Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/C9BA5A68853911EE85DC71244AD9E6FC.roa
File:                     C9BA5A68853911EE85DC71244AD9E6FC.roa (raw, json)
Hash identifier:          b7/gfmmcR06S+U/Q6uheuRvTHtvlSXanbIBxP+AP9Sw=
Subject key identifier:   7B:F7:A6:D8:41:66:0D:E1:7C:6E:EF:DC:FD:DF:6A:A1:01:4E:33:A6
Certificate issuer:       /CN=F36F2B14AF/serialNumber=90E899936DF9E68B9A7505BFBE63B8AFA0A77AE9
Certificate serial:       04CA
Authority key identifier: 90:E8:99:93:6D:F9:E6:8B:9A:75:05:BF:BE:63:B8:AF:A0:A7:7A:E9
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/kOiZk2355ouadQW_vmO4r6Cneuk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/C9BA5A68853911EE85DC71244AD9E6FC.roa
Signing time:             Fri 17 Nov 2023 11:09:34 +0000
ROA not before:           Fri 17 Nov 2023 11:09:31 +0000
ROA not after:            Mon 30 Nov 2026 11:09:31 +0000
asID:                     37239
IP address blocks:        197.234.16.0/24 maxlen: 24
                          197.234.17.0/24 maxlen: 24
                          197.234.18.0/24 maxlen: 24
                          197.234.19.0/24 maxlen: 24
                          197.234.20.0/24 maxlen: 24
                          197.234.21.0/24 maxlen: 24
                          197.234.22.0/24 maxlen: 24
                          197.234.23.0/24 maxlen: 24
                          197.234.24.0/24 maxlen: 24
                          197.234.25.0/24 maxlen: 24
                          197.234.27.0/24 maxlen: 24
                          197.234.28.0/24 maxlen: 24
                          197.234.29.0/24 maxlen: 24
                          197.234.30.0/24 maxlen: 24
                          197.234.31.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/kOiZk2355ouadQW_vmO4r6Cneuk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/kOiZk2355ouadQW_vmO4r6Cneuk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/kOiZk2355ouadQW_vmO4r6Cneuk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1226 (0x4ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F2B14AF/serialNumber=90E899936DF9E68B9A7505BFBE63B8AFA0A77AE9
        Validity
            Not Before: Nov 17 11:09:31 2023 GMT
            Not After : Nov 30 11:09:31 2026 GMT
        Subject: CN=655749ee-59d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:18:37:1b:72:5a:88:f9:61:07:e6:cf:d1:ea:
                    0e:19:5e:30:18:1a:6c:be:32:ac:3b:4f:af:5f:da:
                    ad:9e:db:46:c2:bb:dc:ba:87:58:f0:ac:cc:d6:b7:
                    c2:1a:94:cd:e6:fc:c1:04:b7:af:01:6b:33:72:57:
                    d1:00:cc:00:49:ea:6d:17:12:30:32:46:7a:8d:3e:
                    b3:da:31:dc:b4:d1:89:23:f6:90:48:bd:71:19:ff:
                    b6:f5:99:a5:34:ea:4d:65:47:a2:8d:69:23:3f:33:
                    ea:f8:52:33:e4:cb:6c:42:4b:97:fd:42:17:31:74:
                    7e:a9:52:33:5e:59:fe:fd:25:58:fd:fe:b0:f5:12:
                    79:2b:1b:f4:32:6f:65:0d:73:dd:6b:54:19:5c:14:
                    00:d7:2b:f5:0c:bf:13:20:75:ce:fd:68:ce:21:ea:
                    4f:6a:62:d7:e0:d1:45:93:ac:b8:eb:35:b7:89:4f:
                    70:0d:f9:d1:2e:1f:67:5b:65:37:7b:a6:9f:ae:6c:
                    96:86:48:e3:7c:c6:51:fa:fb:51:45:fb:86:a6:56:
                    8a:d0:a2:8c:9c:f6:b8:79:7d:18:ac:1f:e2:12:00:
                    bc:94:4a:9f:82:21:e8:2f:e8:57:73:d2:fb:c4:69:
                    93:6c:24:d7:c5:25:8d:b9:c6:20:33:71:00:9a:a8:
                    4d:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:F7:A6:D8:41:66:0D:E1:7C:6E:EF:DC:FD:DF:6A:A1:01:4E:33:A6
            X509v3 Authority Key Identifier:
                keyid:90:E8:99:93:6D:F9:E6:8B:9A:75:05:BF:BE:63:B8:AF:A0:A7:7A:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/kOiZk2355ouadQW_vmO4r6Cneuk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/kOiZk2355ouadQW_vmO4r6Cneuk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F2B14/43F81B58ED1C11EA9F838C55F8AEA228/C9BA5A68853911EE85DC71244AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.234.16.0-197.234.25.255
                  197.234.27.0-197.234.31.255

    Signature Algorithm: sha256WithRSAEncryption
         2f:02:fb:63:fd:51:14:f1:34:18:fb:18:ac:14:96:16:47:12:
         f7:02:8e:2b:05:80:1b:7b:d8:99:d9:66:8b:19:9c:c4:b2:f8:
         74:35:7a:cd:44:59:f0:87:32:83:0e:33:65:2c:86:5d:d3:04:
         ab:ad:2e:40:9c:72:9b:b8:4c:3d:6d:09:0e:04:9e:3c:9a:c3:
         8b:79:d3:de:f3:96:ee:27:6b:42:ae:79:ff:60:d4:da:df:99:
         ce:cd:24:bd:e6:e1:41:d4:d0:76:28:5c:eb:fd:4e:3b:70:0b:
         ec:01:8b:97:f0:16:2a:48:c5:a2:26:0a:89:17:53:3e:86:fc:
         dd:89:49:77:d7:0a:58:13:ea:09:12:b5:64:ec:8a:8d:de:a7:
         06:73:7a:62:6a:bd:01:84:01:92:49:a2:ba:d1:4e:88:75:7f:
         a2:29:fc:b9:34:a5:8b:23:98:e2:5b:a9:9b:83:1f:ef:7a:b2:
         93:a1:e9:68:7e:36:70:e7:34:8c:7e:4d:e7:55:7b:19:4c:3a:
         84:ca:3f:59:65:21:ff:ee:7b:c7:f8:45:69:8c:9e:89:3f:ab:
         39:4f:d3:6e:08:41:ec:4e:48:6e:87:5e:92:e9:14:5e:81:6b:
         6f:ce:49:3a:41:ed:a7:75:d3:5d:a6:a7:db:85:ca:a3:c0:e4:
         b1:ab:10:43
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICBMowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RjJCMTRBRjExMC8GA1UEBRMoOTBFODk5OTM2REY5RTY4QjlBNzUwNUJGQkU2M0I4
QUZBMEE3N0FFOTAeFw0yMzExMTcxMTA5MzFaFw0yNjExMzAxMTA5MzFaMBgxFjAU
BgNVBAMTDTY1NTc0OWVlLTU5ZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLGDcbclqI+WEH5s/R6g4ZXjAYGmy+Mqw7T69f2q2e20bCu9y6h1jwrMzW
t8IalM3m/MEEt68BazNyV9EAzABJ6m0XEjAyRnqNPrPaMdy00Ykj9pBIvXEZ/7b1
maU06k1lR6KNaSM/M+r4UjPky2xCS5f9QhcxdH6pUjNeWf79JVj9/rD1EnkrG/Qy
b2UNc91rVBlcFADXK/UMvxMgdc79aM4h6k9qYtfg0UWTrLjrNbeJT3AN+dEuH2db
ZTd7pp+ubJaGSON8xlH6+1FF+4amVorQooyc9rh5fRisH+ISALyUSp+CIegv6Fdz
0vvEaZNsJNfFJY25xiAzcQCaqE01AgMBAAGjggK7MIICtzAdBgNVHQ4EFgQUe/em
2EFmDeF8bu/c/d9qoQFOM6YwHwYDVR0jBBgwFoAUkOiZk2355ouadQW/vmO4r6Cn
eukwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkYyQjE0LzQzRjgxQjU4RUQxQzExRUE5RjgzOEM1NUY4QUVBMjI4L2tPaVpr
MjM1NW91YWRRV192bU80cjZDbmV1ay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2tPaVprMjM1NW91YWRRV192bU80cjZDbmV1ay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkYyQjE0LzQzRjgxQjU4RUQxQzExRUE5RjgzOEM1NUY4
QUVBMjI4L0M5QkE1QTY4ODUzOTExRUU4NURDNzEyNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNQYIKwYBBQUHAQcBAf8EJjAkMCIEAgABMBwwDAMEBMXqEAMEAcXqGDAMAwQA
xeobAwQFxeoAMA0GCSqGSIb3DQEBCwUAA4IBAQAvAvtj/VEU8TQY+xisFJYWRxL3
Ao4rBYAbe9iZ2WaLGZzEsvh0NXrNRFnwhzKDDjNlLIZd0wSrrS5AnHKbuEw9bQkO
BJ48msOLedPe85buJ2tCrnn/YNTa35nOzSS95uFB1NB2KFzr/U47cAvsAYuX8BYq
SMWiJgqJF1M+hvzdiUl31wpYE+oJErVk7IqN3qcGc3piar0BhAGSSaK60U6IdX+i
Kfy5NKWLI5jiW6mbgx/verKToelofjZw5zSMfk3nVXsZTDqEyj9ZZSH/7nvH+EVp
jJ6JP6s5T9NuCEHsTkhuh16S6RRegWtvzkk6Qe2nddNdpqfbhcqjwOSxqxBD
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:19 2024 by rpki-client on console-fra.rpki-client.org