Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/6FE5059AE05511EC8F6C299CF1222468.roa
File:                     6FE5059AE05511EC8F6C299CF1222468.roa (raw, json)
Hash identifier:          3Y9hbnFs2RPSkmUCx7/XEKKtj3J0P6/CZTYRoO7RuTs=
Subject key identifier:   02:EC:2B:CC:39:54:C8:D3:3D:F4:9C:AC:BC:C4:88:8B:4A:61:03:64
Certificate issuer:       /CN=F3644DAEAF/serialNumber=707A1F286AE2986DF64910C3034E5189A7C216DD
Certificate serial:       01B4
Authority key identifier: 70:7A:1F:28:6A:E2:98:6D:F6:49:10:C3:03:4E:51:89:A7:C2:16:DD
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/cHofKGrimG32SRDDA05RiafCFt0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/6FE5059AE05511EC8F6C299CF1222468.roa
Signing time:             Mon 30 May 2022 20:16:50 +0000
ROA not before:           Mon 30 May 2022 20:16:46 +0000
ROA not after:            Sun 30 May 2032 20:16:46 +0000
asID:                     328137
IP address blocks:        102.215.236.0/22 maxlen: 24
                          2c0f:f030::/32 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/cHofKGrimG32SRDDA05RiafCFt0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/cHofKGrimG32SRDDA05RiafCFt0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/cHofKGrimG32SRDDA05RiafCFt0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 436 (0x1b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3644DAEAF/serialNumber=707A1F286AE2986DF64910C3034E5189A7C216DD
        Validity
            Not Before: May 30 20:16:46 2022 GMT
            Not After : May 30 20:16:46 2032 GMT
        Subject: CN=62952631-bd59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:d3:9f:1a:a4:3f:e3:ef:cd:46:02:5e:d4:5a:
                    33:e6:64:63:05:50:ea:63:57:f0:b8:dd:82:01:36:
                    10:c7:be:79:62:d1:17:44:ce:a4:cd:1a:e7:4d:12:
                    d2:cd:21:00:9e:67:4d:84:da:55:d3:4e:21:5a:8e:
                    aa:ec:c1:e1:ca:56:be:c7:07:67:3f:18:3d:e0:31:
                    40:dc:f9:26:22:1d:ee:54:86:73:11:6c:cc:cc:aa:
                    68:a2:a4:c0:14:6c:6e:08:c6:02:1b:0d:93:53:38:
                    4b:c2:89:ef:3c:b5:69:60:84:ca:08:37:e3:cd:36:
                    3c:62:04:3a:04:8f:71:47:0b:03:d4:05:5d:63:67:
                    82:9b:d4:b4:d8:cc:47:53:3b:7a:13:1c:88:fb:a6:
                    7a:42:54:22:e4:1a:32:93:48:12:7e:73:71:ef:6e:
                    bc:83:51:f7:62:06:db:3c:41:62:95:63:be:4b:8e:
                    e3:3a:1e:09:ff:03:f0:6e:c9:43:f6:24:b8:aa:c0:
                    5b:d9:48:be:03:f3:0c:a5:2b:a2:7d:a1:c3:8c:55:
                    71:40:3c:ac:16:24:b5:0c:b0:7e:12:3f:3e:1d:63:
                    e0:f5:a1:ac:04:36:6f:58:c3:2f:76:3b:4a:b1:26:
                    e3:b7:2c:f4:3e:8c:92:01:3c:c3:cb:0c:b0:e8:97:
                    61:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:EC:2B:CC:39:54:C8:D3:3D:F4:9C:AC:BC:C4:88:8B:4A:61:03:64
            X509v3 Authority Key Identifier:
                keyid:70:7A:1F:28:6A:E2:98:6D:F6:49:10:C3:03:4E:51:89:A7:C2:16:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/cHofKGrimG32SRDDA05RiafCFt0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/cHofKGrimG32SRDDA05RiafCFt0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644DAE/F71E7654970411EBB9363730F8AEA228/6FE5059AE05511EC8F6C299CF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.215.236.0/22
                IPv6:
                  2c0f:f030::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:e9:bb:32:8d:a4:b8:92:a4:46:9a:70:a3:91:e7:00:16:36:
         9a:f5:bd:22:1e:e1:51:d8:d7:7b:85:77:0b:a6:b6:0c:39:f7:
         b9:98:3c:05:b4:65:9b:c2:4e:eb:03:d4:23:3b:b7:dd:6b:3d:
         73:c4:7e:f9:c8:5d:c0:43:65:d5:e4:7c:1b:dd:4b:91:31:10:
         7d:65:3f:8a:82:e9:3f:5d:e1:22:ca:bf:93:b1:d2:83:f0:6c:
         88:2a:21:1e:40:bf:7c:de:a4:12:82:54:48:54:d3:95:75:2f:
         dd:29:71:55:ec:d3:de:96:d6:47:df:bb:30:e4:98:aa:ec:12:
         9c:58:27:b9:79:6e:91:dd:15:88:bb:49:4d:b2:a4:06:24:7f:
         36:7c:93:03:4d:02:bb:d6:d9:0f:76:3c:86:20:7d:85:3e:57:
         fe:11:0b:b3:49:1d:7c:59:1c:e6:46:e3:77:f1:a5:cc:03:95:
         56:04:99:a2:4d:43:b4:1f:e0:17:21:50:36:6a:35:76:99:de:
         e3:d7:43:a6:d2:df:4f:40:c0:8e:29:93:3b:79:b3:89:6a:21:
         5c:ee:bd:2a:a0:b9:8d:7b:8a:c8:5f:e4:d7:88:6d:9b:7e:81:
         29:58:00:7f:14:3a:0b:5f:fb:60:69:53:cd:8b:3d:58:f1:93:
         a5:70:c5:df
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAbQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NDREQUVBRjExMC8GA1UEBRMoNzA3QTFGMjg2QUUyOTg2REY2NDkxMEMzMDM0RTUx
ODlBN0MyMTZERDAeFw0yMjA1MzAyMDE2NDZaFw0zMjA1MzAyMDE2NDZaMBgxFjAU
BgNVBAMMDTYyOTUyNjMxLWJkNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDS058apD/j781GAl7UWjPmZGMFUOpjV/C43YIBNhDHvnli0RdEzqTNGudN
EtLNIQCeZ02E2lXTTiFajqrsweHKVr7HB2c/GD3gMUDc+SYiHe5UhnMRbMzMqmii
pMAUbG4IxgIbDZNTOEvCie88tWlghMoIN+PNNjxiBDoEj3FHCwPUBV1jZ4Kb1LTY
zEdTO3oTHIj7pnpCVCLkGjKTSBJ+c3HvbryDUfdiBts8QWKVY75LjuM6Hgn/A/Bu
yUP2JLiqwFvZSL4D8wylK6J9ocOMVXFAPKwWJLUMsH4SPz4dY+D1oawENm9Ywy92
O0qxJuO3LPQ+jJIBPMPLDLDol2HFAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUAuwr
zDlUyNM99JysvMSIi0phA2QwHwYDVR0jBBgwFoAUcHofKGrimG32SRDDA05RiafC
Ft0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ0REFFL0Y3MUU3NjU0OTcwNDExRUJCOTM2MzczMEY4QUVBMjI4L2NIb2ZL
R3JpbUczMlNSRERBMDVSaWFmQ0Z0MC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2NIb2ZLR3JpbUczMlNSRERBMDVSaWFmQ0Z0MC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ0REFFL0Y3MUU3NjU0OTcwNDExRUJCOTM2MzczMEY4
QUVBMjI4LzZGRTUwNTlBRTA1NTExRUM4RjZDMjk5Q0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm1+wwDQQCAAIwBwMFACwP
8DAwDQYJKoZIhvcNAQELBQADggEBAHTpuzKNpLiSpEaacKOR5wAWNpr1vSIe4VHY
13uFdwumtgw597mYPAW0ZZvCTusD1CM7t91rPXPEfvnIXcBDZdXkfBvdS5ExEH1l
P4qC6T9d4SLKv5Ox0oPwbIgqIR5Av3zepBKCVEhU05V1L90pcVXs096W1kffuzDk
mKrsEpxYJ7l5bpHdFYi7SU2ypAYkfzZ8kwNNArvW2Q92PIYgfYU+V/4RC7NJHXxZ
HOZG43fxpcwDlVYEmaJNQ7Qf4BchUDZqNXaZ3uPXQ6bS309AwI4pkzt5s4lqIVzu
vSqguY17ishf5NeIbZt+gSlYAH8UOgtf+2BpU82LPVjxk6Vwxd8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org