Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/295590AC853811EE882D501F4AD9E6FC.roa
File:                     295590AC853811EE882D501F4AD9E6FC.roa (raw, json)
Hash identifier:          IpmxTclJooUyyKaI0gbjeJL9g6pnXl0P79U4aDC1KoE=
Subject key identifier:   1C:22:EC:CD:24:8B:AD:3C:8C:65:11:F6:1A:16:CF:62:91:D5:C2:14
Certificate issuer:       /CN=F36F2B14AF/serialNumber=90E899936DF9E68B9A7505BFBE63B8AFA0A77AE9
Certificate serial:       04C7
Authority key identifier: 90:E8:99:93:6D:F9:E6:8B:9A:75:05:BF:BE:63:B8:AF:A0:A7:7A:E9
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/kOiZk2355ouadQW_vmO4r6Cneuk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/295590AC853811EE882D501F4AD9E6FC.roa
Signing time:             Fri 17 Nov 2023 10:57:55 +0000
ROA not before:           Fri 17 Nov 2023 10:57:52 +0000
ROA not after:            Mon 30 Nov 2026 10:57:52 +0000
asID:                     37239
IP address blocks:        41.76.200.0/24 maxlen: 24
                          41.76.201.0/24 maxlen: 24
                          41.76.202.0/24 maxlen: 24
                          41.76.203.0/24 maxlen: 24
                          41.76.204.0/24 maxlen: 24
                          41.76.205.0/24 maxlen: 24
                          41.76.206.0/24 maxlen: 24
                          41.76.207.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/kOiZk2355ouadQW_vmO4r6Cneuk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/kOiZk2355ouadQW_vmO4r6Cneuk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/kOiZk2355ouadQW_vmO4r6Cneuk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1223 (0x4c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F2B14AF/serialNumber=90E899936DF9E68B9A7505BFBE63B8AFA0A77AE9
        Validity
            Not Before: Nov 17 10:57:52 2023 GMT
            Not After : Nov 30 10:57:52 2026 GMT
        Subject: CN=65574733-9fbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:01:a3:27:00:c1:81:39:e2:0f:02:9c:f5:5f:
                    1c:3b:87:39:bb:c9:c5:59:ab:b6:ac:45:66:4d:5d:
                    f9:df:ac:7b:07:21:a6:b8:51:a7:7a:2b:1d:3d:6f:
                    02:56:14:a9:c6:61:a2:b1:eb:8c:0c:2e:25:33:c3:
                    8d:a8:1c:c7:9d:62:51:7b:57:60:8f:d4:ad:10:0d:
                    17:ff:25:6f:4f:ab:13:85:b0:57:32:44:2b:37:31:
                    12:e6:45:58:d8:77:90:02:7d:c7:6a:9f:df:3e:31:
                    3c:ca:86:89:fe:89:25:d4:65:20:f9:9c:5d:d1:8e:
                    fd:94:f0:0a:67:d9:59:d9:58:c0:2a:a1:26:b4:1d:
                    18:f1:13:82:ee:bf:e1:60:86:6c:5c:b1:27:52:0c:
                    26:ee:18:c6:89:18:a4:86:80:7d:b3:76:07:3e:a0:
                    ac:be:b1:dc:8a:b7:02:c5:78:24:00:fb:16:31:a3:
                    2b:4b:5f:0a:e6:26:7b:ee:8b:84:fe:8e:20:fc:9f:
                    65:51:90:9e:29:fc:f8:97:d5:7b:04:f2:1f:e2:9b:
                    43:d7:58:76:20:11:60:9a:49:70:4f:e7:29:08:83:
                    1d:7b:b3:db:73:75:eb:b8:46:4a:10:92:28:f2:08:
                    0a:48:06:fb:74:37:90:7e:87:bb:d2:94:5f:50:60:
                    6e:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:22:EC:CD:24:8B:AD:3C:8C:65:11:F6:1A:16:CF:62:91:D5:C2:14
            X509v3 Authority Key Identifier:
                keyid:90:E8:99:93:6D:F9:E6:8B:9A:75:05:BF:BE:63:B8:AF:A0:A7:7A:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/kOiZk2355ouadQW_vmO4r6Cneuk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/kOiZk2355ouadQW_vmO4r6Cneuk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/295590AC853811EE882D501F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.200.0/21

    Signature Algorithm: sha256WithRSAEncryption
         c1:57:38:71:50:50:de:b0:12:57:54:06:d8:00:b0:72:92:ee:
         20:b5:df:e5:19:3d:35:5a:1c:2f:a1:ce:03:ac:21:3f:52:0c:
         06:d5:73:f1:21:24:c3:78:38:0e:72:4a:e9:5d:6e:bf:6a:5c:
         ea:4f:2f:c1:b5:85:f4:4e:cc:f8:88:55:4e:1a:fe:2f:49:e5:
         3d:60:76:a2:02:e9:a0:fe:6b:44:f3:90:de:ce:f4:09:33:9b:
         5f:da:d3:db:a6:ca:b4:37:f4:90:6c:14:aa:ca:a9:78:e4:b2:
         c1:f7:1a:fe:6d:16:be:2b:d3:7e:a4:a3:69:78:cb:da:44:f7:
         c7:e7:59:8c:50:0a:ca:22:f8:1f:d2:4b:fe:d4:85:1b:d4:8f:
         18:76:cb:30:13:ac:68:98:a2:60:ca:dd:3c:da:14:07:a4:b9:
         9c:97:2e:d1:ef:41:1b:2d:97:67:77:36:e3:4b:84:cd:5c:a1:
         d2:70:93:2f:ec:03:c5:d7:3a:63:df:72:4f:ea:84:9c:a1:96:
         39:23:fa:f3:5b:a2:01:88:39:55:f3:ba:7f:aa:d4:ca:1f:1c:
         d4:24:59:e7:94:54:6b:fe:ee:c7:ed:53:7b:74:91:e0:d6:af:
         8d:7b:c0:cc:d8:34:08:3d:7c:f8:e0:dd:25:a4:65:b9:95:97:
         c9:24:19:8e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBMcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RjJCMTRBRjExMC8GA1UEBRMoOTBFODk5OTM2REY5RTY4QjlBNzUwNUJGQkU2M0I4
QUZBMEE3N0FFOTAeFw0yMzExMTcxMDU3NTJaFw0yNjExMzAxMDU3NTJaMBgxFjAU
BgNVBAMTDTY1NTc0NzMzLTlmYmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRAaMnAMGBOeIPApz1Xxw7hzm7ycVZq7asRWZNXfnfrHsHIaa4Uad6Kx09
bwJWFKnGYaKx64wMLiUzw42oHMedYlF7V2CP1K0QDRf/JW9PqxOFsFcyRCs3MRLm
RVjYd5ACfcdqn98+MTzKhon+iSXUZSD5nF3Rjv2U8Apn2VnZWMAqoSa0HRjxE4Lu
v+FghmxcsSdSDCbuGMaJGKSGgH2zdgc+oKy+sdyKtwLFeCQA+xYxoytLXwrmJnvu
i4T+jiD8n2VRkJ4p/PiX1XsE8h/im0PXWHYgEWCaSXBP5ykIgx17s9tzdeu4RkoQ
kijyCApIBvt0N5B+h7vSlF9QYG5vAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUHCLs
zSSLrTyMZRH2GhbPYpHVwhQwHwYDVR0jBBgwFoAUkOiZk2355ouadQW/vmO4r6Cn
eukwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkYyQjE0LzQzRjgxQjU4RUQxQzExRUE5RjgzOEM1NUY4QUVBMjI4L2tPaVpr
MjM1NW91YWRRV192bU80cjZDbmV1ay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2tPaVprMjM1NW91YWRRV192bU80cjZDbmV1ay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkYyQjE0LzQzRjgxQjU4RUQxQzExRUE5RjgzOEM1NUY4
QUVBMjI4LzI5NTU5MEFDODUzODExRUU4ODJENTAxRjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMpTMgwDQYJKoZIhvcNAQEL
BQADggEBAMFXOHFQUN6wEldUBtgAsHKS7iC13+UZPTVaHC+hzgOsIT9SDAbVc/Eh
JMN4OA5ySuldbr9qXOpPL8G1hfROzPiIVU4a/i9J5T1gdqIC6aD+a0TzkN7O9Akz
m1/a09umyrQ39JBsFKrKqXjkssH3Gv5tFr4r036ko2l4y9pE98fnWYxQCsoi+B/S
S/7UhRvUjxh2yzATrGiYomDK3TzaFAekuZyXLtHvQRstl2d3NuNLhM1codJwky/s
A8XXOmPfck/qhJyhljkj+vNbogGIOVXzun+q1MofHNQkWeeUVGv+7sftU3t0keDW
r417wMzYNAg9fPjg3SWkZbmVl8kkGY4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:19 2024 by rpki-client on console-fra.rpki-client.org