Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/AF1870DA5A4F11EC8A7D2A9D5A40D577.roa
File:                     AF1870DA5A4F11EC8A7D2A9D5A40D577.roa (raw, json)
Hash identifier:          BLdsVayNIOk2Y72QR8xGh48CnHwd4dR9X3zrPpYewHI=
Subject key identifier:   9A:C0:99:C9:28:63:F7:D0:76:99:52:0F:29:F2:B3:F7:03:CF:84:2C
Certificate issuer:       /CN=F36BCC19AF/serialNumber=87C277EA5445529DD06B2FE5EE9F33CDC7CE84E0
Certificate serial:       16
Authority key identifier: 87:C2:77:EA:54:45:52:9D:D0:6B:2F:E5:EE:9F:33:CD:C7:CE:84:E0
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/h8J36lRFUp3Qay_l7p8zzcfOhOA.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/AF1870DA5A4F11EC8A7D2A9D5A40D577.roa
Signing time:             Sat 11 Dec 2021 06:58:03 +0000
ROA not before:           Sat 11 Dec 2021 06:57:59 +0000
ROA not after:            Thu 31 Dec 2048 06:57:59 +0000
asID:                     328250
IP address blocks:        102.220.40.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/h8J36lRFUp3Qay_l7p8zzcfOhOA.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/h8J36lRFUp3Qay_l7p8zzcfOhOA.mft
                          rsync://rpki.afrinic.net/repository/afrinic/h8J36lRFUp3Qay_l7p8zzcfOhOA.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22 (0x16)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BCC19AF/serialNumber=87C277EA5445529DD06B2FE5EE9F33CDC7CE84E0
        Validity
            Not Before: Dec 11 06:57:59 2021 GMT
            Not After : Dec 31 06:57:59 2048 GMT
        Subject: CN=61b44bfb-ec3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:96:8e:ae:b0:41:18:ad:65:cc:b8:87:13:65:
                    34:34:8a:5b:5b:3a:bf:65:7d:18:ec:2b:8d:89:dc:
                    a3:1f:80:37:95:35:43:f5:17:ab:fe:83:59:a0:2a:
                    f2:49:e5:59:fc:10:a7:3d:9c:5c:2f:2c:09:b3:22:
                    ff:af:ca:d1:8f:f4:ec:ad:f6:d7:09:3b:c0:c5:44:
                    79:76:1a:99:93:40:30:a7:f3:86:b5:02:d3:7d:23:
                    e8:bb:09:86:6d:33:9d:66:7c:73:ac:dd:b1:de:34:
                    66:1a:bd:66:76:c5:77:65:a2:95:67:44:c0:3f:a2:
                    83:83:c9:5a:c5:72:38:33:bb:7d:6e:dd:b7:aa:4f:
                    8a:55:07:ad:7b:52:b7:e0:ba:29:31:cb:45:5b:b2:
                    e3:67:a7:87:fe:5c:3e:ed:7f:bf:03:d7:78:97:bf:
                    bf:14:be:d3:ea:5b:c8:cc:1a:9d:3c:ce:39:50:5d:
                    95:d2:81:49:b8:9b:eb:8c:b0:44:9b:0b:90:ef:5e:
                    62:e9:05:98:2f:11:f6:a7:09:9d:0d:d0:17:d1:8e:
                    d0:13:83:8d:72:13:3c:04:e1:d2:ae:af:ba:4b:f8:
                    a7:5a:e2:f9:a7:a2:1d:6c:ae:57:7c:d1:28:19:6e:
                    94:03:fb:87:65:26:e3:46:03:36:83:64:5d:3e:fd:
                    a9:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:C0:99:C9:28:63:F7:D0:76:99:52:0F:29:F2:B3:F7:03:CF:84:2C
            X509v3 Authority Key Identifier:
                keyid:87:C2:77:EA:54:45:52:9D:D0:6B:2F:E5:EE:9F:33:CD:C7:CE:84:E0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/h8J36lRFUp3Qay_l7p8zzcfOhOA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/h8J36lRFUp3Qay_l7p8zzcfOhOA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/AF1870DA5A4F11EC8A7D2A9D5A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:aa:66:68:60:c9:28:f8:e0:b2:45:f0:86:93:c0:92:ce:94:
         e8:9e:d3:6f:a7:33:40:0e:f1:fc:d2:07:d1:c2:dc:6d:9f:a0:
         30:92:86:21:ec:2f:82:1e:93:6a:6a:b4:f0:c6:b2:39:af:a9:
         0c:a8:e7:59:18:5b:18:ca:b0:a3:27:e9:a4:1c:ec:d9:3a:4a:
         9b:14:b0:68:c6:27:85:f4:38:d7:60:16:37:cb:0e:e3:19:8b:
         cd:81:05:df:84:b6:b1:84:e1:0b:77:e4:48:9d:a8:03:63:b1:
         b6:29:13:10:a6:2c:b0:46:1b:cc:ab:a9:af:b7:38:25:6a:cf:
         95:aa:07:35:e0:3a:67:7c:2f:ed:a5:00:62:eb:f3:46:41:bb:
         16:40:df:34:89:58:cb:d1:8b:de:2d:f8:b2:c6:3e:89:e8:7d:
         45:e1:07:79:8a:9b:ea:83:ce:69:e2:0e:77:66:3e:c9:41:88:
         03:ac:dd:62:5d:02:a3:42:f8:9a:47:6d:25:13:94:01:c2:85:
         99:08:a2:dd:2c:1b:c5:01:c3:dc:2d:dc:59:03:9e:d9:7a:88:
         4d:b9:78:05:10:b4:0a:36:c9:3e:45:31:1c:f8:9b:7b:0f:74:
         49:56:ca:2e:92:60:ca:be:d9:ed:88:e2:5a:b7:14:99:60:bc:
         71:c6:26:e6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZC
Q0MxOUFGMTEwLwYDVQQFEyg4N0MyNzdFQTU0NDU1MjlERDA2QjJGRTVFRTlGMzND
REM3Q0U4NEUwMB4XDTIxMTIxMTA2NTc1OVoXDTQ4MTIzMTA2NTc1OVowGDEWMBQG
A1UEAwwNNjFiNDRiZmItZWMzYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANiWjq6wQRitZcy4hxNlNDSKW1s6v2V9GOwrjYncox+AN5U1Q/UXq/6DWaAq
8knlWfwQpz2cXC8sCbMi/6/K0Y/07K321wk7wMVEeXYamZNAMKfzhrUC030j6LsJ
hm0znWZ8c6zdsd40Zhq9ZnbFd2WilWdEwD+ig4PJWsVyODO7fW7dt6pPilUHrXtS
t+C6KTHLRVuy42enh/5cPu1/vwPXeJe/vxS+0+pbyMwanTzOOVBdldKBSbib64yw
RJsLkO9eYukFmC8R9qcJnQ3QF9GO0BODjXITPATh0q6vukv4p1ri+aeiHWyuV3zR
KBlulAP7h2Um40YDNoNkXT79qWsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSawJnJ
KGP30HaZUg8p8rP3A8+ELDAfBgNVHSMEGDAWgBSHwnfqVEVSndBrL+XunzPNx86E
4DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkNDMTkvRjYzMzY0MzI1NTAxMTFFQ0I2NUI0OTdBRDhBMDE0Q0UvaDhKMzZs
UkZVcDNRYXlfbDdwOHp6Y2ZPaE9BLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaDhKMzZsUkZVcDNRYXlfbDdwOHp6Y2ZPaE9BLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkNDMTkvRjYzMzY0MzI1NTAxMTFFQ0I2NUI0OTdBRDhB
MDE0Q0UvQUYxODcwREE1QTRGMTFFQzhBN0QyQTlENUE0MEQ1Nzcucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbcKDANBgkqhkiG9w0BAQsF
AAOCAQEAaapmaGDJKPjgskXwhpPAks6U6J7Tb6czQA7x/NIH0cLcbZ+gMJKGIewv
gh6Tamq08MayOa+pDKjnWRhbGMqwoyfppBzs2TpKmxSwaMYnhfQ412AWN8sO4xmL
zYEF34S2sYThC3fkSJ2oA2OxtikTEKYssEYbzKupr7c4JWrPlaoHNeA6Z3wv7aUA
YuvzRkG7FkDfNIlYy9GL3i34ssY+ieh9ReEHeYqb6oPOaeIOd2Y+yUGIA6zdYl0C
o0L4mkdtJROUAcKFmQii3SwbxQHD3C3cWQOe2XqITbl4BRC0CjbJPkUxHPibew90
SVbKLpJgyr7Z7YjiWrcUmWC8ccYm5g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:22 2024 by rpki-client on console-ams.rpki-client.org