Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F0133/5041A708E58611ECAFC22A87F1222468/96A4F4DEFEB811ECB3B04193F1222468.roa
File:                     96A4F4DEFEB811ECB3B04193F1222468.roa (raw, json)
Hash identifier:          dXffBOIADnB6vcBqHdBgKn+PoHhJBXX1h5d7ynWjslA=
Subject key identifier:   60:39:A1:87:C2:05:96:B6:8E:2C:B3:ED:2B:69:ED:AD:69:90:B3:18
Certificate issuer:       /CN=F36F0133AF/serialNumber=6630C7840846F2F6909754F1341466CDAFEA2FD4
Certificate serial:       26
Authority key identifier: 66:30:C7:84:08:46:F2:F6:90:97:54:F1:34:14:66:CD:AF:EA:2F:D4
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/ZjDHhAhG8vaQl1TxNBRmza_qL9Q.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F0133/5041A708E58611ECAFC22A87F1222468/96A4F4DEFEB811ECB3B04193F1222468.roa
Signing time:             Fri 08 Jul 2022 12:22:10 +0000
ROA not before:           Fri 08 Jul 2022 12:22:06 +0000
ROA not after:            Wed 09 Jul 2031 12:22:06 +0000
asID:                     30983
IP address blocks:        196.200.128.0/18 maxlen: 24
                          2001:4310::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F0133/5041A708E58611ECAFC22A87F1222468/ZjDHhAhG8vaQl1TxNBRmza_qL9Q.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F0133/5041A708E58611ECAFC22A87F1222468/ZjDHhAhG8vaQl1TxNBRmza_qL9Q.mft
                          rsync://rpki.afrinic.net/repository/afrinic/ZjDHhAhG8vaQl1TxNBRmza_qL9Q.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38 (0x26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F0133AF/serialNumber=6630C7840846F2F6909754F1341466CDAFEA2FD4
        Validity
            Not Before: Jul  8 12:22:06 2022 GMT
            Not After : Jul  9 12:22:06 2031 GMT
        Subject: CN=62c82172-68ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:54:de:21:9b:26:27:93:76:91:ac:91:9a:f3:
                    25:9a:e0:ae:66:84:28:83:cd:71:1a:2c:50:6c:3f:
                    ba:07:55:d5:ae:0c:d7:e4:ec:5c:28:8d:61:df:62:
                    5c:39:d6:39:dc:8b:c5:3f:a3:97:03:e3:09:e8:6f:
                    ba:fb:a3:d2:fb:bd:e4:6c:68:10:75:6e:63:d0:c7:
                    ef:90:db:c6:d1:51:8b:86:cb:ca:63:55:92:d2:85:
                    87:44:0a:a8:09:3a:5a:ef:40:da:c9:28:f3:7c:e7:
                    b0:73:67:46:cc:bb:3e:e6:16:52:4c:3c:d8:4a:b3:
                    0f:38:8c:64:50:63:ad:4d:72:86:2f:96:7a:18:4a:
                    89:0d:a4:fc:77:4c:6b:9b:84:f3:ae:36:d4:1f:42:
                    19:b7:ac:98:2f:de:b9:d3:0e:08:df:d5:39:b7:75:
                    31:de:bc:c7:43:ac:f9:43:42:4b:b9:7f:49:3c:d5:
                    b3:64:90:db:af:b8:f9:5a:7b:1b:58:86:c7:c3:f9:
                    17:51:6a:bc:99:3d:41:a6:3c:37:74:7a:46:aa:04:
                    0d:66:0b:e5:41:3e:34:3f:56:c3:4f:b4:53:60:0a:
                    be:c0:bb:64:27:ae:25:c4:c5:3a:8c:6e:21:88:d0:
                    bb:42:0f:2f:a5:d2:c2:de:d4:10:65:d9:ad:1e:ab:
                    e8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:39:A1:87:C2:05:96:B6:8E:2C:B3:ED:2B:69:ED:AD:69:90:B3:18
            X509v3 Authority Key Identifier:
                keyid:66:30:C7:84:08:46:F2:F6:90:97:54:F1:34:14:66:CD:AF:EA:2F:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0133/5041A708E58611ECAFC22A87F1222468/ZjDHhAhG8vaQl1TxNBRmza_qL9Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ZjDHhAhG8vaQl1TxNBRmza_qL9Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0133/5041A708E58611ECAFC22A87F1222468/96A4F4DEFEB811ECB3B04193F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.200.128.0/18
                IPv6:
                  2001:4310::/32

    Signature Algorithm: sha256WithRSAEncryption
         1c:18:a8:32:01:a7:b5:ff:bf:2f:b4:a4:8e:60:5a:d4:7c:31:
         c2:d6:ae:40:6b:d2:ad:c8:4a:28:4a:fb:fa:78:17:f5:e9:98:
         e7:51:12:3c:58:32:6d:64:35:c4:f6:86:e1:97:39:b0:89:30:
         c6:93:55:66:a4:12:82:d9:37:b9:d2:13:5f:05:1e:48:23:b2:
         c4:0c:78:74:58:01:c1:62:20:90:aa:c9:b0:d8:e2:41:df:70:
         c8:64:56:c8:a4:b3:92:06:a4:57:2d:c4:23:c8:89:be:88:2f:
         d6:61:c4:e0:96:f7:74:d4:50:5f:43:bb:53:73:ea:df:2a:4b:
         77:f0:ca:20:07:72:26:5b:fc:aa:1f:2c:ff:e7:b7:13:fd:cd:
         9c:6e:b4:64:d8:b5:b7:0c:7a:24:17:ca:cb:dc:6d:c8:89:07:
         44:6c:c9:92:46:f6:be:74:2e:c1:aa:ba:64:2a:42:6a:11:04:
         66:78:bb:5e:8b:89:05:f7:7e:e4:3f:44:00:7c:65:0f:d4:5e:
         52:23:26:be:07:7b:a1:31:6f:8d:56:7f:fb:f5:1c:87:90:42:
         00:26:57:db:a1:df:12:f4:a2:7f:76:b1:1e:6d:ee:28:e0:15:
         eb:13:48:3c:c9:60:64:92:ea:57:e1:17:7d:7a:86:0d:12:7a:
         a9:aa:d0:c8
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBJjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZG
MDEzM0FGMTEwLwYDVQQFEyg2NjMwQzc4NDA4NDZGMkY2OTA5NzU0RjEzNDE0NjZD
REFGRUEyRkQ0MB4XDTIyMDcwODEyMjIwNloXDTMxMDcwOTEyMjIwNlowGDEWMBQG
A1UEAwwNNjJjODIxNzItNjhjZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOxU3iGbJieTdpGskZrzJZrgrmaEKIPNcRosUGw/ugdV1a4M1+TsXCiNYd9i
XDnWOdyLxT+jlwPjCehvuvuj0vu95GxoEHVuY9DH75DbxtFRi4bLymNVktKFh0QK
qAk6Wu9A2sko83znsHNnRsy7PuYWUkw82EqzDziMZFBjrU1yhi+WehhKiQ2k/HdM
a5uE86421B9CGbesmC/eudMOCN/VObd1Md68x0Os+UNCS7l/STzVs2SQ26+4+Vp7
G1iGx8P5F1FqvJk9QaY8N3R6RqoEDWYL5UE+ND9Ww0+0U2AKvsC7ZCeuJcTFOoxu
IYjQu0IPL6XSwt7UEGXZrR6r6DMCAwEAAaOCArQwggKwMB0GA1UdDgQWBBRgOaGH
wgWWto4ss+0rae2taZCzGDAfBgNVHSMEGDAWgBRmMMeECEby9pCXVPE0FGbNr+ov
1DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjAxMzMvNTA0MUE3MDhFNTg2MTFFQ0FGQzIyQTg3RjEyMjI0NjgvWmpESGhB
aEc4dmFRbDFUeE5CUm16YV9xTDlRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWmpESGhBaEc4dmFRbDFUeE5CUm16YV9xTDlRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjAxMzMvNTA0MUE3MDhFNTg2MTFFQ0FGQzIyQTg3RjEy
MjI0NjgvOTZBNEY0REVGRUI4MTFFQ0IzQjA0MTkzRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBsTIgDANBAIAAjAHAwUAIAFD
EDANBgkqhkiG9w0BAQsFAAOCAQEAHBioMgGntf+/L7SkjmBa1HwxwtauQGvSrchK
KEr7+ngX9emY51ESPFgybWQ1xPaG4Zc5sIkwxpNVZqQSgtk3udITXwUeSCOyxAx4
dFgBwWIgkKrJsNjiQd9wyGRWyKSzkgakVy3EI8iJvogv1mHE4Jb3dNRQX0O7U3Pq
3ypLd/DKIAdyJlv8qh8s/+e3E/3NnG60ZNi1twx6JBfKy9xtyIkHRGzJkkb2vnQu
waq6ZCpCahEEZni7XouJBfd+5D9EAHxlD9ReUiMmvgd7oTFvjVZ/+/Uch5BCACZX
26HfEvSif3axHm3uKOAV6xNIPMlgZJLqV+EXfXqGDRJ6qarQyA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org