Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/4788CE9A3C6311EE9733C66B4AD9E6FC.roa
File:                     4788CE9A3C6311EE9733C66B4AD9E6FC.roa (raw, json)
Hash identifier:          0sVxWZVOpyK0cudH1BB1HUmOSWE0Bj2HjfkgAIa158s=
Subject key identifier:   0E:4E:0E:A5:8C:AA:1F:0B:AE:94:1A:F8:78:10:FD:8A:85:A6:21:75
Certificate issuer:       /CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
Certificate serial:       0161
Authority key identifier: F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/4788CE9A3C6311EE9733C66B4AD9E6FC.roa
Signing time:             Wed 16 Aug 2023 18:32:39 +0000
ROA not before:           Wed 16 Aug 2023 18:32:36 +0000
ROA not after:            Thu 23 Aug 2029 18:32:36 +0000
asID:                     23764
IP address blocks:        154.72.41.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 353 (0x161)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
        Validity
            Not Before: Aug 16 18:32:36 2023 GMT
            Not After : Aug 23 18:32:36 2029 GMT
        Subject: CN=64dd1647-4477
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ce:b2:12:ef:bd:42:1a:d7:f3:77:64:c5:1d:
                    7c:ca:79:1b:81:88:da:d6:ca:b7:bd:9f:e0:6e:92:
                    d5:41:ae:5c:83:e5:09:c8:e4:8d:9d:ab:e7:eb:c6:
                    38:61:7f:3f:c9:78:79:97:44:cb:45:9f:ee:7f:6c:
                    62:94:82:46:3d:62:02:eb:ff:36:ca:1a:e2:65:80:
                    ba:24:c7:e6:e9:d7:14:e3:c8:0c:98:b2:7f:df:b5:
                    28:26:04:e8:74:df:dc:29:55:56:df:c8:08:c4:db:
                    82:61:07:a4:60:6e:ea:fa:de:c0:23:ea:81:69:be:
                    22:50:c3:92:87:38:8c:f0:f9:4f:be:b2:66:03:35:
                    e1:82:38:65:d7:2c:36:c6:b5:03:91:c1:7c:fd:ad:
                    a6:a4:a6:ad:f1:79:03:dd:a7:22:79:5a:54:fd:91:
                    ec:a6:97:30:fb:a9:d3:ca:f0:91:9f:d4:7c:93:c8:
                    26:e8:ac:a0:ea:f5:7d:ed:1a:86:4d:7a:5d:b1:d2:
                    8b:8e:eb:c7:e4:22:d2:67:5f:84:04:85:9b:6e:f9:
                    41:34:ac:9b:e8:5f:c4:9d:0b:0a:56:ff:eb:db:ee:
                    2d:90:e9:43:92:bd:3d:96:e0:42:62:6b:a6:b8:54:
                    40:6d:4e:cf:c2:98:93:07:72:54:09:e5:11:79:cf:
                    b1:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:4E:0E:A5:8C:AA:1F:0B:AE:94:1A:F8:78:10:FD:8A:85:A6:21:75
            X509v3 Authority Key Identifier:
                keyid:F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/4788CE9A3C6311EE9733C66B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.72.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:3a:cb:d7:b0:e2:4e:f3:ec:3e:fe:64:b0:f0:cf:91:31:5d:
         a4:89:ac:68:26:ee:c3:ee:9f:cf:e5:a1:05:b8:2a:12:3a:94:
         69:49:46:25:50:a2:b8:7b:87:0b:49:01:6a:08:6c:bb:06:f7:
         0f:1d:9f:ff:1b:dc:d8:be:af:3f:25:b7:37:26:e2:ba:b1:ec:
         d5:d2:22:c6:43:23:cb:74:43:00:ad:79:e0:0d:24:2f:79:72:
         1c:a8:fe:39:58:e5:a2:1a:c4:bf:12:0b:2c:b1:5e:49:59:b3:
         e2:ba:a5:81:08:8f:ef:d1:a5:af:46:0a:58:fb:4b:ec:4c:d3:
         86:ed:21:68:d2:5f:b2:3e:a5:a9:06:fe:80:d7:8a:23:d9:25:
         ab:bd:10:cd:f9:79:8a:f9:a9:1b:03:a8:c2:0e:46:5a:29:aa:
         0e:a8:10:56:15:38:de:9d:83:1b:d2:f3:00:d7:8f:99:cf:d3:
         97:63:b3:3c:0f:3a:10:a0:2c:bd:07:88:0c:69:b5:c8:ee:31:
         79:25:74:57:7a:04:43:ee:f4:15:f0:6e:68:6a:7c:2d:42:37:
         fc:6d:72:5e:00:8f:05:8a:cb:5d:eb:02:42:3f:b1:fa:11:c7:
         16:66:7e:7a:0f:b5:56:33:28:e4:9d:3d:f8:f7:a8:52:e4:c3:
         cc:22:d7:14
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAWEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
REI0OTJBRjExMC8GA1UEBRMoRjQzRTA2NjhFRjcyQkQ4N0ZBNTM2OEJFMkI2ODE1
QzBCQ0I0MDE0OTAeFw0yMzA4MTYxODMyMzZaFw0yOTA4MjMxODMyMzZaMBgxFjAU
BgNVBAMTDTY0ZGQxNjQ3LTQ0NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4zrIS771CGtfzd2TFHXzKeRuBiNrWyre9n+BuktVBrlyD5QnI5I2dq+fr
xjhhfz/JeHmXRMtFn+5/bGKUgkY9YgLr/zbKGuJlgLokx+bp1xTjyAyYsn/ftSgm
BOh039wpVVbfyAjE24JhB6Rgbur63sAj6oFpviJQw5KHOIzw+U++smYDNeGCOGXX
LDbGtQORwXz9raakpq3xeQPdpyJ5WlT9keymlzD7qdPK8JGf1HyTyCborKDq9X3t
GoZNel2x0ouO68fkItJnX4QEhZtu+UE0rJvoX8SdCwpW/+vb7i2Q6UOSvT2W4EJi
a6a4VEBtTs/CmJMHclQJ5RF5z7E3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUDk4O
pYyqHwuulBr4eBD9ioWmIXUwHwYDVR0jBBgwFoAU9D4GaO9yvYf6U2i+K2gVwLy0
AUkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYxMjIyNDY4LzlENEdh
Tzl5dllmNlUyaS1LMmdWd0x5MEFVay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzlENEdhTzl5dllmNlUyaS1LMmdWd0x5MEFVay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYx
MjIyNDY4LzQ3ODhDRTlBM0M2MzExRUU5NzMzQzY2QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaSCkwDQYJKoZIhvcNAQEL
BQADggEBAFU6y9ew4k7z7D7+ZLDwz5ExXaSJrGgm7sPun8/loQW4KhI6lGlJRiVQ
orh7hwtJAWoIbLsG9w8dn/8b3Ni+rz8ltzcm4rqx7NXSIsZDI8t0QwCteeANJC95
chyo/jlY5aIaxL8SCyyxXklZs+K6pYEIj+/Rpa9GClj7S+xM04btIWjSX7I+pakG
/oDXiiPZJau9EM35eYr5qRsDqMIORlopqg6oEFYVON6dgxvS8wDXj5nP05djszwP
OhCgLL0HiAxptcjuMXkldFd6BEPu9BXwbmhqfC1CN/xtcl4AjwWKy13rAkI/sfoR
xxZmfnoPtVYzKOSdPfj3qFLkw8wi1xQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:28 2024 by rpki-client on console-ams.rpki-client.org