Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/355CB3D49BB011ED9DBA47E4F1222468.roa
File:                     355CB3D49BB011ED9DBA47E4F1222468.roa (raw, json)
Hash identifier:          TYgeZaJhaBXGlUhHN9w35PJVWeP3Uv0WM9ubwoAhGOo=
Subject key identifier:   BF:6F:2A:F5:C4:C6:F0:6D:65:6E:BF:62:45:BA:31:BF:9E:AA:8A:22
Certificate issuer:       /CN=F36A9104AF/serialNumber=18FDC8AF53877802589BEEDEE813F6B626EF82FE
Certificate serial:       E4
Authority key identifier: 18:FD:C8:AF:53:87:78:02:58:9B:EE:DE:E8:13:F6:B6:26:EF:82:FE
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/GP3Ir1OHeAJYm-7e6BP2tibvgv4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/355CB3D49BB011ED9DBA47E4F1222468.roa
Signing time:             Tue 24 Jan 2023 06:27:43 +0000
ROA not before:           Tue 24 Jan 2023 06:27:39 +0000
ROA not after:            Mon 24 Jan 2033 06:27:39 +0000
asID:                     329039
IP address blocks:        102.216.19.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/GP3Ir1OHeAJYm-7e6BP2tibvgv4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/GP3Ir1OHeAJYm-7e6BP2tibvgv4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/GP3Ir1OHeAJYm-7e6BP2tibvgv4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 228 (0xe4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A9104AF/serialNumber=18FDC8AF53877802589BEEDEE813F6B626EF82FE
        Validity
            Not Before: Jan 24 06:27:39 2023 GMT
            Not After : Jan 24 06:27:39 2033 GMT
        Subject: CN=63cf7a5f-32a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:6e:45:24:f6:74:9b:92:c8:24:92:84:3a:bf:
                    a2:e0:cc:e3:5b:88:be:55:cc:49:8a:a0:30:52:94:
                    9e:40:9d:3d:04:a1:56:d4:19:97:2c:09:84:e4:40:
                    3a:f2:1c:0a:9a:25:02:4a:17:0d:aa:af:41:e1:84:
                    cd:8a:15:3a:9f:c8:74:d2:6e:83:4d:a5:04:3c:42:
                    17:47:3c:48:17:09:da:0c:5a:26:b3:6f:20:10:35:
                    95:2a:18:2a:25:ab:1f:dc:6e:e2:4e:b3:cb:8c:27:
                    8b:44:63:f6:2e:04:4c:51:ec:87:9f:d2:d1:08:40:
                    02:89:5b:91:60:f6:0e:7f:57:62:7f:38:1c:a4:11:
                    d4:39:b1:fc:c1:62:d1:4d:87:e9:ed:7a:52:c6:a3:
                    eb:6f:88:56:65:35:45:89:f4:ad:c8:2c:2c:90:d3:
                    db:2e:6a:62:7a:f4:e9:33:58:b1:95:61:ac:90:8e:
                    a8:73:9d:2a:d6:ec:de:e2:fa:17:63:22:9d:af:dd:
                    76:24:57:bd:3e:f1:91:b2:b7:c8:af:37:d9:10:73:
                    64:79:35:49:5c:b5:ba:ac:12:4a:b0:c7:72:ca:21:
                    9a:ea:51:9e:8e:90:99:00:8b:f7:18:3a:94:ca:0b:
                    e5:0f:34:3c:5b:25:d8:b4:e3:f4:6f:9a:51:c1:a6:
                    d4:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:6F:2A:F5:C4:C6:F0:6D:65:6E:BF:62:45:BA:31:BF:9E:AA:8A:22
            X509v3 Authority Key Identifier:
                keyid:18:FD:C8:AF:53:87:78:02:58:9B:EE:DE:E8:13:F6:B6:26:EF:82:FE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/GP3Ir1OHeAJYm-7e6BP2tibvgv4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GP3Ir1OHeAJYm-7e6BP2tibvgv4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/355CB3D49BB011ED9DBA47E4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.216.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:a5:b3:41:d6:f5:de:a7:63:34:67:cd:92:1e:8c:3e:0c:43:
         c6:1c:03:16:30:18:98:b4:a7:4b:e3:2b:c6:c3:fa:f9:00:f0:
         d0:2f:e8:9a:94:00:8e:bc:59:76:63:52:01:9f:2f:1f:3b:f7:
         6c:f0:c8:04:5c:f1:e7:ed:ef:91:8c:f7:a3:47:8b:32:30:b5:
         f2:89:43:26:58:39:b4:12:96:73:d2:72:62:4f:05:9a:d5:29:
         e2:f1:82:85:ba:0e:ee:e9:3b:d1:47:09:1d:14:73:87:14:d5:
         2a:05:e0:e2:07:dc:1e:fc:f4:18:73:f2:88:16:46:0d:82:d2:
         48:dd:82:43:80:64:f3:4d:c2:1d:d4:96:38:8e:ee:50:32:ee:
         f9:be:7e:d5:ef:d9:93:07:fd:e7:a3:39:d2:0b:ea:a6:97:28:
         b4:7a:0b:ca:7a:d7:3b:e4:74:85:e9:8e:8a:98:4b:87:fb:05:
         d1:2c:55:4e:6b:e7:01:6a:a4:69:9e:2b:ea:c3:0b:30:a9:e1:
         42:e4:82:19:e8:88:a8:70:e6:99:85:24:08:0b:02:58:26:c0:
         67:2d:6b:9d:98:5a:3b:7a:ce:22:df:68:69:44:4d:c1:f7:5d:
         46:1b:c7:7b:4a:3d:a4:f0:ce:5b:a0:4e:d0:bc:3b:05:35:f9:
         59:d7:82:7b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAOQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QTkxMDRBRjExMC8GA1UEBRMoMThGREM4QUY1Mzg3NzgwMjU4OUJFRURFRTgxM0Y2
QjYyNkVGODJGRTAeFw0yMzAxMjQwNjI3MzlaFw0zMzAxMjQwNjI3MzlaMBgxFjAU
BgNVBAMMDTYzY2Y3YTVmLTMyYTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCybkUk9nSbksgkkoQ6v6LgzONbiL5VzEmKoDBSlJ5AnT0EoVbUGZcsCYTk
QDryHAqaJQJKFw2qr0HhhM2KFTqfyHTSboNNpQQ8QhdHPEgXCdoMWiazbyAQNZUq
GColqx/cbuJOs8uMJ4tEY/YuBExR7Ief0tEIQAKJW5Fg9g5/V2J/OBykEdQ5sfzB
YtFNh+ntelLGo+tviFZlNUWJ9K3ILCyQ09suamJ69OkzWLGVYayQjqhznSrW7N7i
+hdjIp2v3XYkV70+8ZGyt8ivN9kQc2R5NUlctbqsEkqwx3LKIZrqUZ6OkJkAi/cY
OpTKC+UPNDxbJdi04/RvmlHBptTxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUv28q
9cTG8G1lbr9iRboxv56qiiIwHwYDVR0jBBgwFoAUGP3Ir1OHeAJYm+7e6BP2tibv
gv4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE5MTA0LzQxRDAzNkVDRjYxODExRUNBODRGNDZBRUYxMjIyNDY4L0dQM0ly
MU9IZUFKWW0tN2U2QlAydGlidmd2NC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0dQM0lyMU9IZUFKWW0tN2U2QlAydGlidmd2NC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE5MTA0LzQxRDAzNkVDRjYxODExRUNBODRGNDZBRUYx
MjIyNDY4LzM1NUNCM0Q0OUJCMDExRUQ5REJBNDdFNEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm2BMwDQYJKoZIhvcNAQEL
BQADggEBAIuls0HW9d6nYzRnzZIejD4MQ8YcAxYwGJi0p0vjK8bD+vkA8NAv6JqU
AI68WXZjUgGfLx8792zwyARc8eft75GM96NHizIwtfKJQyZYObQSlnPScmJPBZrV
KeLxgoW6Du7pO9FHCR0Uc4cU1SoF4OIH3B789Bhz8ogWRg2C0kjdgkOAZPNNwh3U
ljiO7lAy7vm+ftXv2ZMH/eejOdIL6qaXKLR6C8p61zvkdIXpjoqYS4f7BdEsVU5r
5wFqpGmeK+rDCzCp4ULkghnoiKhw5pmFJAgLAlgmwGcta52YWjt6ziLfaGlETcH3
XUYbx3tKPaTwzlugTtC8OwU1+VnXgns=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org