Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/C0B67590BC5311EEA497C07F775412E6.roa
File:                     C0B67590BC5311EEA497C07F775412E6.roa (raw, json)
Hash identifier:          91oXBpg4I1tftytyNzYw21bZjbkIw+S8V4YAG0kXWMc=
Subject key identifier:   D3:FF:63:AA:FF:45:1F:8E:7E:E3:98:96:21:10:56:BE:52:E2:47:DA
Certificate issuer:       /CN=F36F8F4FAF/serialNumber=DC17A0EC58652D31896123A65610C3A32046556B
Certificate serial:       038F
Authority key identifier: DC:17:A0:EC:58:65:2D:31:89:61:23:A6:56:10:C3:A3:20:46:55:6B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/C0B67590BC5311EEA497C07F775412E6.roa
Signing time:             Fri 26 Jan 2024 14:04:00 +0000
ROA not before:           Fri 26 Jan 2024 14:03:56 +0000
ROA not after:            Mon 26 Jan 2026 14:03:56 +0000
asID:                     21003
IP address blocks:        41.208.64.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 911 (0x38f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F8F4FAF/serialNumber=DC17A0EC58652D31896123A65610C3A32046556B
        Validity
            Not Before: Jan 26 14:03:56 2024 GMT
            Not After : Jan 26 14:03:56 2026 GMT
        Subject: CN=65b3bbd0-14dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d2:c1:79:89:23:d5:05:9c:78:f3:ad:b9:01:
                    9c:9a:3c:4d:cf:19:cd:24:00:5a:34:aa:b1:d7:41:
                    3e:11:5c:05:41:64:f8:ae:1a:43:36:d3:bf:fd:35:
                    ed:08:0e:63:0e:a8:a1:39:27:b4:53:41:a6:10:4f:
                    82:de:84:ba:6a:07:60:a4:11:06:2a:82:11:7a:49:
                    b9:e5:f1:ec:56:e6:5e:9b:29:4f:e9:1d:a0:9a:90:
                    89:ea:86:7c:42:3e:b1:8e:8a:b2:a5:c8:c0:50:d0:
                    b3:91:33:e7:ca:79:92:bd:5b:6d:5d:19:da:b8:3f:
                    3f:60:16:1f:4c:3e:b3:7d:56:ab:2a:48:60:4d:33:
                    e1:ad:e0:18:bb:d0:a3:e3:1a:78:a6:9b:16:29:4c:
                    04:45:98:fb:0e:24:c5:78:b6:bf:95:b5:2a:a8:4d:
                    61:53:f7:03:a4:ca:31:7c:70:1b:e0:ce:4d:55:0a:
                    78:5a:e0:e3:ca:a2:c6:93:05:6b:35:e9:f6:bd:82:
                    0e:61:ab:e8:8a:01:fe:c0:3d:c9:d4:bd:f3:5c:0a:
                    30:bd:7d:c2:3c:f0:46:97:77:42:3e:80:44:25:bb:
                    02:45:2c:89:cc:4f:b9:67:c2:b0:4e:58:62:ce:7d:
                    0f:67:5d:83:4e:c9:26:f8:69:ec:69:c4:8c:12:cc:
                    c3:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:FF:63:AA:FF:45:1F:8E:7E:E3:98:96:21:10:56:BE:52:E2:47:DA
            X509v3 Authority Key Identifier:
                keyid:DC:17:A0:EC:58:65:2D:31:89:61:23:A6:56:10:C3:A3:20:46:55:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/C0B67590BC5311EEA497C07F775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.208.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         bd:a1:b7:f2:7e:5f:09:79:32:29:3e:4a:c8:83:15:78:7c:74:
         3f:14:49:3a:f3:5c:18:db:03:cc:c2:df:c3:b3:f2:56:a9:f7:
         30:e3:cc:8e:21:ff:fb:71:87:04:6f:ca:b6:ba:a4:74:54:f1:
         f2:e1:d2:0d:da:09:60:ae:34:36:8a:b6:fa:96:6a:5c:c7:3c:
         b5:36:57:5c:a6:b8:8c:2a:0e:1d:18:fc:35:67:a7:4f:e8:64:
         fb:85:ad:45:ef:5c:12:f8:11:2f:19:14:ab:e8:0f:59:bc:56:
         b3:c5:42:f3:4d:e7:7e:3e:a9:bd:50:76:19:59:94:89:00:ae:
         77:9a:88:f8:d8:71:cf:5b:89:9b:9f:e8:96:85:e3:ef:2b:42:
         82:2b:ae:8d:9d:d4:78:55:2b:e9:da:0e:81:42:fe:b1:b8:79:
         51:e6:c3:c1:2d:1d:a1:95:7c:dd:df:08:38:cb:2a:af:63:b2:
         0b:65:62:ed:a2:b9:56:87:74:b6:f3:a1:dd:f2:c2:f6:67:cd:
         c1:0e:4f:64:18:22:56:e5:5d:4b:54:22:7f:ad:37:d8:bf:75:
         b1:da:f2:91:5e:62:f8:10:6f:b8:17:ff:4e:1f:13:1f:c4:ac:
         b8:9d:ca:1b:33:04:02:7e:db:36:35:79:dd:35:b9:9b:f3:ac:
         b8:58:b1:54
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA48wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjhGNEZBRjExMC8GA1UEBRMoREMxN0EwRUM1ODY1MkQzMTg5NjEyM0E2NTYxMEMz
QTMyMDQ2NTU2QjAeFw0yNDAxMjYxNDAzNTZaFw0yNjAxMjYxNDAzNTZaMBgxFjAU
BgNVBAMTDTY1YjNiYmQwLTE0ZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCZ0sF5iSPVBZx48625AZyaPE3PGc0kAFo0qrHXQT4RXAVBZPiuGkM207/9
Ne0IDmMOqKE5J7RTQaYQT4LehLpqB2CkEQYqghF6Sbnl8exW5l6bKU/pHaCakInq
hnxCPrGOirKlyMBQ0LORM+fKeZK9W21dGdq4Pz9gFh9MPrN9VqsqSGBNM+Gt4Bi7
0KPjGnimmxYpTARFmPsOJMV4tr+VtSqoTWFT9wOkyjF8cBvgzk1VCnha4OPKosaT
BWs16fa9gg5hq+iKAf7APcnUvfNcCjC9fcI88EaXd0I+gEQluwJFLInMT7lnwrBO
WGLOfQ9nXYNOySb4aexpxIwSzMPlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0/9j
qv9FH45+45iWIRBWvlLiR9owHwYDVR0jBBgwFoAU3Beg7FhlLTGJYSOmVhDDoyBG
VWswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY4RjRGLzhBMzc3QkJDMkE3NTExRUM5MDgxNzU1OUQ4QTAxNENFLzNCZWc3
RmhsTFRHSllTT21WaEREb3lCR1ZXcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzNCZWc3RmhsTFRHSllTT21WaEREb3lCR1ZXcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY4RjRGLzhBMzc3QkJDMkE3NTExRUM5MDgxNzU1OUQ4
QTAxNENFL0MwQjY3NTkwQkM1MzExRUVBNDk3QzA3Rjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAYp0EAwDQYJKoZIhvcNAQEL
BQADggEBAL2ht/J+Xwl5Mik+SsiDFXh8dD8USTrzXBjbA8zC38Oz8lap9zDjzI4h
//txhwRvyra6pHRU8fLh0g3aCWCuNDaKtvqWalzHPLU2V1ymuIwqDh0Y/DVnp0/o
ZPuFrUXvXBL4ES8ZFKvoD1m8VrPFQvNN534+qb1QdhlZlIkArneaiPjYcc9biZuf
6JaF4+8rQoIrro2d1HhVK+naDoFC/rG4eVHmw8EtHaGVfN3fCDjLKq9jsgtlYu2i
uVaHdLbzod3ywvZnzcEOT2QYIlblXUtUIn+tN9i/dbHa8pFeYvgQb7gX/04fEx/E
rLidyhszBAJ+2zY1ed01uZvzrLhYsVQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:48:49 2024 by rpki-client on console-ams.rpki-client.org