Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/19804272F4B911EDB9B23E4B4AD9E6FC.roa
File:                     19804272F4B911EDB9B23E4B4AD9E6FC.roa (raw, json)
Hash identifier:          TWFrU0yfEzXK68AK6K9dPpBTBdlS/QVZnYBhV0AEQDo=
Subject key identifier:   FF:79:29:1A:C6:D5:B4:B7:59:29:28:EB:41:F6:FA:F7:F1:CA:80:97
Certificate issuer:       /CN=F36A2303AF/serialNumber=5EB88DF4BF9089D7049A1FBE8005E621EAAE862B
Certificate serial:       04E4
Authority key identifier: 5E:B8:8D:F4:BF:90:89:D7:04:9A:1F:BE:80:05:E6:21:EA:AE:86:2B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/19804272F4B911EDB9B23E4B4AD9E6FC.roa
Signing time:             Wed 17 May 2023 13:45:35 +0000
ROA not before:           Wed 17 May 2023 13:45:32 +0000
ROA not after:            Mon 17 May 2032 13:45:32 +0000
asID:                     328631
IP address blocks:        102.213.124.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.mft
                          rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1252 (0x4e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A2303AF/serialNumber=5EB88DF4BF9089D7049A1FBE8005E621EAAE862B
        Validity
            Not Before: May 17 13:45:32 2023 GMT
            Not After : May 17 13:45:32 2032 GMT
        Subject: CN=6464da7f-f4be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:33:57:a1:ae:af:e1:5f:49:01:2e:c0:eb:d5:
                    6b:7d:be:e8:c8:35:f0:be:69:91:69:0a:d3:3c:a2:
                    79:2a:91:82:10:69:dd:99:28:6a:fb:80:e3:93:10:
                    8a:29:37:13:03:77:fa:02:24:b6:1a:c3:13:73:4d:
                    12:00:32:44:5e:dd:21:19:86:00:a1:fa:b2:4b:d1:
                    50:ba:ec:9a:c7:05:cd:02:83:9b:6f:3c:d6:a7:e0:
                    0a:79:94:6b:f2:55:b8:da:ba:df:47:21:6d:b1:72:
                    42:da:fc:57:98:57:66:93:91:4a:54:7b:f9:bd:8d:
                    aa:1c:84:db:c8:d7:84:a8:a6:20:6e:cc:24:98:96:
                    17:34:97:e5:69:1c:67:15:ee:ac:1f:ae:68:65:bb:
                    00:2e:bd:f0:68:54:91:53:fa:56:a6:33:7c:97:9a:
                    23:36:51:e8:1b:05:e3:f6:f7:84:13:27:91:14:9b:
                    79:52:97:36:38:37:0f:64:7f:25:47:ba:12:92:d3:
                    b9:47:90:c2:6c:cd:61:29:b9:f5:96:5a:18:07:be:
                    8d:e3:bb:97:88:d9:ba:54:72:b1:df:10:c7:bf:96:
                    b1:ac:ec:1e:f2:78:13:dd:81:ed:11:36:c0:31:91:
                    e1:5c:1b:12:07:3f:4d:89:77:ce:f1:95:c1:b3:82:
                    0e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:79:29:1A:C6:D5:B4:B7:59:29:28:EB:41:F6:FA:F7:F1:CA:80:97
            X509v3 Authority Key Identifier:
                keyid:5E:B8:8D:F4:BF:90:89:D7:04:9A:1F:BE:80:05:E6:21:EA:AE:86:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/19804272F4B911EDB9B23E4B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.213.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         31:c6:f7:f5:bc:6e:6d:0e:9d:dd:92:c7:b6:a1:1f:c6:bb:25:
         9e:47:47:b1:19:01:36:68:88:0c:f6:42:25:e9:8f:15:a5:84:
         00:d0:53:3c:81:2a:5e:ec:92:43:81:f0:5e:97:d6:7c:a7:61:
         a1:e3:bd:f8:8c:fd:4a:fb:b6:8f:bc:19:5c:c1:82:9a:e5:e4:
         b8:f8:03:06:0c:6e:2f:d6:c0:ce:4e:8e:18:05:f7:d7:bf:cc:
         a1:61:8f:8e:bb:fa:e5:03:b1:75:ca:25:50:8e:8b:8c:9d:00:
         1b:c0:1f:57:67:0e:1a:3c:65:36:a4:48:d2:77:47:67:ec:93:
         58:88:51:cc:a9:41:8c:af:a2:14:9e:0d:69:e0:c0:7a:02:fd:
         9b:c4:fd:3f:47:6a:f7:7a:da:bc:eb:e4:93:6c:90:15:9c:99:
         f3:6f:21:ba:87:31:cd:d1:29:87:93:df:84:2f:f7:41:dc:d4:
         ad:19:23:b8:8c:f5:ff:1e:e8:b6:57:5f:80:85:ef:70:b3:1c:
         cf:a6:ce:4b:7a:4c:b0:cd:9e:a2:dd:b5:55:6b:bd:07:62:40:
         84:b6:b0:1a:b6:51:cd:49:16:99:17:73:e9:e9:44:83:9b:cd:
         27:ea:b2:32:f0:27:dc:d2:84:5b:05:94:52:87:66:80:8c:2a:
         6b:c1:ce:88
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBOQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTIzMDNBRjExMC8GA1UEBRMoNUVCODhERjRCRjkwODlENzA0OUExRkJFODAwNUU2
MjFFQUFFODYyQjAeFw0yMzA1MTcxMzQ1MzJaFw0zMjA1MTcxMzQ1MzJaMBgxFjAU
BgNVBAMTDTY0NjRkYTdmLWY0YmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9M1ehrq/hX0kBLsDr1Wt9vujINfC+aZFpCtM8onkqkYIQad2ZKGr7gOOT
EIopNxMDd/oCJLYawxNzTRIAMkRe3SEZhgCh+rJL0VC67JrHBc0Cg5tvPNan4Ap5
lGvyVbjaut9HIW2xckLa/FeYV2aTkUpUe/m9jaochNvI14SopiBuzCSYlhc0l+Vp
HGcV7qwfrmhluwAuvfBoVJFT+lamM3yXmiM2UegbBeP294QTJ5EUm3lSlzY4Nw9k
fyVHuhKS07lHkMJszWEpufWWWhgHvo3ju5eI2bpUcrHfEMe/lrGs7B7yeBPdge0R
NsAxkeFcGxIHP02Jd87xlcGzgg6tAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU/3kp
GsbVtLdZKSjrQfb69/HKgJcwHwYDVR0jBBgwFoAUXriN9L+QidcEmh++gAXmIequ
hiswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkEyMzAzLzY1NzE1Rjc4NTk0MzExRUFCMzBGNDI2MUY4QUVBMjI4L1hyaU45
TC1RaWRjRW1oLS1nQVhtSWVxdWhpcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1hyaU45TC1RaWRjRW1oLS1nQVhtSWVxdWhpcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkEyMzAzLzY1NzE1Rjc4NTk0MzExRUFCMzBGNDI2MUY4
QUVBMjI4LzE5ODA0MjcyRjRCOTExRURCOUIyM0U0QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1XwwDQYJKoZIhvcNAQEL
BQADggEBADHG9/W8bm0Ond2Sx7ahH8a7JZ5HR7EZATZoiAz2QiXpjxWlhADQUzyB
Kl7skkOB8F6X1nynYaHjvfiM/Ur7to+8GVzBgprl5Lj4AwYMbi/WwM5OjhgF99e/
zKFhj467+uUDsXXKJVCOi4ydABvAH1dnDho8ZTakSNJ3R2fsk1iIUcypQYyvohSe
DWngwHoC/ZvE/T9Havd62rzr5JNskBWcmfNvIbqHMc3RKYeT34Qv90Hc1K0ZI7iM
9f8e6LZXX4CF73CzHM+mzkt6TLDNnqLdtVVrvQdiQIS2sBq2Uc1JFpkXc+npRIOb
zSfqsjLwJ9zShFsFlFKHZoCMKmvBzog=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:19 2024 by rpki-client on console-ams.rpki-client.org