Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/56D48534366511ECAAF07024D8A014CE.roa
File:                     56D48534366511ECAAF07024D8A014CE.roa (raw, json)
Hash identifier:          9qlP2hqRYd4Iy/H8X2UWaaYT/2UVtHIcp+5pW7Qt6Lk=
Subject key identifier:   6B:5B:6B:5A:DC:E1:D8:54:72:37:49:94:FE:92:14:32:6E:12:B1:CE
Certificate issuer:       /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial:       6F
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/56D48534366511ECAAF07024D8A014CE.roa
Signing time:             Tue 26 Oct 2021 14:02:22 +0000
ROA not before:           Tue 26 Oct 2021 14:02:17 +0000
ROA not after:            Sun 26 Oct 2031 14:02:17 +0000
asID:                     37645
IP address blocks:        102.218.148.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 111 (0x6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
        Validity
            Not Before: Oct 26 14:02:17 2021 GMT
            Not After : Oct 26 14:02:17 2031 GMT
        Subject: CN=61780a6e-3442
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:6b:3e:0d:94:ae:50:c2:0f:75:c6:9a:17:68:
                    1a:f7:e2:d8:f2:09:ad:02:fe:6c:44:c6:16:f2:c5:
                    04:99:ca:da:8a:75:95:44:68:54:b2:23:59:01:04:
                    fa:96:d3:02:6e:b0:f5:7f:ed:d7:ff:72:82:70:d2:
                    8f:4c:b3:77:bf:99:42:d3:37:ac:96:84:6a:e6:28:
                    8f:62:dc:20:01:27:0d:91:25:1e:a4:5f:b2:26:1d:
                    b0:de:32:e9:c5:7c:f8:91:76:b4:21:9b:95:a3:72:
                    cb:8f:f9:67:b7:77:88:25:43:6d:4b:7c:9e:99:09:
                    cb:a8:e3:f7:d5:dc:8e:c3:09:e2:89:f2:60:54:53:
                    9f:61:7f:a1:76:32:3f:32:02:79:79:0b:1b:78:62:
                    f1:11:64:9d:30:b5:a5:63:97:c7:b5:26:70:30:82:
                    0e:82:c0:62:17:25:f8:b2:8c:ef:8d:94:13:d0:bb:
                    2d:3d:21:08:fc:c6:a8:7c:fe:4f:7f:0d:88:69:46:
                    11:61:a5:17:1c:e5:00:37:39:4c:d1:fa:e3:fd:20:
                    3a:20:de:db:81:b9:df:63:36:eb:0c:8c:aa:a1:4f:
                    0e:3e:3c:c0:04:85:c5:1e:12:a4:e0:09:5d:84:ed:
                    b4:9e:db:ee:b2:d1:ec:f6:37:75:dd:0c:8a:42:09:
                    bb:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:5B:6B:5A:DC:E1:D8:54:72:37:49:94:FE:92:14:32:6E:12:B1:CE
            X509v3 Authority Key Identifier:
                keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/56D48534366511ECAAF07024D8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.218.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:d1:22:19:60:db:cd:d1:ee:7a:e5:29:44:99:7e:ac:47:16:
         c3:c5:86:e4:4f:13:29:23:38:8e:7f:91:e6:8e:9f:61:56:9e:
         db:44:dd:d6:6b:63:6c:4a:fc:2c:ac:8c:38:75:00:96:2c:6b:
         5f:4c:c0:bb:0e:a1:93:77:60:e9:b6:47:fb:21:d6:c0:ac:9c:
         90:eb:9d:3e:fd:fc:4a:e0:d2:11:1c:de:85:f1:5c:fb:29:02:
         a9:ac:af:23:39:57:e2:77:1e:37:ec:5c:a5:fe:ad:27:95:1e:
         b8:7a:17:76:68:cc:02:76:2e:cf:97:92:0b:58:e6:29:f1:66:
         4e:05:86:2d:06:78:9b:e1:52:ad:39:93:a9:de:0f:70:f6:d3:
         66:8e:b8:41:a5:2a:0f:11:b2:91:bc:aa:29:6d:d7:e0:4d:8a:
         3d:52:ea:74:b3:b4:3b:ae:66:03:9b:d6:6e:dd:90:46:c8:a4:
         56:d6:f7:ec:fb:6e:4a:d9:8e:f5:07:1b:80:89:51:8f:44:b3:
         d1:0a:52:94:c6:9b:69:4d:e3:1f:11:0e:63:6a:43:b0:35:2c:
         57:2c:1d:43:07:59:be:d5:05:ce:a7:a6:c9:9c:23:e4:e6:4f:
         03:b5:b0:ff:94:24:a8:f9:e7:fc:66:0a:16:5b:04:a8:6b:d0:
         24:57:72:60
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBbzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZB
MUNFRkFGMTEwLwYDVQQFEyg4MkYxQzY2MTFBM0ExNDY3REIzRDc4QTRBNUZFRDUw
QTA4QTU3QjEzMB4XDTIxMTAyNjE0MDIxN1oXDTMxMTAyNjE0MDIxN1owGDEWMBQG
A1UEAwwNNjE3ODBhNmUtMzQ0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBrPg2UrlDCD3XGmhdoGvfi2PIJrQL+bETGFvLFBJnK2op1lURoVLIjWQEE
+pbTAm6w9X/t1/9ygnDSj0yzd7+ZQtM3rJaEauYoj2LcIAEnDZElHqRfsiYdsN4y
6cV8+JF2tCGblaNyy4/5Z7d3iCVDbUt8npkJy6jj99XcjsMJ4onyYFRTn2F/oXYy
PzICeXkLG3hi8RFknTC1pWOXx7UmcDCCDoLAYhcl+LKM742UE9C7LT0hCPzGqHz+
T38NiGlGEWGlFxzlADc5TNH64/0gOiDe24G532M26wyMqqFPDj48wASFxR4SpOAJ
XYTttJ7b7rLR7PY3dd0MikIJu8kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRrW2ta
3OHYVHI3SZT+khQybhKxzjAfBgNVHSMEGDAWgBSC8cZhGjoUZ9s9eKSl/tUKCKV7
EzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTFDRUYvN0YzODhERTRGMTM4MTFFQjkxN0ZENzE3RDhBMDE0Q0UvZ3ZIR1lS
bzZGR2ZiUFhpa3BmN1ZDZ2lsZXhNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ3ZIR1lSbzZGR2ZiUFhpa3BmN1ZDZ2lsZXhNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTFDRUYvN0YzODhERTRGMTM4MTFFQjkxN0ZENzE3RDhB
MDE0Q0UvNTZENDg1MzQzNjY1MTFFQ0FBRjA3MDI0RDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbalDANBgkqhkiG9w0BAQsF
AAOCAQEAS9EiGWDbzdHueuUpRJl+rEcWw8WG5E8TKSM4jn+R5o6fYVae20Td1mtj
bEr8LKyMOHUAlixrX0zAuw6hk3dg6bZH+yHWwKyckOudPv38SuDSERzehfFc+ykC
qayvIzlX4nceN+xcpf6tJ5UeuHoXdmjMAnYuz5eSC1jmKfFmTgWGLQZ4m+FSrTmT
qd4PcPbTZo64QaUqDxGykbyqKW3X4E2KPVLqdLO0O65mA5vWbt2QRsikVtb37Ptu
StmO9QcbgIlRj0Sz0QpSlMabaU3jHxEOY2pDsDUsVywdQwdZvtUFzqemyZwj5OZP
A7Ww/5QkqPnn/GYKFlsEqGvQJFdyYA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org