Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/FD0720789BAF11EDA474A4E3F1222468.roa
File:                     FD0720789BAF11EDA474A4E3F1222468.roa (raw, json)
Hash identifier:          XwuRQifMxDzgCRmEHxL8Hh9MMbu+jBrnT6vSXd5rPc4=
Subject key identifier:   43:A1:F1:55:31:DE:CD:C7:2F:AE:03:EE:9E:F2:41:0A:F9:BF:99:43
Certificate issuer:       /CN=F36A9104AF/serialNumber=18FDC8AF53877802589BEEDEE813F6B626EF82FE
Certificate serial:       E0
Authority key identifier: 18:FD:C8:AF:53:87:78:02:58:9B:EE:DE:E8:13:F6:B6:26:EF:82:FE
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/GP3Ir1OHeAJYm-7e6BP2tibvgv4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/FD0720789BAF11EDA474A4E3F1222468.roa
Signing time:             Tue 24 Jan 2023 06:26:09 +0000
ROA not before:           Tue 24 Jan 2023 06:26:05 +0000
ROA not after:            Mon 24 Jan 2033 06:26:05 +0000
asID:                     329039
IP address blocks:        102.216.17.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/GP3Ir1OHeAJYm-7e6BP2tibvgv4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/GP3Ir1OHeAJYm-7e6BP2tibvgv4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/GP3Ir1OHeAJYm-7e6BP2tibvgv4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 224 (0xe0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A9104AF/serialNumber=18FDC8AF53877802589BEEDEE813F6B626EF82FE
        Validity
            Not Before: Jan 24 06:26:05 2023 GMT
            Not After : Jan 24 06:26:05 2033 GMT
        Subject: CN=63cf7a00-e225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:ef:9f:45:77:16:86:f1:98:fa:68:00:44:f1:
                    e0:51:14:77:43:d3:8d:bd:0c:bd:2a:3c:e1:3a:f7:
                    b7:08:1f:53:03:45:7f:0a:96:df:90:c1:2c:b9:b0:
                    a1:39:7b:82:0f:a5:92:9a:be:74:39:7d:d1:38:6f:
                    53:11:93:a5:d5:cf:1d:d8:db:84:8e:3e:a6:eb:1e:
                    82:34:bb:aa:7c:de:80:6e:a7:a6:80:be:2f:12:9c:
                    60:5b:6e:6c:21:8f:8f:e4:72:63:8e:8d:de:e2:dc:
                    9d:ce:e1:9c:36:c5:f3:ed:5c:23:38:a5:dc:c0:5d:
                    72:80:ec:d8:f9:f8:9e:c9:ea:10:19:6b:e9:1e:8b:
                    3b:5d:c0:71:ba:15:76:c8:f5:da:46:6e:b9:2a:52:
                    e6:ac:cc:62:99:2f:56:36:82:06:ab:3d:1d:fa:c4:
                    03:5c:f6:59:1a:85:b9:2d:ba:63:be:7a:80:f2:f2:
                    3f:1c:f3:ac:a8:56:7b:6e:53:04:30:05:fe:5b:2f:
                    4d:4d:48:0f:a4:2d:70:a4:f0:73:b4:a8:2f:98:bf:
                    96:4a:99:6d:10:7d:e5:6e:e5:7f:af:3a:59:15:c7:
                    98:c0:78:aa:8b:a6:87:ef:2a:a4:63:a5:fc:d4:d7:
                    e8:a4:f4:c7:45:b8:94:2a:78:84:d0:0a:e8:fd:72:
                    28:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:A1:F1:55:31:DE:CD:C7:2F:AE:03:EE:9E:F2:41:0A:F9:BF:99:43
            X509v3 Authority Key Identifier:
                keyid:18:FD:C8:AF:53:87:78:02:58:9B:EE:DE:E8:13:F6:B6:26:EF:82:FE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/GP3Ir1OHeAJYm-7e6BP2tibvgv4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GP3Ir1OHeAJYm-7e6BP2tibvgv4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A9104/41D036ECF61811ECA84F46AEF1222468/FD0720789BAF11EDA474A4E3F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.216.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:23:45:df:69:bd:57:33:c9:85:41:8a:51:96:8f:23:05:96:
         19:b2:ea:a2:f1:77:8b:e7:36:af:e6:98:b3:3c:5b:3d:36:4b:
         a1:c3:b1:f3:a3:5f:bd:d1:bd:30:67:14:02:f7:82:bf:c6:07:
         15:b0:a5:cf:75:78:3e:6c:4e:cd:13:61:76:ff:4f:97:04:e3:
         5f:bf:55:15:e4:3c:7c:b4:78:50:10:b4:fd:6c:8c:d2:fe:fe:
         0a:2f:6f:50:61:74:7e:7b:c2:d1:78:e6:24:3c:b9:7b:16:55:
         2c:d2:dc:e1:51:1c:a0:d3:ee:4f:a5:59:d5:82:c6:d4:cd:01:
         98:61:19:3e:e3:97:42:fd:01:d1:d6:cb:87:6e:37:5b:0e:ba:
         31:c2:e8:ac:6a:ea:29:ff:10:9e:37:ae:81:a1:94:b4:4a:e7:
         6a:19:97:5d:3d:1c:32:18:25:5e:d1:12:bf:65:85:f7:2d:62:
         4c:ce:41:f5:91:05:69:06:dc:c1:ce:34:31:0a:89:99:6b:0d:
         ec:18:b2:41:4f:4b:38:bb:d0:db:c1:01:85:59:d8:ca:25:6c:
         f5:e3:c8:79:c0:81:46:a0:9e:77:e0:19:60:27:6f:a9:57:b6:
         12:54:1e:97:d9:3a:06:24:5e:00:36:96:3c:ad:b4:64:f0:d6:
         96:73:a1:6a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QTkxMDRBRjExMC8GA1UEBRMoMThGREM4QUY1Mzg3NzgwMjU4OUJFRURFRTgxM0Y2
QjYyNkVGODJGRTAeFw0yMzAxMjQwNjI2MDVaFw0zMzAxMjQwNjI2MDVaMBgxFjAU
BgNVBAMMDTYzY2Y3YTAwLWUyMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDm759FdxaG8Zj6aABE8eBRFHdD0429DL0qPOE697cIH1MDRX8Klt+QwSy5
sKE5e4IPpZKavnQ5fdE4b1MRk6XVzx3Y24SOPqbrHoI0u6p83oBup6aAvi8SnGBb
bmwhj4/kcmOOjd7i3J3O4Zw2xfPtXCM4pdzAXXKA7Nj5+J7J6hAZa+keiztdwHG6
FXbI9dpGbrkqUuaszGKZL1Y2ggarPR36xANc9lkahbktumO+eoDy8j8c86yoVntu
UwQwBf5bL01NSA+kLXCk8HO0qC+Yv5ZKmW0QfeVu5X+vOlkVx5jAeKqLpofvKqRj
pfzU1+ik9MdFuJQqeITQCuj9ciiPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQ6Hx
VTHezccvrgPunvJBCvm/mUMwHwYDVR0jBBgwFoAUGP3Ir1OHeAJYm+7e6BP2tibv
gv4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE5MTA0LzQxRDAzNkVDRjYxODExRUNBODRGNDZBRUYxMjIyNDY4L0dQM0ly
MU9IZUFKWW0tN2U2QlAydGlidmd2NC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0dQM0lyMU9IZUFKWW0tN2U2QlAydGlidmd2NC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE5MTA0LzQxRDAzNkVDRjYxODExRUNBODRGNDZBRUYx
MjIyNDY4L0ZEMDcyMDc4OUJBRjExRURBNDc0QTRFM0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm2BEwDQYJKoZIhvcNAQEL
BQADggEBAEIjRd9pvVczyYVBilGWjyMFlhmy6qLxd4vnNq/mmLM8Wz02S6HDsfOj
X73RvTBnFAL3gr/GBxWwpc91eD5sTs0TYXb/T5cE41+/VRXkPHy0eFAQtP1sjNL+
/govb1BhdH57wtF45iQ8uXsWVSzS3OFRHKDT7k+lWdWCxtTNAZhhGT7jl0L9AdHW
y4duN1sOujHC6Kxq6in/EJ43roGhlLRK52oZl109HDIYJV7REr9lhfctYkzOQfWR
BWkG3MHONDEKiZlrDewYskFPSzi70NvBAYVZ2MolbPXjyHnAgUagnnfgGWAnb6lX
thJUHpfZOgYkXgA2ljyttGTw1pZzoWo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org