK2TTWR+tZ4qKqLBO5bBfdNQ8MaXhx
Tztza5hVfjCiXRPEJ/873QZJR+NEs5vwP49FiuK4qZKmzYfk7jRmw3H45xvlGL8n
dY000pgavuLljqEiwD3eD2zjzd7Iy1oka+eZ6mKjxi77Hji07aa1nHd3JBvWqBMM
TARVV4SWAuH91zUdBLU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org