Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/093B0E90C8FB11ED98CB97FAF1222468.roa
File:                     093B0E90C8FB11ED98CB97FAF1222468.roa (raw, json)
Hash identifier:          vpXXt/ow+0lo+USnVnwFlT861El/Od59M/k7eEJfBuw=
Subject key identifier:   B8:3F:C3:C9:E6:E9:57:D9:B8:2E:D3:CA:4E:7C:68:B3:8B:1F:E5:8F
Certificate issuer:       /CN=F36952BDAF/serialNumber=F3E24E5A9B76FE4D25D3175C3A5F7C29C6FB0488
Certificate serial:       02
Authority key identifier: F3:E2:4E:5A:9B:76:FE:4D:25:D3:17:5C:3A:5F:7C:29:C6:FB:04:88
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/8-JOWpt2_k0l0xdcOl98Kcb7BIg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/093B0E90C8FB11ED98CB97FAF1222468.roa
Signing time:             Wed 22 Mar 2023 21:46:44 +0000
ROA not before:           Thu 23 Mar 2023 21:46:38 +0000
ROA not after:            Sat 31 Dec 2033 21:46:38 +0000
asID:                     329211
IP address blocks:        102.212.236.0/22 maxlen: 24
                          2c0f:3980::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/8-JOWpt2_k0l0xdcOl98Kcb7BIg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/8-JOWpt2_k0l0xdcOl98Kcb7BIg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/8-JOWpt2_k0l0xdcOl98Kcb7BIg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36952BDAF/serialNumber=F3E24E5A9B76FE4D25D3175C3A5F7C29C6FB0488
        Validity
            Not Before: Mar 23 21:46:38 2023 GMT
            Not After : Dec 31 21:46:38 2033 GMT
        Subject: CN=641b7744-6ba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f3:7a:c4:4b:95:4c:a9:55:70:29:15:b5:fc:
                    e6:7e:37:b5:21:94:90:9f:aa:d9:df:ec:6f:b7:e1:
                    75:50:1e:35:61:2b:fb:16:2a:b0:d3:75:fc:bd:dd:
                    b9:17:e0:a2:49:e6:38:78:61:d5:ea:a4:84:0b:0f:
                    91:0a:f0:e2:07:26:7b:bc:17:cc:b1:cd:1b:c3:ca:
                    89:6f:4a:af:54:a7:8b:4e:e7:8c:38:8a:15:5f:2b:
                    79:8f:1f:af:0c:b8:b1:29:53:32:13:0f:3f:88:80:
                    ea:d9:7e:ac:81:8d:e3:dd:ec:a7:8e:20:3f:69:8a:
                    4b:f8:aa:53:62:e7:20:4c:13:e1:bb:e0:8f:14:c5:
                    3a:43:d5:03:11:65:45:86:60:22:c2:1f:af:fb:a3:
                    1a:6b:81:35:70:9d:2a:16:8c:0d:90:43:bf:7a:f9:
                    f3:09:b4:49:bf:4e:93:c8:b2:8f:05:3e:29:2d:d3:
                    c0:f5:b8:98:13:d5:d3:d0:3b:c8:08:53:69:7b:0a:
                    6f:f4:cc:62:90:c4:67:d1:d9:2d:68:cb:3e:d2:d3:
                    88:19:d1:bf:d2:69:15:5b:71:3a:4e:7c:df:a1:4a:
                    d3:29:a6:f4:9d:d6:e4:4e:7b:98:5e:7d:90:af:ca:
                    e2:1d:7c:a0:4b:7d:12:4f:51:4b:4c:ce:59:8f:ee:
                    47:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:3F:C3:C9:E6:E9:57:D9:B8:2E:D3:CA:4E:7C:68:B3:8B:1F:E5:8F
            X509v3 Authority Key Identifier:
                keyid:F3:E2:4E:5A:9B:76:FE:4D:25:D3:17:5C:3A:5F:7C:29:C6:FB:04:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/8-JOWpt2_k0l0xdcOl98Kcb7BIg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/8-JOWpt2_k0l0xdcOl98Kcb7BIg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36952BD/BEBBAF78C8FA11EDA63284F9F1222468/093B0E90C8FB11ED98CB97FAF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.236.0/22
                IPv6:
                  2c0f:3980::/32

    Signature Algorithm: sha256WithRSAEncryption
         7b:03:51:c9:e1:b1:01:a9:fd:d1:26:3c:76:1e:e9:63:62:9e:
         0d:df:3d:d3:34:72:2f:5a:0e:c2:52:9b:08:67:82:49:e3:25:
         da:9b:db:7a:65:43:fd:db:b8:23:a8:49:70:53:e4:b6:4b:c2:
         b2:89:65:fc:c7:97:1b:03:2d:fb:08:19:2b:9e:81:8d:1d:d4:
         90:0e:e3:90:99:82:b6:87:39:42:c9:8e:c2:df:b8:82:37:5e:
         7b:f3:6c:8a:0f:79:3d:9b:f4:c7:f8:ff:a5:3b:ad:b8:36:ee:
         e7:08:64:39:6a:11:76:cb:f5:c8:71:5c:fa:f1:9f:59:be:aa:
         cc:23:28:46:e6:89:14:d7:9a:5a:d6:00:c3:84:4b:dc:d2:60:
         88:24:c2:1b:7d:77:8d:51:27:b0:93:f6:67:b0:a4:8a:6c:8c:
         39:b6:4e:80:26:e2:20:0d:c2:d2:0b:ce:b0:7d:e4:61:79:f9:
         6b:71:34:40:6d:77:46:89:03:ec:48:69:a5:64:fa:c9:a1:71:
         ec:76:58:87:aa:ff:55:90:1a:f4:52:91:0e:5e:5d:54:c0:0b:
         f0:c8:0a:2d:ba:ba:7c:58:ac:1d:25:32:69:0b:cb:98:62:e3:
         11:80:35:96:16:b9:f1:69:6a:16:05:8a:49:24:9b:6a:ee:19:
         86:09:a4:90
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY5
NTJCREFGMTEwLwYDVQQFEyhGM0UyNEU1QTlCNzZGRTREMjVEMzE3NUMzQTVGN0My
OUM2RkIwNDg4MB4XDTIzMDMyMzIxNDYzOFoXDTMzMTIzMTIxNDYzOFowGDEWMBQG
A1UEAwwNNjQxYjc3NDQtNmJhMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXzesRLlUypVXApFbX85n43tSGUkJ+q2d/sb7fhdVAeNWEr+xYqsNN1/L3d
uRfgoknmOHhh1eqkhAsPkQrw4gcme7wXzLHNG8PKiW9Kr1Sni07njDiKFV8reY8f
rwy4sSlTMhMPP4iA6tl+rIGN493sp44gP2mKS/iqU2LnIEwT4bvgjxTFOkPVAxFl
RYZgIsIfr/ujGmuBNXCdKhaMDZBDv3r58wm0Sb9Ok8iyjwU+KS3TwPW4mBPV09A7
yAhTaXsKb/TMYpDEZ9HZLWjLPtLTiBnRv9JpFVtxOk5836FK0ymm9J3W5E57mF59
kK/K4h18oEt9Ek9RS0zOWY/uR38CAwEAAaOCArQwggKwMB0GA1UdDgQWBBS4P8PJ
5ulX2bgu08pOfGizix/ljzAfBgNVHSMEGDAWgBTz4k5am3b+TSXTF1w6X3wpxvsE
iDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTUyQkQvQkVCQkFGNzhDOEZBMTFFREE2MzI4NEY5RjEyMjI0NjgvOC1KT1dw
dDJfazBsMHhkY09sOThLY2I3QklnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOC1KT1dwdDJfazBsMHhkY09sOThLY2I3QklnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTUyQkQvQkVCQkFGNzhDOEZBMTFFREE2MzI4NEY5RjEy
MjI0NjgvMDkzQjBFOTBDOEZCMTFFRDk4Q0I5N0ZBRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbU7DANBAIAAjAHAwUALA85
gDANBgkqhkiG9w0BAQsFAAOCAQEAewNRyeGxAan90SY8dh7pY2KeDd890zRyL1oO
wlKbCGeCSeMl2pvbemVD/du4I6hJcFPktkvCsoll/MeXGwMt+wgZK56BjR3UkA7j
kJmCtoc5QsmOwt+4gjdee/Nsig95PZv0x/j/pTutuDbu5whkOWoRdsv1yHFc+vGf
Wb6qzCMoRuaJFNeaWtYAw4RL3NJgiCTCG313jVEnsJP2Z7CkimyMObZOgCbiIA3C
0gvOsH3kYXn5a3E0QG13RokD7EhppWT6yaFx7HZYh6r/VZAa9FKRDl5dVMAL8MgK
Lbq6fFisHSUyaQvLmGLjEYA1lha58WlqFgWKSSSbau4ZhgmkkA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:14 2024 by rpki-client on console-ams.rpki-client.org