Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/E9C372C8216911EF92868B0D7DDC24C2.roa
File:                     E9C372C8216911EF92868B0D7DDC24C2.roa (raw, json)
Hash identifier:          XPvj7OAyAyjAK7avgf+wB+oHqzalqpcS9RwapMEi6BQ=
Subject key identifier:   1C:6B:42:96:36:9F:02:C1:19:3F:59:96:79:B1:01:26:2C:1D:55:8F
Certificate issuer:       /CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Certificate serial:       0198
Authority key identifier: 87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/E9C372C8216911EF92868B0D7DDC24C2.roa
Signing time:             Mon 03 Jun 2024 05:27:05 +0000
ROA not before:           Mon 03 Jun 2024 05:27:02 +0000
ROA not after:            Tue 01 Jan 2030 05:27:02 +0000
asID:                     37684
IP address blocks:        41.242.3.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 408 (0x198)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
        Validity
            Not Before: Jun  3 05:27:02 2024 GMT
            Not After : Jan  1 05:27:02 2030 GMT
        Subject: CN=665d5429-0e68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:26:7e:cc:17:5c:f7:be:43:6a:73:7e:7e:ab:
                    9d:a2:3b:fb:93:c7:ac:32:07:1c:d3:4f:4d:ef:1f:
                    17:7b:9c:40:32:f1:8d:7d:8b:8e:36:bc:6e:2a:b6:
                    c6:33:34:58:f3:8b:f1:a9:f4:22:93:0b:a7:54:9c:
                    14:f7:a4:0c:83:2f:a1:db:5b:ee:45:ed:45:d0:da:
                    aa:b0:79:f5:ab:ce:8c:c9:60:f9:45:54:c6:cc:44:
                    27:cb:7a:14:64:76:34:0e:25:aa:92:0e:e3:63:74:
                    e7:72:f4:79:fd:75:bc:61:49:85:10:3d:0c:2e:0f:
                    e5:53:cd:c9:9a:41:b6:6f:29:29:76:1e:6f:8a:db:
                    c3:07:d1:89:ce:ef:3c:39:5e:16:58:cc:c9:3a:48:
                    23:5f:2c:47:d5:32:0c:82:52:0c:7a:92:2b:60:5a:
                    ad:b2:2a:f4:6d:28:2d:f9:49:ec:e5:c6:bb:60:65:
                    93:a4:34:a4:3e:48:12:c2:c2:8c:7b:bd:55:03:cf:
                    1a:be:16:21:74:e7:99:9a:ca:55:ad:96:4d:ca:5e:
                    c9:ab:86:aa:29:94:24:e2:c5:b4:89:2d:ed:81:89:
                    2f:9c:49:18:ca:ed:5b:2c:6b:83:5b:a0:59:60:a7:
                    21:df:04:1d:2a:60:fd:c2:2c:14:de:53:db:c0:71:
                    23:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:6B:42:96:36:9F:02:C1:19:3F:59:96:79:B1:01:26:2C:1D:55:8F
            X509v3 Authority Key Identifier:
                keyid:87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/E9C372C8216911EF92868B0D7DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.242.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:25:de:81:5d:c6:da:b6:43:ba:f1:39:77:28:e3:b1:81:a1:
         c5:db:98:e2:ae:0f:b7:05:c4:ed:5f:7b:16:93:66:7a:d3:c9:
         45:70:7a:57:2a:72:f4:26:4a:78:77:79:70:96:68:88:a5:3e:
         58:65:71:98:66:77:94:c0:8f:aa:ca:dc:99:de:d2:fd:b9:4c:
         a1:e8:4a:8a:b2:ee:26:b6:5d:bd:28:1b:1b:5d:ba:4f:d1:e3:
         98:88:40:51:9e:0f:06:81:90:15:9a:99:16:66:0f:92:d6:44:
         83:f4:c2:00:68:08:a9:b1:a9:20:e0:dc:53:d6:dc:11:1a:68:
         60:73:c2:bc:cd:cb:f1:42:bc:b3:4b:b6:02:fc:de:5c:fd:70:
         c2:68:35:fe:dd:3e:a7:a1:be:b5:40:80:5d:a7:97:5e:3d:3d:
         1c:93:7e:96:1e:f8:7b:e5:53:c2:54:47:58:e9:26:58:19:9e:
         86:b4:d7:50:ef:19:ef:c6:71:97:74:d9:1b:12:3c:23:12:81:
         05:5b:d6:78:89:06:23:a4:ba:c6:1a:0a:f4:01:ba:24:59:1d:
         2e:63:88:70:57:15:f2:1e:c2:73:b7:bb:6d:16:7d:27:17:1e:
         ca:f0:b1:91:d7:92:aa:e4:9d:76:67:d8:0c:a5:c2:64:cc:f6:
         33:71:4e:58
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAZgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTJCOENBRjExMC8GA1UEBRMoODcyMTMwRTY5QjNGQjgwMzVCMUIyNUQzRjZGQjk3
NEEyQTA3OEVDQzAeFw0yNDA2MDMwNTI3MDJaFw0zMDAxMDEwNTI3MDJaMBgxFjAU
BgNVBAMTDTY2NWQ1NDI5LTBlNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAJn7MF1z3vkNqc35+q52iO/uTx6wyBxzTT03vHxd7nEAy8Y19i442vG4q
tsYzNFjzi/Gp9CKTC6dUnBT3pAyDL6HbW+5F7UXQ2qqwefWrzozJYPlFVMbMRCfL
ehRkdjQOJaqSDuNjdOdy9Hn9dbxhSYUQPQwuD+VTzcmaQbZvKSl2Hm+K28MH0YnO
7zw5XhZYzMk6SCNfLEfVMgyCUgx6kitgWq2yKvRtKC35SezlxrtgZZOkNKQ+SBLC
wox7vVUDzxq+FiF055maylWtlk3KXsmrhqoplCTixbSJLe2BiS+cSRjK7Vssa4Nb
oFlgpyHfBB0qYP3CLBTeU9vAcSNPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUHGtC
ljafAsEZP1mWebEBJiwdVY8wHwYDVR0jBBgwFoAUhyEw5ps/uANbGyXT9vuXSioH
jswwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRBRDlFNkZDL2h5RXc1
cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2h5RXc1cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRB
RDlFNkZDL0U5QzM3MkM4MjE2OTExRUY5Mjg2OEIwRDdEREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp8gMwDQYJKoZIhvcNAQEL
BQADggEBAH8l3oFdxtq2Q7rxOXco47GBocXbmOKuD7cFxO1fexaTZnrTyUVwelcq
cvQmSnh3eXCWaIilPlhlcZhmd5TAj6rK3Jne0v25TKHoSoqy7ia2Xb0oGxtduk/R
45iIQFGeDwaBkBWamRZmD5LWRIP0wgBoCKmxqSDg3FPW3BEaaGBzwrzNy/FCvLNL
tgL83lz9cMJoNf7dPqehvrVAgF2nl149PRyTfpYe+HvlU8JUR1jpJlgZnoa011Dv
Ge/GcZd02RsSPCMSgQVb1niJBiOkusYaCvQBuiRZHS5jiHBXFfIewnO3u20WfScX
HsrwsZHXkqrknXZn2AylwmTM9jNxTlg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:30 2024 by rpki-client on console-ams.rpki-client.org