Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/664C2930DBAA11EEBDCFF69B775412E6.roa
File:                     664C2930DBAA11EEBDCFF69B775412E6.roa (raw, json)
Hash identifier:          jXvx3Rxn9FpNmCMQtH/GLTAUSkTFxeG70DHFMH0gCrs=
Subject key identifier:   E4:4A:71:24:48:E4:B7:1D:F3:DB:F4:C3:E6:E8:E8:FE:85:9D:C3:CF
Certificate issuer:       /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial:       042C
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/664C2930DBAA11EEBDCFF69B775412E6.roa
Signing time:             Wed 06 Mar 2024 11:12:20 +0000
ROA not before:           Wed 06 Mar 2024 11:12:17 +0000
ROA not after:            Mon 06 Mar 2034 11:12:17 +0000
asID:                     37645
IP address blocks:        102.210.120.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1068 (0x42c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
        Validity
            Not Before: Mar  6 11:12:17 2024 GMT
            Not After : Mar  6 11:12:17 2034 GMT
        Subject: CN=65e84f94-1a4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:cc:b6:30:8a:e2:94:7e:8b:19:a9:7c:bc:5b:
                    c2:4d:ae:06:ba:3a:9f:0f:f3:5c:f3:63:74:a1:80:
                    bb:75:b5:31:ef:95:a3:3f:77:77:72:bc:ec:fa:e2:
                    19:d3:26:d4:82:6f:37:55:7d:25:62:a3:0f:ea:08:
                    1e:d0:5f:5a:1b:04:9d:d6:12:9a:63:61:7f:ea:a7:
                    3b:15:2f:ea:4e:ba:c2:8e:7d:bf:58:5d:59:08:d8:
                    ea:15:44:2e:69:9e:e1:9c:ad:50:2a:9e:86:c8:c3:
                    21:49:12:c7:85:0d:1a:dc:6f:6d:e0:88:f2:c2:8e:
                    d1:b3:0c:0b:7d:6f:c4:9d:17:79:3b:e9:54:b1:4e:
                    9e:5d:08:70:f9:88:cf:b6:77:5c:8e:58:25:7c:74:
                    cc:4d:5b:47:8a:52:3b:dc:c7:a3:dc:67:69:c7:2a:
                    8e:4c:ea:03:fe:cc:68:8a:3b:60:2d:09:c3:bd:4b:
                    12:d9:3a:ec:d7:9f:5b:47:8d:4d:8b:d0:d8:1f:f9:
                    f5:7a:42:11:9b:97:9d:a3:87:71:61:ed:38:de:31:
                    e6:96:21:48:81:69:32:73:ac:97:75:37:3f:a1:f1:
                    8d:af:69:d8:dc:a8:c9:ea:e3:72:bf:d2:03:3c:79:
                    58:87:e1:5e:af:c3:c3:64:91:65:50:53:28:6c:6f:
                    9e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:4A:71:24:48:E4:B7:1D:F3:DB:F4:C3:E6:E8:E8:FE:85:9D:C3:CF
            X509v3 Authority Key Identifier:
                keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/664C2930DBAA11EEBDCFF69B775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.210.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5e:c1:c1:6e:63:5a:39:17:84:11:1b:06:27:d2:f4:55:26:ed:
         7d:0b:6f:06:4f:e3:88:2b:d2:8f:3d:58:6f:7e:d4:28:16:c5:
         a6:2c:cc:43:77:64:6b:90:f7:94:8a:5f:bc:92:21:8f:34:49:
         86:57:3c:a2:89:66:1c:27:b4:44:13:5f:3e:9d:35:e5:0b:9a:
         51:6a:e0:ba:a8:d9:f2:c9:dc:0e:1d:b6:d3:84:d9:6a:80:fb:
         0d:2b:91:6c:c8:cf:ee:95:5f:a1:4b:80:44:85:af:4c:e5:be:
         c8:13:4b:2b:00:56:60:87:8c:f3:01:f8:7d:07:6d:4f:7b:30:
         43:51:b9:81:8d:01:7f:f0:4b:de:12:88:12:3b:9b:91:e7:a6:
         06:26:4d:7d:a8:d6:02:ac:be:3d:9f:44:32:d9:56:d3:91:e2:
         7d:98:86:01:e8:2b:bd:63:b4:20:02:22:ed:9c:68:70:1f:a3:
         6a:8d:b9:10:a4:71:28:20:9c:e1:4c:85:20:5f:f3:40:f4:d2:
         a3:39:19:03:55:8f:f0:ed:42:02:72:af:15:f5:d8:de:58:bb:
         f3:4e:bd:7d:e9:90:e3:4c:54:3e:f3:7f:2c:ab:f4:72:53:3e:
         49:c8:e3:30:4a:8b:a1:54:aa:5e:2e:2e:5a:ab:fd:17:84:5d:
         c3:a7:4b:53
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBCwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTFDRUZBRjExMC8GA1UEBRMoODJGMUM2NjExQTNBMTQ2N0RCM0Q3OEE0QTVGRUQ1
MEEwOEE1N0IxMzAeFw0yNDAzMDYxMTEyMTdaFw0zNDAzMDYxMTEyMTdaMBgxFjAU
BgNVBAMTDTY1ZTg0Zjk0LTFhNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPzLYwiuKUfosZqXy8W8JNrga6Op8P81zzY3ShgLt1tTHvlaM/d3dyvOz6
4hnTJtSCbzdVfSViow/qCB7QX1obBJ3WEppjYX/qpzsVL+pOusKOfb9YXVkI2OoV
RC5pnuGcrVAqnobIwyFJEseFDRrcb23giPLCjtGzDAt9b8SdF3k76VSxTp5dCHD5
iM+2d1yOWCV8dMxNW0eKUjvcx6PcZ2nHKo5M6gP+zGiKO2AtCcO9SxLZOuzXn1tH
jU2L0Ngf+fV6QhGbl52jh3Fh7TjeMeaWIUiBaTJzrJd1Nz+h8Y2vadjcqMnq43K/
0gM8eViH4V6vw8NkkWVQUyhsb54HAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU5Epx
JEjktx3z2/TD5ujo/oWdw88wHwYDVR0jBBgwFoAUgvHGYRo6FGfbPXikpf7VCgil
exMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4QTAxNENFL2d2SEdZ
Um82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2d2SEdZUm82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4
QTAxNENFLzY2NEMyOTMwREJBQTExRUVCRENGRjY5Qjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0ngwDQYJKoZIhvcNAQEL
BQADggEBAF7BwW5jWjkXhBEbBifS9FUm7X0LbwZP44gr0o89WG9+1CgWxaYszEN3
ZGuQ95SKX7ySIY80SYZXPKKJZhwntEQTXz6dNeULmlFq4Lqo2fLJ3A4dttOE2WqA
+w0rkWzIz+6VX6FLgESFr0zlvsgTSysAVmCHjPMB+H0HbU97MENRuYGNAX/wS94S
iBI7m5HnpgYmTX2o1gKsvj2fRDLZVtOR4n2YhgHoK71jtCACIu2caHAfo2qNuRCk
cSggnOFMhSBf80D00qM5GQNVj/DtQgJyrxX12N5Yu/NOvX3pkONMVD7zfyyr9HJT
PknI4zBKi6FUql4uLlqr/ReEXcOnS1M=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org