Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BD4F1/0B286984358A11EBA3DE6772F8AEA228/67B8C7B20B7311EF82634D34017001B1.roa
File:                     67B8C7B20B7311EF82634D34017001B1.roa (raw, json)
Hash identifier:          gTnze+sNFy8wfWQuqCuoldModdIZeS9lmW2uAevzSyE=
Subject key identifier:   DE:7C:02:F7:64:D4:50:C2:80:FA:AA:1B:60:04:0C:A8:D3:7B:B8:2C
Certificate issuer:       /CN=F36BD4F1AF/serialNumber=85B0B18A318E5A75D04D1A0AA77EFF9505228924
Certificate serial:       0525
Authority key identifier: 85:B0:B1:8A:31:8E:5A:75:D0:4D:1A:0A:A7:7E:FF:95:05:22:89:24
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hbCxijGOWnXQTRoKp37_lQUiiSQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BD4F1/0B286984358A11EBA3DE6772F8AEA228/67B8C7B20B7311EF82634D34017001B1.roa
Signing time:             Mon 06 May 2024 06:39:36 +0000
ROA not before:           Mon 06 May 2024 06:39:33 +0000
ROA not after:            Sat 06 May 2028 06:39:33 +0000
asID:                     328745
IP address blocks:        102.209.48.0/24 maxlen: 24
                          102.209.49.0/24 maxlen: 24
                          102.209.50.0/24 maxlen: 24
                          102.209.51.0/24 maxlen: 24
                          102.217.248.0/24 maxlen: 24
                          102.217.249.0/24 maxlen: 24
                          102.217.250.0/24 maxlen: 24
                          102.217.251.0/24 maxlen: 24
                          102.221.154.0/24 maxlen: 24
                          2c0f:5000::/36 maxlen: 36
                          2c0f:5000:1000::/36 maxlen: 36
                          2c0f:5000:2000::/36 maxlen: 36
                          2c0f:5000:3000::/36 maxlen: 36
                          2c0f:5000:4000::/36 maxlen: 36
                          2c0f:5000:5000::/36 maxlen: 36
                          2c0f:5000:6000::/36 maxlen: 36
                          2c0f:5000:7000::/36 maxlen: 36
                          2c0f:5000:8000::/36 maxlen: 36
                          2c0f:5000:9000::/36 maxlen: 36
                          2c0f:5000:a000::/36 maxlen: 36
                          2c0f:5000:b000::/36 maxlen: 36
                          2c0f:5000:c000::/36 maxlen: 36
                          2c0f:5000:d000::/36 maxlen: 36
                          2c0f:5000:e000::/36 maxlen: 36
                          2c0f:5000:f000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BD4F1/0B286984358A11EBA3DE6772F8AEA228/hbCxijGOWnXQTRoKp37_lQUiiSQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BD4F1/0B286984358A11EBA3DE6772F8AEA228/hbCxijGOWnXQTRoKp37_lQUiiSQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hbCxijGOWnXQTRoKp37_lQUiiSQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1317 (0x525)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BD4F1AF/serialNumber=85B0B18A318E5A75D04D1A0AA77EFF9505228924
        Validity
            Not Before: May  6 06:39:33 2024 GMT
            Not After : May  6 06:39:33 2028 GMT
        Subject: CN=66387b28-1a01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a2:d6:4b:9f:30:5d:cc:d5:63:74:78:5d:c3:
                    8f:ea:53:27:8a:5b:7e:b7:28:b0:43:bd:2d:67:71:
                    8a:e3:f2:51:a9:a5:bd:d7:40:58:9c:1f:ab:1b:79:
                    f5:29:09:9c:67:fe:8e:a1:bd:b8:d3:32:83:9a:64:
                    d3:93:38:2f:ac:b9:ec:f2:e9:9d:6c:23:50:1f:10:
                    75:53:1d:3b:15:37:4e:75:3c:01:e5:a6:13:9c:d1:
                    31:1a:8f:5c:1d:a8:21:13:3a:8c:4d:0e:72:bc:a8:
                    a5:d6:b7:63:5b:43:76:41:e0:a5:b0:8e:53:66:20:
                    5a:6b:77:89:77:e9:00:98:26:9e:5b:2a:c2:85:f5:
                    44:3b:b1:a9:3a:74:0f:80:db:32:4c:e8:a5:f4:36:
                    ed:ed:4d:72:a9:63:f3:bb:ca:58:c4:f4:4b:e6:ba:
                    c3:fb:8f:1b:a1:36:35:90:f2:62:9f:32:f6:af:70:
                    18:cb:0f:2b:4d:22:88:f3:60:f3:6a:4d:c2:0c:c3:
                    87:ba:b6:8b:f3:73:45:ac:b0:cc:0a:e4:82:b2:9d:
                    0d:8d:96:06:37:07:f1:6f:4c:2a:99:a5:b8:05:2c:
                    b0:cd:a6:f8:e4:7d:df:7c:79:77:ed:a9:29:d6:46:
                    5e:12:aa:74:13:98:b1:b7:27:bd:cd:b5:ed:16:d2:
                    c4:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:7C:02:F7:64:D4:50:C2:80:FA:AA:1B:60:04:0C:A8:D3:7B:B8:2C
            X509v3 Authority Key Identifier:
                keyid:85:B0:B1:8A:31:8E:5A:75:D0:4D:1A:0A:A7:7E:FF:95:05:22:89:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BD4F1/0B286984358A11EBA3DE6772F8AEA228/hbCxijGOWnXQTRoKp37_lQUiiSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hbCxijGOWnXQTRoKp37_lQUiiSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BD4F1/0B286984358A11EBA3DE6772F8AEA228/67B8C7B20B7311EF82634D34017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.48.0/22
                  102.217.248.0/22
                  102.221.154.0/24
                IPv6:
                  2c0f:5000::/32

    Signature Algorithm: sha256WithRSAEncryption
         77:62:5b:b9:7e:c1:43:72:9a:38:b5:23:79:7f:d9:d5:55:47:
         5f:de:cd:9a:e0:54:44:57:4e:68:c3:6d:56:59:0c:1b:d0:64:
         06:64:4d:fb:d4:f6:55:b9:79:bb:1f:e4:07:0a:6f:80:fd:dd:
         a6:cc:95:af:85:d4:84:04:0a:0c:45:27:a6:2f:3c:f9:da:b9:
         b3:87:64:4d:6b:3b:78:1d:a6:8e:e7:53:a7:c9:9c:61:db:76:
         4f:2c:88:c7:5c:a7:74:f8:d3:1f:d6:23:69:ae:01:74:45:a4:
         b0:ee:d5:15:bc:f8:c5:f4:c6:c8:1e:55:71:3d:9c:32:53:32:
         89:c0:38:8e:8b:83:0e:18:c9:23:a5:7a:1b:e1:59:d0:52:4f:
         04:0f:8c:7b:4f:55:b8:28:a6:c6:20:1c:83:e1:2e:6f:a9:ca:
         14:18:10:84:aa:6c:37:c4:08:5b:fc:fc:10:ca:34:ac:8c:ce:
         01:98:3b:8b:57:f6:b9:5f:c9:56:5e:a9:cf:1b:c8:63:bf:1a:
         1e:3d:77:bf:f3:1e:b2:4a:3e:bf:25:bd:da:cf:54:1c:0f:df:
         66:d3:a5:8d:17:77:45:b5:5c:68:25:d5:86:0e:78:84:d7:b4:
         89:90:65:e9:9e:3b:ec:66:14:0e:56:8c:de:98:93:e7:11:be:
         89:f7:f9:60
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICBSUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkQ0RjFBRjExMC8GA1UEBRMoODVCMEIxOEEzMThFNUE3NUQwNEQxQTBBQTc3RUZG
OTUwNTIyODkyNDAeFw0yNDA1MDYwNjM5MzNaFw0yODA1MDYwNjM5MzNaMBgxFjAU
BgNVBAMTDTY2Mzg3YjI4LTFhMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDfotZLnzBdzNVjdHhdw4/qUyeKW363KLBDvS1ncYrj8lGppb3XQFicH6sb
efUpCZxn/o6hvbjTMoOaZNOTOC+suezy6Z1sI1AfEHVTHTsVN051PAHlphOc0TEa
j1wdqCETOoxNDnK8qKXWt2NbQ3ZB4KWwjlNmIFprd4l36QCYJp5bKsKF9UQ7sak6
dA+A2zJM6KX0Nu3tTXKpY/O7yljE9EvmusP7jxuhNjWQ8mKfMvavcBjLDytNIojz
YPNqTcIMw4e6tovzc0WssMwK5IKynQ2NlgY3B/FvTCqZpbgFLLDNpvjkfd98eXft
qSnWRl4SqnQTmLG3J73Nte0W0sTLAgMBAAGjggLAMIICvDAdBgNVHQ4EFgQU3nwC
92TUUMKA+qobYAQMqNN7uCwwHwYDVR0jBBgwFoAUhbCxijGOWnXQTRoKp37/lQUi
iSQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJENEYxLzBCMjg2OTg0MzU4QTExRUJBM0RFNjc3MkY4QUVBMjI4L2hiQ3hp
akdPV25YUVRSb0twMzdfbFFVaWlTUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2hiQ3hpakdPV25YUVRSb0twMzdfbFFVaWlTUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJENEYxLzBCMjg2OTg0MzU4QTExRUJBM0RFNjc3MkY4
QUVBMjI4LzY3QjhDN0IyMEI3MzExRUY4MjYzNEQzNDAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAJm0TADBAJm2fgDBABm3Zow
DQQCAAIwBwMFACwPUAAwDQYJKoZIhvcNAQELBQADggEBAHdiW7l+wUNymji1I3l/
2dVVR1/ezZrgVERXTmjDbVZZDBvQZAZkTfvU9lW5ebsf5AcKb4D93abMla+F1IQE
CgxFJ6YvPPnaubOHZE1rO3gdpo7nU6fJnGHbdk8siMdcp3T40x/WI2muAXRFpLDu
1RW8+MX0xsgeVXE9nDJTMonAOI6Lgw4YySOlehvhWdBSTwQPjHtPVbgopsYgHIPh
Lm+pyhQYEISqbDfECFv8/BDKNKyMzgGYO4tX9rlfyVZeqc8byGO/Gh49d7/zHrJK
Pr8lvdrPVBwP32bTpY0Xd0W1XGgl1YYOeITXtImQZemeO+xmFA5WjN6Yk+cRvon3
+WA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:22 2024 by rpki-client on console-ams.rpki-client.org