Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/85435BE23C6311EE9E2BB76C4AD9E6FC.roa
File:                     85435BE23C6311EE9E2BB76C4AD9E6FC.roa (raw, json)
Hash identifier:          ZIlXxtD8wXr16Udjo8wBxB2atTHwjE6MF56MpocHqts=
Subject key identifier:   37:7D:3E:77:22:4A:1D:F3:63:09:72:79:8F:8A:19:DF:04:AA:0E:12
Certificate issuer:       /CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
Certificate serial:       0165
Authority key identifier: F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/85435BE23C6311EE9E2BB76C4AD9E6FC.roa
Signing time:             Wed 16 Aug 2023 18:34:23 +0000
ROA not before:           Wed 16 Aug 2023 18:34:20 +0000
ROA not after:            Tue 24 Aug 2027 18:34:20 +0000
asID:                     23764
IP address blocks:        154.72.46.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 357 (0x165)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
        Validity
            Not Before: Aug 16 18:34:20 2023 GMT
            Not After : Aug 24 18:34:20 2027 GMT
        Subject: CN=64dd16af-742f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:06:f3:79:5c:ec:ad:ec:b3:f2:10:f7:85:f0:
                    e0:18:83:ed:cf:f8:be:57:7e:b3:94:33:6f:c6:5e:
                    1d:d4:01:ab:08:44:fc:84:49:7f:88:02:6a:4e:90:
                    68:15:e4:9e:a3:0b:e5:78:2f:a9:b7:e6:33:f7:61:
                    03:8a:30:96:19:50:e8:ec:ff:ac:97:51:e5:38:16:
                    7f:c6:d0:e9:49:66:27:e4:b3:71:f3:0c:db:95:a5:
                    62:b2:52:11:eb:28:66:a9:31:6e:c9:85:55:5e:9a:
                    6f:8c:2c:6f:5c:d7:02:0e:b5:49:c8:85:8a:90:1f:
                    19:9f:15:eb:39:a6:e0:6b:63:8b:7a:fe:77:d4:d1:
                    9d:ac:58:a9:ff:1d:99:5a:b8:4e:34:5e:ca:2b:2a:
                    8a:41:03:81:92:c7:20:fc:87:41:6d:a7:38:86:86:
                    a2:f0:93:18:29:9b:4e:87:74:76:21:30:37:06:7a:
                    85:2c:6b:32:ae:71:c2:35:8a:6f:e2:b4:83:39:3a:
                    48:b5:ad:23:45:2e:a3:fd:d7:2d:e4:93:cb:f3:0d:
                    9f:7e:21:9e:f6:af:4d:67:f7:de:5b:25:9a:dd:96:
                    d1:e1:78:14:d4:80:22:5b:38:1d:6b:cd:61:74:3a:
                    46:ae:37:52:ba:c2:2c:4f:12:37:78:30:d9:d4:2d:
                    52:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:7D:3E:77:22:4A:1D:F3:63:09:72:79:8F:8A:19:DF:04:AA:0E:12
            X509v3 Authority Key Identifier:
                keyid:F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/85435BE23C6311EE9E2BB76C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.72.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         df:93:80:b8:45:d4:8d:8b:09:5a:e0:7f:a4:12:3e:62:c0:a1:
         c5:e9:16:3a:d6:d1:10:93:6f:7c:0e:d0:f5:1a:26:81:32:88:
         df:eb:38:cf:c9:9d:b4:b5:73:f1:3f:3c:25:66:f9:b2:55:de:
         08:f7:bf:9a:06:ea:eb:e3:d0:e4:36:86:bb:5d:e7:0c:a8:13:
         44:19:f9:cf:91:b7:fd:ca:9a:0c:33:be:db:ef:4e:4b:5e:d2:
         dc:18:09:0a:e4:67:1e:9d:c0:c7:c1:5a:7c:3e:13:73:21:20:
         e7:8b:49:53:3a:b9:ca:49:75:4d:c0:e0:a0:b6:f0:3b:65:2a:
         1e:d4:2b:4a:28:77:87:f5:85:bf:79:fc:fd:2f:a7:8f:e1:51:
         b4:4d:ef:38:69:64:3a:85:75:79:41:ce:75:4c:63:c3:55:b6:
         ef:2d:33:61:0c:81:43:4d:f6:52:5d:41:c0:9a:53:c7:5e:34:
         7a:48:14:6f:0f:43:a8:14:06:cd:00:74:dd:1f:e9:b3:83:62:
         98:a4:61:2a:97:82:fe:3d:50:a9:ba:2e:29:cb:ad:2b:35:5c:
         ff:52:37:08:c0:5e:19:ee:8f:22:d2:0c:95:c4:cc:74:b6:34:
         16:e8:f7:d2:6f:b1:5a:e5:e6:d3:13:b5:34:8a:20:b4:9a:61:
         43:02:21:8e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAWUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
REI0OTJBRjExMC8GA1UEBRMoRjQzRTA2NjhFRjcyQkQ4N0ZBNTM2OEJFMkI2ODE1
QzBCQ0I0MDE0OTAeFw0yMzA4MTYxODM0MjBaFw0yNzA4MjQxODM0MjBaMBgxFjAU
BgNVBAMTDTY0ZGQxNmFmLTc0MmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDZBvN5XOyt7LPyEPeF8OAYg+3P+L5XfrOUM2/GXh3UAasIRPyESX+IAmpO
kGgV5J6jC+V4L6m35jP3YQOKMJYZUOjs/6yXUeU4Fn/G0OlJZifks3HzDNuVpWKy
UhHrKGapMW7JhVVemm+MLG9c1wIOtUnIhYqQHxmfFes5puBrY4t6/nfU0Z2sWKn/
HZlauE40XsorKopBA4GSxyD8h0FtpziGhqLwkxgpm06HdHYhMDcGeoUsazKuccI1
im/itIM5Oki1rSNFLqP91y3kk8vzDZ9+IZ72r01n995bJZrdltHheBTUgCJbOB1r
zWF0OkauN1K6wixPEjd4MNnULVKhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUN30+
dyJKHfNjCXJ5j4oZ3wSqDhIwHwYDVR0jBBgwFoAU9D4GaO9yvYf6U2i+K2gVwLy0
AUkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYxMjIyNDY4LzlENEdh
Tzl5dllmNlUyaS1LMmdWd0x5MEFVay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzlENEdhTzl5dllmNlUyaS1LMmdWd0x5MEFVay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYx
MjIyNDY4Lzg1NDM1QkUyM0M2MzExRUU5RTJCQjc2QzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaSC4wDQYJKoZIhvcNAQEL
BQADggEBAN+TgLhF1I2LCVrgf6QSPmLAocXpFjrW0RCTb3wO0PUaJoEyiN/rOM/J
nbS1c/E/PCVm+bJV3gj3v5oG6uvj0OQ2hrtd5wyoE0QZ+c+Rt/3KmgwzvtvvTkte
0twYCQrkZx6dwMfBWnw+E3MhIOeLSVM6ucpJdU3A4KC28DtlKh7UK0ood4f1hb95
/P0vp4/hUbRN7zhpZDqFdXlBznVMY8NVtu8tM2EMgUNN9lJdQcCaU8deNHpIFG8P
Q6gUBs0AdN0f6bODYpikYSqXgv49UKm6LinLrSs1XP9SNwjAXhnujyLSDJXEzHS2
NBbo99JvsVrl5tMTtTSKILSaYUMCIY4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org