Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/D58DE410055311EE8CC21E444AD9E6FC.roa
File:                     D58DE410055311EE8CC21E444AD9E6FC.roa (raw, json)
Hash identifier:          Ltv4GVOqSb5DoDvHMIZTzcleetbydhuw7+e80JkuI1k=
Subject key identifier:   0E:AA:DB:3E:9A:DE:24:CE:A1:5F:A2:D7:67:56:08:A7:75:C9:DB:F7
Certificate issuer:       /CN=F36E1028AF/serialNumber=7ECE78AE81BF4072B1DC4F6FB7E6CB9166252B34
Certificate serial:       01B4
Authority key identifier: 7E:CE:78:AE:81:BF:40:72:B1:DC:4F:6F:B7:E6:CB:91:66:25:2B:34
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/fs54roG_QHKx3E9vt-bLkWYlKzQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/D58DE410055311EE8CC21E444AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 16:53:32 +0000
ROA not before:           Wed 07 Jun 2023 16:53:28 +0000
ROA not after:            Sun 07 Jun 2026 16:53:28 +0000
asID:                     7155
IP address blocks:        196.200.240.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/fs54roG_QHKx3E9vt-bLkWYlKzQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:06:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 436 (0x1b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E1028AF/serialNumber=7ECE78AE81BF4072B1DC4F6FB7E6CB9166252B34
        Validity
            Not Before: Jun  7 16:53:28 2023 GMT
            Not After : Jun  7 16:53:28 2026 GMT
        Subject: CN=6480b60c-eb7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ac:c1:ae:43:e2:2d:27:b1:a7:6a:1d:05:5e:
                    f7:3a:30:8d:8e:10:62:ad:37:a1:c2:eb:bb:c5:64:
                    f7:19:e8:bf:3f:a5:0f:37:6b:7f:e8:06:9b:bb:e2:
                    a1:f7:98:a0:5c:18:29:af:0f:b2:6c:39:87:0a:1b:
                    53:b6:ba:0c:e2:fc:e7:d7:dd:db:9f:5d:3c:54:b0:
                    51:3c:ea:3e:be:c7:2a:72:5c:f8:57:36:88:ec:69:
                    9d:59:2b:8d:a6:1a:6a:07:ad:11:33:00:39:27:74:
                    f2:0d:7e:69:e6:0f:6c:a1:3a:22:0f:8e:d2:6d:05:
                    b2:e5:ad:99:98:b3:62:aa:62:18:46:ce:da:7c:60:
                    a7:c4:6a:fa:29:2a:5a:ec:2c:6b:24:39:53:62:18:
                    a2:bf:d6:8e:5d:33:74:31:8e:d3:ce:99:c3:30:2b:
                    f9:ae:c7:17:9f:f4:f4:81:83:c6:5e:1f:d3:3c:5d:
                    e8:a1:14:91:ca:5e:93:6e:4b:03:98:45:75:84:28:
                    8e:db:22:c1:31:21:c5:95:7a:47:3c:5f:e5:56:14:
                    60:23:4d:f3:0d:3d:61:61:f9:98:5b:93:e6:ed:61:
                    7b:6b:e7:13:30:5b:ba:14:45:53:b7:cb:f0:4e:09:
                    89:8d:d7:12:6d:08:c0:1e:1c:5f:58:86:15:60:7b:
                    80:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:AA:DB:3E:9A:DE:24:CE:A1:5F:A2:D7:67:56:08:A7:75:C9:DB:F7
            X509v3 Authority Key Identifier:
                keyid:7E:CE:78:AE:81:BF:40:72:B1:DC:4F:6F:B7:E6:CB:91:66:25:2B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/fs54roG_QHKx3E9vt-bLkWYlKzQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/D58DE410055311EE8CC21E444AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.200.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         aa:71:64:71:23:d3:c1:6e:b1:1e:a4:4c:8b:c4:fe:78:d8:6b:
         1e:5c:57:cc:7f:3c:ad:7f:20:32:0a:b3:35:66:d2:57:5f:4b:
         11:d1:c3:fb:90:40:48:80:a4:78:e5:a4:7c:9e:8c:21:18:ac:
         64:d4:40:58:4b:fe:a1:f1:86:ac:cc:5c:c1:12:87:4e:4a:84:
         a0:30:1c:42:c4:f6:bc:af:df:f0:f2:13:9f:ea:7b:09:9d:2f:
         dd:18:e2:bf:f6:65:b4:ce:be:73:8a:42:f6:f2:e6:ee:35:e5:
         ad:b5:2a:35:8e:11:ca:fc:30:83:b1:ec:17:73:0d:2e:9d:e6:
         8a:df:25:ae:dc:a0:62:40:66:71:e7:ce:2a:59:d5:da:78:26:
         7f:52:83:f7:0a:0f:ba:d3:c9:c7:b8:7c:2f:71:4d:ed:d3:52:
         9d:9d:1b:35:58:a9:1d:3c:0b:c2:1a:bb:89:71:76:85:6a:92:
         81:af:89:c4:37:98:83:dd:68:23:9e:b9:82:22:75:51:f2:48:
         b3:81:b1:55:aa:b9:f0:57:a3:f1:08:94:96:0f:bc:ec:c0:11:
         d9:5b:de:00:24:5e:55:a0:4a:3d:57:42:62:03:da:e4:5b:e3:
         df:d9:ff:e0:8b:83:8e:98:05:07:2c:ea:d6:1f:34:96:a5:ec:
         80:e9:e4:bb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAbQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RTEwMjhBRjExMC8GA1UEBRMoN0VDRTc4QUU4MUJGNDA3MkIxREM0RjZGQjdFNkNC
OTE2NjI1MkIzNDAeFw0yMzA2MDcxNjUzMjhaFw0yNjA2MDcxNjUzMjhaMBgxFjAU
BgNVBAMTDTY0ODBiNjBjLWViN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCurMGuQ+ItJ7Gnah0FXvc6MI2OEGKtN6HC67vFZPcZ6L8/pQ83a3/oBpu7
4qH3mKBcGCmvD7JsOYcKG1O2ugzi/OfX3dufXTxUsFE86j6+xypyXPhXNojsaZ1Z
K42mGmoHrREzADkndPINfmnmD2yhOiIPjtJtBbLlrZmYs2KqYhhGztp8YKfEavop
KlrsLGskOVNiGKK/1o5dM3QxjtPOmcMwK/muxxef9PSBg8ZeH9M8XeihFJHKXpNu
SwOYRXWEKI7bIsExIcWVekc8X+VWFGAjTfMNPWFh+Zhbk+btYXtr5xMwW7oURVO3
y/BOCYmN1xJtCMAeHF9YhhVge4A3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUDqrb
PpreJM6hX6LXZ1YIp3XJ2/cwHwYDVR0jBBgwFoAUfs54roG/QHKx3E9vt+bLkWYl
KzQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUxMDI4LzEwRDU5REJDQzhBNDExRUNCNUUyMzE5OUYxMjIyNDY4L2ZzNTRy
b0dfUUhLeDNFOXZ0LWJMa1dZbEt6US5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2ZzNTRyb0dfUUhLeDNFOXZ0LWJMa1dZbEt6US5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUxMDI4LzEwRDU5REJDQzhBNDExRUNCNUUyMzE5OUYx
MjIyNDY4L0Q1OERFNDEwMDU1MzExRUU4Q0MyMUU0NDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPEyPAwDQYJKoZIhvcNAQEL
BQADggEBAKpxZHEj08FusR6kTIvE/njYax5cV8x/PK1/IDIKszVm0ldfSxHRw/uQ
QEiApHjlpHyejCEYrGTUQFhL/qHxhqzMXMESh05KhKAwHELE9ryv3/DyE5/qewmd
L90Y4r/2ZbTOvnOKQvby5u415a21KjWOEcr8MIOx7BdzDS6d5orfJa7coGJAZnHn
zipZ1dp4Jn9Sg/cKD7rTyce4fC9xTe3TUp2dGzVYqR08C8Iau4lxdoVqkoGvicQ3
mIPdaCOeuYIidVHySLOBsVWqufBXo/EIlJYPvOzAEdlb3gAkXlWgSj1XQmID2uRb
49/Z/+CLg46YBQcs6tYfNJal7IDp5Ls=
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:21:25 2024 by rpki-client on console-ams.rpki-client.org