Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B6125/644C95C4B42111EB9E897D5FF8AEA228/F69DD73A584D11EE90022E504AD9E6FC.roa
File:                     F69DD73A584D11EE90022E504AD9E6FC.roa (raw, json)
Hash identifier:          r1fopG+YFRoatujRKCNwNwwxGTBHvRCVHWK9xRpijbk=
Subject key identifier:   77:B4:1F:A8:D3:72:2A:42:15:70:8F:23:C0:AD:18:6E:EB:6D:10:B4
Certificate issuer:       /CN=F36B6125AF/serialNumber=C2EBCC98F3E8E3290A9AF32F9EA8D82AC7AF1FCA
Certificate serial:       038F
Authority key identifier: C2:EB:CC:98:F3:E8:E3:29:0A:9A:F3:2F:9E:A8:D8:2A:C7:AF:1F:CA
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/wuvMmPPo4ykKmvMvnqjYKsevH8o.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B6125/644C95C4B42111EB9E897D5FF8AEA228/F69DD73A584D11EE90022E504AD9E6FC.roa
Signing time:             Thu 21 Sep 2023 07:10:37 +0000
ROA not before:           Thu 21 Sep 2023 07:10:34 +0000
ROA not after:            Sat 21 Sep 2030 07:10:34 +0000
asID:                     329318
IP address blocks:        102.220.62.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B6125/644C95C4B42111EB9E897D5FF8AEA228/wuvMmPPo4ykKmvMvnqjYKsevH8o.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B6125/644C95C4B42111EB9E897D5FF8AEA228/wuvMmPPo4ykKmvMvnqjYKsevH8o.mft
                          rsync://rpki.afrinic.net/repository/afrinic/wuvMmPPo4ykKmvMvnqjYKsevH8o.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 911 (0x38f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B6125AF/serialNumber=C2EBCC98F3E8E3290A9AF32F9EA8D82AC7AF1FCA
        Validity
            Not Before: Sep 21 07:10:34 2023 GMT
            Not After : Sep 21 07:10:34 2030 GMT
        Subject: CN=650bec6d-6b58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:8a:b4:91:dd:54:a9:8f:7e:21:19:38:e6:d1:
                    3c:f3:b1:62:f9:6a:c6:c1:bf:f5:7c:fb:34:65:c1:
                    95:87:e4:3c:b2:24:5e:ae:f3:8a:1f:23:4e:e6:16:
                    99:84:44:15:6a:78:0d:d0:13:2f:bf:78:ec:81:de:
                    8e:9e:3b:5b:f6:05:10:d0:eb:ec:20:bc:b1:d2:fd:
                    4f:a5:f3:ae:91:1f:d1:8a:f0:2a:07:69:d0:a4:bc:
                    1a:3a:cc:69:2e:28:e6:39:9a:e4:12:2a:d5:36:a5:
                    59:72:ab:40:e6:3d:6b:bf:33:9c:b7:85:8f:c7:47:
                    1e:94:10:89:af:42:ec:f1:7f:96:66:c3:e3:70:3b:
                    7d:01:16:aa:aa:8a:15:a4:94:b1:52:8e:05:ff:dd:
                    4a:a4:5b:04:4b:d9:55:1d:82:e8:73:ea:6b:a7:7f:
                    8e:ce:b9:48:05:a1:9e:83:b8:76:8e:5c:2c:f3:75:
                    f7:58:0b:d1:3c:8c:5d:85:2f:73:46:d1:75:d3:17:
                    f7:40:1e:7a:78:31:f2:be:2f:7f:04:9e:a3:49:41:
                    2f:b4:11:8d:19:95:17:0d:42:9d:7a:39:72:01:87:
                    8a:34:f9:90:9c:85:88:65:c3:70:a4:a8:4f:33:63:
                    5e:67:2e:14:2b:69:e3:05:d8:9e:03:ba:3b:ad:e8:
                    d1:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:B4:1F:A8:D3:72:2A:42:15:70:8F:23:C0:AD:18:6E:EB:6D:10:B4
            X509v3 Authority Key Identifier:
                keyid:C2:EB:CC:98:F3:E8:E3:29:0A:9A:F3:2F:9E:A8:D8:2A:C7:AF:1F:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B6125/644C95C4B42111EB9E897D5FF8AEA228/wuvMmPPo4ykKmvMvnqjYKsevH8o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wuvMmPPo4ykKmvMvnqjYKsevH8o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B6125/644C95C4B42111EB9E897D5FF8AEA228/F69DD73A584D11EE90022E504AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:9e:33:ba:3b:1b:b2:44:bf:2c:56:2a:3b:ba:74:8e:a2:82:
         9c:4b:69:5c:57:22:13:1d:a2:1c:7f:bd:27:83:60:11:92:58:
         87:22:78:f0:9a:6a:3a:f4:4f:77:b7:8c:cd:72:8c:5f:5d:f5:
         4c:a1:4d:9a:1a:67:67:ef:99:96:ac:c3:c7:4b:e6:96:10:ac:
         5b:57:54:a5:9a:2d:89:b8:58:9a:01:c6:c6:b0:22:e0:6c:00:
         5b:20:9e:2e:d0:f8:fa:80:ed:0d:e8:62:5a:4a:59:d9:b8:f2:
         5a:4b:eb:7c:18:5a:a1:25:2f:0f:98:a2:ad:5c:1f:7a:1b:a9:
         71:6f:2b:a3:c2:73:73:8d:81:b1:b2:70:cd:77:d3:36:5c:85:
         e0:15:d4:b7:67:89:d8:29:de:62:7b:fc:23:e6:cb:83:69:0f:
         26:ee:2f:e7:e1:03:33:f3:54:9b:32:25:bc:b4:3d:3d:05:be:
         a4:94:eb:ae:78:9b:85:85:3f:20:1b:e4:59:44:78:72:e7:07:
         42:58:dc:1e:3e:cf:37:b6:88:8d:76:5b:1b:49:7a:54:0b:01:
         e6:c2:9b:b0:05:21:cc:2f:de:66:5a:64:69:84:5c:e2:b2:73:
         fc:e3:c8:8e:0f:98:ce:53:d8:7d:83:27:a3:d0:a1:50:80:97:
         50:1f:a1:25
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA48wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjYxMjVBRjExMC8GA1UEBRMoQzJFQkNDOThGM0U4RTMyOTBBOUFGMzJGOUVBOEQ4
MkFDN0FGMUZDQTAeFw0yMzA5MjEwNzEwMzRaFw0zMDA5MjEwNzEwMzRaMBgxFjAU
BgNVBAMTDTY1MGJlYzZkLTZiNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDMirSR3VSpj34hGTjm0TzzsWL5asbBv/V8+zRlwZWH5DyyJF6u84ofI07m
FpmERBVqeA3QEy+/eOyB3o6eO1v2BRDQ6+wgvLHS/U+l866RH9GK8CoHadCkvBo6
zGkuKOY5muQSKtU2pVlyq0DmPWu/M5y3hY/HRx6UEImvQuzxf5Zmw+NwO30BFqqq
ihWklLFSjgX/3UqkWwRL2VUdguhz6munf47OuUgFoZ6DuHaOXCzzdfdYC9E8jF2F
L3NG0XXTF/dAHnp4MfK+L38EnqNJQS+0EY0ZlRcNQp16OXIBh4o0+ZCchYhlw3Ck
qE8zY15nLhQraeMF2J4Dujut6NFLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUd7Qf
qNNyKkIVcI8jwK0YbuttELQwHwYDVR0jBBgwFoAUwuvMmPPo4ykKmvMvnqjYKsev
H8owDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI2MTI1LzY0NEM5NUM0QjQyMTExRUI5RTg5N0Q1RkY4QUVBMjI4L3d1dk1t
UFBvNHlrS212TXZucWpZS3Nldkg4by5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3d1dk1tUFBvNHlrS212TXZucWpZS3Nldkg4by5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI2MTI1LzY0NEM5NUM0QjQyMTExRUI5RTg5N0Q1RkY4
QUVBMjI4L0Y2OURENzNBNTg0RDExRUU5MDAyMkU1MDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFm3D4wDQYJKoZIhvcNAQEL
BQADggEBAIueM7o7G7JEvyxWKju6dI6igpxLaVxXIhMdohx/vSeDYBGSWIciePCa
ajr0T3e3jM1yjF9d9UyhTZoaZ2fvmZasw8dL5pYQrFtXVKWaLYm4WJoBxsawIuBs
AFsgni7Q+PqA7Q3oYlpKWdm48lpL63wYWqElLw+Yoq1cH3obqXFvK6PCc3ONgbGy
cM130zZcheAV1Ldnidgp3mJ7/CPmy4NpDybuL+fhAzPzVJsyJby0PT0FvqSU6654
m4WFPyAb5FlEeHLnB0JY3B4+zze2iI12WxtJelQLAebCm7AFIcwv3mZaZGmEXOKy
c/zjyI4PmM5T2H2DJ6PQoVCAl1AfoSU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:21 2024 by rpki-client on console-ams.rpki-client.org