Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DBC4B/2336786EF8A911EEBCB49C0F017001B1/B0430B5AF8AE11EEB0F5E23C017001B1.roa
File:                     B0430B5AF8AE11EEB0F5E23C017001B1.roa (raw, json)
Hash identifier:          FIOuS4mN7LOSWt1z7CLx3ZkuimkGpPpmbgUGLV2CTjM=
Subject key identifier:   F9:0D:10:83:41:A5:3E:04:DF:63:91:4E:FD:26:FA:7E:88:1E:48:55
Certificate issuer:       /CN=F36DBC4BAF/serialNumber=FE7FFA7B06D37351DB92D6B9D3B0AD10307B5A21
Certificate serial:       09
Authority key identifier: FE:7F:FA:7B:06:D3:73:51:DB:92:D6:B9:D3:B0:AD:10:30:7B:5A:21
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_n_6ewbTc1Hbkta507CtEDB7WiE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DBC4B/2336786EF8A911EEBCB49C0F017001B1/B0430B5AF8AE11EEB0F5E23C017001B1.roa
Signing time:             Fri 12 Apr 2024 09:26:06 +0000
ROA not before:           Fri 12 Apr 2024 09:26:03 +0000
ROA not after:            Mon 31 Mar 2025 09:26:03 +0000
asID:                     33567
IP address blocks:        196.202.240.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36DBC4B/2336786EF8A911EEBCB49C0F017001B1/_n_6ewbTc1Hbkta507CtEDB7WiE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36DBC4B/2336786EF8A911EEBCB49C0F017001B1/_n_6ewbTc1Hbkta507CtEDB7WiE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_n_6ewbTc1Hbkta507CtEDB7WiE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 28 Nov 2024 00:05:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DBC4BAF/serialNumber=FE7FFA7B06D37351DB92D6B9D3B0AD10307B5A21
        Validity
            Not Before: Apr 12 09:26:03 2024 GMT
            Not After : Mar 31 09:26:03 2025 GMT
        Subject: CN=6618fe2e-5963
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:64:6d:1b:fe:4a:4d:0f:82:71:fd:83:b4:f7:
                    2c:f8:40:95:eb:a0:ad:57:7f:7e:30:27:95:d5:28:
                    2f:b4:91:77:8b:8a:1f:64:1b:29:ef:cd:08:13:03:
                    d4:94:23:be:2a:46:57:db:93:65:da:3c:bf:26:b5:
                    da:79:7a:f2:39:70:f6:36:ad:e8:87:b9:d2:fc:f8:
                    ab:15:52:5b:cb:1c:a4:4e:a9:12:02:59:e3:56:ac:
                    93:d9:80:b2:61:20:70:59:52:46:d6:c8:09:f2:82:
                    c1:b7:ce:ad:56:16:78:1a:13:85:50:b3:ad:db:58:
                    32:77:0d:5a:44:93:dd:89:47:0b:a3:e0:2b:38:e8:
                    45:49:ac:3a:8e:32:78:10:8c:e4:d2:d4:48:c7:d2:
                    19:cd:9a:ba:00:53:75:df:f4:bf:82:36:51:f5:ef:
                    64:96:29:4e:c1:f0:69:47:25:f0:3e:40:2b:41:a6:
                    fc:e7:b8:c1:8e:6c:77:b1:e9:af:20:0b:cb:b8:3a:
                    c4:29:13:27:7c:da:98:62:6d:68:6d:24:04:5e:2a:
                    55:a9:a1:d1:3f:67:c0:ed:ca:7b:48:1d:03:31:3a:
                    2d:a6:e8:77:11:48:95:a2:ab:f8:2f:f1:f9:e1:e0:
                    4b:d1:b3:53:b6:26:26:3b:39:23:40:8b:ec:11:6a:
                    b2:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:0D:10:83:41:A5:3E:04:DF:63:91:4E:FD:26:FA:7E:88:1E:48:55
            X509v3 Authority Key Identifier:
                keyid:FE:7F:FA:7B:06:D3:73:51:DB:92:D6:B9:D3:B0:AD:10:30:7B:5A:21

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DBC4B/2336786EF8A911EEBCB49C0F017001B1/_n_6ewbTc1Hbkta507CtEDB7WiE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_n_6ewbTc1Hbkta507CtEDB7WiE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DBC4B/2336786EF8A911EEBCB49C0F017001B1/B0430B5AF8AE11EEB0F5E23C017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.202.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         75:1c:d1:c6:c4:0d:d0:6b:78:23:40:2f:3b:2d:b8:ad:bf:a1:
         78:91:98:a2:ed:f5:87:8b:2c:0b:0f:f2:9e:a3:8b:eb:09:1b:
         95:9b:6f:14:50:eb:2d:f1:d4:99:05:5d:32:74:88:c5:67:ad:
         f1:eb:c9:a1:54:47:7e:2f:f3:64:3a:4b:f2:a6:06:a0:44:ff:
         05:3b:0b:13:48:25:d7:82:a0:11:e9:4b:b3:7f:82:06:84:68:
         05:fc:bc:c1:2e:b3:3f:aa:06:0d:da:34:7a:df:06:58:55:b6:
         a5:5e:28:ef:eb:d7:a1:94:e5:fe:d7:3d:b1:63:19:a5:8e:a2:
         f7:10:64:9a:f2:6c:eb:bf:34:c5:4c:07:fd:71:98:26:ca:a2:
         e3:09:b9:0d:bb:d4:3f:f0:44:e2:e1:84:c4:1b:43:02:9d:41:
         d6:e9:04:6f:47:34:b6:b4:59:cb:9e:b7:20:7c:94:99:88:b2:
         8f:88:84:4a:67:b9:90:b3:27:1c:29:91:57:66:65:ce:59:d1:
         a1:e1:58:e1:22:9d:77:97:4c:a5:e5:a5:ba:21:f2:24:ce:63:
         76:1f:38:5a:60:96:0d:02:f6:41:f1:3c:f7:34:69:eb:06:c4:
         4f:dc:b3:a8:de:da:b9:66:f5:62:57:d4:09:60:5f:23:74:06:
         00:11:52:2c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
QkM0QkFGMTEwLwYDVQQFEyhGRTdGRkE3QjA2RDM3MzUxREI5MkQ2QjlEM0IwQUQx
MDMwN0I1QTIxMB4XDTI0MDQxMjA5MjYwM1oXDTI1MDMzMTA5MjYwM1owGDEWMBQG
A1UEAxMNNjYxOGZlMmUtNTk2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNkbRv+Sk0PgnH9g7T3LPhAleugrVd/fjAnldUoL7SRd4uKH2QbKe/NCBMD
1JQjvipGV9uTZdo8vya12nl68jlw9jat6Ie50vz4qxVSW8scpE6pEgJZ41ask9mA
smEgcFlSRtbICfKCwbfOrVYWeBoThVCzrdtYMncNWkST3YlHC6PgKzjoRUmsOo4y
eBCM5NLUSMfSGc2augBTdd/0v4I2UfXvZJYpTsHwaUcl8D5AK0Gm/Oe4wY5sd7Hp
ryALy7g6xCkTJ3zamGJtaG0kBF4qVamh0T9nwO3Ke0gdAzE6LabodxFIlaKr+C/x
+eHgS9GzU7YmJjs5I0CL7BFqsl0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT5DRCD
QaU+BN9jkU79Jvp+iB5IVTAfBgNVHSMEGDAWgBT+f/p7BtNzUduS1rnTsK0QMHta
ITAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REJDNEIvMjMzNjc4NkVGOEE5MTFFRUJDQjQ5QzBGMDE3MDAxQjEvX25fNmV3
YlRjMUhia3RhNTA3Q3RFREI3V2lFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX25fNmV3YlRjMUhia3RhNTA3Q3RFREI3V2lFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REJDNEIvMjMzNjc4NkVGOEE5MTFFRUJDQjQ5QzBGMDE3
MDAxQjEvQjA0MzBCNUFGOEFFMTFFRUIwRjVFMjNDMDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8TK8DANBgkqhkiG9w0BAQsF
AAOCAQEAdRzRxsQN0Gt4I0AvOy24rb+heJGYou31h4ssCw/ynqOL6wkblZtvFFDr
LfHUmQVdMnSIxWet8evJoVRHfi/zZDpL8qYGoET/BTsLE0gl14KgEelLs3+CBoRo
Bfy8wS6zP6oGDdo0et8GWFW2pV4o7+vXoZTl/tc9sWMZpY6i9xBkmvJs6780xUwH
/XGYJsqi4wm5DbvUP/BE4uGExBtDAp1B1ukEb0c0trRZy563IHyUmYiyj4iESme5
kLMnHCmRV2ZlzlnRoeFY4SKdd5dMpeWluiHyJM5jdh84WmCWDQL2QfE89zRp6wbE
T9yzqN7auWb1YlfUCWBfI3QGABFSLA==
-----END CERTIFICATE-----
Generated at Tue Nov 26 04:55:01 2024 by rpki-client on console-ams.rpki-client.org