Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/20D8603A3C6311EEBD05616B4AD9E6FC.roa
File:                     20D8603A3C6311EEBD05616B4AD9E6FC.roa (raw, json)
Hash identifier:          yn1GI8XUJDZhc/a1VL4Ew8aXczcEtSuNRFvBTlTvah0=
Subject key identifier:   7D:6D:F2:18:22:68:4F:25:B1:E9:5C:9C:2D:5D:80:9A:57:6D:1D:0E
Certificate issuer:       /CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
Certificate serial:       015F
Authority key identifier: F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/20D8603A3C6311EEBD05616B4AD9E6FC.roa
Signing time:             Wed 16 Aug 2023 18:31:34 +0000
ROA not before:           Wed 16 Aug 2023 18:31:31 +0000
ROA not after:            Wed 09 Aug 2028 18:31:31 +0000
asID:                     23764
IP address blocks:        154.72.43.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 351 (0x15f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
        Validity
            Not Before: Aug 16 18:31:31 2023 GMT
            Not After : Aug  9 18:31:31 2028 GMT
        Subject: CN=64dd1606-c00e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:06:23:f6:12:9d:5d:fd:ba:82:23:1a:b0:cb:
                    c8:e0:1f:41:6e:45:a1:a9:fc:0e:fb:28:d0:a5:3f:
                    0d:d7:77:2c:89:f4:57:8d:79:ba:e6:a9:e4:ce:d9:
                    33:00:bf:03:2f:32:27:43:95:07:8d:0e:8a:22:bc:
                    65:15:a7:75:c0:81:7b:7b:70:43:23:76:1c:f3:a2:
                    1c:36:54:9a:59:b4:a6:08:b6:95:c4:33:61:db:92:
                    5e:b9:86:b4:a9:e7:39:c0:27:8b:78:39:e6:01:ab:
                    68:1f:8a:49:46:bf:44:23:d5:68:a6:22:66:b9:fa:
                    78:93:09:c0:0c:1d:b5:96:68:82:be:59:27:45:c2:
                    a4:42:e4:31:7d:fa:77:53:03:23:de:97:30:d6:fc:
                    63:84:46:c1:5c:d7:80:55:03:b9:9c:4f:3e:fa:13:
                    39:f0:5d:52:1c:d3:b7:e8:8b:1b:56:23:bd:d5:83:
                    29:80:fd:b0:2f:8a:0e:6f:e1:b1:8c:14:4d:cc:c3:
                    a3:9e:8c:6c:5a:a2:17:d5:a3:21:d3:97:5b:a6:22:
                    d5:91:cf:5d:18:b9:d3:4d:2d:ca:01:2e:62:ae:57:
                    e2:d2:93:a4:10:ec:f7:f1:b1:78:8d:1c:2c:ba:e7:
                    7b:9e:e9:45:f2:c7:dd:5c:a3:de:85:3a:20:14:46:
                    fb:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:6D:F2:18:22:68:4F:25:B1:E9:5C:9C:2D:5D:80:9A:57:6D:1D:0E
            X509v3 Authority Key Identifier:
                keyid:F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/20D8603A3C6311EEBD05616B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.72.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:47:79:00:b8:01:0d:1c:98:88:63:0b:7f:45:81:47:a9:3f:
         6c:09:c3:39:f4:d0:58:cd:8b:25:15:83:d8:05:2b:fc:3a:a5:
         c8:92:8b:26:a8:f7:69:0c:f1:ef:99:12:fd:d6:24:04:71:40:
         3d:d0:d3:99:ca:2a:c3:86:24:42:5f:0b:cd:7e:65:a2:77:61:
         f1:4f:ad:39:c9:99:07:f1:c4:29:fd:ae:8e:ad:10:2b:b3:c3:
         96:0a:78:2b:99:84:03:2e:98:ea:ed:0a:6d:2c:fe:45:b1:df:
         66:57:07:ff:cb:5a:5d:50:5f:90:ac:85:2c:6f:f3:44:d6:8a:
         33:39:7b:cd:b1:a5:9a:cf:ae:38:b5:03:56:43:40:7f:6d:38:
         f5:38:73:58:86:9c:77:7d:3b:e7:f4:bc:06:30:46:12:3c:03:
         58:06:e3:85:5b:e2:28:d9:81:11:d8:be:1f:96:e8:e9:92:75:
         6a:6e:b7:ee:27:99:81:42:11:f6:4e:10:2d:77:02:bb:a9:9b:
         66:26:a8:fb:4d:f5:d9:3d:fc:77:2b:93:ab:04:a5:ba:9f:5c:
         74:4d:55:8f:7e:37:f9:16:33:9b:2b:bb:80:c9:63:05:df:8d:
         c5:d1:b4:55:77:94:fa:23:f5:b2:b0:40:72:f3:fa:36:98:f3:
         90:3b:c6:a5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAV8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
REI0OTJBRjExMC8GA1UEBRMoRjQzRTA2NjhFRjcyQkQ4N0ZBNTM2OEJFMkI2ODE1
QzBCQ0I0MDE0OTAeFw0yMzA4MTYxODMxMzFaFw0yODA4MDkxODMxMzFaMBgxFjAU
BgNVBAMTDTY0ZGQxNjA2LWMwMGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjBiP2Ep1d/bqCIxqwy8jgH0FuRaGp/A77KNClPw3XdyyJ9FeNebrmqeTO
2TMAvwMvMidDlQeNDooivGUVp3XAgXt7cEMjdhzzohw2VJpZtKYItpXEM2Hbkl65
hrSp5znAJ4t4OeYBq2gfiklGv0Qj1WimIma5+niTCcAMHbWWaIK+WSdFwqRC5DF9
+ndTAyPelzDW/GOERsFc14BVA7mcTz76EznwXVIc07foixtWI73VgymA/bAvig5v
4bGMFE3Mw6OejGxaohfVoyHTl1umItWRz10YudNNLcoBLmKuV+LSk6QQ7PfxsXiN
HCy653ue6UXyx91co96FOiAURvspAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfW3y
GCJoTyWx6VycLV2AmldtHQ4wHwYDVR0jBBgwFoAU9D4GaO9yvYf6U2i+K2gVwLy0
AUkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYxMjIyNDY4LzlENEdh
Tzl5dllmNlUyaS1LMmdWd0x5MEFVay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzlENEdhTzl5dllmNlUyaS1LMmdWd0x5MEFVay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYx
MjIyNDY4LzIwRDg2MDNBM0M2MzExRUVCRDA1NjE2QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaSCswDQYJKoZIhvcNAQEL
BQADggEBAHhHeQC4AQ0cmIhjC39FgUepP2wJwzn00FjNiyUVg9gFK/w6pciSiyao
92kM8e+ZEv3WJARxQD3Q05nKKsOGJEJfC81+ZaJ3YfFPrTnJmQfxxCn9ro6tECuz
w5YKeCuZhAMumOrtCm0s/kWx32ZXB//LWl1QX5CshSxv80TWijM5e82xpZrPrji1
A1ZDQH9tOPU4c1iGnHd9O+f0vAYwRhI8A1gG44Vb4ijZgRHYvh+W6OmSdWput+4n
mYFCEfZOEC13Arupm2YmqPtN9dk9/Hcrk6sEpbqfXHRNVY9+N/kWM5sru4DJYwXf
jcXRtFV3lPoj9bKwQHLz+jaY85A7xqU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org