Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9A81/0B27C0F2F1A111EEA48FB64C775412E6/31539876F1A311EEAC1F355D775412E6.roa
File:                     31539876F1A311EEAC1F355D775412E6.roa (raw, json)
Hash identifier:          j6M+6W88movOdd6zMZWbEb9mu+RhA+HSxS5xxIDt/qU=
Subject key identifier:   EC:82:0B:3B:89:69:09:75:25:07:46:ED:A5:4B:62:CF:9D:C2:0B:78
Certificate issuer:       /CN=F36B9A81AF/serialNumber=D960023650F54EB4B8E1DC34ABD459F50270D78D
Certificate serial:       02
Authority key identifier: D9:60:02:36:50:F5:4E:B4:B8:E1:DC:34:AB:D4:59:F5:02:70:D7:8D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/2WACNlD1TrS44dw0q9RZ9QJw140.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B9A81/0B27C0F2F1A111EEA48FB64C775412E6/31539876F1A311EEAC1F355D775412E6.roa
Signing time:             Wed 03 Apr 2024 10:16:10 +0000
ROA not before:           Wed 03 Apr 2024 10:16:07 +0000
ROA not after:            Wed 03 Apr 2030 10:16:07 +0000
asID:                     37489
IP address blocks:        105.235.216.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B9A81/0B27C0F2F1A111EEA48FB64C775412E6/2WACNlD1TrS44dw0q9RZ9QJw140.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B9A81/0B27C0F2F1A111EEA48FB64C775412E6/2WACNlD1TrS44dw0q9RZ9QJw140.mft
                          rsync://rpki.afrinic.net/repository/afrinic/2WACNlD1TrS44dw0q9RZ9QJw140.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B9A81AF/serialNumber=D960023650F54EB4B8E1DC34ABD459F50270D78D
        Validity
            Not Before: Apr  3 10:16:07 2024 GMT
            Not After : Apr  3 10:16:07 2030 GMT
        Subject: CN=660d2c6a-0de0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:63:09:66:b3:25:a6:bf:e9:e8:39:13:09:b0:
                    a5:3e:54:0a:02:76:6c:dc:09:ee:16:34:3a:b9:c7:
                    eb:d0:8d:5d:cd:f0:06:89:32:3b:fc:1a:e5:28:50:
                    3f:7c:9c:58:03:39:e1:1c:18:30:e4:24:b6:3c:d1:
                    3f:16:c4:98:68:11:1a:74:e3:db:9b:35:f0:21:a3:
                    a6:82:29:50:69:32:a2:76:ca:c6:37:b2:91:e9:2f:
                    f3:30:54:2d:e5:b4:af:b5:2f:f6:d2:cb:9b:02:3b:
                    36:9d:17:37:08:59:82:54:94:09:8e:a7:dc:c8:d1:
                    5c:b4:20:4e:1d:0f:e6:7c:7f:25:f2:96:66:98:28:
                    5a:ae:09:36:cb:74:15:89:82:35:f6:d9:a9:5b:25:
                    42:fc:ec:4e:9b:3a:d4:a4:cb:0d:00:cf:15:68:b2:
                    96:be:69:ab:31:4c:b0:23:e6:5c:a8:88:b9:85:c3:
                    79:19:4a:60:8e:75:e4:8d:0b:41:df:9e:74:d6:c5:
                    68:eb:62:9d:69:e0:8d:62:84:a3:39:b0:12:b0:4f:
                    32:4d:3b:f2:4d:96:f0:d3:1b:e5:4c:0c:14:00:59:
                    ce:06:67:5c:f5:18:e7:c0:86:f0:6e:ba:af:a7:d5:
                    e0:5c:a3:fb:fe:6c:28:e5:34:0e:55:61:18:a8:8e:
                    5f:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:82:0B:3B:89:69:09:75:25:07:46:ED:A5:4B:62:CF:9D:C2:0B:78
            X509v3 Authority Key Identifier:
                keyid:D9:60:02:36:50:F5:4E:B4:B8:E1:DC:34:AB:D4:59:F5:02:70:D7:8D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9A81/0B27C0F2F1A111EEA48FB64C775412E6/2WACNlD1TrS44dw0q9RZ9QJw140.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/2WACNlD1TrS44dw0q9RZ9QJw140.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9A81/0B27C0F2F1A111EEA48FB64C775412E6/31539876F1A311EEAC1F355D775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  105.235.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         69:7e:c6:de:7e:37:9f:24:4e:14:49:9a:d1:b9:41:b1:71:e1:
         98:5a:f6:07:28:41:7f:6a:94:79:f7:75:f4:ea:7e:97:d2:eb:
         aa:cd:47:80:5d:eb:9b:37:09:c8:f8:92:e4:19:10:1e:fa:d5:
         63:a3:5d:25:d6:01:0d:91:f3:1d:49:ea:ea:36:01:03:49:63:
         79:03:ed:29:b8:ba:06:3a:aa:c4:43:e0:f1:d3:32:76:30:23:
         bd:d5:f7:4b:2a:bb:6d:48:33:41:24:90:79:e9:5b:59:7d:f2:
         ab:ff:55:b3:c6:01:ab:5d:ca:c7:a0:bb:f3:72:95:d4:2f:da:
         f4:62:d9:ae:2f:06:a5:a3:4a:59:02:ca:60:c6:85:5c:2f:41:
         4b:7d:b5:6b:c8:30:bf:90:73:5f:e8:0e:a9:ca:bb:80:39:fa:
         ee:53:b7:be:e7:e8:50:a2:6a:3b:5e:3c:0b:d3:f8:d9:23:f1:
         b0:89:32:c3:39:1b:2b:1d:2a:79:da:28:79:0f:2b:dc:eb:7b:
         f5:b1:67:17:6f:c4:f4:79:22:dc:bf:f7:4e:72:60:16:0a:35:
         25:6e:57:29:07:4a:2e:0c:2f:33:6a:19:49:13:e0:2c:2d:e2:
         ba:6c:6c:6b:70:62:92:33:6b:d9:9c:c3:15:e1:06:d8:af:3d:
         07:31:fa:ea
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
OUE4MUFGMTEwLwYDVQQFEyhEOTYwMDIzNjUwRjU0RUI0QjhFMURDMzRBQkQ0NTlG
NTAyNzBENzhEMB4XDTI0MDQwMzEwMTYwN1oXDTMwMDQwMzEwMTYwN1owGDEWMBQG
A1UEAxMNNjYwZDJjNmEtMGRlMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtjCWazJaa/6eg5EwmwpT5UCgJ2bNwJ7hY0OrnH69CNXc3wBokyO/wa5ShQ
P3ycWAM54RwYMOQktjzRPxbEmGgRGnTj25s18CGjpoIpUGkyonbKxjeykekv8zBU
LeW0r7Uv9tLLmwI7Np0XNwhZglSUCY6n3MjRXLQgTh0P5nx/JfKWZpgoWq4JNst0
FYmCNfbZqVslQvzsTps61KTLDQDPFWiylr5pqzFMsCPmXKiIuYXDeRlKYI515I0L
Qd+edNbFaOtinWngjWKEozmwErBPMk078k2W8NMb5UwMFABZzgZnXPUY58CG8G66
r6fV4Fyj+/5sKOU0DlVhGKiOX8kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTsggs7
iWkJdSUHRu2lS2LPncILeDAfBgNVHSMEGDAWgBTZYAI2UPVOtLjh3DSr1Fn1AnDX
jTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjlBODEvMEIyN0MwRjJGMUExMTFFRUE0OEZCNjRDNzc1NDEyRTYvMldBQ05s
RDFUclM0NGR3MHE5Ulo5UUp3MTQwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMldBQ05sRDFUclM0NGR3MHE5Ulo5UUp3MTQwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjlBODEvMEIyN0MwRjJGMUExMTFFRUE0OEZCNjRDNzc1
NDEyRTYvMzE1Mzk4NzZGMUEzMTFFRUFDMUYzNTVENzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2nr2DANBgkqhkiG9w0BAQsF
AAOCAQEAaX7G3n43nyROFEma0blBsXHhmFr2ByhBf2qUefd19Op+l9Lrqs1HgF3r
mzcJyPiS5BkQHvrVY6NdJdYBDZHzHUnq6jYBA0ljeQPtKbi6BjqqxEPg8dMydjAj
vdX3Syq7bUgzQSSQeelbWX3yq/9Vs8YBq13Kx6C783KV1C/a9GLZri8GpaNKWQLK
YMaFXC9BS321a8gwv5BzX+gOqcq7gDn67lO3vufoUKJqO148C9P42SPxsIkywzkb
Kx0qedooeQ8r3Ot79bFnF2/E9Hki3L/3TnJgFgo1JW5XKQdKLgwvM2oZSRPgLC3i
umxsa3BikjNr2ZzDFeEG2K89BzH66g==
-----END CERTIFICATE-----
Generated at Mon Jun 17 03:47:43 2024 by rpki-client on console-ams.rpki-client.org