Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/BDD4C4A0A5A011ED9F22008AF1222468.roa
File:                     BDD4C4A0A5A011ED9F22008AF1222468.roa (raw, json)
Hash identifier:          zyHxgqSm8HgIzt+o2fBVylQnkYUNSZKMhsc7vZVxZaI=
Subject key identifier:   D2:34:54:EC:CF:07:17:2C:05:CC:77:A0:EE:1C:6D:C3:B8:CF:EA:68
Certificate issuer:       /CN=F36F8F4FAF/serialNumber=DC17A0EC58652D31896123A65610C3A32046556B
Certificate serial:       01FE
Authority key identifier: DC:17:A0:EC:58:65:2D:31:89:61:23:A6:56:10:C3:A3:20:46:55:6B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/BDD4C4A0A5A011ED9F22008AF1222468.roa
Signing time:             Sun 05 Feb 2023 22:02:12 +0000
ROA not before:           Mon 06 Feb 2023 22:02:08 +0000
ROA not after:            Thu 06 Feb 2025 22:02:08 +0000
asID:                     21003
IP address blocks:        41.252.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 510 (0x1fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F8F4FAF/serialNumber=DC17A0EC58652D31896123A65610C3A32046556B
        Validity
            Not Before: Feb  6 22:02:08 2023 GMT
            Not After : Feb  6 22:02:08 2025 GMT
        Subject: CN=63e02764-0f8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f4:5f:91:e5:a8:e7:8f:de:aa:fc:5d:fc:c4:
                    c2:a1:84:7d:fd:90:46:08:3a:ad:b4:53:59:e6:e6:
                    b5:ab:d0:78:7d:9e:ac:18:22:46:16:8f:36:0d:e8:
                    1b:58:98:7c:db:8d:8e:0e:e1:83:f5:f1:81:6a:2d:
                    61:8c:19:f9:e7:fe:80:8b:17:3a:22:49:21:32:97:
                    01:ae:0b:1a:bd:5e:ed:f6:60:b3:67:fc:d4:e9:db:
                    d6:80:09:29:4c:d0:ea:09:27:61:06:12:19:4c:5b:
                    12:61:99:1a:ed:58:1a:11:1a:46:b0:09:82:5b:b4:
                    d8:9d:fb:33:d3:fe:82:4c:1f:74:87:f6:fe:97:d2:
                    21:83:b5:35:28:af:a8:db:66:96:7f:30:72:da:1a:
                    d3:63:bd:25:6e:e2:7b:e6:70:8b:15:a8:dc:5e:48:
                    02:8d:72:21:56:6b:79:98:4a:21:9b:64:f9:d1:5a:
                    df:f7:fd:56:f5:b3:ae:15:f0:67:d9:83:cb:24:b5:
                    eb:f5:a3:97:36:8c:e4:7c:b0:ea:dc:ed:89:e9:4c:
                    f9:66:5e:5e:ef:00:c9:72:74:b9:66:42:42:2d:94:
                    34:4c:46:2b:57:68:3a:34:b6:2f:77:74:29:28:8a:
                    f4:1e:db:ae:f6:d7:05:c3:19:29:5c:a8:1c:39:af:
                    9d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:34:54:EC:CF:07:17:2C:05:CC:77:A0:EE:1C:6D:C3:B8:CF:EA:68
            X509v3 Authority Key Identifier:
                keyid:DC:17:A0:EC:58:65:2D:31:89:61:23:A6:56:10:C3:A3:20:46:55:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/BDD4C4A0A5A011ED9F22008AF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.252.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         7c:36:c7:79:ee:f8:ed:ac:f9:9c:30:73:69:3d:d3:6c:2b:09:
         8d:de:f2:6b:c2:ad:15:eb:ba:1e:2d:db:8b:14:3a:30:00:71:
         f2:48:dc:12:e3:c2:11:18:f9:57:1a:1d:66:76:40:27:54:3f:
         ba:04:f4:95:cb:6a:7e:98:81:06:7e:85:00:82:0b:3d:c1:76:
         8f:99:6f:89:5c:a5:36:6c:2d:88:20:26:91:c1:62:ee:b6:44:
         4b:6f:01:d2:d4:05:60:03:38:1d:44:f2:b5:88:c2:0d:88:82:
         c5:b5:91:52:db:b1:30:4b:a0:1c:87:61:6e:d0:95:d2:dc:9f:
         81:0c:5a:3c:c6:e9:f9:c3:b7:35:f2:ce:3e:80:ef:b1:79:9b:
         91:32:90:75:3c:0c:e5:dc:f2:7c:d8:ec:be:98:cf:c4:c5:61:
         e5:08:c7:b9:5a:a1:7c:a0:c2:a8:a1:8e:6e:a9:eb:94:72:dc:
         0b:0c:96:4b:74:a4:55:4c:08:4b:53:87:9e:55:fa:74:bd:b1:
         df:7b:d7:d2:ed:65:b9:8e:95:e4:96:d1:16:db:d9:1a:0e:3c:
         6a:f5:db:05:ba:b7:25:a4:3d:f0:fa:c7:f4:6e:78:68:fd:a3:
         63:64:fc:92:96:4e:85:fc:fb:3e:16:24:77:a7:bf:04:e2:f4:
         0a:aa:6a:b1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAf4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RjhGNEZBRjExMC8GA1UEBRMoREMxN0EwRUM1ODY1MkQzMTg5NjEyM0E2NTYxMEMz
QTMyMDQ2NTU2QjAeFw0yMzAyMDYyMjAyMDhaFw0yNTAyMDYyMjAyMDhaMBgxFjAU
BgNVBAMMDTYzZTAyNzY0LTBmOGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCo9F+R5ajnj96q/F38xMKhhH39kEYIOq20U1nm5rWr0Hh9nqwYIkYWjzYN
6BtYmHzbjY4O4YP18YFqLWGMGfnn/oCLFzoiSSEylwGuCxq9Xu32YLNn/NTp29aA
CSlM0OoJJ2EGEhlMWxJhmRrtWBoRGkawCYJbtNid+zPT/oJMH3SH9v6X0iGDtTUo
r6jbZpZ/MHLaGtNjvSVu4nvmcIsVqNxeSAKNciFWa3mYSiGbZPnRWt/3/Vb1s64V
8GfZg8sktev1o5c2jOR8sOrc7YnpTPlmXl7vAMlydLlmQkItlDRMRitXaDo0ti93
dCkoivQe26721wXDGSlcqBw5r503AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQU0jRU
7M8HFywFzHeg7hxtw7jP6mgwHwYDVR0jBBgwFoAU3Beg7FhlLTGJYSOmVhDDoyBG
VWswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY4RjRGLzhBMzc3QkJDMkE3NTExRUM5MDgxNzU1OUQ4QTAxNENFLzNCZWc3
RmhsTFRHSllTT21WaEREb3lCR1ZXcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzNCZWc3RmhsTFRHSllTT21WaEREb3lCR1ZXcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY4RjRGLzhBMzc3QkJDMkE3NTExRUM5MDgxNzU1OUQ4
QTAxNENFL0JERDRDNEEwQTVBMDExRUQ5RjIyMDA4QUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwIp/DANBgkqhkiG9w0BAQsF
AAOCAQEAfDbHee747az5nDBzaT3TbCsJjd7ya8KtFeu6Hi3bixQ6MABx8kjcEuPC
ERj5VxodZnZAJ1Q/ugT0lctqfpiBBn6FAIILPcF2j5lviVylNmwtiCAmkcFi7rZE
S28B0tQFYAM4HUTytYjCDYiCxbWRUtuxMEugHIdhbtCV0tyfgQxaPMbp+cO3NfLO
PoDvsXmbkTKQdTwM5dzyfNjsvpjPxMVh5QjHuVqhfKDCqKGObqnrlHLcCwyWS3Sk
VUwIS1OHnlX6dL2x33vX0u1luY6V5JbRFtvZGg48avXbBbq3JaQ98PrH9G54aP2j
Y2T8kpZOhfz7PhYkd6e/BOL0CqpqsQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:48:49 2024 by rpki-client on console-ams.rpki-client.org