Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/BB6D0B4EA15111EDB90237D8F1222468.roa
File:                     BB6D0B4EA15111EDB90237D8F1222468.roa (raw, json)
Hash identifier:          RXFTH7COLNat1EWyJGa03bPPYwNChNlTVBL4I7XF06A=
Subject key identifier:   0C:CB:C0:77:74:AE:FE:DB:82:A0:29:0F:DD:37:C0:F6:68:5A:72:C2
Certificate issuer:       /CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
Certificate serial:       02D7
Authority key identifier: DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/BB6D0B4EA15111EDB90237D8F1222468.roa
Signing time:             Tue 31 Jan 2023 10:26:33 +0000
ROA not before:           Tue 31 Jan 2023 10:26:29 +0000
ROA not after:            Mon 31 Jan 2033 10:26:29 +0000
asID:                     37053
IP address blocks:        102.212.192.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 727 (0x2d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
        Validity
            Not Before: Jan 31 10:26:29 2023 GMT
            Not After : Jan 31 10:26:29 2033 GMT
        Subject: CN=63d8ecd9-8041
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ea:b6:37:cd:77:50:af:10:db:65:fb:b0:b3:
                    2b:16:3d:ac:91:fb:4f:ce:0d:8e:f0:fd:3d:a2:93:
                    78:d2:e3:ff:3b:20:40:f4:1b:9c:cd:54:ae:f3:0e:
                    27:2c:d8:37:e5:55:97:c0:34:42:3b:5a:42:a2:96:
                    b3:d8:c4:03:d7:3a:09:a0:b3:f9:a0:1b:21:02:52:
                    f7:f6:c9:ce:e9:b7:97:f4:32:cf:50:c1:6d:4d:75:
                    4d:ba:5e:1f:86:9f:e2:19:37:bb:2b:1e:d1:4e:73:
                    60:0e:8e:69:41:fa:07:90:34:fa:f8:6e:d8:28:f8:
                    e5:b8:c5:7a:47:ed:b5:a0:5e:f9:47:22:e5:f4:b4:
                    19:29:ad:f7:c6:82:61:00:0b:c2:5d:fc:29:be:70:
                    4f:46:37:f7:06:d3:12:16:b1:5f:01:92:3b:56:b6:
                    85:29:85:b4:22:50:7a:46:0b:af:78:66:10:3b:be:
                    7d:54:6e:cb:74:25:ec:35:f7:42:58:7b:18:58:b1:
                    7a:ca:27:43:cf:15:21:2b:3a:4b:9a:b5:4d:da:72:
                    cb:aa:9d:18:c8:7d:71:4d:a7:9f:37:a2:97:ab:75:
                    fb:81:c1:0d:29:f7:22:59:91:62:12:ec:58:63:29:
                    ab:f3:ca:ed:29:09:d6:e9:3c:1e:f8:31:da:c4:b4:
                    5d:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:CB:C0:77:74:AE:FE:DB:82:A0:29:0F:DD:37:C0:F6:68:5A:72:C2
            X509v3 Authority Key Identifier:
                keyid:DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/BB6D0B4EA15111EDB90237D8F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:33:d2:70:30:d5:17:59:39:bb:79:1d:22:76:8e:05:e8:b0:
         db:18:2e:55:e7:2c:2b:62:b0:86:92:1a:95:a0:dd:67:37:b7:
         f5:42:b1:cb:42:c1:7b:84:c8:a8:00:90:f3:ed:2e:98:d6:c3:
         c5:3d:ae:d6:90:b7:15:01:f5:11:83:20:7f:7e:b6:b4:e8:dd:
         ae:f4:47:91:24:02:c3:37:8f:a1:8f:6e:93:da:88:f3:df:93:
         c6:1a:f9:56:cf:65:13:89:84:66:39:80:00:a5:da:3c:14:cc:
         97:b5:a5:1b:34:42:0c:00:30:94:1c:6c:df:57:d4:52:ad:fc:
         db:5e:f8:72:a7:1d:32:be:ac:f3:80:00:1a:81:2f:09:cb:a7:
         31:66:cb:57:75:5e:1c:f0:3e:d8:c0:5b:9e:0e:43:2b:5a:0b:
         7b:4b:31:b4:c3:64:5d:d0:b5:d1:6f:8c:85:e7:3b:15:87:d6:
         d0:18:e9:0a:5f:f7:a0:b2:78:f5:68:24:7e:48:df:e2:a5:4a:
         54:c9:b3:31:df:e3:7f:4a:fc:3a:b5:fb:20:f4:ff:ed:c4:88:
         67:71:db:77:0d:81:42:1a:59:05:d9:60:c2:07:cb:ef:b0:93:
         32:4a:8a:df:e7:92:37:d6:b5:28:55:1a:3b:dd:56:30:0d:58:
         39:d0:4e:b3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAtcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MkI4QThBRjExMC8GA1UEBRMoREYzNzY0ODBEQ0YwN0ExQjdBRDE2NERFNjRBM0VB
MjE1RjI0NzU0MTAeFw0yMzAxMzExMDI2MjlaFw0zMzAxMzExMDI2MjlaMBgxFjAU
BgNVBAMMDTYzZDhlY2Q5LTgwNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC76rY3zXdQrxDbZfuwsysWPayR+0/ODY7w/T2ik3jS4/87IED0G5zNVK7z
Dics2DflVZfANEI7WkKilrPYxAPXOgmgs/mgGyECUvf2yc7pt5f0Ms9QwW1NdU26
Xh+Gn+IZN7srHtFOc2AOjmlB+geQNPr4btgo+OW4xXpH7bWgXvlHIuX0tBkprffG
gmEAC8Jd/Cm+cE9GN/cG0xIWsV8BkjtWtoUphbQiUHpGC694ZhA7vn1Ubst0Jew1
90JYexhYsXrKJ0PPFSErOkuatU3acsuqnRjIfXFNp583operdfuBwQ0p9yJZkWIS
7FhjKavzyu0pCdbpPB74MdrEtF27AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUDMvA
d3Su/tuCoCkP3TfA9mhacsIwHwYDVR0jBBgwFoAU3zdkgNzweht60WTeZKPqIV8k
dUEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJCOEE4L0I1Qzk0RTRDOUMyNTExRUJBRDc4RkY1M0Y4QUVBMjI4LzN6ZGtn
Tnp3ZWh0NjBXVGVaS1BxSVY4a2RVRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzN6ZGtnTnp3ZWh0NjBXVGVaS1BxSVY4a2RVRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJCOEE4L0I1Qzk0RTRDOUMyNTExRUJBRDc4RkY1M0Y4
QUVBMjI4L0JCNkQwQjRFQTE1MTExRURCOTAyMzdEOEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1MAwDQYJKoZIhvcNAQEL
BQADggEBABsz0nAw1RdZObt5HSJ2jgXosNsYLlXnLCtisIaSGpWg3Wc3t/VCsctC
wXuEyKgAkPPtLpjWw8U9rtaQtxUB9RGDIH9+trTo3a70R5EkAsM3j6GPbpPaiPPf
k8Ya+VbPZROJhGY5gACl2jwUzJe1pRs0QgwAMJQcbN9X1FKt/Nte+HKnHTK+rPOA
ABqBLwnLpzFmy1d1XhzwPtjAW54OQytaC3tLMbTDZF3QtdFvjIXnOxWH1tAY6Qpf
96CyePVoJH5I3+KlSlTJszHf439K/Dq1+yD0/+3EiGdx23cNgUIaWQXZYMIHy++w
kzJKit/nkjfWtShVGjvdVjANWDnQTrM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org