Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8EE2/ABE4C34074C911EF8A3602AD762E951A/047D06CA74CA11EFA97DF4B0762E951A.roa
File:                     047D06CA74CA11EFA97DF4B0762E951A.roa (raw, json)
Hash identifier:          HsbCokpAH0jegENCsbT6ZTeMuLaXOukOCBuRo0Dw6wA=
Subject key identifier:   1C:86:68:34:46:FF:AF:30:FA:DF:8A:45:70:19:6B:D9:DF:60:25:3D
Certificate issuer:       /CN=F36F8EE2AF/serialNumber=FD6AB8E14DE180D06C9181AE89BC390F8C416753
Certificate serial:       02
Authority key identifier: FD:6A:B8:E1:4D:E1:80:D0:6C:91:81:AE:89:BC:39:0F:8C:41:67:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_Wq44U3hgNBskYGuibw5D4xBZ1M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F8EE2/ABE4C34074C911EF8A3602AD762E951A/047D06CA74CA11EFA97DF4B0762E951A.roa
Signing time:             Tue 17 Sep 2024 07:54:08 +0000
ROA not before:           Tue 17 Sep 2024 07:54:05 +0000
ROA not after:            Sun 30 Sep 2029 07:54:05 +0000
asID:                     327745
IP address blocks:        154.119.144.0/20 maxlen: 24
                          2c0f:f6f0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F8EE2/ABE4C34074C911EF8A3602AD762E951A/_Wq44U3hgNBskYGuibw5D4xBZ1M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F8EE2/ABE4C34074C911EF8A3602AD762E951A/_Wq44U3hgNBskYGuibw5D4xBZ1M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_Wq44U3hgNBskYGuibw5D4xBZ1M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F8EE2AF/serialNumber=FD6AB8E14DE180D06C9181AE89BC390F8C416753
        Validity
            Not Before: Sep 17 07:54:05 2024 GMT
            Not After : Sep 30 07:54:05 2029 GMT
        Subject: CN=66e935a0-b3f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:5c:dc:24:28:6a:9a:c7:64:88:ba:07:21:ce:
                    f4:8f:5e:94:6c:33:fc:3a:23:c1:aa:d8:76:28:e5:
                    65:f5:72:d0:29:20:eb:b8:b2:58:6c:2e:13:64:7a:
                    9f:13:e7:95:be:4c:84:93:21:ea:a6:55:52:bd:81:
                    eb:78:80:b4:cf:68:39:53:05:fe:73:9a:ea:f6:28:
                    71:b4:e0:e9:54:21:0e:b6:fe:a6:96:41:55:d4:38:
                    b4:86:32:36:60:09:0e:8b:9b:c7:cf:67:97:66:b8:
                    36:4a:04:93:ef:0c:ae:59:5a:9f:7f:23:43:4d:b9:
                    ff:e3:44:60:b5:20:46:18:a3:6f:ca:3e:0a:8f:9c:
                    0a:96:32:31:4a:f9:46:e2:02:b8:48:24:fe:cf:60:
                    5e:c7:d2:00:62:0a:3a:ff:8a:e4:f1:c9:84:a9:0c:
                    ad:f1:8f:8c:ce:24:44:5f:7b:5b:aa:51:8d:91:a2:
                    bb:6f:db:c2:fa:e0:ac:9b:0c:46:de:4a:b0:3d:90:
                    26:94:43:ca:ed:7b:83:e8:f4:12:4f:3e:6e:30:a5:
                    f8:bb:e3:d5:27:f0:e6:b9:00:26:5c:52:7b:54:b9:
                    65:b1:03:d2:f4:56:c7:e2:b4:e3:25:de:fb:e2:70:
                    5e:85:e0:02:80:89:90:e2:66:86:45:69:c0:81:7d:
                    95:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:86:68:34:46:FF:AF:30:FA:DF:8A:45:70:19:6B:D9:DF:60:25:3D
            X509v3 Authority Key Identifier:
                keyid:FD:6A:B8:E1:4D:E1:80:D0:6C:91:81:AE:89:BC:39:0F:8C:41:67:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8EE2/ABE4C34074C911EF8A3602AD762E951A/_Wq44U3hgNBskYGuibw5D4xBZ1M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_Wq44U3hgNBskYGuibw5D4xBZ1M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8EE2/ABE4C34074C911EF8A3602AD762E951A/047D06CA74CA11EFA97DF4B0762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.119.144.0/20
                IPv6:
                  2c0f:f6f0::/32

    Signature Algorithm: sha256WithRSAEncryption
         24:5d:19:73:8e:d9:71:95:a1:72:fb:8b:c7:5a:3b:d9:1a:81:
         50:23:4b:8a:a9:63:6d:dd:e0:dd:2a:2c:87:5f:a4:f8:bd:ef:
         a4:18:67:42:bf:17:e2:01:d4:00:f6:76:c1:da:ec:89:f8:91:
         74:a8:c0:5b:20:89:ec:25:42:5e:ac:80:db:69:5d:df:af:d3:
         9f:1f:ad:4f:0e:83:39:66:e7:28:76:24:58:63:c6:2f:65:db:
         35:20:94:1e:06:59:7f:76:d9:93:b8:53:db:3f:32:29:da:b0:
         8c:81:cf:74:e9:c7:57:02:d5:5c:9d:98:9e:58:0e:3d:f1:94:
         b7:8d:64:15:91:29:20:e6:54:6f:00:b3:bb:58:a8:92:1c:b2:
         11:89:3a:60:91:f2:e5:f2:fe:d4:11:16:69:9a:a4:2a:b7:94:
         10:52:47:27:ef:47:8f:d0:f8:7d:78:0b:c3:7f:16:ff:fe:93:
         ca:cd:c9:b7:ab:bc:3f:bf:da:70:82:e1:4e:41:ee:ec:53:04:
         0a:8f:3f:e0:8f:31:8a:1d:05:5b:f3:4b:08:32:38:19:02:b2:
         ff:8e:c9:65:7d:98:fc:d8:88:7a:10:6c:f7:fb:c8:b3:84:4e:
         11:5a:dc:26:92:9f:51:00:0e:8c:b3:18:b0:39:b5:a7:4a:8a:
         e4:a5:bf:35
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
OEVFMkFGMTEwLwYDVQQFEyhGRDZBQjhFMTRERTE4MEQwNkM5MTgxQUU4OUJDMzkw
RjhDNDE2NzUzMB4XDTI0MDkxNzA3NTQwNVoXDTI5MDkzMDA3NTQwNVowGDEWMBQG
A1UEAxMNNjZlOTM1YTAtYjNmMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORc3CQoaprHZIi6ByHO9I9elGwz/DojwarYdijlZfVy0Ckg67iyWGwuE2R6
nxPnlb5MhJMh6qZVUr2B63iAtM9oOVMF/nOa6vYocbTg6VQhDrb+ppZBVdQ4tIYy
NmAJDoubx89nl2a4NkoEk+8Mrllan38jQ025/+NEYLUgRhijb8o+Co+cCpYyMUr5
RuICuEgk/s9gXsfSAGIKOv+K5PHJhKkMrfGPjM4kRF97W6pRjZGiu2/bwvrgrJsM
Rt5KsD2QJpRDyu17g+j0Ek8+bjCl+Lvj1Sfw5rkAJlxSe1S5ZbED0vRWx+K04yXe
++JwXoXgAoCJkOJmhkVpwIF9lUkCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQchmg0
Rv+vMPrfikVwGWvZ32AlPTAfBgNVHSMEGDAWgBT9arjhTeGA0GyRga6JvDkPjEFn
UzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjhFRTIvQUJFNEMzNDA3NEM5MTFFRjhBMzYwMkFENzYyRTk1MUEvX1dxNDRV
M2hnTkJza1lHdWlidzVENHhCWjFNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX1dxNDRVM2hnTkJza1lHdWlidzVENHhCWjFNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjhFRTIvQUJFNEMzNDA3NEM5MTFFRjhBMzYwMkFENzYy
RTk1MUEvMDQ3RDA2Q0E3NENBMTFFRkE5N0RGNEIwNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBJp3kDANBAIAAjAHAwUALA/2
8DANBgkqhkiG9w0BAQsFAAOCAQEAJF0Zc47ZcZWhcvuLx1o72RqBUCNLiqljbd3g
3Sosh1+k+L3vpBhnQr8X4gHUAPZ2wdrsifiRdKjAWyCJ7CVCXqyA22ld36/Tnx+t
Tw6DOWbnKHYkWGPGL2XbNSCUHgZZf3bZk7hT2z8yKdqwjIHPdOnHVwLVXJ2YnlgO
PfGUt41kFZEpIOZUbwCzu1iokhyyEYk6YJHy5fL+1BEWaZqkKreUEFJHJ+9Hj9D4
fXgLw38W//6Tys3Jt6u8P7/acILhTkHu7FMECo8/4I8xih0FW/NLCDI4GQKy/47J
ZX2Y/NiIehBs9/vIs4ROEVrcJpKfUQAOjLMYsDm1p0qK5KW/NQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org