Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/884C0C72D2BD11ED8DC9AFA4F1222468.roa
File:                     884C0C72D2BD11ED8DC9AFA4F1222468.roa (raw, json)
Hash identifier:          2tRYYZYXesgnA4Rq+EJeXLYkWIBNCFi1xtzvwofm52c=
Subject key identifier:   39:C6:B4:7E:04:72:BD:A5:24:E1:49:8F:CD:52:6F:A6:A4:D9:53:0D
Certificate issuer:       /CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
Certificate serial:       031D
Authority key identifier: DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/884C0C72D2BD11ED8DC9AFA4F1222468.roa
Signing time:             Tue 04 Apr 2023 07:51:40 +0000
ROA not before:           Tue 04 Apr 2023 07:51:36 +0000
ROA not after:            Mon 04 Apr 2033 07:51:36 +0000
asID:                     37053
IP address blocks:        102.212.196.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 797 (0x31d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
        Validity
            Not Before: Apr  4 07:51:36 2023 GMT
            Not After : Apr  4 07:51:36 2033 GMT
        Subject: CN=642bd70c-7d6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:74:33:7a:74:0b:90:2e:df:cb:a3:6a:3b:d5:
                    a4:99:f0:f2:65:fd:d1:16:fb:49:42:1a:66:66:0c:
                    ea:aa:4e:6f:40:e3:90:9d:66:ec:10:c8:ae:f0:a3:
                    a6:73:e7:ef:87:24:5f:f2:db:dd:d5:2f:d1:bb:57:
                    d3:cf:58:22:4d:a8:d3:44:e4:6d:21:16:9b:72:39:
                    2a:6d:cd:98:c6:81:ae:06:80:82:20:e7:6b:dd:aa:
                    a0:ac:59:b8:cf:ce:8a:4e:f4:d4:d6:57:14:a0:37:
                    f9:a1:69:46:97:20:d5:e0:0e:4a:b3:01:65:d3:ac:
                    23:34:d3:7a:c5:fc:9d:53:b0:97:c2:7d:44:d2:19:
                    ef:7e:24:14:46:11:c9:0a:47:f0:5b:2a:a3:e0:68:
                    ae:2d:4b:4f:82:ee:40:e2:a1:a0:2c:6c:57:4c:2f:
                    ac:fd:12:9b:85:d4:8f:6a:24:f4:4a:4d:cc:bf:2e:
                    34:cc:3e:d9:b2:63:ad:fe:4b:de:79:ed:f7:49:36:
                    66:58:3e:1e:44:a4:ee:2f:bd:2d:a7:99:4a:b1:c8:
                    bc:9d:42:8a:dc:ad:6a:a5:b8:d5:40:35:e5:5c:e3:
                    af:e6:da:9c:9a:ea:dd:17:f6:aa:30:71:6f:4a:c6:
                    47:84:b1:e6:19:23:2a:d5:65:37:1d:65:90:77:26:
                    a4:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:C6:B4:7E:04:72:BD:A5:24:E1:49:8F:CD:52:6F:A6:A4:D9:53:0D
            X509v3 Authority Key Identifier:
                keyid:DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/884C0C72D2BD11ED8DC9AFA4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:bb:9e:9b:6b:1c:c4:1d:79:b4:aa:b7:28:5f:6f:78:1c:98:
         b0:07:d8:04:4f:57:8d:21:18:a3:45:44:6b:26:d5:dd:1c:b2:
         f7:ca:45:d1:35:87:94:b4:a1:f6:e6:91:3a:d0:6a:ec:d2:e0:
         17:c5:b7:17:6f:ea:a4:85:05:6f:10:14:4a:dc:7e:50:83:fd:
         43:3c:26:ad:af:11:9f:86:a7:c4:ad:bc:5a:01:98:ab:5c:ad:
         46:a0:2a:9b:8c:63:a3:5f:96:d1:ab:4f:f3:1d:86:45:ca:0c:
         3f:88:3c:39:17:62:ba:d3:fc:4c:23:e8:48:22:d2:8f:9b:77:
         f7:20:a4:74:b8:ed:36:11:7c:f0:c1:18:bb:75:64:be:b3:cb:
         f1:c4:cc:7c:8f:ad:81:e6:ae:41:ab:35:e0:35:4e:a0:e2:f6:
         a7:94:80:b5:f2:0f:45:b5:3e:41:fe:82:b3:20:12:ad:f3:80:
         70:95:f0:cb:b0:0a:d9:6c:58:39:6c:b2:7b:f1:24:81:33:2f:
         d5:71:e4:79:e2:a5:1e:01:84:d2:00:6a:d1:da:de:22:0a:aa:
         fd:d5:5b:51:b2:a3:56:a7:53:18:2d:99:7f:28:d9:2f:6a:dc:
         3f:d2:ca:28:fc:28:e3:be:54:11:b8:16:b1:2f:bb:10:fe:31:
         e0:43:98:bf
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAx0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MkI4QThBRjExMC8GA1UEBRMoREYzNzY0ODBEQ0YwN0ExQjdBRDE2NERFNjRBM0VB
MjE1RjI0NzU0MTAeFw0yMzA0MDQwNzUxMzZaFw0zMzA0MDQwNzUxMzZaMBgxFjAU
BgNVBAMMDTY0MmJkNzBjLTdkNmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+dDN6dAuQLt/Lo2o71aSZ8PJl/dEW+0lCGmZmDOqqTm9A45CdZuwQyK7w
o6Zz5++HJF/y293VL9G7V9PPWCJNqNNE5G0hFptyOSptzZjGga4GgIIg52vdqqCs
WbjPzopO9NTWVxSgN/mhaUaXINXgDkqzAWXTrCM003rF/J1TsJfCfUTSGe9+JBRG
EckKR/BbKqPgaK4tS0+C7kDioaAsbFdML6z9EpuF1I9qJPRKTcy/LjTMPtmyY63+
S9557fdJNmZYPh5EpO4vvS2nmUqxyLydQorcrWqluNVANeVc46/m2pya6t0X9qow
cW9KxkeEseYZIyrVZTcdZZB3JqRjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUOca0
fgRyvaUk4UmPzVJvpqTZUw0wHwYDVR0jBBgwFoAU3zdkgNzweht60WTeZKPqIV8k
dUEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJCOEE4L0I1Qzk0RTRDOUMyNTExRUJBRDc4RkY1M0Y4QUVBMjI4LzN6ZGtn
Tnp3ZWh0NjBXVGVaS1BxSVY4a2RVRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzN6ZGtnTnp3ZWh0NjBXVGVaS1BxSVY4a2RVRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJCOEE4L0I1Qzk0RTRDOUMyNTExRUJBRDc4RkY1M0Y4
QUVBMjI4Lzg4NEMwQzcyRDJCRDExRUQ4REM5QUZBNEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1MQwDQYJKoZIhvcNAQEL
BQADggEBAFq7nptrHMQdebSqtyhfb3gcmLAH2ARPV40hGKNFRGsm1d0csvfKRdE1
h5S0ofbmkTrQauzS4BfFtxdv6qSFBW8QFErcflCD/UM8Jq2vEZ+Gp8StvFoBmKtc
rUagKpuMY6NfltGrT/MdhkXKDD+IPDkXYrrT/Ewj6Egi0o+bd/cgpHS47TYRfPDB
GLt1ZL6zy/HEzHyPrYHmrkGrNeA1TqDi9qeUgLXyD0W1PkH+grMgEq3zgHCV8Muw
CtlsWDlssnvxJIEzL9Vx5HnipR4BhNIAatHa3iIKqv3VW1Gyo1anUxgtmX8o2S9q
3D/Syij8KOO+VBG4FrEvuxD+MeBDmL8=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:25 2024 by rpki-client on console-fra.rpki-client.org