Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/63EB76DE4D6411EEB8D5BE834AD9E6FC.roa
File:                     63EB76DE4D6411EEB8D5BE834AD9E6FC.roa (raw, json)
Hash identifier:          fbwi/jtS6FeTqYdpHpFLvs6qADWyxrzMpo/5QspGOXI=
Subject key identifier:   26:A5:70:E3:B2:3D:8F:BA:02:FE:3A:C7:60:A6:6B:E3:CF:2E:D6:05
Certificate issuer:       /CN=F36A42DFAF/serialNumber=9B5668BC13211131DF0ED3EE9C25D3114C54B293
Certificate serial:       02
Authority key identifier: 9B:56:68:BC:13:21:11:31:DF:0E:D3:EE:9C:25:D3:11:4C:54:B2:93
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/m1ZovBMhETHfDtPunCXTEUxUspM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/63EB76DE4D6411EEB8D5BE834AD9E6FC.roa
Signing time:             Thu 07 Sep 2023 09:53:26 +0000
ROA not before:           Thu 07 Sep 2023 09:53:22 +0000
ROA not after:            Mon 30 Sep 2030 09:53:22 +0000
asID:                     328170
IP address blocks:        102.22.80.0/22 maxlen: 24
                          102.67.136.0/21 maxlen: 24
                          102.221.36.0/22 maxlen: 24
                          2c0f:ed68::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/m1ZovBMhETHfDtPunCXTEUxUspM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/m1ZovBMhETHfDtPunCXTEUxUspM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/m1ZovBMhETHfDtPunCXTEUxUspM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A42DFAF/serialNumber=9B5668BC13211131DF0ED3EE9C25D3114C54B293
        Validity
            Not Before: Sep  7 09:53:22 2023 GMT
            Not After : Sep 30 09:53:22 2030 GMT
        Subject: CN=64f99d96-ab2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:e5:2c:31:ec:90:92:18:36:fe:6c:50:7a:08:
                    cb:70:2c:fd:da:83:0a:d5:e2:07:e5:1f:c7:a1:56:
                    75:ff:dc:52:90:9b:95:13:b2:a7:fa:05:52:18:c3:
                    f8:63:4b:c5:8f:32:67:e5:62:1e:a8:12:94:65:00:
                    06:fe:b3:db:e5:90:a1:e8:22:cc:18:ac:07:05:ed:
                    ee:f9:06:40:f6:d9:5a:a7:f1:23:66:17:a7:a5:b1:
                    3a:13:2b:0d:ba:3e:21:d9:eb:e7:88:dc:e0:1f:63:
                    51:f6:58:e7:f3:35:b3:30:d9:e0:38:b2:2f:43:bf:
                    b0:df:78:ed:34:83:5e:fb:3f:79:09:c8:f2:ce:de:
                    cc:07:b0:e3:c1:47:26:d1:1a:56:be:38:16:3f:dc:
                    20:6e:06:43:24:8e:de:6d:63:fe:c2:ce:97:19:9a:
                    00:e3:54:c4:11:13:7a:f9:5e:3c:c5:4b:36:fb:94:
                    93:d6:13:f6:fc:68:0b:21:a7:67:f7:82:7f:5e:72:
                    1a:80:81:96:60:0e:14:4c:a6:e9:a7:0a:88:a8:d1:
                    9f:c5:e0:9b:b9:61:96:de:bd:f1:1c:e8:fa:fe:fb:
                    9c:7c:35:14:43:49:3a:fd:91:2a:f1:d8:5f:28:8f:
                    c8:43:97:e5:53:cd:b0:d3:d2:02:49:0e:79:70:73:
                    fc:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:A5:70:E3:B2:3D:8F:BA:02:FE:3A:C7:60:A6:6B:E3:CF:2E:D6:05
            X509v3 Authority Key Identifier:
                keyid:9B:56:68:BC:13:21:11:31:DF:0E:D3:EE:9C:25:D3:11:4C:54:B2:93

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/m1ZovBMhETHfDtPunCXTEUxUspM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/m1ZovBMhETHfDtPunCXTEUxUspM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/9EF3DB824D6311EEA36358814AD9E6FC/63EB76DE4D6411EEB8D5BE834AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.22.80.0/22
                  102.67.136.0/21
                  102.221.36.0/22
                IPv6:
                  2c0f:ed68::/32

    Signature Algorithm: sha256WithRSAEncryption
         4c:ab:3e:62:10:93:a9:26:f5:32:d3:33:90:eb:d6:e1:bc:f6:
         20:41:b9:89:1c:ae:95:9b:4d:ad:18:12:81:6a:b6:2f:38:f1:
         57:72:27:ca:b8:19:83:50:aa:61:b3:c3:8c:53:cf:d2:69:9d:
         72:42:b5:74:63:bd:12:fd:1d:04:c0:ef:b7:f6:71:51:ce:99:
         e7:f3:2a:53:53:bf:57:04:9a:43:f7:b5:29:82:0e:f5:b2:5c:
         51:d1:5b:08:01:9f:0d:3d:c8:c8:72:47:a9:37:fb:7a:d4:9a:
         d3:cc:39:fe:3b:52:25:56:2b:2a:f3:d2:59:69:f8:36:cc:57:
         ba:fb:aa:a8:48:1b:34:0b:a4:40:f3:bd:07:4d:6d:9d:35:02:
         62:3b:79:32:03:4f:58:4d:10:d1:52:87:ec:8a:7b:ef:a3:a1:
         36:64:dc:85:f6:7f:b9:75:f8:c8:83:bd:a4:2f:47:98:e4:6d:
         1a:d6:da:1e:42:00:52:cd:80:a2:dc:b7:2f:e7:95:c7:cd:07:
         3d:89:4e:ea:0b:1e:8b:e0:0c:af:aa:9c:b0:76:82:4b:77:d2:
         8b:27:2e:25:14:40:9d:3f:34:61:59:66:c9:7c:ec:24:c1:08:
         92:a4:d8:d8:92:ca:48:4d:e2:71:88:03:0b:e7:cc:cf:04:f6:
         1b:7c:8c:9e
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NDJERkFGMTEwLwYDVQQFEyg5QjU2NjhCQzEzMjExMTMxREYwRUQzRUU5QzI1RDMx
MTRDNTRCMjkzMB4XDTIzMDkwNzA5NTMyMloXDTMwMDkzMDA5NTMyMlowGDEWMBQG
A1UEAxMNNjRmOTlkOTYtYWIyZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTlLDHskJIYNv5sUHoIy3As/dqDCtXiB+Ufx6FWdf/cUpCblROyp/oFUhjD
+GNLxY8yZ+ViHqgSlGUABv6z2+WQoegizBisBwXt7vkGQPbZWqfxI2YXp6WxOhMr
Dbo+Idnr54jc4B9jUfZY5/M1szDZ4DiyL0O/sN947TSDXvs/eQnI8s7ezAew48FH
JtEaVr44Fj/cIG4GQySO3m1j/sLOlxmaAONUxBETevlePMVLNvuUk9YT9vxoCyGn
Z/eCf15yGoCBlmAOFEym6acKiKjRn8Xgm7lhlt698Rzo+v77nHw1FENJOv2RKvHY
XyiPyEOX5VPNsNPSAkkOeXBz/LMCAwEAAaOCAsAwggK8MB0GA1UdDgQWBBQmpXDj
sj2PugL+Osdgpmvjzy7WBTAfBgNVHSMEGDAWgBSbVmi8EyERMd8O0+6cJdMRTFSy
kzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTQyREYvOUVGM0RCODI0RDYzMTFFRUEzNjM1ODgxNEFEOUU2RkMvbTFab3ZC
TWhFVEhmRHRQdW5DWFRFVXhVc3BNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbTFab3ZCTWhFVEhmRHRQdW5DWFRFVXhVc3BNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTQyREYvOUVGM0RCODI0RDYzMTFFRUEzNjM1ODgxNEFE
OUU2RkMvNjNFQjc2REU0RDY0MTFFRUI4RDVCRTgzNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAmYWUAMEA2ZDiAMEAmbdJDAN
BAIAAjAHAwUALA/taDANBgkqhkiG9w0BAQsFAAOCAQEATKs+YhCTqSb1MtMzkOvW
4bz2IEG5iRyulZtNrRgSgWq2LzjxV3InyrgZg1CqYbPDjFPP0mmdckK1dGO9Ev0d
BMDvt/ZxUc6Z5/MqU1O/VwSaQ/e1KYIO9bJcUdFbCAGfDT3IyHJHqTf7etSa08w5
/jtSJVYrKvPSWWn4NsxXuvuqqEgbNAukQPO9B01tnTUCYjt5MgNPWE0Q0VKH7Ip7
76OhNmTchfZ/uXX4yIO9pC9HmORtGtbaHkIAUs2Aoty3L+eVx80HPYlO6gsei+AM
r6qcsHaCS3fSiycuJRRAnT80YVlmyXzsJMEIkqTY2JLKSE3icYgDC+fMzwT2G3yM
ng==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:28 2024 by rpki-client on console-fra.rpki-client.org