Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/0982C456E24C11ECBCE3B3CEF1222468.roa
File:                     0982C456E24C11ECBCE3B3CEF1222468.roa (raw, json)
Hash identifier:          rkWlw7/JbGs5TriVgLgAZr85y9glD0YVL8m1Iff/Uxs=
Subject key identifier:   17:4E:F7:56:95:74:0F:1D:A7:1F:44:3D:CE:F6:42:92:F7:6B:1D:DC
Certificate issuer:       /CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
Certificate serial:       01D1
Authority key identifier: DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/0982C456E24C11ECBCE3B3CEF1222468.roa
Signing time:             Thu 02 Jun 2022 08:14:35 +0000
ROA not before:           Thu 02 Jun 2022 08:14:30 +0000
ROA not after:            Wed 02 Jun 2032 08:14:30 +0000
asID:                     37053
IP address blocks:        102.217.36.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 465 (0x1d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
        Validity
            Not Before: Jun  2 08:14:30 2022 GMT
            Not After : Jun  2 08:14:30 2032 GMT
        Subject: CN=6298716b-be9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:fa:2b:41:f9:e6:40:3c:18:1b:93:08:94:bf:
                    eb:a7:b6:21:a3:40:25:94:bf:63:ea:55:4e:17:f8:
                    24:88:c8:dd:7c:67:07:21:3f:43:b8:69:a9:55:5d:
                    cc:96:39:d6:83:3d:9d:58:29:b9:8a:58:9d:96:25:
                    48:14:1d:42:8a:cd:71:c9:c4:b5:a0:39:7a:89:e7:
                    85:3f:56:a7:50:c9:ab:d2:ad:34:22:16:7c:4a:77:
                    65:f9:5c:03:54:71:18:ec:98:38:db:b6:96:04:df:
                    5e:eb:ec:26:fd:2f:f5:ce:40:28:69:b1:a9:d8:09:
                    67:0f:1c:0f:e6:7e:c7:60:cf:6c:0b:e1:a5:9e:6d:
                    d8:f1:19:e8:30:f3:cd:74:b6:ee:83:fd:91:af:2a:
                    1f:44:69:31:61:a3:aa:ef:49:aa:c6:77:b7:c5:fd:
                    db:f5:c6:74:b0:b5:0e:fc:41:fa:6e:de:f2:62:cb:
                    92:5f:42:f7:86:83:77:d7:79:03:e4:c6:06:fb:65:
                    50:23:63:fd:c5:4d:74:28:8c:24:a2:47:18:e2:5c:
                    dc:1c:4a:c9:30:c4:fa:73:d8:7c:5a:19:ef:a9:be:
                    c1:b2:03:22:44:f2:ca:87:28:85:c8:f4:08:09:03:
                    e1:1f:95:1a:3e:e9:34:01:d0:c8:1d:b5:13:c4:43:
                    b1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:4E:F7:56:95:74:0F:1D:A7:1F:44:3D:CE:F6:42:92:F7:6B:1D:DC
            X509v3 Authority Key Identifier:
                keyid:DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/0982C456E24C11ECBCE3B3CEF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c3:51:e7:d8:76:e2:6d:4c:c9:1a:f8:5a:78:88:30:e7:9f:25:
         80:59:a4:98:fa:86:29:50:71:9c:22:33:68:89:26:db:0b:b1:
         8a:4b:5c:e8:56:67:a9:64:c9:f6:df:10:51:21:60:6e:03:f1:
         61:d9:81:9e:f1:50:3e:5e:5a:86:88:f5:76:ca:1e:ca:39:21:
         ac:09:57:21:c1:d6:22:bc:98:b1:f5:19:8e:6b:e5:7c:b0:37:
         74:cf:97:53:d6:71:2c:f7:1e:6d:1d:ae:7b:cc:87:9e:7c:94:
         37:d0:6f:70:a0:80:5e:88:00:e6:61:1c:6c:94:9f:e3:6b:f3:
         e2:04:be:9a:69:97:84:31:ce:0b:48:b5:4a:d9:9d:5a:1e:7b:
         82:c0:72:01:b7:9e:05:8c:83:c4:4a:05:bb:20:02:7a:06:69:
         58:66:2d:89:70:c9:e0:a6:fe:af:3c:26:7e:e0:1f:3b:e4:9f:
         ee:ad:fd:d8:95:e5:3e:f7:a8:73:68:fc:59:cc:c1:71:82:c8:
         22:8b:3f:1f:69:2e:92:77:a5:69:8e:cb:2a:86:d7:96:e7:ce:
         07:99:a0:9d:6d:c2:da:74:56:17:4b:2e:15:76:ae:97:61:39:
         63:63:46:8b:9a:dd:92:b5:ab:1c:86:f1:a8:5e:9c:03:85:ec:
         5e:87:97:a8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAdEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MkI4QThBRjExMC8GA1UEBRMoREYzNzY0ODBEQ0YwN0ExQjdBRDE2NERFNjRBM0VB
MjE1RjI0NzU0MTAeFw0yMjA2MDIwODE0MzBaFw0zMjA2MDIwODE0MzBaMBgxFjAU
BgNVBAMMDTYyOTg3MTZiLWJlOWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDp+itB+eZAPBgbkwiUv+untiGjQCWUv2PqVU4X+CSIyN18ZwchP0O4aalV
XcyWOdaDPZ1YKbmKWJ2WJUgUHUKKzXHJxLWgOXqJ54U/VqdQyavSrTQiFnxKd2X5
XANUcRjsmDjbtpYE317r7Cb9L/XOQChpsanYCWcPHA/mfsdgz2wL4aWebdjxGegw
8810tu6D/ZGvKh9EaTFho6rvSarGd7fF/dv1xnSwtQ78Qfpu3vJiy5JfQveGg3fX
eQPkxgb7ZVAjY/3FTXQojCSiRxjiXNwcSskwxPpz2HxaGe+pvsGyAyJE8sqHKIXI
9AgJA+EflRo+6TQB0MgdtRPEQ7FFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUF073
VpV0Dx2nH0Q9zvZCkvdrHdwwHwYDVR0jBBgwFoAU3zdkgNzweht60WTeZKPqIV8k
dUEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJCOEE4L0I1Qzk0RTRDOUMyNTExRUJBRDc4RkY1M0Y4QUVBMjI4LzN6ZGtn
Tnp3ZWh0NjBXVGVaS1BxSVY4a2RVRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzN6ZGtnTnp3ZWh0NjBXVGVaS1BxSVY4a2RVRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJCOEE4L0I1Qzk0RTRDOUMyNTExRUJBRDc4RkY1M0Y4
QUVBMjI4LzA5ODJDNDU2RTI0QzExRUNCQ0UzQjNDRUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm2SQwDQYJKoZIhvcNAQEL
BQADggEBAMNR59h24m1MyRr4WniIMOefJYBZpJj6hilQcZwiM2iJJtsLsYpLXOhW
Z6lkyfbfEFEhYG4D8WHZgZ7xUD5eWoaI9XbKHso5IawJVyHB1iK8mLH1GY5r5Xyw
N3TPl1PWcSz3Hm0drnvMh558lDfQb3CggF6IAOZhHGyUn+Nr8+IEvpppl4QxzgtI
tUrZnVoee4LAcgG3ngWMg8RKBbsgAnoGaVhmLYlwyeCm/q88Jn7gHzvkn+6t/diV
5T73qHNo/FnMwXGCyCKLPx9pLpJ3pWmOyyqG15bnzgeZoJ1twtp0VhdLLhV2rpdh
OWNjRoua3ZK1qxyG8ahenAOF7F6Hl6g=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org