Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/BC46616C9AFB11ECA18A8A895A40D577.roa
File:                     BC46616C9AFB11ECA18A8A895A40D577.roa (raw, json)
Hash identifier:          siGB+YyYJADyfug/WgaGsUNasPkOvZWP4/Iz9BLePsI=
Subject key identifier:   56:43:6C:34:27:13:F9:60:ED:51:51:E1:BD:DE:92:1C:85:CB:1E:DB
Certificate issuer:       /CN=F36FA13FAF/serialNumber=5A86F988A1231F86C972331285587ECF864BDB90
Certificate serial:       03BB
Authority key identifier: 5A:86:F9:88:A1:23:1F:86:C9:72:33:12:85:58:7E:CF:86:4B:DB:90
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/Wob5iKEjH4bJcjMShVh-z4ZL25A.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/BC46616C9AFB11ECA18A8A895A40D577.roa
Signing time:             Thu 03 Mar 2022 14:10:53 +0000
ROA not before:           Thu 03 Mar 2022 14:10:49 +0000
ROA not after:            Wed 03 Mar 2049 14:10:49 +0000
asID:                     6453
IP address blocks:        41.76.40.0/24 maxlen: 24
                          41.76.41.0/24 maxlen: 24
                          41.76.43.0/24 maxlen: 24
                          41.76.44.0/24 maxlen: 24
                          105.235.150.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/Wob5iKEjH4bJcjMShVh-z4ZL25A.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/Wob5iKEjH4bJcjMShVh-z4ZL25A.mft
                          rsync://rpki.afrinic.net/repository/afrinic/Wob5iKEjH4bJcjMShVh-z4ZL25A.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 955 (0x3bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FA13FAF/serialNumber=5A86F988A1231F86C972331285587ECF864BDB90
        Validity
            Not Before: Mar  3 14:10:49 2022 GMT
            Not After : Mar  3 14:10:49 2049 GMT
        Subject: CN=6220cc6d-0e28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:de:2a:86:44:c8:3c:df:15:ff:31:e6:57:4f:
                    0e:46:2c:ef:b1:82:e4:b2:79:fc:81:ba:32:52:60:
                    76:37:77:66:ba:73:3c:09:bf:22:e8:93:2a:02:58:
                    bb:bf:f0:cb:eb:33:f2:6c:26:2e:17:03:9d:6c:58:
                    33:93:d8:f3:6d:51:d1:2d:71:3a:46:ec:9f:07:49:
                    e1:59:68:82:6d:c5:f1:65:a4:11:e6:fd:41:d5:83:
                    d1:3e:27:5a:d8:fe:e9:2e:e6:33:b7:99:39:cd:b1:
                    fd:10:06:4c:89:e8:31:0f:10:1b:51:84:68:86:97:
                    4f:8b:02:2a:47:b9:15:17:aa:58:14:dd:8a:9e:08:
                    be:43:2d:cc:7a:1a:50:ea:fe:ef:bf:cc:ae:0d:fa:
                    e9:e8:6d:2b:fd:b2:b3:be:ba:e0:bd:5c:ff:f8:56:
                    9d:0b:c0:7b:a3:db:0b:30:a2:82:07:b8:09:4b:e0:
                    f1:04:d3:b4:19:b2:34:c0:9e:3c:1f:90:73:2c:5c:
                    6c:eb:12:f6:0d:de:17:f7:68:2e:f2:e8:30:67:8d:
                    2c:69:e3:69:db:60:19:27:34:4c:ac:e4:40:5a:f2:
                    7c:f6:b7:8b:0a:29:bb:56:90:d4:b4:2f:70:51:41:
                    9f:8d:a0:61:7d:1c:03:8d:4f:b0:5b:60:8d:6f:51:
                    b7:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:43:6C:34:27:13:F9:60:ED:51:51:E1:BD:DE:92:1C:85:CB:1E:DB
            X509v3 Authority Key Identifier:
                keyid:5A:86:F9:88:A1:23:1F:86:C9:72:33:12:85:58:7E:CF:86:4B:DB:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/Wob5iKEjH4bJcjMShVh-z4ZL25A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Wob5iKEjH4bJcjMShVh-z4ZL25A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/BC46616C9AFB11ECA18A8A895A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.40.0/23
                  41.76.43.0-41.76.44.255
                  105.235.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:71:f7:8b:17:a3:1e:5b:b5:b3:9f:11:27:7c:f7:74:ca:05:
         36:e3:54:39:2f:35:6f:a7:ba:65:ab:82:fb:f8:fd:0b:d7:b6:
         3b:23:0a:9b:9f:14:86:89:09:fe:3d:b7:a5:5e:9a:2b:e5:d3:
         e8:0e:12:67:83:41:0c:22:bd:81:f9:4f:f4:96:01:07:0b:ae:
         df:f7:ad:8a:53:29:78:23:72:cb:79:1b:d1:a1:67:7d:37:9a:
         30:73:b5:01:b3:20:7a:8e:98:84:ef:66:e4:22:ab:b9:91:9d:
         8d:23:4c:a2:3a:30:a1:fc:ee:fe:16:2c:bb:f0:d8:f6:4a:c4:
         b7:c0:cf:fe:08:63:cf:c9:97:9c:b7:e5:b8:1e:6b:5d:5f:14:
         8c:59:a8:92:61:c4:7d:b2:1f:47:18:e9:aa:e6:8f:b3:dc:69:
         88:62:c2:87:78:cd:bb:bc:b4:c7:5f:ff:06:f3:e3:92:d1:3b:
         26:3d:f3:df:03:57:61:b5:25:87:aa:d2:7e:28:57:4c:62:08:
         28:f0:e5:43:7f:cf:3e:4a:f4:df:da:e3:c5:a8:bc:96:4c:5c:
         3b:7d:8c:21:aa:ed:b0:01:b1:ca:a9:12:3f:03:c3:1e:37:81:
         67:89:56:e6:09:fc:60:f9:25:59:ce:05:4b:1d:e3:bf:0d:fc:
         df:0a:ff:ce
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICA7swDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkExM0ZBRjExMC8GA1UEBRMoNUE4NkY5ODhBMTIzMUY4NkM5NzIzMzEyODU1ODdF
Q0Y4NjRCREI5MDAeFw0yMjAzMDMxNDEwNDlaFw00OTAzMDMxNDEwNDlaMBgxFjAU
BgNVBAMMDTYyMjBjYzZkLTBlMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDX3iqGRMg83xX/MeZXTw5GLO+xguSyefyBujJSYHY3d2a6czwJvyLokyoC
WLu/8MvrM/JsJi4XA51sWDOT2PNtUdEtcTpG7J8HSeFZaIJtxfFlpBHm/UHVg9E+
J1rY/uku5jO3mTnNsf0QBkyJ6DEPEBtRhGiGl0+LAipHuRUXqlgU3YqeCL5DLcx6
GlDq/u+/zK4N+unobSv9srO+uuC9XP/4Vp0LwHuj2wswooIHuAlL4PEE07QZsjTA
njwfkHMsXGzrEvYN3hf3aC7y6DBnjSxp42nbYBknNEys5EBa8nz2t4sKKbtWkNS0
L3BRQZ+NoGF9HAONT7BbYI1vUbfbAgMBAAGjggK5MIICtTAdBgNVHQ4EFgQUVkNs
NCcT+WDtUVHhvd6SHIXLHtswHwYDVR0jBBgwFoAUWob5iKEjH4bJcjMShVh+z4ZL
25AwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTNGL0NEREJDNEM4QzRENzExRTk4QTA3NjMyNUY4QUVBMjI4L1dvYjVp
S0VqSDRiSmNqTVNoVmgtejRaTDI1QS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1dvYjVpS0VqSDRiSmNqTVNoVmgtejRaTDI1QS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZBMTNGL0NEREJDNEM4QzRENzExRTk4QTA3NjMyNUY4
QUVBMjI4L0JDNDY2MTZDOUFGQjExRUNBMThBOEE4OTVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoDBAEpTCgwDAMEAClMKwMEAClM
LAMEAGnrljANBgkqhkiG9w0BAQsFAAOCAQEARXH3ixejHlu1s58RJ3z3dMoFNuNU
OS81b6e6ZauC+/j9C9e2OyMKm58UhokJ/j23pV6aK+XT6A4SZ4NBDCK9gflP9JYB
Bwuu3/etilMpeCNyy3kb0aFnfTeaMHO1AbMgeo6YhO9m5CKruZGdjSNMojowofzu
/hYsu/DY9krEt8DP/ghjz8mXnLfluB5rXV8UjFmokmHEfbIfRxjpquaPs9xpiGLC
h3jNu7y0x1//BvPjktE7Jj3z3wNXYbUlh6rSfihXTGIIKPDlQ3/PPkr039rjxai8
lkxcO32MIartsAGxyqkSPwPDHjeBZ4lW5gn8YPklWc4FSx3jvw383wr/zg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:19 2024 by rpki-client on console-fra.rpki-client.org