Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/9224A498414611ECB18B9C4AD8A014CE.roa
File:                     9224A498414611ECB18B9C4AD8A014CE.roa (raw, json)
Hash identifier:          XPzMQpRyXNj7tfbthuedXxw7eoOCCt4TWOt0ECkjiSw=
Subject key identifier:   1E:B9:B8:8F:CB:1E:1C:DA:C1:AB:CF:20:0D:C1:70:F9:C4:B2:A2:F5
Certificate issuer:       /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial:       81
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/9224A498414611ECB18B9C4AD8A014CE.roa
Signing time:             Tue 09 Nov 2021 10:19:50 +0000
ROA not before:           Tue 09 Nov 2021 10:19:46 +0000
ROA not after:            Sun 09 Nov 2031 10:19:46 +0000
asID:                     37645
IP address blocks:        102.217.192.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129 (0x81)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
        Validity
            Not Before: Nov  9 10:19:46 2021 GMT
            Not After : Nov  9 10:19:46 2031 GMT
        Subject: CN=618a4b46-5d3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9e:e8:38:be:ea:88:b2:5b:20:04:21:ea:08:
                    1e:82:74:82:c7:cf:25:4e:79:c5:c9:85:ea:6d:4e:
                    cc:61:a6:8d:90:b5:f1:3f:67:e7:f8:98:d8:6a:c3:
                    a2:54:48:e7:b9:f9:83:43:d1:1a:9c:14:fe:fa:57:
                    31:64:3c:83:57:25:52:8f:57:88:4e:37:69:3a:40:
                    5e:46:75:34:dc:0b:42:39:67:ab:9f:08:f7:84:08:
                    cd:68:63:73:00:65:73:b2:e9:39:b9:2e:0e:b0:6a:
                    4f:e2:e4:19:d5:80:0e:cf:9b:45:e4:c3:b1:48:29:
                    39:8a:24:84:7e:c0:2a:58:05:7f:8f:20:ff:86:7d:
                    28:6a:4c:50:04:f9:8e:c7:c7:e5:78:43:47:63:83:
                    c0:a2:32:a4:34:51:a1:96:9d:b1:c0:29:4b:09:5a:
                    e3:0f:7c:85:41:64:7c:9e:37:e1:4e:65:63:71:61:
                    0c:eb:25:58:55:07:0a:75:f4:ae:dd:ec:db:3f:57:
                    cc:df:ec:04:74:b7:ee:82:f0:8f:69:98:eb:c5:59:
                    ad:a7:c8:f3:f2:18:31:80:75:3d:ef:0d:60:68:7d:
                    3f:e5:f4:58:86:28:35:0c:b3:00:40:bb:9f:a5:63:
                    a0:28:dd:af:04:b5:0c:9d:ca:f0:55:82:76:1d:b9:
                    cc:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:B9:B8:8F:CB:1E:1C:DA:C1:AB:CF:20:0D:C1:70:F9:C4:B2:A2:F5
            X509v3 Authority Key Identifier:
                keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/9224A498414611ECB18B9C4AD8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         59:f2:60:8a:a0:63:1a:29:e7:a6:7e:67:1c:47:53:05:4e:f9:
         a7:3e:01:ed:03:e1:43:32:09:db:6d:1a:af:24:e5:7b:61:0e:
         1a:bb:0a:11:9a:2a:17:b9:45:e1:64:6c:42:de:89:c0:fc:66:
         cb:d0:b2:8c:d3:3a:9c:d4:30:da:aa:9b:2f:22:c9:10:7a:08:
         1b:b0:85:8f:b7:52:3d:a5:13:f1:73:c9:7b:be:44:bd:01:e8:
         39:33:3a:fc:97:8e:d3:04:ab:1e:d8:67:33:55:03:47:1f:e9:
         db:ee:98:a0:a4:4d:cc:4f:2b:e8:41:6c:45:56:7b:4a:8e:56:
         a5:f3:9a:6a:3d:22:90:3b:c5:8c:35:42:39:e6:24:db:23:58:
         6a:95:17:de:7a:e3:af:5b:3f:7d:73:26:29:4f:1c:0a:c1:78:
         73:03:01:39:43:6b:23:54:cd:0e:eb:5c:5d:46:ca:55:c1:48:
         16:a0:0f:73:fb:e6:75:14:e0:81:bf:a5:90:69:60:f8:81:90:
         71:45:ff:3d:fc:9e:04:59:f9:b6:f4:78:d3:23:64:7f:3f:26:
         e1:32:ce:07:75:12:c3:d0:f5:d7:7d:5a:f9:00:8b:5c:23:d9:
         91:65:25:e6:c8:2a:fb:11:1a:fc:68:a3:13:09:40:76:6e:ba:
         9d:53:02:94
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAIEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QTFDRUZBRjExMC8GA1UEBRMoODJGMUM2NjExQTNBMTQ2N0RCM0Q3OEE0QTVGRUQ1
MEEwOEE1N0IxMzAeFw0yMTExMDkxMDE5NDZaFw0zMTExMDkxMDE5NDZaMBgxFjAU
BgNVBAMMDTYxOGE0YjQ2LTVkM2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3nug4vuqIslsgBCHqCB6CdILHzyVOecXJheptTsxhpo2QtfE/Z+f4mNhq
w6JUSOe5+YND0RqcFP76VzFkPINXJVKPV4hON2k6QF5GdTTcC0I5Z6ufCPeECM1o
Y3MAZXOy6Tm5Lg6wak/i5BnVgA7Pm0Xkw7FIKTmKJIR+wCpYBX+PIP+GfShqTFAE
+Y7Hx+V4Q0djg8CiMqQ0UaGWnbHAKUsJWuMPfIVBZHyeN+FOZWNxYQzrJVhVBwp1
9K7d7Ns/V8zf7AR0t+6C8I9pmOvFWa2nyPPyGDGAdT3vDWBofT/l9FiGKDUMswBA
u5+lY6Ao3a8EtQydyvBVgnYducxfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUHrm4
j8seHNrBq88gDcFw+cSyovUwHwYDVR0jBBgwFoAUgvHGYRo6FGfbPXikpf7VCgil
exMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4QTAxNENFL2d2SEdZ
Um82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2d2SEdZUm82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4
QTAxNENFLzkyMjRBNDk4NDE0NjExRUNCMThCOUM0QUQ4QTAxNENFLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm2cAwDQYJKoZIhvcNAQEL
BQADggEBAFnyYIqgYxop56Z+ZxxHUwVO+ac+Ae0D4UMyCdttGq8k5XthDhq7ChGa
Khe5ReFkbELeicD8ZsvQsozTOpzUMNqqmy8iyRB6CBuwhY+3Uj2lE/FzyXu+RL0B
6DkzOvyXjtMEqx7YZzNVA0cf6dvumKCkTcxPK+hBbEVWe0qOVqXzmmo9IpA7xYw1
QjnmJNsjWGqVF956469bP31zJilPHArBeHMDATlDayNUzQ7rXF1GylXBSBagD3P7
5nUU4IG/pZBpYPiBkHFF/z38ngRZ+bb0eNMjZH8/JuEyzgd1EsPQ9dd9WvkAi1wj
2ZFlJebIKvsRGvxooxMJQHZuup1TApQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org