Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/E10AF0E22C4211EEB4DC88104AD9E6FC.roa
File:                     E10AF0E22C4211EEB4DC88104AD9E6FC.roa (raw, json)
Hash identifier:          42KgK6RdN4y6CGvKncWwBdL1NNaaBRBg0A8wytUPgDU=
Subject key identifier:   E1:27:5A:8B:AC:94:C0:1B:16:4F:BB:3B:AD:9F:71:89:65:10:10:BF
Certificate issuer:       /CN=F36576E8AF/serialNumber=DBF68C9C5C01D68EBC0C90DEE4C0749DA23A2FD6
Certificate serial:       019B
Authority key identifier: DB:F6:8C:9C:5C:01:D6:8E:BC:0C:90:DE:E4:C0:74:9D:A2:3A:2F:D6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/2_aMnFwB1o68DJDe5MB0naI6L9Y.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/E10AF0E22C4211EEB4DC88104AD9E6FC.roa
Signing time:             Thu 27 Jul 2023 06:00:25 +0000
ROA not before:           Thu 27 Jul 2023 06:00:21 +0000
ROA not after:            Sun 31 Jul 2033 06:00:21 +0000
asID:                     327991
IP address blocks:        102.211.188.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.mft
                          rsync://rpki.afrinic.net/repository/afrinic/2_aMnFwB1o68DJDe5MB0naI6L9Y.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 411 (0x19b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36576E8AF/serialNumber=DBF68C9C5C01D68EBC0C90DEE4C0749DA23A2FD6
        Validity
            Not Before: Jul 27 06:00:21 2023 GMT
            Not After : Jul 31 06:00:21 2033 GMT
        Subject: CN=64c207f9-c107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:1f:ad:71:c6:9d:20:7d:4b:f0:c6:20:e9:e0:
                    7d:50:fe:b2:ae:e0:e5:3b:41:ed:9c:d1:5e:1a:a4:
                    22:eb:d4:42:ed:24:d8:12:7f:02:6f:80:93:d7:0a:
                    19:04:ff:ea:f8:aa:7c:29:07:2c:c6:9a:01:44:4e:
                    a5:ee:06:81:5e:57:3c:67:1d:18:d8:17:75:4b:84:
                    81:8a:0b:dd:a1:84:b4:38:23:cc:52:e3:55:54:16:
                    12:81:c2:74:ff:bf:83:6e:48:9e:21:a4:67:11:ce:
                    f9:ca:f9:b0:be:dc:86:9c:6b:70:15:b4:a8:fd:06:
                    0c:1f:74:cc:18:2c:f2:a3:73:90:94:84:7c:f4:9e:
                    19:24:c0:fe:a5:dc:56:0f:f9:3f:8e:5c:38:ff:12:
                    59:cc:04:75:eb:ba:0e:66:64:78:9c:b6:3b:47:07:
                    b1:87:bc:26:8e:bf:f8:45:94:b4:29:7a:39:a8:08:
                    1c:14:e4:a4:b2:3b:5d:b0:ba:af:f2:17:eb:2f:fb:
                    02:a1:d1:94:64:26:a7:31:fd:f1:3b:1c:a8:de:e0:
                    dc:e8:3c:c8:89:19:7a:ab:a0:7e:e2:bb:f8:eb:95:
                    f2:3e:8c:aa:3d:7e:6e:11:da:6e:33:06:76:43:91:
                    e3:45:e9:fe:e4:27:2b:b8:d4:bf:8f:22:6e:bd:eb:
                    ac:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:27:5A:8B:AC:94:C0:1B:16:4F:BB:3B:AD:9F:71:89:65:10:10:BF
            X509v3 Authority Key Identifier:
                keyid:DB:F6:8C:9C:5C:01:D6:8E:BC:0C:90:DE:E4:C0:74:9D:A2:3A:2F:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/2_aMnFwB1o68DJDe5MB0naI6L9Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/2_aMnFwB1o68DJDe5MB0naI6L9Y.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36576E8/C3808986FC6111ECB17E22ABF1222468/E10AF0E22C4211EEB4DC88104AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.211.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7e:a3:27:34:0e:c1:ab:dd:5d:c1:b4:f3:61:f5:20:f4:c1:66:
         f4:c5:c7:7d:f8:b7:8d:69:00:33:b7:75:87:42:3c:2c:e6:16:
         fa:46:ad:17:8d:0d:9d:93:9a:65:4b:5c:de:d6:f4:ab:7d:79:
         da:c5:3e:88:33:ba:68:3e:62:25:6a:54:b8:2d:db:10:6f:81:
         d1:ed:57:a4:08:e0:77:77:e9:bf:ad:f2:96:e0:fd:a8:77:77:
         09:be:51:f5:c2:f2:24:13:9a:18:c8:58:57:26:d9:54:ef:b1:
         8b:a0:4e:e0:ee:de:81:0f:fa:8c:5a:88:74:a8:6e:72:a3:85:
         6a:a0:13:bb:7b:28:05:0d:ae:24:a8:13:f9:1a:05:a8:e8:83:
         94:00:9f:14:dc:c9:b7:6e:9c:e1:53:c9:d2:a2:51:fe:b6:e7:
         1e:70:ee:9a:c6:c3:6c:ea:e8:57:9e:bd:7b:77:92:29:c1:6f:
         58:8b:43:5d:15:58:a7:db:bc:33:a6:1b:49:23:1b:e5:ed:fb:
         0c:29:2c:98:1c:6b:9e:cd:ed:f1:e1:dd:ee:8b:b4:37:e9:6d:
         c5:7c:13:b0:38:dd:36:2d:e0:6c:24:69:ba:a7:70:91:f8:c6:
         53:3a:00:d4:0a:f6:e0:82:8d:7f:32:73:e3:3c:19:41:da:03:
         09:eb:b8:77
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAZswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTc2RThBRjExMC8GA1UEBRMoREJGNjhDOUM1QzAxRDY4RUJDMEM5MERFRTRDMDc0
OURBMjNBMkZENjAeFw0yMzA3MjcwNjAwMjFaFw0zMzA3MzEwNjAwMjFaMBgxFjAU
BgNVBAMTDTY0YzIwN2Y5LWMxMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDxH61xxp0gfUvwxiDp4H1Q/rKu4OU7Qe2c0V4apCLr1ELtJNgSfwJvgJPX
ChkE/+r4qnwpByzGmgFETqXuBoFeVzxnHRjYF3VLhIGKC92hhLQ4I8xS41VUFhKB
wnT/v4NuSJ4hpGcRzvnK+bC+3Iaca3AVtKj9BgwfdMwYLPKjc5CUhHz0nhkkwP6l
3FYP+T+OXDj/ElnMBHXrug5mZHictjtHB7GHvCaOv/hFlLQpejmoCBwU5KSyO12w
uq/yF+sv+wKh0ZRkJqcx/fE7HKje4NzoPMiJGXqroH7iu/jrlfI+jKo9fm4R2m4z
BnZDkeNF6f7kJyu41L+PIm6966xBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4Sda
i6yUwBsWT7s7rZ9xiWUQEL8wHwYDVR0jBBgwFoAU2/aMnFwB1o68DJDe5MB0naI6
L9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU3NkU4L0MzODA4OTg2RkM2MTExRUNCMTdFMjJBQkYxMjIyNDY4LzJfYU1u
RndCMW82OERKRGU1TUIwbmFJNkw5WS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzJfYU1uRndCMW82OERKRGU1TUIwbmFJNkw5WS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU3NkU4L0MzODA4OTg2RkM2MTExRUNCMTdFMjJBQkYx
MjIyNDY4L0UxMEFGMEUyMkM0MjExRUVCNERDODgxMDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm07wwDQYJKoZIhvcNAQEL
BQADggEBAH6jJzQOwavdXcG082H1IPTBZvTFx334t41pADO3dYdCPCzmFvpGrReN
DZ2TmmVLXN7W9Kt9edrFPogzumg+YiVqVLgt2xBvgdHtV6QI4Hd36b+t8pbg/ah3
dwm+UfXC8iQTmhjIWFcm2VTvsYugTuDu3oEP+oxaiHSobnKjhWqgE7t7KAUNriSo
E/kaBajog5QAnxTcybdunOFTydKiUf625x5w7prGw2zq6FeevXt3kinBb1iLQ10V
WKfbvDOmG0kjG+Xt+wwpLJgca57N7fHh3e6LtDfpbcV8E7A43TYt4GwkabqncJH4
xlM6ANQK9uCCjX8yc+M8GUHaAwnruHc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:35 2024 by rpki-client on console-ams.rpki-client.org