Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36285D3/47B43ADC88E311ED8F1952DAF1222468/785F3ED888E411EDA7896DDDF1222468.roa
File:                     785F3ED888E411EDA7896DDDF1222468.roa (raw, json)
Hash identifier:          Af4/msDcyFpqmxwzAX23v0Kw+lE9VDbg1+JP/yFkoaI=
Subject key identifier:   88:7B:FC:CF:55:0C:E3:02:6A:38:48:95:7A:EF:B4:F9:25:86:37:15
Certificate issuer:       /CN=F36285D3AF/serialNumber=12FD0DABC6CB1ADD442195276A0304E3E97277B1
Certificate serial:       02
Authority key identifier: 12:FD:0D:AB:C6:CB:1A:DD:44:21:95:27:6A:03:04:E3:E9:72:77:B1
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/Ev0Nq8bLGt1EIZUnagME4-lyd7E.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36285D3/47B43ADC88E311ED8F1952DAF1222468/785F3ED888E411EDA7896DDDF1222468.roa
Signing time:             Sat 31 Dec 2022 08:23:57 +0000
ROA not before:           Sat 31 Dec 2022 08:23:52 +0000
ROA not after:            Tue 31 Dec 2024 08:23:52 +0000
asID:                     328507
IP address blocks:        102.69.216.0/22 maxlen: 22
                          2c0f:ede0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36285D3/47B43ADC88E311ED8F1952DAF1222468/Ev0Nq8bLGt1EIZUnagME4-lyd7E.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36285D3/47B43ADC88E311ED8F1952DAF1222468/Ev0Nq8bLGt1EIZUnagME4-lyd7E.mft
                          rsync://rpki.afrinic.net/repository/afrinic/Ev0Nq8bLGt1EIZUnagME4-lyd7E.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36285D3AF/serialNumber=12FD0DABC6CB1ADD442195276A0304E3E97277B1
        Validity
            Not Before: Dec 31 08:23:52 2022 GMT
            Not After : Dec 31 08:23:52 2024 GMT
        Subject: CN=63aff19d-b24c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:26:35:66:c3:6f:35:78:12:fe:12:18:cd:47:
                    bf:35:a3:05:c9:8b:f2:e0:fa:4e:23:19:dc:54:7e:
                    8e:23:a4:a5:72:22:4d:67:e7:1a:f2:17:3b:da:e5:
                    c5:68:67:9d:24:bd:8e:86:c9:c6:60:ad:b4:7d:52:
                    be:a2:cd:1f:66:1f:72:07:20:06:ea:e6:9c:c1:98:
                    01:cc:01:56:c1:04:a1:e7:d8:6d:00:0d:49:f4:c6:
                    dc:c8:31:6b:d6:59:2f:0e:17:ef:2e:73:60:45:6b:
                    85:67:3b:22:c7:c6:97:6b:75:6b:2c:75:f1:f0:9d:
                    68:4f:97:70:94:67:bb:01:c5:e4:6a:fd:23:c1:5d:
                    51:77:7e:a8:ab:20:32:95:7a:84:82:df:06:f7:39:
                    f2:a7:ee:2d:cc:63:fa:07:cf:bd:6c:aa:69:a1:2b:
                    bb:63:39:3f:d7:b5:df:84:80:61:94:0c:be:8d:73:
                    c2:68:ec:2f:cc:2f:30:e4:6f:d9:9e:fe:c1:15:26:
                    a0:46:db:02:b3:a8:de:ea:bf:c6:3d:81:dc:08:b1:
                    03:e6:4b:aa:fe:8b:8c:d6:cd:a6:4c:0a:14:81:a0:
                    b5:05:c5:a9:ee:8f:8e:69:a3:03:d1:b1:1d:71:77:
                    36:ca:24:40:a4:d3:6b:3d:d8:08:1b:eb:3b:56:6b:
                    8c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:7B:FC:CF:55:0C:E3:02:6A:38:48:95:7A:EF:B4:F9:25:86:37:15
            X509v3 Authority Key Identifier:
                keyid:12:FD:0D:AB:C6:CB:1A:DD:44:21:95:27:6A:03:04:E3:E9:72:77:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36285D3/47B43ADC88E311ED8F1952DAF1222468/Ev0Nq8bLGt1EIZUnagME4-lyd7E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ev0Nq8bLGt1EIZUnagME4-lyd7E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36285D3/47B43ADC88E311ED8F1952DAF1222468/785F3ED888E411EDA7896DDDF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.69.216.0/22
                IPv6:
                  2c0f:ede0::/32

    Signature Algorithm: sha256WithRSAEncryption
         c1:29:4a:5d:c9:cc:67:06:5f:55:b9:15:02:3c:d8:1d:9b:aa:
         df:76:15:3f:fd:a3:7d:28:73:26:ed:ea:cd:1c:48:3a:a9:d8:
         d3:3b:50:5b:8c:c1:ba:b7:c2:b3:f2:d2:0e:60:a1:e8:6f:41:
         b5:bd:3e:61:87:46:62:63:4d:42:b6:37:2b:ea:bb:d3:b8:4f:
         72:00:4b:62:4e:8b:0d:60:9e:d8:6f:72:9a:f6:ef:f1:a1:14:
         4f:67:2e:83:cb:cc:23:0c:e8:23:6e:69:7a:25:a1:a3:56:6a:
         e7:18:bf:55:cb:a1:53:ed:03:c3:a1:ad:63:73:69:99:7d:2b:
         31:1c:a8:7f:9e:aa:7b:c2:e6:27:96:0c:38:7e:25:e0:92:17:
         d2:58:29:90:6c:3b:0d:d2:ee:ac:b9:24:bc:e3:eb:a7:d8:1a:
         b5:0b:75:d1:d1:2c:ba:52:e4:8b:a0:6e:ae:3a:d8:64:8d:62:
         f0:a5:58:2f:97:23:98:b6:1b:a8:49:c7:dc:4b:17:a7:44:9b:
         3d:30:66:7a:8b:1a:59:3b:a3:45:b6:17:34:02:ca:28:b4:8e:
         6c:14:28:86:d6:16:99:57:34:6b:3c:e3:b5:87:ea:a8:e5:d9:
         82:dd:09:a1:fe:29:3d:e1:59:0e:42:65:72:3c:40:06:ac:4a:
         d4:c5:26:fd
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYy
ODVEM0FGMTEwLwYDVQQFEygxMkZEMERBQkM2Q0IxQURENDQyMTk1Mjc2QTAzMDRF
M0U5NzI3N0IxMB4XDTIyMTIzMTA4MjM1MloXDTI0MTIzMTA4MjM1MlowGDEWMBQG
A1UEAwwNNjNhZmYxOWQtYjI0YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPAmNWbDbzV4Ev4SGM1HvzWjBcmL8uD6TiMZ3FR+jiOkpXIiTWfnGvIXO9rl
xWhnnSS9jobJxmCttH1SvqLNH2YfcgcgBurmnMGYAcwBVsEEoefYbQANSfTG3Mgx
a9ZZLw4X7y5zYEVrhWc7IsfGl2t1ayx18fCdaE+XcJRnuwHF5Gr9I8FdUXd+qKsg
MpV6hILfBvc58qfuLcxj+gfPvWyqaaEru2M5P9e134SAYZQMvo1zwmjsL8wvMORv
2Z7+wRUmoEbbArOo3uq/xj2B3AixA+ZLqv6LjNbNpkwKFIGgtQXFqe6PjmmjA9Gx
HXF3NsokQKTTaz3YCBvrO1ZrjBUCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSIe/zP
VQzjAmo4SJV677T5JYY3FTAfBgNVHSMEGDAWgBQS/Q2rxssa3UQhlSdqAwTj6XJ3
sTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Mjg1RDMvNDdCNDNBREM4OEUzMTFFRDhGMTk1MkRBRjEyMjI0NjgvRXYwTnE4
YkxHdDFFSVpVbmFnTUU0LWx5ZDdFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRXYwTnE4YkxHdDFFSVpVbmFnTUU0LWx5ZDdFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Mjg1RDMvNDdCNDNBREM4OEUzMTFFRDhGMTk1MkRBRjEy
MjI0NjgvNzg1RjNFRDg4OEU0MTFFREE3ODk2RERERjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmZF2DANBAIAAjAHAwUALA/t
4DANBgkqhkiG9w0BAQsFAAOCAQEAwSlKXcnMZwZfVbkVAjzYHZuq33YVP/2jfShz
Ju3qzRxIOqnY0ztQW4zBurfCs/LSDmCh6G9Btb0+YYdGYmNNQrY3K+q707hPcgBL
Yk6LDWCe2G9ymvbv8aEUT2cug8vMIwzoI25peiWho1Zq5xi/VcuhU+0Dw6GtY3Np
mX0rMRyof56qe8LmJ5YMOH4l4JIX0lgpkGw7DdLurLkkvOPrp9gatQt10dEsulLk
i6BurjrYZI1i8KVYL5cjmLYbqEnH3EsXp0SbPTBmeosaWTujRbYXNALKKLSObBQo
htYWmVc0azzjtYfqqOXZgt0Jof4pPeFZDkJlcjxABqxK1MUm/Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org