Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/6AF017587A0811EDBFC04983F1222468.roa
File:                     6AF017587A0811EDBFC04983F1222468.roa (raw, json)
Hash identifier:          2CrRYRu/rPDODQF+1u1w+NJEjDucfctIyM+OcrCAuXQ=
Subject key identifier:   E2:E4:02:3B:58:44:A1:13:3B:F3:B9:FD:EA:73:50:82:CA:A6:37:FF
Certificate issuer:       /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial:       0235
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/6AF017587A0811EDBFC04983F1222468.roa
Signing time:             Mon 12 Dec 2022 10:33:29 +0000
ROA not before:           Mon 12 Dec 2022 10:33:24 +0000
ROA not after:            Sun 12 Dec 2032 10:33:24 +0000
asID:                     37645
IP address blocks:        102.213.96.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 565 (0x235)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
        Validity
            Not Before: Dec 12 10:33:24 2022 GMT
            Not After : Dec 12 10:33:24 2032 GMT
        Subject: CN=63970379-6995
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:17:c8:b3:22:75:38:b8:ab:ba:1e:4c:59:b4:
                    95:e2:81:73:d1:8f:eb:31:da:f0:11:68:87:b1:98:
                    7b:9c:3e:1a:5d:7a:6a:9c:01:5f:c5:65:4d:68:68:
                    9a:8d:3e:26:0a:85:86:e4:ba:02:e6:e5:de:41:7a:
                    1d:31:3e:27:ea:e5:1c:d0:3f:62:c2:72:df:8f:83:
                    7b:08:2e:a4:c8:1e:b8:5b:6a:86:81:59:19:58:39:
                    9a:7f:b2:50:34:2d:08:5c:d9:3f:23:35:72:50:22:
                    d1:40:9c:e8:a1:23:e7:58:84:18:bf:08:f2:67:14:
                    51:43:05:f6:23:92:e6:c3:85:c2:a3:a7:33:64:eb:
                    be:76:d0:41:4e:ee:a2:83:f3:1f:12:9a:5f:98:d5:
                    56:f4:b5:ca:12:2f:18:18:1f:8f:14:b6:82:de:dd:
                    ed:b7:d3:92:3a:bc:3b:5c:54:ac:3e:74:b3:b1:74:
                    00:88:5e:38:ee:f3:82:41:44:a7:0f:25:8b:f8:3d:
                    d3:b5:72:60:80:d8:8c:03:d8:0d:32:f0:e3:1d:0a:
                    3e:59:32:8b:e8:80:a1:b8:48:b3:7f:07:5a:5b:a5:
                    05:e8:55:1f:18:33:a4:d7:9a:78:97:42:40:8e:fc:
                    11:f4:ad:4b:80:bd:30:60:75:81:eb:a1:c3:66:c9:
                    b1:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:E4:02:3B:58:44:A1:13:3B:F3:B9:FD:EA:73:50:82:CA:A6:37:FF
            X509v3 Authority Key Identifier:
                keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/6AF017587A0811EDBFC04983F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.213.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:01:2c:76:2e:18:50:87:6f:9b:2b:e9:f2:4b:c9:a0:20:2d:
         33:05:6a:9a:c7:48:a6:da:91:30:1b:aa:b6:a4:e1:64:a1:03:
         1a:d4:c6:06:8d:32:9d:33:da:b4:df:8f:b3:17:a4:95:50:ef:
         04:e4:23:a9:af:ec:d2:6f:a4:a5:63:2c:64:a6:fb:10:03:ba:
         62:9b:ad:83:31:23:01:35:3a:49:51:85:ef:a3:97:ca:4f:c5:
         80:da:d1:65:76:f4:df:fa:40:6e:86:15:d9:4d:17:16:fb:22:
         fa:32:c0:39:60:b7:1a:f8:61:70:ac:61:d0:43:55:3f:b4:74:
         94:bb:44:33:19:b6:9b:29:33:90:03:69:3d:a1:b9:f0:1f:58:
         35:b5:d1:bd:cf:f0:33:41:68:7a:30:52:fb:b2:96:82:dd:6c:
         21:f8:c2:69:94:f0:df:97:8f:0f:ee:6c:49:82:a9:0e:45:71:
         92:02:8f:d4:c8:81:7c:97:d2:d3:49:3a:cb:b5:f1:a2:b4:eb:
         7e:55:c7:c2:0d:b0:db:e8:75:a8:81:92:dc:68:33:ba:ce:bc:
         a2:c5:dc:6e:7e:5d:ba:b4:53:3b:f4:b8:b2:2d:6c:99:fd:e5:
         54:7d:d2:06:cb:9f:51:04:a7:ab:c8:0d:fa:a3:5b:d6:e4:6d:
         73:10:26:88
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAjUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QTFDRUZBRjExMC8GA1UEBRMoODJGMUM2NjExQTNBMTQ2N0RCM0Q3OEE0QTVGRUQ1
MEEwOEE1N0IxMzAeFw0yMjEyMTIxMDMzMjRaFw0zMjEyMTIxMDMzMjRaMBgxFjAU
BgNVBAMMDTYzOTcwMzc5LTY5OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPF8izInU4uKu6HkxZtJXigXPRj+sx2vARaIexmHucPhpdemqcAV/FZU1o
aJqNPiYKhYbkugLm5d5Beh0xPifq5RzQP2LCct+Pg3sILqTIHrhbaoaBWRlYOZp/
slA0LQhc2T8jNXJQItFAnOihI+dYhBi/CPJnFFFDBfYjkubDhcKjpzNk67520EFO
7qKD8x8Sml+Y1Vb0tcoSLxgYH48UtoLe3e2305I6vDtcVKw+dLOxdACIXjju84JB
RKcPJYv4PdO1cmCA2IwD2A0y8OMdCj5ZMovogKG4SLN/B1pbpQXoVR8YM6TXmniX
QkCO/BH0rUuAvTBgdYHrocNmybF7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4uQC
O1hEoRM787n96nNQgsqmN/8wHwYDVR0jBBgwFoAUgvHGYRo6FGfbPXikpf7VCgil
exMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4QTAxNENFL2d2SEdZ
Um82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2d2SEdZUm82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4
QTAxNENFLzZBRjAxNzU4N0EwODExRURCRkMwNDk4M0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1WAwDQYJKoZIhvcNAQEL
BQADggEBAEYBLHYuGFCHb5sr6fJLyaAgLTMFaprHSKbakTAbqrak4WShAxrUxgaN
Mp0z2rTfj7MXpJVQ7wTkI6mv7NJvpKVjLGSm+xADumKbrYMxIwE1OklRhe+jl8pP
xYDa0WV29N/6QG6GFdlNFxb7IvoywDlgtxr4YXCsYdBDVT+0dJS7RDMZtpspM5AD
aT2hufAfWDW10b3P8DNBaHowUvuyloLdbCH4wmmU8N+Xjw/ubEmCqQ5FcZICj9TI
gXyX0tNJOsu18aK0635Vx8INsNvodaiBktxoM7rOvKLF3G5+Xbq0Uzv0uLItbJn9
5VR90gbLn1EEp6vIDfqjW9bkbXMQJog=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:18 2024 by rpki-client on console-ams.rpki-client.org