Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/32BBE680551611ED808EE9ECF1222468.roa
File:                     32BBE680551611ED808EE9ECF1222468.roa (raw, json)
Hash identifier:          PhozUMqCVbQsDmss0bRNvK3YbO5NMxc9X4gEYotbH70=
Subject key identifier:   75:01:F4:56:F4:C9:9E:F0:94:CE:B7:C9:BD:E6:A8:11:3C:89:F9:CA
Certificate issuer:       /CN=F361B08DAF/serialNumber=0D24CFE5FF586C3299DDEB79A0EF552EC27AA9A1
Certificate serial:       04F6
Authority key identifier: 0D:24:CF:E5:FF:58:6C:32:99:DD:EB:79:A0:EF:55:2E:C2:7A:A9:A1
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/32BBE680551611ED808EE9ECF1222468.roa
Signing time:             Wed 26 Oct 2022 10:08:55 +0000
ROA not before:           Wed 26 Oct 2022 10:08:51 +0000
ROA not after:            Tue 26 Oct 2032 10:08:51 +0000
asID:                     328350
IP address blocks:        102.132.0.0/20 maxlen: 24
                          2c0f:1980::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1270 (0x4f6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F361B08DAF/serialNumber=0D24CFE5FF586C3299DDEB79A0EF552EC27AA9A1
        Validity
            Not Before: Oct 26 10:08:51 2022 GMT
            Not After : Oct 26 10:08:51 2032 GMT
        Subject: CN=63590737-d630
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:17:cb:7e:aa:f3:1c:19:3b:61:0c:67:4a:74:
                    97:fd:bc:d7:68:a0:bb:b2:4c:7f:f9:04:5f:3f:8b:
                    ba:07:71:09:34:20:8d:a3:ea:09:1b:d1:ae:26:c9:
                    63:18:95:46:47:0f:a7:e5:e3:36:65:2d:4d:82:a3:
                    2f:f9:0b:2e:23:cf:c5:7a:e3:3d:ee:ad:e6:57:06:
                    4f:e6:27:c3:9d:aa:2d:ec:3b:06:89:c9:4a:64:00:
                    68:b6:94:22:83:ac:81:8f:8b:2f:39:94:24:d2:14:
                    0a:03:00:e7:09:3c:a3:66:63:fe:be:0a:cd:e5:f9:
                    eb:fb:b9:9c:fe:e1:b9:cb:5a:c4:96:1b:0f:e2:78:
                    a2:fa:66:dc:da:01:27:ca:3b:61:d4:25:25:11:2d:
                    27:91:7c:37:25:87:98:01:62:26:be:e9:58:98:82:
                    46:4a:63:83:5c:1d:81:23:aa:93:af:14:88:3f:3a:
                    16:0e:4d:3e:5e:8c:f2:74:08:5d:44:fe:cf:1d:f7:
                    db:51:27:a4:c0:b1:ed:a2:b4:17:77:0c:a4:a9:f5:
                    b5:08:2b:d3:15:98:b9:fb:02:2e:bf:9a:2b:18:88:
                    09:9e:17:55:31:db:67:96:f6:e7:00:4a:8e:c6:db:
                    b4:d3:34:41:b2:de:4c:1c:2b:7f:69:50:82:1e:91:
                    bc:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:01:F4:56:F4:C9:9E:F0:94:CE:B7:C9:BD:E6:A8:11:3C:89:F9:CA
            X509v3 Authority Key Identifier:
                keyid:0D:24:CF:E5:FF:58:6C:32:99:DD:EB:79:A0:EF:55:2E:C2:7A:A9:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/32BBE680551611ED808EE9ECF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.132.0.0/20
                IPv6:
                  2c0f:1980::/32

    Signature Algorithm: sha256WithRSAEncryption
         3d:88:6e:92:86:3d:fb:f4:23:72:9e:39:e8:8b:0b:ea:4a:79:
         db:e3:df:cc:ac:7d:5f:07:5f:b9:21:4d:03:7d:4e:e2:e5:a8:
         aa:7c:f8:4a:43:d5:93:0b:3d:e0:aa:b7:9e:7d:6f:e0:1e:f6:
         ca:95:86:0a:17:92:79:e3:9f:ea:4a:4d:22:a5:08:dc:f5:83:
         9a:58:7e:dc:4f:a8:69:53:95:a4:a1:d3:fd:e5:77:1b:ef:93:
         fa:da:80:c5:7f:ef:7b:08:81:30:f9:15:c0:ed:09:ce:eb:2e:
         30:1b:7d:e8:fa:5f:6c:f8:04:5f:7f:92:56:16:26:bf:a4:dd:
         fe:ed:50:b2:0e:e2:73:f5:33:94:cd:0f:8c:9d:66:0c:bf:a7:
         ad:c4:37:aa:2d:b1:77:dc:29:1e:2a:eb:3d:82:e2:99:7f:b3:
         c7:46:e4:d8:8f:5a:28:8f:0d:44:c5:ff:b4:47:97:2e:94:8c:
         9a:3d:e4:0b:f0:f7:0e:40:49:5c:a2:4d:15:54:d6:75:8c:22:
         41:33:ab:d6:a9:eb:a6:3d:63:5f:39:d4:49:4e:e0:88:6d:2a:
         13:c9:01:f1:92:16:1b:3b:e1:15:df:0b:04:8c:84:46:0a:23:
         ad:d3:e7:13:0d:b8:cb:e1:8e:f9:c9:cc:d4:50:3f:6d:a1:c9:
         4c:49:92:ab
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBPYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MUIwOERBRjExMC8GA1UEBRMoMEQyNENGRTVGRjU4NkMzMjk5RERFQjc5QTBFRjU1
MkVDMjdBQTlBMTAeFw0yMjEwMjYxMDA4NTFaFw0zMjEwMjYxMDA4NTFaMBgxFjAU
BgNVBAMMDTYzNTkwNzM3LWQ2MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCuF8t+qvMcGTthDGdKdJf9vNdooLuyTH/5BF8/i7oHcQk0II2j6gkb0a4m
yWMYlUZHD6fl4zZlLU2Coy/5Cy4jz8V64z3ureZXBk/mJ8Odqi3sOwaJyUpkAGi2
lCKDrIGPiy85lCTSFAoDAOcJPKNmY/6+Cs3l+ev7uZz+4bnLWsSWGw/ieKL6Ztza
ASfKO2HUJSURLSeRfDclh5gBYia+6ViYgkZKY4NcHYEjqpOvFIg/OhYOTT5ejPJ0
CF1E/s8d99tRJ6TAse2itBd3DKSp9bUIK9MVmLn7Ai6/misYiAmeF1Ux22eW9ucA
So7G27TTNEGy3kwcK39pUIIekbxPAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUdQH0
VvTJnvCUzrfJveaoETyJ+cowHwYDVR0jBBgwFoAUDSTP5f9YbDKZ3et5oO9VLsJ6
qaEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjFCMDhEL0NCQzdEMjAyODZFOTExRTk5RTlDQkE0RUY4QUVBMjI4L0RTVFA1
ZjlZYkRLWjNldDVvTzlWTHNKNnFhRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0RTVFA1ZjlZYkRLWjNldDVvTzlWTHNKNnFhRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjFCMDhEL0NCQzdEMjAyODZFOTExRTk5RTlDQkE0RUY4
QUVBMjI4LzMyQkJFNjgwNTUxNjExRUQ4MDhFRTlFQ0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBARmhAAwDQQCAAIwBwMFACwP
GYAwDQYJKoZIhvcNAQELBQADggEBAD2IbpKGPfv0I3KeOeiLC+pKedvj38ysfV8H
X7khTQN9TuLlqKp8+EpD1ZMLPeCqt559b+Ae9sqVhgoXknnjn+pKTSKlCNz1g5pY
ftxPqGlTlaSh0/3ldxvvk/ragMV/73sIgTD5FcDtCc7rLjAbfej6X2z4BF9/klYW
Jr+k3f7tULIO4nP1M5TND4ydZgy/p63EN6otsXfcKR4q6z2C4pl/s8dG5NiPWiiP
DUTF/7RHly6UjJo95Avw9w5ASVyiTRVU1nWMIkEzq9ap66Y9Y1851ElO4IhtKhPJ
AfGSFhs74RXfCwSMhEYKI63T5xMNuMvhjvnJzNRQP22hyUxJkqs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:31 2024 by rpki-client on console-ams.rpki-client.org