Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/4DDB7228038511EEAD70B94C4AD9E6FC.roa
File:                     4DDB7228038511EEAD70B94C4AD9E6FC.roa (raw, json)
Hash identifier:          c2ddbCPHmmvJv1S8GCuUfE7hXuI9EaV9rtxUGDdpShs=
Subject key identifier:   A2:9A:DB:F8:BE:4B:DD:D3:1F:C1:F5:D3:D6:4E:C4:D9:B8:1C:3A:09
Certificate issuer:       /CN=F36432B6AF/serialNumber=1C91B5AF9B60EA3F1C1DB87EAEC6DA7C2EA0A877
Certificate serial:       6E
Authority key identifier: 1C:91:B5:AF:9B:60:EA:3F:1C:1D:B8:7E:AE:C6:DA:7C:2E:A0:A8:77
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/4DDB7228038511EEAD70B94C4AD9E6FC.roa
Signing time:             Mon 05 Jun 2023 09:42:37 +0000
ROA not before:           Mon 05 Jun 2023 09:42:33 +0000
ROA not after:            Sun 30 Jun 2030 09:42:33 +0000
asID:                     36992
IP address blocks:        102.56.0.0/13 maxlen: 24
                          2c0f:fc88::/31 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 110 (0x6e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36432B6AF/serialNumber=1C91B5AF9B60EA3F1C1DB87EAEC6DA7C2EA0A877
        Validity
            Not Before: Jun  5 09:42:33 2023 GMT
            Not After : Jun 30 09:42:33 2030 GMT
        Subject: CN=647dae0d-8b49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:a5:e2:d5:5d:4e:d9:5a:22:f3:b0:a4:de:b2:
                    59:ce:c2:b4:71:ad:90:e6:37:b8:c8:4a:57:13:d6:
                    cd:80:14:92:c4:40:2a:d6:8e:40:c6:fa:70:f5:b9:
                    03:2f:a6:5b:4e:ce:41:7a:de:7b:c9:06:97:aa:c7:
                    74:c0:e2:d9:bb:93:41:3e:56:c5:54:52:4f:40:bb:
                    4a:b1:c8:a5:51:69:69:a5:4a:32:21:ed:f6:bc:59:
                    9d:8a:69:4f:2e:aa:28:00:b0:1c:27:e6:b0:8f:a4:
                    e1:ac:95:13:db:da:74:9d:0a:b1:20:5d:28:08:48:
                    61:9e:d0:68:4c:40:56:04:42:1c:2f:81:dc:6e:01:
                    28:b7:c8:51:80:a0:42:04:49:18:46:47:8a:a6:98:
                    3f:06:db:c3:0a:03:47:23:21:9c:e9:09:a5:32:ea:
                    85:ee:87:52:47:18:36:90:a0:af:96:98:43:55:82:
                    c5:1f:12:ba:5a:ca:f5:21:43:b5:4b:26:67:fc:42:
                    19:8f:16:3d:59:9b:3f:43:ab:7b:71:9b:be:b8:7f:
                    df:7f:f0:7b:f6:f2:40:57:05:12:6a:04:0c:17:0d:
                    07:51:09:98:91:4a:0b:4e:f1:a8:97:1f:bf:b2:b5:
                    2b:d2:22:f6:d5:fc:d3:a1:66:17:25:01:07:60:ee:
                    92:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:9A:DB:F8:BE:4B:DD:D3:1F:C1:F5:D3:D6:4E:C4:D9:B8:1C:3A:09
            X509v3 Authority Key Identifier:
                keyid:1C:91:B5:AF:9B:60:EA:3F:1C:1D:B8:7E:AE:C6:DA:7C:2E:A0:A8:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/4DDB7228038511EEAD70B94C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.56.0.0/13
                IPv6:
                  2c0f:fc88::/31

    Signature Algorithm: sha256WithRSAEncryption
         1e:bc:3d:97:b3:74:65:b4:8c:38:12:51:df:0a:f8:e1:d2:f9:
         c0:e2:16:3a:2d:77:1d:22:70:e1:ac:cd:91:cc:ed:09:b2:82:
         c7:f0:ab:f9:b0:f9:2b:65:fd:63:10:28:3f:d4:2b:17:75:7c:
         92:eb:83:68:97:50:97:3a:d9:9a:f8:f4:78:61:1b:52:8f:c6:
         8f:b4:ee:34:01:7f:79:a6:c0:b0:59:b5:eb:94:aa:c6:8c:18:
         6b:fc:d6:08:42:50:23:d9:9c:dc:8b:ed:f6:b9:e6:a3:d3:74:
         8c:a4:10:7f:ab:18:59:f8:37:5c:28:8f:6f:f3:36:c0:f6:f2:
         69:3c:d7:00:26:ac:df:e7:2f:7d:db:e2:4b:59:3b:49:3a:d8:
         53:75:a7:48:0d:ef:fc:bf:df:0a:7b:20:d9:73:d0:3d:c5:d6:
         bc:32:dd:82:99:55:68:b1:6f:ea:16:1c:9c:bb:f7:28:88:9f:
         fa:cb:32:ec:1a:57:95:80:a1:a0:bf:c3:66:08:07:2a:84:12:
         d0:e2:51:60:82:c7:6a:b6:10:23:10:b4:c4:43:a7:97:c0:d9:
         0a:16:88:e2:88:0a:a7:26:c1:c8:c1:a7:b2:aa:75:b1:96:4e:
         3b:bb:e7:57:1a:e9:a0:42:5f:e1:8a:7b:5e:b6:15:29:36:67:
         5b:a5:c2:9a
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIBbjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
MzJCNkFGMTEwLwYDVQQFEygxQzkxQjVBRjlCNjBFQTNGMUMxREI4N0VBRUM2REE3
QzJFQTBBODc3MB4XDTIzMDYwNTA5NDIzM1oXDTMwMDYzMDA5NDIzM1owGDEWMBQG
A1UEAxMNNjQ3ZGFlMGQtOGI0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMel4tVdTtlaIvOwpN6yWc7CtHGtkOY3uMhKVxPWzYAUksRAKtaOQMb6cPW5
Ay+mW07OQXree8kGl6rHdMDi2buTQT5WxVRST0C7SrHIpVFpaaVKMiHt9rxZnYpp
Ty6qKACwHCfmsI+k4ayVE9vadJ0KsSBdKAhIYZ7QaExAVgRCHC+B3G4BKLfIUYCg
QgRJGEZHiqaYPwbbwwoDRyMhnOkJpTLqhe6HUkcYNpCgr5aYQ1WCxR8SulrK9SFD
tUsmZ/xCGY8WPVmbP0Ore3Gbvrh/33/we/byQFcFEmoEDBcNB1EJmJFKC07xqJcf
v7K1K9Ii9tX806FmFyUBB2DukmcCAwEAAaOCArMwggKvMB0GA1UdDgQWBBSimtv4
vkvd0x/B9dPWTsTZuBw6CTAfBgNVHSMEGDAWgBQckbWvm2DqPxwduH6uxtp8LqCo
dzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDMyQjYvRjNBQjczMDJCNzU4MTFFRDhCNDJBQzhGRjEyMjI0NjgvSEpHMXI1
dGc2ajhjSGJoLXJzYmFmQzZncUhjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSEpHMXI1dGc2ajhjSGJoLXJzYmFmQzZncUhjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDMyQjYvRjNBQjczMDJCNzU4MTFFRDhCNDJBQzhGRjEy
MjI0NjgvNEREQjcyMjgwMzg1MTFFRUFENzBCOTRDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAtBggrBgEFBQcBBwEB/wQeMBwwCwQCAAEwBQMDA2Y4MA0EAgACMAcDBQEsD/yI
MA0GCSqGSIb3DQEBCwUAA4IBAQAevD2Xs3RltIw4ElHfCvjh0vnA4hY6LXcdInDh
rM2RzO0JsoLH8Kv5sPkrZf1jECg/1CsXdXyS64Nol1CXOtma+PR4YRtSj8aPtO40
AX95psCwWbXrlKrGjBhr/NYIQlAj2Zzci+32ueaj03SMpBB/qxhZ+DdcKI9v8zbA
9vJpPNcAJqzf5y992+JLWTtJOthTdadIDe/8v98KeyDZc9A9xda8Mt2CmVVosW/q
Fhycu/coiJ/6yzLsGleVgKGgv8NmCAcqhBLQ4lFggsdqthAjELTEQ6eXwNkKFoji
iAqnJsHIwaeyqnWxlk47u+dXGumgQl/hintethUpNmdbpcKa
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:03 2024 by rpki-client on console-ams.rpki-client.org