Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A141D/F5488EF440C711EEB59A4D534AD9E6FC/A6CB045440CD11EEA84BD2644AD9E6FC.roa
File:                     A6CB045440CD11EEA84BD2644AD9E6FC.roa (raw, json)
Hash identifier:          k2NQBaUwb1pqhxKitutyFUj84i7cH4npO1gBOUjSKLM=
Subject key identifier:   05:6E:11:9F:22:6B:1E:75:5B:20:10:05:AE:6A:66:97:27:7D:3E:1C
Certificate issuer:       /CN=F36A141DAF/serialNumber=FE59099EB04606653709F9A59A9C4675071BECBD
Certificate serial:       02
Authority key identifier: FE:59:09:9E:B0:46:06:65:37:09:F9:A5:9A:9C:46:75:07:1B:EC:BD
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_lkJnrBGBmU3CfmlmpxGdQcb7L0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A141D/F5488EF440C711EEB59A4D534AD9E6FC/A6CB045440CD11EEA84BD2644AD9E6FC.roa
Signing time:             Tue 22 Aug 2023 09:24:11 +0000
ROA not before:           Tue 22 Aug 2023 09:24:07 +0000
ROA not after:            Fri 31 Aug 2035 09:24:07 +0000
asID:                     328538
IP address blocks:        102.36.152.0/22 maxlen: 22
                          2c0f:6380::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A141D/F5488EF440C711EEB59A4D534AD9E6FC/_lkJnrBGBmU3CfmlmpxGdQcb7L0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A141D/F5488EF440C711EEB59A4D534AD9E6FC/_lkJnrBGBmU3CfmlmpxGdQcb7L0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_lkJnrBGBmU3CfmlmpxGdQcb7L0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A141DAF/serialNumber=FE59099EB04606653709F9A59A9C4675071BECBD
        Validity
            Not Before: Aug 22 09:24:07 2023 GMT
            Not After : Aug 31 09:24:07 2035 GMT
        Subject: CN=64e47eba-9028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:25:a3:a9:e8:61:cc:9d:0d:bc:f1:97:b5:f9:
                    1a:e5:ae:e2:61:65:3f:6f:50:0c:1a:f9:73:7c:b3:
                    83:ef:85:24:17:d6:f0:c2:14:08:ea:eb:3c:1c:70:
                    37:09:ff:0b:93:2a:4d:1f:f1:a5:f0:33:20:bf:ee:
                    bf:81:df:b3:1e:6d:8f:6c:bc:af:ab:e7:e7:e8:5b:
                    8e:0f:aa:ea:79:de:6d:df:4f:cc:0a:78:52:f7:f5:
                    b1:b4:ca:31:4f:07:50:cf:8d:7c:16:24:82:96:a0:
                    11:76:7a:3f:d8:6f:8b:33:21:73:f1:f4:5c:b2:63:
                    9b:2c:7d:cc:8f:9d:40:43:49:7a:4c:59:bd:d3:08:
                    51:7b:bd:1b:9f:ba:5a:c6:e9:9c:f3:5c:41:36:e6:
                    2b:2e:19:51:53:ee:31:24:24:a5:fd:c9:1b:cc:8c:
                    42:38:68:36:ea:f3:95:64:9c:16:1e:13:12:5d:cb:
                    30:09:52:aa:89:dd:bd:34:8a:c3:92:95:28:2e:aa:
                    bb:14:07:4a:a4:7e:67:3f:92:ae:af:3c:c5:d5:79:
                    27:06:bf:ee:38:1b:a3:b8:56:30:57:a9:83:96:bb:
                    62:4a:f8:e9:7e:c8:e3:d7:ae:44:13:39:d9:13:f6:
                    ef:e6:c4:ef:06:8f:4f:70:4f:64:e2:f4:68:c0:4c:
                    4b:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:6E:11:9F:22:6B:1E:75:5B:20:10:05:AE:6A:66:97:27:7D:3E:1C
            X509v3 Authority Key Identifier:
                keyid:FE:59:09:9E:B0:46:06:65:37:09:F9:A5:9A:9C:46:75:07:1B:EC:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A141D/F5488EF440C711EEB59A4D534AD9E6FC/_lkJnrBGBmU3CfmlmpxGdQcb7L0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_lkJnrBGBmU3CfmlmpxGdQcb7L0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A141D/F5488EF440C711EEB59A4D534AD9E6FC/A6CB045440CD11EEA84BD2644AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.36.152.0/22
                IPv6:
                  2c0f:6380::/32

    Signature Algorithm: sha256WithRSAEncryption
         66:72:86:66:71:2f:c9:13:fd:c8:ed:dd:54:c7:d1:95:9b:83:
         59:ba:e4:c0:8d:d9:9f:d2:1a:c0:5b:15:2d:be:e9:85:6f:f3:
         6d:52:2b:64:91:90:7e:40:73:e9:b2:c0:3d:f2:ce:ba:ae:93:
         e7:a1:81:9a:9d:b2:c4:8b:f0:d3:cf:40:ec:b2:51:18:ab:be:
         29:56:2c:85:13:e4:f9:10:93:57:14:53:b3:f3:cb:5a:fd:86:
         11:85:37:87:f3:b0:ad:d0:4e:21:d1:a0:05:8a:6c:59:3f:36:
         ae:ac:1b:0d:48:95:ca:9c:38:66:15:bf:bc:d7:a3:d8:93:73:
         6e:8d:66:76:a3:8a:31:92:d6:39:35:af:35:f6:6f:d8:62:f0:
         05:31:8e:e2:1e:15:a2:77:38:4c:5f:b4:79:6f:19:36:9c:0b:
         b1:ca:68:d3:29:35:12:2c:80:e1:c0:57:c5:f3:2d:c9:be:05:
         6a:8f:2e:ae:73:47:e7:7a:df:b5:4a:2b:72:f8:99:4c:07:62:
         13:d0:ab:0f:59:e4:53:71:86:3e:e3:d0:63:66:44:14:71:75:
         15:ed:4a:a4:bd:bf:5e:db:bc:17:e5:2b:de:31:09:83:c0:8e:
         b5:73:db:ff:38:7e:1c:e0:c4:bd:e6:e0:1b:1a:94:b6:e0:71:
         1b:b5:91:c6
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
MTQxREFGMTEwLwYDVQQFEyhGRTU5MDk5RUIwNDYwNjY1MzcwOUY5QTU5QTlDNDY3
NTA3MUJFQ0JEMB4XDTIzMDgyMjA5MjQwN1oXDTM1MDgzMTA5MjQwN1owGDEWMBQG
A1UEAxMNNjRlNDdlYmEtOTAyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOglo6noYcydDbzxl7X5GuWu4mFlP29QDBr5c3yzg++FJBfW8MIUCOrrPBxw
Nwn/C5MqTR/xpfAzIL/uv4Hfsx5tj2y8r6vn5+hbjg+q6nnebd9PzAp4Uvf1sbTK
MU8HUM+NfBYkgpagEXZ6P9hvizMhc/H0XLJjmyx9zI+dQENJekxZvdMIUXu9G5+6
WsbpnPNcQTbmKy4ZUVPuMSQkpf3JG8yMQjhoNurzlWScFh4TEl3LMAlSqondvTSK
w5KVKC6quxQHSqR+Zz+Srq88xdV5Jwa/7jgbo7hWMFepg5a7Ykr46X7I49euRBM5
2RP27+bE7waPT3BPZOL0aMBMS0MCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQFbhGf
ImsedVsgEAWuamaXJ30+HDAfBgNVHSMEGDAWgBT+WQmesEYGZTcJ+aWanEZ1Bxvs
vTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTE0MUQvRjU0ODhFRjQ0MEM3MTFFRUI1OUE0RDUzNEFEOUU2RkMvX2xrSm5y
QkdCbVUzQ2ZtbG1weEdkUWNiN0wwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX2xrSm5yQkdCbVUzQ2ZtbG1weEdkUWNiN0wwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTE0MUQvRjU0ODhFRjQ0MEM3MTFFRUI1OUE0RDUzNEFE
OUU2RkMvQTZDQjA0NTQ0MENEMTFFRUE4NEJEMjY0NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmYkmDANBAIAAjAHAwUALA9j
gDANBgkqhkiG9w0BAQsFAAOCAQEAZnKGZnEvyRP9yO3dVMfRlZuDWbrkwI3Zn9Ia
wFsVLb7phW/zbVIrZJGQfkBz6bLAPfLOuq6T56GBmp2yxIvw089A7LJRGKu+KVYs
hRPk+RCTVxRTs/PLWv2GEYU3h/OwrdBOIdGgBYpsWT82rqwbDUiVypw4ZhW/vNej
2JNzbo1mdqOKMZLWOTWvNfZv2GLwBTGO4h4Vonc4TF+0eW8ZNpwLscpo0yk1EiyA
4cBXxfMtyb4Fao8urnNH53rftUorcviZTAdiE9CrD1nkU3GGPuPQY2ZEFHF1Fe1K
pL2/Xtu8F+Ur3jEJg8COtXPb/zh+HODEvebgGxqUtuBxG7WRxg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:18 2024 by rpki-client on console-ams.rpki-client.org