Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/AC4B6082210C11ECAD741215D8A014CE.roa
File:                     AC4B6082210C11ECAD741215D8A014CE.roa (raw, json)
Hash identifier:          AtxMUNLLrkxyey3dAGtkIWE+tCR3TEwc6YhmNlJxQio=
Subject key identifier:   24:26:14:75:34:82:8C:FC:18:10:CA:43:25:63:C8:02:E3:0A:18:9E
Certificate issuer:       /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial:       50
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/AC4B6082210C11ECAD741215D8A014CE.roa
Signing time:             Wed 29 Sep 2021 10:04:46 +0000
ROA not before:           Wed 29 Sep 2021 10:04:33 +0000
ROA not after:            Mon 29 Sep 2031 10:04:33 +0000
asID:                     37645
IP address blocks:        102.218.148.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 80 (0x50)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
        Validity
            Not Before: Sep 29 10:04:33 2021 GMT
            Not After : Sep 29 10:04:33 2031 GMT
        Subject: CN=61543a3d-a9e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:0b:e8:c5:52:da:4b:15:e4:ac:9c:60:b0:c8:
                    f1:88:ad:7c:0a:65:f7:de:c0:3e:be:a6:ee:d9:00:
                    38:d4:16:5c:7e:cf:cf:95:8c:64:c3:5f:11:bc:36:
                    83:45:e4:b4:11:31:8b:f8:42:b8:93:10:84:b1:42:
                    39:42:8d:91:c1:cf:53:4c:42:76:93:0b:dd:42:73:
                    ad:36:60:8e:79:0e:43:9e:d2:f7:17:78:0f:83:59:
                    7a:a0:de:07:e5:3e:bd:f4:42:49:a9:b4:a9:93:8c:
                    e2:35:63:44:b9:c1:1f:19:97:4f:81:e7:89:b8:5a:
                    99:40:bd:42:fb:89:10:fe:a9:e8:91:f0:50:31:76:
                    b3:07:c3:b3:29:15:5c:b7:47:0f:3e:fb:bd:5c:4e:
                    00:66:9b:dd:39:a3:54:cc:68:7d:ca:f1:67:5f:52:
                    8a:e8:97:10:d4:78:3d:b8:cf:de:89:ea:00:61:91:
                    a4:6c:3a:f8:eb:19:68:76:e6:ec:b3:2a:06:27:3e:
                    f3:b0:88:3c:a6:28:4f:d6:4d:29:b5:64:c2:f7:42:
                    76:b6:12:8d:97:82:fb:3a:ed:2e:52:3a:7e:de:20:
                    13:9f:68:13:fc:66:74:ec:73:f5:53:0e:aa:2a:38:
                    d6:f5:ec:27:99:97:31:ab:79:61:8c:aa:0b:d5:07:
                    a4:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:26:14:75:34:82:8C:FC:18:10:CA:43:25:63:C8:02:E3:0A:18:9E
            X509v3 Authority Key Identifier:
                keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/AC4B6082210C11ECAD741215D8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.218.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ae:11:51:7c:2c:c4:9a:3e:b6:81:91:43:ed:5a:93:cc:ef:68:
         bf:97:93:11:79:48:94:3b:6f:39:08:7d:d7:7e:07:be:3d:c2:
         e9:d5:19:33:47:92:d5:38:65:c2:37:77:ac:d0:c0:d0:66:fe:
         bb:36:1a:68:1a:91:46:58:50:3b:1d:b1:08:2b:58:90:ce:e3:
         cb:7b:2d:7c:cf:77:2f:ae:1a:48:af:a9:39:63:0e:7f:7c:bd:
         f0:f1:b6:89:3a:8e:bf:43:0f:e0:d3:cd:b0:dc:d8:83:36:fe:
         0d:7a:77:e5:98:1c:ad:d1:59:eb:fc:4e:8a:09:aa:dc:b4:fe:
         a1:a7:ae:ec:87:4e:3c:e3:ad:09:64:60:03:c9:d7:df:5c:9e:
         32:44:21:b9:eb:ad:b4:d6:ca:66:e7:76:52:5c:20:0d:a7:7e:
         e3:43:2b:bd:56:d1:a7:63:05:f2:b0:e5:3e:ca:47:2a:8c:4a:
         56:2a:ad:f5:59:09:b2:b7:ac:d4:aa:53:42:86:91:bd:ee:5a:
         2c:f4:1f:ed:9e:07:7e:63:7f:45:5d:5c:25:d9:65:b6:7d:ec:
         c4:ab:74:9f:6e:32:d0:5c:a9:ee:86:7e:11:10:b5:66:fd:9d:
         6e:33:a8:4b:d4:48:0d:fb:6e:0a:f0:89:e0:e5:6a:71:0a:2e:
         0d:13:92:cd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBUDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZB
MUNFRkFGMTEwLwYDVQQFEyg4MkYxQzY2MTFBM0ExNDY3REIzRDc4QTRBNUZFRDUw
QTA4QTU3QjEzMB4XDTIxMDkyOTEwMDQzM1oXDTMxMDkyOTEwMDQzM1owGDEWMBQG
A1UEAwwNNjE1NDNhM2QtYTllNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN8L6MVS2ksV5KycYLDI8YitfApl997APr6m7tkAONQWXH7Pz5WMZMNfEbw2
g0XktBExi/hCuJMQhLFCOUKNkcHPU0xCdpML3UJzrTZgjnkOQ57S9xd4D4NZeqDe
B+U+vfRCSam0qZOM4jVjRLnBHxmXT4HnibhamUC9QvuJEP6p6JHwUDF2swfDsykV
XLdHDz77vVxOAGab3TmjVMxofcrxZ19SiuiXENR4PbjP3onqAGGRpGw6+OsZaHbm
7LMqBic+87CIPKYoT9ZNKbVkwvdCdrYSjZeC+zrtLlI6ft4gE59oE/xmdOxz9VMO
qio41vXsJ5mXMat5YYyqC9UHpGUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQkJhR1
NIKM/BgQykMlY8gC4woYnjAfBgNVHSMEGDAWgBSC8cZhGjoUZ9s9eKSl/tUKCKV7
EzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTFDRUYvN0YzODhERTRGMTM4MTFFQjkxN0ZENzE3RDhBMDE0Q0UvZ3ZIR1lS
bzZGR2ZiUFhpa3BmN1ZDZ2lsZXhNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ3ZIR1lSbzZGR2ZiUFhpa3BmN1ZDZ2lsZXhNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTFDRUYvN0YzODhERTRGMTM4MTFFQjkxN0ZENzE3RDhB
MDE0Q0UvQUM0QjYwODIyMTBDMTFFQ0FENzQxMjE1RDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbalDANBgkqhkiG9w0BAQsF
AAOCAQEArhFRfCzEmj62gZFD7VqTzO9ov5eTEXlIlDtvOQh9134Hvj3C6dUZM0eS
1Thlwjd3rNDA0Gb+uzYaaBqRRlhQOx2xCCtYkM7jy3stfM93L64aSK+pOWMOf3y9
8PG2iTqOv0MP4NPNsNzYgzb+DXp35ZgcrdFZ6/xOigmq3LT+oaeu7IdOPOOtCWRg
A8nX31yeMkQhueuttNbKZud2UlwgDad+40MrvVbRp2MF8rDlPspHKoxKViqt9VkJ
sres1KpTQoaRve5aLPQf7Z4HfmN/RV1cJdlltn3sxKt0n24y0Fyp7oZ+ERC1Zv2d
bjOoS9RIDftuCvCJ4OVqcQouDROSzQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:18 2024 by rpki-client on console-ams.rpki-client.org