Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366DA43/24A4D94634EE11ED88ECD0ECF1222468/BDCCC46234EE11EDACB45CEEF1222468.roa
File:                     BDCCC46234EE11EDACB45CEEF1222468.roa (raw, json)
Hash identifier:          bWeTuDjLwjcjXXalbVQak4qGcRcTM2Bs7Q2hhXrJ914=
Subject key identifier:   2F:65:D1:DF:E5:FB:24:6C:89:37:67:8C:9E:9E:71:A5:06:7F:F0:CB
Certificate issuer:       /CN=F366DA43AF/serialNumber=0620973C4AA194B69F477D9BED5597C94D0DD0F8
Certificate serial:       04
Authority key identifier: 06:20:97:3C:4A:A1:94:B6:9F:47:7D:9B:ED:55:97:C9:4D:0D:D0:F8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/BiCXPEqhlLafR32b7VWXyU0N0Pg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366DA43/24A4D94634EE11ED88ECD0ECF1222468/BDCCC46234EE11EDACB45CEEF1222468.roa
Signing time:             Thu 15 Sep 2022 12:05:51 +0000
ROA not before:           Thu 15 Sep 2022 12:05:46 +0000
ROA not after:            Wed 15 Sep 2032 12:05:46 +0000
asID:                     329097
IP address blocks:        102.215.36.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366DA43/24A4D94634EE11ED88ECD0ECF1222468/BiCXPEqhlLafR32b7VWXyU0N0Pg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366DA43/24A4D94634EE11ED88ECD0ECF1222468/BiCXPEqhlLafR32b7VWXyU0N0Pg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/BiCXPEqhlLafR32b7VWXyU0N0Pg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366DA43AF/serialNumber=0620973C4AA194B69F477D9BED5597C94D0DD0F8
        Validity
            Not Before: Sep 15 12:05:46 2022 GMT
            Not After : Sep 15 12:05:46 2032 GMT
        Subject: CN=6323151f-6ffa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:04:5d:45:a1:d2:68:0d:26:34:71:86:f5:a0:
                    9c:26:73:61:9a:3a:ec:fb:b6:82:85:8c:00:a5:cd:
                    b7:df:a0:3a:8e:0b:66:d1:23:b5:03:77:9c:ba:ca:
                    3e:28:3d:48:2e:7a:d3:93:38:75:4e:c3:7e:fe:1c:
                    e2:f8:af:de:b2:1d:58:6d:3c:f9:49:bf:89:63:4f:
                    5d:4e:55:81:ec:c2:9f:62:fb:32:c0:aa:dc:e9:3b:
                    35:45:ad:5d:ea:5f:97:a8:0f:6f:93:ff:65:e5:4c:
                    2c:2d:20:5b:9c:12:42:ba:06:e1:52:31:65:01:b5:
                    6b:35:9c:df:77:89:87:40:d1:7b:a0:c6:b6:f4:e7:
                    35:2b:bf:08:8d:b8:b6:fb:11:6e:7d:0d:0d:2f:44:
                    e2:fa:01:e1:21:22:d4:6b:1d:08:d4:f4:44:62:d6:
                    d1:af:43:32:0d:11:9d:1b:0b:af:87:ae:a5:16:80:
                    12:d7:3a:15:4d:76:7b:a7:bc:d4:41:6a:4d:a8:e8:
                    3b:64:32:6e:31:c7:77:35:32:16:fe:c0:1e:80:87:
                    56:c3:b4:b2:57:fc:f0:a7:81:16:a5:12:df:a1:88:
                    46:cc:a8:c5:69:ed:51:fd:61:f8:d0:7e:ba:49:15:
                    76:7a:72:c5:b0:2d:1b:aa:98:83:21:c4:26:6a:45:
                    aa:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:65:D1:DF:E5:FB:24:6C:89:37:67:8C:9E:9E:71:A5:06:7F:F0:CB
            X509v3 Authority Key Identifier:
                keyid:06:20:97:3C:4A:A1:94:B6:9F:47:7D:9B:ED:55:97:C9:4D:0D:D0:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366DA43/24A4D94634EE11ED88ECD0ECF1222468/BiCXPEqhlLafR32b7VWXyU0N0Pg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/BiCXPEqhlLafR32b7VWXyU0N0Pg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366DA43/24A4D94634EE11ED88ECD0ECF1222468/BDCCC46234EE11EDACB45CEEF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.215.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:f2:d4:7d:c1:72:a5:fc:cf:e0:46:9e:63:e5:13:e3:33:66:
         c3:59:a0:ef:51:4a:5a:82:68:39:12:3c:79:d0:b8:eb:41:1d:
         47:67:2a:64:92:2b:54:da:d1:55:1f:1d:da:73:f6:c2:17:b7:
         d3:c9:45:71:d8:25:88:1c:72:12:d6:e9:18:d9:72:b1:ea:5f:
         2c:af:92:84:74:5b:96:0b:48:f7:44:e7:dc:bd:65:2d:dc:d5:
         4e:4a:cb:a3:42:4b:b5:cd:d7:19:d4:0f:d3:26:7d:1c:38:61:
         60:9a:6b:92:00:fb:d0:b5:2c:d0:b5:fb:e6:2d:99:9a:c7:33:
         9c:0a:b6:a3:e0:60:95:fe:f0:70:f7:af:09:cc:86:db:e1:4e:
         68:c7:0f:72:c8:17:0a:fc:2c:72:d5:cb:64:c9:9f:5d:d6:be:
         75:b3:8e:48:87:25:a5:18:1e:2d:8f:8e:9d:82:5c:7b:a0:24:
         67:59:09:a5:ed:be:84:85:7e:38:55:f8:bc:8d:03:3f:86:5c:
         5f:c7:1a:e2:14:9d:6b:cf:e6:16:6f:e0:2e:b9:37:e7:5e:ce:
         f5:0d:51:ac:ab:10:c4:c2:8a:14:62:79:c6:6a:84:4a:8a:6f:
         4e:7f:d7:95:ed:80:f8:1b:4c:5e:c5:8b:01:14:e3:0e:db:de:
         9d:d8:4a:ee
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY2
REE0M0FGMTEwLwYDVQQFEygwNjIwOTczQzRBQTE5NEI2OUY0NzdEOUJFRDU1OTdD
OTREMEREMEY4MB4XDTIyMDkxNTEyMDU0NloXDTMyMDkxNTEyMDU0NlowGDEWMBQG
A1UEAwwNNjMyMzE1MWYtNmZmYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANAEXUWh0mgNJjRxhvWgnCZzYZo67Pu2goWMAKXNt9+gOo4LZtEjtQN3nLrK
Pig9SC5605M4dU7Dfv4c4viv3rIdWG08+Um/iWNPXU5VgezCn2L7MsCq3Ok7NUWt
Xepfl6gPb5P/ZeVMLC0gW5wSQroG4VIxZQG1azWc33eJh0DRe6DGtvTnNSu/CI24
tvsRbn0NDS9E4voB4SEi1GsdCNT0RGLW0a9DMg0RnRsLr4eupRaAEtc6FU12e6e8
1EFqTajoO2QybjHHdzUyFv7AHoCHVsO0slf88KeBFqUS36GIRsyoxWntUf1h+NB+
ukkVdnpyxbAtG6qYgyHEJmpFqv8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQvZdHf
5fskbIk3Z4yennGlBn/wyzAfBgNVHSMEGDAWgBQGIJc8SqGUtp9HfZvtVZfJTQ3Q
+DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkRBNDMvMjRBNEQ5NDYzNEVFMTFFRDg4RUNEMEVDRjEyMjI0NjgvQmlDWFBF
cWhsTGFmUjMyYjdWV1h5VTBOMFBnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQmlDWFBFcWhsTGFmUjMyYjdWV1h5VTBOMFBnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkRBNDMvMjRBNEQ5NDYzNEVFMTFFRDg4RUNEMEVDRjEy
MjI0NjgvQkRDQ0M0NjIzNEVFMTFFREFDQjQ1Q0VFRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbXJDANBgkqhkiG9w0BAQsF
AAOCAQEANvLUfcFypfzP4EaeY+UT4zNmw1mg71FKWoJoORI8edC460EdR2cqZJIr
VNrRVR8d2nP2whe308lFcdgliBxyEtbpGNlysepfLK+ShHRblgtI90Tn3L1lLdzV
TkrLo0JLtc3XGdQP0yZ9HDhhYJprkgD70LUs0LX75i2ZmscznAq2o+Bglf7wcPev
CcyG2+FOaMcPcsgXCvwsctXLZMmfXda+dbOOSIclpRgeLY+OnYJce6AkZ1kJpe2+
hIV+OFX4vI0DP4ZcX8ca4hSda8/mFm/gLrk3517O9Q1RrKsQxMKKFGJ5xmqESopv
Tn/Xle2A+BtMXsWLARTjDtvendhK7g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org