Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EBDD7/59907460BE1D11EB9A348B42F8AEA228/2AF34020B6A511EC8DB1D5C05A40D577.roa
File:                     2AF34020B6A511EC8DB1D5C05A40D577.roa (raw, json)
Hash identifier:          maABM8vRpqU/MWMhf0pUMu7or+BUDrnxmSFENy3v/aw=
Subject key identifier:   99:94:1F:67:6A:E6:64:10:10:E5:16:1B:56:22:4A:71:8D:1A:24:DD
Certificate issuer:       /CN=F36EBDD7AF/serialNumber=671762DF2F4B65E8350EF43DFE6E347765751B67
Certificate serial:       0147
Authority key identifier: 67:17:62:DF:2F:4B:65:E8:35:0E:F4:3D:FE:6E:34:77:65:75:1B:67
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/Zxdi3y9LZeg1DvQ9_m40d2V1G2c.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36EBDD7/59907460BE1D11EB9A348B42F8AEA228/2AF34020B6A511EC8DB1D5C05A40D577.roa
Signing time:             Thu 07 Apr 2022 19:01:45 +0000
ROA not before:           Thu 07 Apr 2022 19:01:41 +0000
ROA not after:            Fri 30 Apr 2032 19:01:41 +0000
asID:                     37349
IP address blocks:        41.79.68.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36EBDD7/59907460BE1D11EB9A348B42F8AEA228/Zxdi3y9LZeg1DvQ9_m40d2V1G2c.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36EBDD7/59907460BE1D11EB9A348B42F8AEA228/Zxdi3y9LZeg1DvQ9_m40d2V1G2c.mft
                          rsync://rpki.afrinic.net/repository/afrinic/Zxdi3y9LZeg1DvQ9_m40d2V1G2c.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 327 (0x147)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36EBDD7AF/serialNumber=671762DF2F4B65E8350EF43DFE6E347765751B67
        Validity
            Not Before: Apr  7 19:01:41 2022 GMT
            Not After : Apr 30 19:01:41 2032 GMT
        Subject: CN=624f3519-7d5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ef:fa:1a:1f:b8:f9:61:5b:56:b6:c7:88:ca:
                    99:96:95:ce:71:1c:25:44:c2:85:4e:57:ca:98:a9:
                    0a:af:bd:6b:2a:82:b4:b3:d9:93:48:e7:97:10:1d:
                    3f:54:35:1e:35:1d:51:71:ca:1d:0e:d0:39:ac:b4:
                    1d:0c:65:38:f3:a7:e7:b2:cf:fe:46:cc:75:ee:ce:
                    39:33:0b:c4:aa:65:62:4d:0b:57:9f:56:8c:67:36:
                    39:f8:da:64:96:47:80:bb:93:eb:bd:3e:e3:f5:c1:
                    1e:1d:f3:cb:11:97:f2:c5:f2:2f:d7:3f:c8:60:b7:
                    15:cb:7a:8f:2c:ae:2c:82:5a:de:26:72:6a:0b:73:
                    3d:21:45:fa:11:a9:81:5e:ac:95:50:53:58:bf:4d:
                    ab:14:f4:dc:79:c6:3f:cf:52:c3:a9:22:6f:7c:47:
                    30:d4:b0:ea:1f:2e:28:e4:e8:ef:61:8e:29:dc:23:
                    d7:fc:a8:61:55:19:61:f0:b7:6b:60:e3:03:7d:fb:
                    2c:83:9e:9d:3d:fc:5d:57:6c:bc:bb:7a:af:5f:7b:
                    cf:23:9d:ec:b0:24:4b:67:d4:c1:02:76:76:e0:2d:
                    65:ce:77:88:6f:a0:6d:47:86:e5:09:75:82:d6:20:
                    0c:b6:d3:8c:43:dc:44:b4:23:db:c4:27:94:af:92:
                    68:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:94:1F:67:6A:E6:64:10:10:E5:16:1B:56:22:4A:71:8D:1A:24:DD
            X509v3 Authority Key Identifier:
                keyid:67:17:62:DF:2F:4B:65:E8:35:0E:F4:3D:FE:6E:34:77:65:75:1B:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36EBDD7/59907460BE1D11EB9A348B42F8AEA228/Zxdi3y9LZeg1DvQ9_m40d2V1G2c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Zxdi3y9LZeg1DvQ9_m40d2V1G2c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EBDD7/59907460BE1D11EB9A348B42F8AEA228/2AF34020B6A511EC8DB1D5C05A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.79.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7c:6e:6b:b0:ac:96:4d:40:53:98:a3:45:5c:af:88:58:5d:7b:
         48:12:aa:86:b3:7d:15:70:8a:71:31:db:97:03:d5:3a:24:e0:
         84:1a:d8:7b:7c:9c:39:24:83:82:44:71:7e:29:76:39:c6:86:
         28:3e:62:41:53:32:c0:86:dc:75:5a:fa:f1:da:eb:de:7a:2b:
         00:4d:84:4d:16:41:a7:17:7e:10:ca:af:ba:ee:83:cc:d0:b9:
         86:f5:5f:68:69:7b:ee:ea:7f:3c:55:c0:c6:83:12:6c:ce:c8:
         6d:8c:a8:5f:d4:cd:bb:de:fd:78:16:38:d8:6a:bc:ef:1a:a2:
         73:53:5b:93:5d:9c:92:3c:66:02:1f:7f:a2:3f:df:38:9f:6e:
         1f:30:55:c0:93:90:07:7a:8e:70:58:9f:98:56:db:14:9e:29:
         62:98:f6:75:9c:37:d4:82:c3:73:7b:5e:5a:63:2c:dc:16:0d:
         83:83:69:b5:e0:d9:d1:a7:e8:82:c7:f3:d7:fd:06:8a:1b:55:
         68:bc:8f:cf:de:ad:5e:b2:b5:69:2a:f4:f3:74:69:9d:da:15:
         30:b4:58:bf:51:7a:cc:ed:73:fe:b5:95:b5:59:0a:b6:8b:c0:
         b9:1c:cb:eb:3f:e1:7a:f8:9d:65:36:65:d6:20:af:80:4c:30:
         01:3b:0b:11
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAUcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RUJERDdBRjExMC8GA1UEBRMoNjcxNzYyREYyRjRCNjVFODM1MEVGNDNERkU2RTM0
Nzc2NTc1MUI2NzAeFw0yMjA0MDcxOTAxNDFaFw0zMjA0MzAxOTAxNDFaMBgxFjAU
BgNVBAMMDTYyNGYzNTE5LTdkNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCh7/oaH7j5YVtWtseIypmWlc5xHCVEwoVOV8qYqQqvvWsqgrSz2ZNI55cQ
HT9UNR41HVFxyh0O0DmstB0MZTjzp+eyz/5GzHXuzjkzC8SqZWJNC1efVoxnNjn4
2mSWR4C7k+u9PuP1wR4d88sRl/LF8i/XP8hgtxXLeo8sriyCWt4mcmoLcz0hRfoR
qYFerJVQU1i/TasU9Nx5xj/PUsOpIm98RzDUsOofLijk6O9hjincI9f8qGFVGWHw
t2tg4wN9+yyDnp09/F1XbLy7eq9fe88jneywJEtn1MECdnbgLWXOd4hvoG1HhuUJ
dYLWIAy204xD3ES0I9vEJ5SvkmiDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUmZQf
Z2rmZBAQ5RYbViJKcY0aJN0wHwYDVR0jBBgwFoAUZxdi3y9LZeg1DvQ9/m40d2V1
G2cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVCREQ3LzU5OTA3NDYwQkUxRDExRUI5QTM0OEI0MkY4QUVBMjI4L1p4ZGkz
eTlMWmVnMUR2UTlfbTQwZDJWMUcyYy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1p4ZGkzeTlMWmVnMUR2UTlfbTQwZDJWMUcyYy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVCREQ3LzU5OTA3NDYwQkUxRDExRUI5QTM0OEI0MkY4
QUVBMjI4LzJBRjM0MDIwQjZBNTExRUM4REIxRDVDMDVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIpT0QwDQYJKoZIhvcNAQEL
BQADggEBAHxua7Cslk1AU5ijRVyviFhde0gSqoazfRVwinEx25cD1Tok4IQa2Ht8
nDkkg4JEcX4pdjnGhig+YkFTMsCG3HVa+vHa6956KwBNhE0WQacXfhDKr7rug8zQ
uYb1X2hpe+7qfzxVwMaDEmzOyG2MqF/Uzbve/XgWONhqvO8aonNTW5NdnJI8ZgIf
f6I/3zifbh8wVcCTkAd6jnBYn5hW2xSeKWKY9nWcN9SCw3N7XlpjLNwWDYODabXg
2dGn6ILH89f9BoobVWi8j8/erV6ytWkq9PN0aZ3aFTC0WL9Resztc/61lbVZCraL
wLkcy+s/4Xr4nWU2ZdYgr4BMMAE7CxE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org