Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/B104455EBE9D11EE832320A9775412E6.roa
File:                     B104455EBE9D11EE832320A9775412E6.roa (raw, json)
Hash identifier:          NYNFo4d1hV3NuNv2EFx6eQE3ZKc/gOgb/XmK5mngB5c=
Subject key identifier:   37:82:EF:B7:C7:24:DA:28:FF:E1:63:81:B1:21:96:10:D7:E8:7E:EE
Certificate issuer:       /CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Certificate serial:       18
Authority key identifier: CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/B104455EBE9D11EE832320A9775412E6.roa
Signing time:             Mon 29 Jan 2024 11:58:18 +0000
ROA not before:           Mon 29 Jan 2024 11:58:15 +0000
ROA not after:            Thu 29 Jan 2026 11:58:15 +0000
asID:                     21003
IP address blocks:        102.214.107.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 04 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24 (0x18)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
        Validity
            Not Before: Jan 29 11:58:15 2024 GMT
            Not After : Jan 29 11:58:15 2026 GMT
        Subject: CN=65b792da-7309
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:04:40:a1:cf:be:23:b4:db:ec:ba:81:65:e7:
                    25:14:5a:0f:69:4b:1b:63:42:e3:8e:c7:10:da:ad:
                    19:34:89:95:33:21:7a:54:58:b8:a7:5d:d1:1e:72:
                    d5:17:c0:e5:b6:7f:ae:2c:8a:60:da:40:c2:f4:2b:
                    69:d3:ab:fa:30:1b:68:ad:3d:5c:32:9c:f0:05:73:
                    92:6b:8d:bb:ba:4b:15:76:bc:ae:ea:48:34:a7:e8:
                    e8:00:50:f0:df:21:b2:bc:17:e7:a5:e3:ee:66:94:
                    ba:f4:60:5c:2b:3b:d2:b0:5a:34:83:46:26:d6:89:
                    af:85:69:f6:22:3a:71:7d:48:5d:99:b4:92:92:40:
                    3a:a2:ad:46:cc:83:54:d5:88:73:db:43:cf:98:dc:
                    9a:f7:7a:b5:75:5d:0d:46:70:e1:46:aa:1c:b4:51:
                    cf:51:a3:fb:d5:1d:42:4d:fa:56:0a:c7:23:56:d3:
                    e3:99:c6:51:31:ec:52:68:3d:3c:bc:ce:74:4e:d6:
                    b5:9c:4f:f6:3b:c0:67:39:fa:49:dc:b5:74:91:3b:
                    66:c6:e4:71:81:0d:0f:be:4b:0d:ec:d6:a1:e6:2d:
                    60:e6:c3:02:51:99:77:0d:08:10:3b:66:51:97:b5:
                    b7:16:f4:b2:eb:71:1f:e6:b5:ed:2a:56:09:25:ac:
                    d5:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:82:EF:B7:C7:24:DA:28:FF:E1:63:81:B1:21:96:10:D7:E8:7E:EE
            X509v3 Authority Key Identifier:
                keyid:CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/B104455EBE9D11EE832320A9775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.214.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:c1:8b:60:fd:3b:f9:07:7c:5a:86:b2:2d:b4:8e:5f:f6:e0:
         8f:f0:f4:17:c1:21:3c:13:6b:f5:5d:94:31:c9:a3:20:28:8a:
         ec:d5:eb:e7:28:fa:ba:d3:e3:19:63:b2:9e:27:14:81:ab:b1:
         2e:e3:43:f2:4c:7d:0b:7b:93:ba:b9:4f:12:27:d6:cb:46:61:
         53:09:2e:2e:9c:35:86:12:ad:ce:52:fe:ba:78:de:82:bf:27:
         22:70:e9:90:b1:85:d1:3b:7c:37:dc:65:54:dc:42:6e:0d:93:
         93:76:a0:d6:61:54:65:3c:9e:eb:97:ee:c2:d5:9d:ba:a1:f1:
         a9:01:f2:dc:36:ea:63:16:ad:4e:51:f9:e3:7c:b8:c4:22:0f:
         f2:1b:7f:9b:3b:88:7c:65:a1:96:f3:36:11:22:ae:bd:31:3f:
         58:d4:dc:af:9e:cb:c0:2c:af:a7:fd:1b:55:fc:9d:3f:3b:47:
         24:40:4c:25:29:2d:b0:99:7e:bb:ea:0a:ac:d9:2c:08:f9:02:
         0e:b2:18:9b:d8:25:17:6f:d2:8f:2e:fa:72:f0:db:b1:6a:f9:
         96:7c:ea:bb:aa:09:3c:42:f2:ba:50:64:f6:72:09:18:72:dd:
         09:f5:d3:65:82:08:1e:83:46:73:be:dc:78:3f:d4:c4:f5:a3:
         b4:98:b9:ed
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBGDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MTRBQUFGMTEwLwYDVQQFEyhDRDUyMzJCNjNDNkE4MzI5OTBDODY3MDdDQjczOUJE
QzA0REI5QTU5MB4XDTI0MDEyOTExNTgxNVoXDTI2MDEyOTExNTgxNVowGDEWMBQG
A1UEAxMNNjViNzkyZGEtNzMwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQEQKHPviO02+y6gWXnJRRaD2lLG2NC447HENqtGTSJlTMhelRYuKdd0R5y
1RfA5bZ/riyKYNpAwvQradOr+jAbaK09XDKc8AVzkmuNu7pLFXa8rupINKfo6ABQ
8N8hsrwX56Xj7maUuvRgXCs70rBaNINGJtaJr4Vp9iI6cX1IXZm0kpJAOqKtRsyD
VNWIc9tDz5jcmvd6tXVdDUZw4UaqHLRRz1Gj+9UdQk36VgrHI1bT45nGUTHsUmg9
PLzOdE7WtZxP9jvAZzn6Sdy1dJE7ZsbkcYEND75LDezWoeYtYObDAlGZdw0IEDtm
UZe1txb0sutxH+a17SpWCSWs1SMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ3gu+3
xyTaKP/hY4GxIZYQ1+h+7jAfBgNVHSMEGDAWgBTNUjK2PGqDKZDIZwfLc5vcBNua
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1NDEyRTYvelZJeXRq
eHFneW1ReUdjSHkzT2IzQVRibWxrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvelZJeXRqeHFneW1ReUdjSHkzT2IzQVRibWxrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1
NDEyRTYvQjEwNDQ1NUVCRTlEMTFFRTgzMjMyMEE5Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbWazANBgkqhkiG9w0BAQsF
AAOCAQEAmMGLYP07+Qd8WoayLbSOX/bgj/D0F8EhPBNr9V2UMcmjICiK7NXr5yj6
utPjGWOynicUgauxLuND8kx9C3uTurlPEifWy0ZhUwkuLpw1hhKtzlL+unjegr8n
InDpkLGF0Tt8N9xlVNxCbg2Tk3ag1mFUZTye65fuwtWduqHxqQHy3DbqYxatTlH5
43y4xCIP8ht/mzuIfGWhlvM2ESKuvTE/WNTcr57LwCyvp/0bVfydPztHJEBMJSkt
sJl+u+oKrNksCPkCDrIYm9glF2/Sjy76cvDbsWr5lnzqu6oJPELyulBk9nIJGHLd
CfXTZYIIHoNGc77ceD/UxPWjtJi57Q==
-----END CERTIFICATE-----