Route Origin Authorization

$ cd rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/

$ rpki-client -vvf 244309DEECB211EC951559D1F1222468.roa
File:                     244309DEECB211EC951559D1F1222468.roa (download)
Hash identifier:          z+B7fFlEDS3VUGxC1rgpBvTzqPpIDy9GXqUY588zrvM=
Subject key identifier:   89:95:2E:A9:5F:8F:0C:D2:EB:27:87:8D:AA:90:E4:14:A8:C8:7C:A7
Certificate issuer:       /CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
Certificate serial:       014D
Authority key identifier: 60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/244309DEECB211EC951559D1F1222468.roa
ROA valid until:          Jun 15 13:50:36 2030 GMT
asID:                     1239
IP address blocks:
    1: 102.217.104.0/24 maxlen: 24
    2: 102.217.106.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 333 (0x14d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
        Validity
            Not Before: Jun 15 13:50:36 2022 GMT
            Not After : Jun 15 13:50:36 2030 GMT
        Subject: CN=62a9e3b0-35a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b1:c1:5a:5e:5b:45:0d:6b:d5:f8:d3:4d:59:
                    4f:05:09:24:da:92:92:fe:84:b1:38:4c:b4:e9:af:
                    4b:7d:28:65:cc:41:3b:94:01:fa:00:dd:f5:61:5b:
                    09:b7:24:2c:d4:3d:ba:da:e5:85:c7:22:e7:e1:a5:
                    57:59:80:b6:6f:df:58:25:9f:bb:35:62:25:fa:77:
                    96:fe:83:fd:d1:cc:7b:a4:09:b7:49:fe:30:58:fe:
                    0f:f2:5d:fe:f8:43:50:d5:42:33:76:5d:35:25:f0:
                    8b:c1:b8:a2:cf:21:07:f5:ab:de:fa:01:c6:59:68:
                    7c:41:1c:87:8e:4d:15:6b:63:67:99:90:3a:6d:8a:
                    e4:8e:89:0d:15:a3:60:b2:a2:f5:aa:e3:18:08:e2:
                    05:b9:b4:e3:95:3b:0d:0b:66:ca:64:95:be:d0:09:
                    df:8a:6b:50:7f:32:3e:0f:b3:b1:81:1d:4f:cc:a4:
                    b5:5a:13:2b:30:90:f0:69:72:c3:3b:7b:f9:30:53:
                    a1:2e:c4:93:95:d0:5f:6e:c7:49:8e:bf:37:f8:a7:
                    98:3b:85:f8:fc:90:26:fd:51:67:c2:3b:45:b8:ac:
                    ed:2f:a1:50:07:27:1c:69:b6:ca:cc:82:b9:6e:14:
                    86:74:5c:51:bb:d1:0e:18:88:85:83:96:58:7d:71:
                    1f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                89:95:2E:A9:5F:8F:0C:D2:EB:27:87:8D:AA:90:E4:14:A8:C8:7C:A7
            X509v3 Authority Key Identifier: 
                keyid:60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/244309DEECB211EC951559D1F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.104.0/24
                  102.217.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:8e:fd:1b:d2:9c:79:57:c9:cf:b6:f2:63:3d:07:af:be:3f:
         e8:08:c5:54:d7:17:3e:a9:80:36:a7:d5:5f:37:2f:f0:11:0e:
         96:fd:f0:36:4f:01:97:b9:d4:88:87:52:4a:32:32:c3:dc:48:
         bc:dc:c7:90:dd:5a:ee:2b:33:e3:25:74:fa:93:17:cd:34:8a:
         20:18:e8:fb:b6:8f:31:8a:2c:7f:66:96:3c:77:11:38:e8:af:
         6d:31:d4:59:7c:38:ea:12:7c:4b:1f:56:f4:3c:c1:9c:37:15:
         16:12:f6:e8:0f:a4:b6:10:e8:a0:61:a2:81:e8:df:11:94:84:
         e4:34:3f:56:88:31:f7:0a:28:ea:a8:0b:38:1d:df:b2:6e:97:
         8b:80:b2:32:15:02:df:29:e1:7f:49:1a:4f:0a:73:65:fa:80:
         b5:78:1d:89:80:0c:1d:ec:5d:5f:ea:c9:9a:7c:6f:c1:5e:72:
         ed:e9:e7:da:40:f3:47:ff:60:02:b1:19:d1:b1:12:28:30:16:
         3a:15:8a:65:71:3b:c5:15:7e:dd:68:f3:42:b1:b6:98:21:47:
         8c:c7:16:c8:0b:e1:7f:76:c1:d4:a7:4f:66:dc:42:21:d8:ea:
         e1:18:0c:5c:11:39:a4:ae:e3:59:78:90:31:3a:f9:f5:c4:c5:
         ec:78:ea:a3
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAU0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MTQ2NTlBRjExMC8GA1UEBRMoNjBBMEU1RDFBQzY2QzhBRTNCN0M5RTZBOEVGNUJD
MDRCOEJCQjg4RTAeFw0yMjA2MTUxMzUwMzZaFw0zMDA2MTUxMzUwMzZaMBgxFjAU
BgNVBAMMDTYyYTllM2IwLTM1YTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjscFaXltFDWvV+NNNWU8FCSTakpL+hLE4TLTpr0t9KGXMQTuUAfoA3fVh
Wwm3JCzUPbra5YXHIufhpVdZgLZv31gln7s1YiX6d5b+g/3RzHukCbdJ/jBY/g/y
Xf74Q1DVQjN2XTUl8IvBuKLPIQf1q976AcZZaHxBHIeOTRVrY2eZkDptiuSOiQ0V
o2CyovWq4xgI4gW5tOOVOw0LZspklb7QCd+Ka1B/Mj4Ps7GBHU/MpLVaEyswkPBp
csM7e/kwU6EuxJOV0F9ux0mOvzf4p5g7hfj8kCb9UWfCO0W4rO0voVAHJxxptsrM
grluFIZ0XFG70Q4YiIWDllh9cR//AgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUiZUu
qV+PDNLrJ4eNqpDkFKjIfKcwHwYDVR0jBBgwFoAUYKDl0axmyK47fJ5qjvW8BLi7
uI4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVBNDBENTc3L1lLRGww
YXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1lLRGwwYXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVB
NDBENTc3LzI0NDMwOURFRUNCMjExRUM5NTE1NTlEMUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABm2WgDBABm2WowDQYJKoZI
hvcNAQELBQADggEBAB+O/RvSnHlXyc+28mM9B6++P+gIxVTXFz6pgDan1V83L/AR
Dpb98DZPAZe51IiHUkoyMsPcSLzcx5DdWu4rM+MldPqTF800iiAY6Pu2jzGKLH9m
ljx3ETjor20x1Fl8OOoSfEsfVvQ8wZw3FRYS9ugPpLYQ6KBhooHo3xGUhOQ0P1aI
MfcKKOqoCzgd37Jul4uAsjIVAt8p4X9JGk8Kc2X6gLV4HYmADB3sXV/qyZp8b8Fe
cu3p59pA80f/YAKxGdGxEigwFjoVimVxO8UVft1o80KxtpghR4zHFsgL4X92wdSn
T2bcQiHY6uEYDFwROaSu41l4kDE6+fXExex46qM=
-----END CERTIFICATE-----
Generated at Fri Dec 2 11:42:43 2022 by rpki-client.