Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/D98A56900ACE11EEA9A723454AD9E6FC.roa
File:                     D98A56900ACE11EEA9A723454AD9E6FC.roa (raw, json)
Hash identifier:          EKbiex9REKFqFg3KeIAaHxBhBnGQAgLlrP3B5Rpt+ew=
Subject key identifier:   22:95:E9:14:A6:81:D9:4A:EB:03:95:E5:07:2C:81:DB:4C:BC:3E:65
Certificate issuer:       /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial:       0304
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/D98A56900ACE11EEA9A723454AD9E6FC.roa
Signing time:             Wed 14 Jun 2023 16:16:42 +0000
ROA not before:           Wed 14 Jun 2023 16:16:39 +0000
ROA not after:            Tue 14 Jun 2033 16:16:39 +0000
asID:                     37645
IP address blocks:        102.213.12.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 772 (0x304)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
        Validity
            Not Before: Jun 14 16:16:39 2023 GMT
            Not After : Jun 14 16:16:39 2033 GMT
        Subject: CN=6489e7ea-3787
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:52:a6:dc:49:44:cc:63:02:94:a4:33:ea:70:
                    21:c9:17:64:d6:59:7e:de:d3:70:18:20:f5:f9:99:
                    e9:27:2f:f0:7a:27:c7:ab:07:6c:75:33:74:77:cd:
                    6a:cf:44:e0:20:f6:d3:97:47:76:37:aa:94:cc:5d:
                    55:b8:c9:db:33:76:eb:53:06:2a:98:59:ee:b8:97:
                    7d:d2:ff:1a:92:55:08:1c:1f:15:f1:00:04:99:77:
                    9a:d5:04:c4:93:24:b4:2e:45:96:cb:87:70:7b:c4:
                    b2:c3:c8:84:75:bc:ec:ea:d7:5e:77:9a:5c:b2:35:
                    a6:31:e3:31:b4:12:ab:34:4c:7d:25:a8:91:d6:f3:
                    9b:75:20:a3:0f:85:00:f7:7c:77:6f:74:3e:bb:a4:
                    4a:0f:1a:aa:7d:15:7c:2a:0d:f3:05:42:94:d6:a3:
                    5a:62:cf:69:d5:b8:3a:97:29:ae:55:a4:e4:0e:2a:
                    65:4a:8c:75:b5:0f:71:13:66:83:77:b7:a2:88:84:
                    eb:08:48:ff:e7:a3:3b:7a:29:6b:43:3c:91:54:14:
                    c9:5a:cf:37:e3:e0:60:5c:2e:24:5f:b5:87:de:2b:
                    5e:dd:0c:09:fe:fd:b6:10:a5:e2:3e:f6:c9:43:78:
                    13:6d:eb:d3:09:6a:36:08:52:ba:c9:76:d5:a4:26:
                    a0:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:95:E9:14:A6:81:D9:4A:EB:03:95:E5:07:2C:81:DB:4C:BC:3E:65
            X509v3 Authority Key Identifier:
                keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/D98A56900ACE11EEA9A723454AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.213.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:bb:9f:a9:78:53:1a:11:f5:aa:08:29:77:12:42:63:69:c0:
         0f:85:ec:e7:27:c9:02:f6:4d:74:9b:ad:9a:35:71:06:86:7b:
         9d:ae:ac:bb:44:aa:6e:c7:eb:5a:fb:3f:8d:c8:46:eb:c4:93:
         15:12:20:15:76:6e:4e:b3:3c:77:90:d3:6e:8c:80:6d:4d:ad:
         62:09:12:e1:29:67:ad:79:be:b3:a7:52:73:f2:ee:47:60:3f:
         1a:95:81:4b:fa:df:28:d2:3e:d7:42:bb:6a:10:3f:ce:17:5e:
         50:43:1a:39:1f:2b:a2:6e:43:0d:09:84:b7:71:ca:72:05:7d:
         05:66:9e:4a:3d:3f:22:07:fa:05:a7:ce:cf:e3:5a:41:db:13:
         54:85:53:7b:8d:76:48:f5:f3:61:53:54:03:ad:84:85:e6:63:
         2b:74:28:65:a9:5a:24:28:22:26:5a:29:92:6e:10:dd:0c:bd:
         59:87:f0:fe:cb:d0:85:77:29:4f:6c:df:78:7a:ba:62:8f:18:
         ae:43:d2:ea:ed:f0:54:1d:33:f5:a7:9b:d2:e9:14:3d:19:48:
         bf:94:cf:68:df:6c:73:1f:5c:85:95:c5:ea:db:e7:05:32:d9:
         6c:a8:97:97:31:52:f9:72:f5:63:22:6e:4f:91:c7:91:71:66:
         da:df:ef:22
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAwQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTFDRUZBRjExMC8GA1UEBRMoODJGMUM2NjExQTNBMTQ2N0RCM0Q3OEE0QTVGRUQ1
MEEwOEE1N0IxMzAeFw0yMzA2MTQxNjE2MzlaFw0zMzA2MTQxNjE2MzlaMBgxFjAU
BgNVBAMTDTY0ODllN2VhLTM3ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDZUqbcSUTMYwKUpDPqcCHJF2TWWX7e03AYIPX5meknL/B6J8erB2x1M3R3
zWrPROAg9tOXR3Y3qpTMXVW4ydszdutTBiqYWe64l33S/xqSVQgcHxXxAASZd5rV
BMSTJLQuRZbLh3B7xLLDyIR1vOzq1153mlyyNaYx4zG0Eqs0TH0lqJHW85t1IKMP
hQD3fHdvdD67pEoPGqp9FXwqDfMFQpTWo1piz2nVuDqXKa5VpOQOKmVKjHW1D3ET
ZoN3t6KIhOsISP/nozt6KWtDPJFUFMlazzfj4GBcLiRftYfeK17dDAn+/bYQpeI+
9slDeBNt69MJajYIUrrJdtWkJqDrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUIpXp
FKaB2UrrA5XlByyB20y8PmUwHwYDVR0jBBgwFoAUgvHGYRo6FGfbPXikpf7VCgil
exMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4QTAxNENFL2d2SEdZ
Um82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2d2SEdZUm82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4
QTAxNENFL0Q5OEE1NjkwMEFDRTExRUVBOUE3MjM0NTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1QwwDQYJKoZIhvcNAQEL
BQADggEBADm7n6l4UxoR9aoIKXcSQmNpwA+F7OcnyQL2TXSbrZo1cQaGe52urLtE
qm7H61r7P43IRuvEkxUSIBV2bk6zPHeQ026MgG1NrWIJEuEpZ615vrOnUnPy7kdg
PxqVgUv63yjSPtdCu2oQP84XXlBDGjkfK6JuQw0JhLdxynIFfQVmnko9PyIH+gWn
zs/jWkHbE1SFU3uNdkj182FTVAOthIXmYyt0KGWpWiQoIiZaKZJuEN0MvVmH8P7L
0IV3KU9s33h6umKPGK5D0urt8FQdM/Wnm9LpFD0ZSL+Uz2jfbHMfXIWVxerb5wUy
2Wyol5cxUvly9WMibk+Rx5FxZtrf7yI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:18 2024 by rpki-client on console-ams.rpki-client.org