Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A0CB0/182F4984C21811EB994E4271F8AEA228/4E070DD6D22711EE84901E62775412E6.roa
File:                     4E070DD6D22711EE84901E62775412E6.roa (raw, json)
Hash identifier:          BH/57g82jCGEW3Gi9zhi5zpe2WKpng1h5j7GySibBtY=
Subject key identifier:   89:7E:95:2D:92:FE:CE:D1:A6:B1:00:8D:83:E4:3C:71:FD:A7:3A:96
Certificate issuer:       /CN=F36A0CB0AF/serialNumber=E10522573457FAD9CB5A6F5C19D68CCE6D6E9C23
Certificate serial:       041A
Authority key identifier: E1:05:22:57:34:57:FA:D9:CB:5A:6F:5C:19:D6:8C:CE:6D:6E:9C:23
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/4QUiVzRX-tnLWm9cGdaMzm1unCM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A0CB0/182F4984C21811EB994E4271F8AEA228/4E070DD6D22711EE84901E62775412E6.roa
Signing time:             Fri 23 Feb 2024 08:41:15 +0000
ROA not before:           Fri 23 Feb 2024 08:41:12 +0000
ROA not after:            Wed 30 Apr 2031 08:41:12 +0000
asID:                     327750
IP address blocks:        102.209.176.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A0CB0/182F4984C21811EB994E4271F8AEA228/4QUiVzRX-tnLWm9cGdaMzm1unCM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A0CB0/182F4984C21811EB994E4271F8AEA228/4QUiVzRX-tnLWm9cGdaMzm1unCM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/4QUiVzRX-tnLWm9cGdaMzm1unCM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1050 (0x41a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A0CB0AF/serialNumber=E10522573457FAD9CB5A6F5C19D68CCE6D6E9C23
        Validity
            Not Before: Feb 23 08:41:12 2024 GMT
            Not After : Apr 30 08:41:12 2031 GMT
        Subject: CN=65d85a2b-3ef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:c1:3c:2b:55:66:d7:44:50:34:c9:c3:28:8f:
                    9a:45:94:9e:5b:02:fa:f4:2d:1f:0b:f5:e5:61:fe:
                    9d:57:92:93:be:a9:3e:64:7b:b1:c9:c3:34:e1:64:
                    13:ca:bc:a8:88:e7:9f:f9:ed:7c:5a:3e:c0:82:29:
                    f6:41:98:bd:65:93:2c:de:ee:00:ab:63:2d:6e:a2:
                    97:d4:a6:8a:ea:af:16:11:9c:10:2f:33:fa:eb:b9:
                    3e:6a:fe:bb:91:3d:f6:88:54:9f:a1:d1:d6:9c:59:
                    04:68:ba:07:3f:eb:87:00:f9:06:48:bb:8a:cb:29:
                    0d:ea:62:a9:6d:09:58:bc:d0:50:5f:c2:63:e9:3a:
                    e7:af:8e:ec:59:fc:31:f7:6d:b6:1e:55:d9:66:07:
                    91:ee:9a:04:5d:ab:13:74:a7:e5:3a:17:82:14:34:
                    aa:be:79:73:bf:ca:c2:98:c4:c3:f7:f8:02:ea:18:
                    70:1e:9a:a9:aa:0c:f1:b2:91:53:21:21:aa:46:ec:
                    f9:62:6f:50:69:7e:da:c6:68:bb:80:4d:09:99:8a:
                    76:68:ba:77:31:fb:65:68:aa:ec:1c:72:cf:6e:18:
                    f9:4d:bf:2e:38:4a:05:65:99:17:38:f6:68:f2:14:
                    b2:9f:20:99:ff:5b:cf:0a:1a:3b:d6:ec:04:d3:91:
                    a5:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:7E:95:2D:92:FE:CE:D1:A6:B1:00:8D:83:E4:3C:71:FD:A7:3A:96
            X509v3 Authority Key Identifier:
                keyid:E1:05:22:57:34:57:FA:D9:CB:5A:6F:5C:19:D6:8C:CE:6D:6E:9C:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A0CB0/182F4984C21811EB994E4271F8AEA228/4QUiVzRX-tnLWm9cGdaMzm1unCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4QUiVzRX-tnLWm9cGdaMzm1unCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A0CB0/182F4984C21811EB994E4271F8AEA228/4E070DD6D22711EE84901E62775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:27:e1:15:cd:ff:2a:6e:6f:8f:d2:f0:bc:30:01:bf:e7:1e:
         fa:63:03:43:54:c8:63:06:c6:7e:1d:bb:38:a2:3e:d4:c4:94:
         7e:75:36:9e:5f:86:72:e0:3d:17:fc:ad:c6:41:b4:95:db:1b:
         67:b6:fe:25:16:04:e9:ac:bf:00:4e:2f:7d:48:16:12:26:3b:
         56:aa:12:2f:16:9e:b3:56:eb:75:35:6f:9c:5e:1c:7e:47:b6:
         23:1a:4c:c4:6b:3c:08:fd:dd:b7:cf:2e:cd:8e:6a:96:f6:d3:
         42:a0:c1:26:57:40:8c:fc:16:39:7c:c8:13:86:45:6e:0d:d1:
         22:ba:ec:4a:3e:f4:2b:2f:2d:52:59:bb:15:e7:0d:46:a6:44:
         fa:6c:51:79:dc:8e:f5:22:e9:12:48:58:73:c3:63:0b:91:9f:
         0a:88:95:d8:ea:20:d0:3b:5e:4d:90:3b:a0:be:e5:64:d5:ec:
         64:07:eb:72:a9:62:20:a7:8c:c3:85:64:dd:9c:33:4c:6a:c2:
         67:32:89:2a:ba:3f:d0:a9:cf:1c:3a:dc:3e:12:29:81:8b:87:
         91:56:13:f7:96:9d:60:84:f6:2a:a8:ea:1b:94:ea:a4:4c:42:
         11:4e:ee:6f:78:4b:ae:3d:b9:b3:4c:93:3c:5f:00:14:a0:e9:
         10:29:17:1a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBBowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTBDQjBBRjExMC8GA1UEBRMoRTEwNTIyNTczNDU3RkFEOUNCNUE2RjVDMTlENjhD
Q0U2RDZFOUMyMzAeFw0yNDAyMjMwODQxMTJaFw0zMTA0MzAwODQxMTJaMBgxFjAU
BgNVBAMTDTY1ZDg1YTJiLTNlZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLwTwrVWbXRFA0ycMoj5pFlJ5bAvr0LR8L9eVh/p1XkpO+qT5ke7HJwzTh
ZBPKvKiI55/57XxaPsCCKfZBmL1lkyze7gCrYy1uopfUporqrxYRnBAvM/rruT5q
/ruRPfaIVJ+h0dacWQRougc/64cA+QZIu4rLKQ3qYqltCVi80FBfwmPpOuevjuxZ
/DH3bbYeVdlmB5HumgRdqxN0p+U6F4IUNKq+eXO/ysKYxMP3+ALqGHAemqmqDPGy
kVMhIapG7Plib1BpftrGaLuATQmZinZouncx+2Voquwccs9uGPlNvy44SgVlmRc4
9mjyFLKfIJn/W88KGjvW7ATTkaXZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUiX6V
LZL+ztGmsQCNg+Q8cf2nOpYwHwYDVR0jBBgwFoAU4QUiVzRX+tnLWm9cGdaMzm1u
nCMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkEwQ0IwLzE4MkY0OTg0QzIxODExRUI5OTRFNDI3MUY4QUVBMjI4LzRRVWlW
elJYLXRuTFdtOWNHZGFNem0xdW5DTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzRRVWlWelJYLXRuTFdtOWNHZGFNem0xdW5DTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkEwQ0IwLzE4MkY0OTg0QzIxODExRUI5OTRFNDI3MUY4
QUVBMjI4LzRFMDcwREQ2RDIyNzExRUU4NDkwMUU2Mjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0bAwDQYJKoZIhvcNAQEL
BQADggEBAAQn4RXN/ypub4/S8LwwAb/nHvpjA0NUyGMGxn4duziiPtTElH51Np5f
hnLgPRf8rcZBtJXbG2e2/iUWBOmsvwBOL31IFhImO1aqEi8WnrNW63U1b5xeHH5H
tiMaTMRrPAj93bfPLs2Oapb200KgwSZXQIz8Fjl8yBOGRW4N0SK67Eo+9CsvLVJZ
uxXnDUamRPpsUXncjvUi6RJIWHPDYwuRnwqIldjqINA7Xk2QO6C+5WTV7GQH63Kp
YiCnjMOFZN2cM0xqwmcyiSq6P9Cpzxw63D4SKYGLh5FWE/eWnWCE9iqo6huU6qRM
QhFO7m94S649ubNMkzxfABSg6RApFxo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org