Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/B15985CA97E111EDB41AE57CF1222468.roa
File:                     B15985CA97E111EDB41AE57CF1222468.roa (raw, json)
Hash identifier:          abdzPuIuACJJuQmlSUaUnN0N+3SokV71Kyt96n5N98A=
Subject key identifier:   4B:7B:70:AE:1B:06:C0:D9:0A:2B:D8:0A:E4:E9:07:5D:54:C0:74:3B
Certificate issuer:       /CN=F36BE2EDAF/serialNumber=742FA2030FA40C4B1F29E063FF32E7053009FA33
Certificate serial:       02
Authority key identifier: 74:2F:A2:03:0F:A4:0C:4B:1F:29:E0:63:FF:32:E7:05:30:09:FA:33
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/B15985CA97E111EDB41AE57CF1222468.roa
Signing time:             Thu 19 Jan 2023 10:11:52 +0000
ROA not before:           Thu 19 Jan 2023 10:11:46 +0000
ROA not after:            Sat 31 Dec 2033 10:11:46 +0000
asID:                     33779
IP address blocks:        102.213.56.0/22 maxlen: 27
                          105.235.128.0/20 maxlen: 27
                          2c0f:f940::/32 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BE2EDAF/serialNumber=742FA2030FA40C4B1F29E063FF32E7053009FA33
        Validity
            Not Before: Jan 19 10:11:46 2023 GMT
            Not After : Dec 31 10:11:46 2033 GMT
        Subject: CN=63c91768-98e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:9e:05:5b:9b:c6:26:e8:9d:da:79:44:5f:30:
                    6c:a4:3c:ad:25:08:14:e0:2c:86:2d:24:88:fc:14:
                    1d:5e:a9:d2:17:e5:7d:fe:80:26:6d:a9:b1:8c:99:
                    6f:32:ae:03:7a:ec:68:06:31:62:db:c6:0c:f8:40:
                    00:3c:b8:ba:7d:e9:00:f6:81:46:41:fc:db:97:73:
                    84:e5:77:6c:0a:ce:24:07:b4:1a:7a:2d:35:6e:f6:
                    1a:cc:b0:21:4f:89:7a:ac:58:4a:5e:05:ca:06:df:
                    69:86:44:44:26:d4:49:e9:9e:2c:53:9b:e6:49:61:
                    95:23:cd:e1:d9:62:2c:a9:82:97:40:ce:44:77:9e:
                    e6:c5:cb:91:d0:85:98:83:ec:64:a3:8c:f6:fe:e9:
                    ac:9f:b7:41:c0:06:1d:4e:d0:69:23:d8:e2:cb:9f:
                    05:70:e2:8a:17:8b:15:c3:8b:e4:83:2a:67:e4:eb:
                    26:93:53:ee:4c:03:49:8b:49:b2:3d:43:e4:dc:bc:
                    49:bc:34:0f:3f:c0:bf:96:16:a8:76:10:bc:2a:41:
                    02:f2:bb:4d:cf:ad:6a:15:b2:46:af:9a:d1:62:11:
                    fd:fe:00:d6:f6:ea:de:6c:16:64:df:6b:00:9d:50:
                    2f:77:46:b0:a9:a5:4e:0c:3f:71:cf:5e:e6:de:bd:
                    8e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:7B:70:AE:1B:06:C0:D9:0A:2B:D8:0A:E4:E9:07:5D:54:C0:74:3B
            X509v3 Authority Key Identifier:
                keyid:74:2F:A2:03:0F:A4:0C:4B:1F:29:E0:63:FF:32:E7:05:30:09:FA:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dC-iAw-kDEsfKeBj_zLnBTAJ-jM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/2C4CE81097DF11EDB38878F3F1222468/B15985CA97E111EDB41AE57CF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.213.56.0/22
                  105.235.128.0/20
                IPv6:
                  2c0f:f940::/32

    Signature Algorithm: sha256WithRSAEncryption
         9b:d0:a8:aa:8c:c4:db:58:93:63:62:92:ef:1d:ea:fe:38:dd:
         21:5e:08:2e:4a:52:45:37:4a:12:24:dc:25:d0:97:49:33:7e:
         41:f6:34:75:df:63:d0:a3:2d:94:1d:2c:60:c6:b8:86:26:86:
         d0:32:11:66:fe:96:fb:8e:48:e7:7e:1a:4b:09:db:8b:69:cc:
         c1:f3:ff:26:e6:fc:ab:f6:e8:a1:61:b6:77:68:26:69:2d:e7:
         49:f7:18:e7:50:e4:90:79:0d:f7:99:bb:99:d7:52:70:68:27:
         f6:4f:23:12:6f:9f:20:74:8f:4b:92:91:f1:1d:f4:e2:93:66:
         06:9d:a2:32:bb:af:c9:e4:03:ae:f3:a7:bf:91:04:9c:97:28:
         91:d9:0d:9d:82:0f:b8:0d:a0:f7:18:97:b7:fe:5e:82:39:94:
         1f:b8:62:59:5e:3a:6e:19:a9:3a:32:f5:01:2d:7f:73:80:99:
         19:a6:07:c4:b6:44:c0:45:11:1d:88:da:b7:58:be:4e:c4:e1:
         0a:fe:d6:5c:65:ca:2c:97:43:17:1b:b3:c8:8c:b3:8c:55:92:
         0e:d2:32:0d:59:67:ff:2a:67:dc:aa:b0:9b:32:12:75:f1:3b:
         8d:94:0e:69:27:34:e9:da:76:02:be:bc:ec:4f:56:70:03:3b:
         1f:fd:d1:bb
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZC
RTJFREFGMTEwLwYDVQQFEyg3NDJGQTIwMzBGQTQwQzRCMUYyOUUwNjNGRjMyRTcw
NTMwMDlGQTMzMB4XDTIzMDExOTEwMTE0NloXDTMzMTIzMTEwMTE0NlowGDEWMBQG
A1UEAwwNNjNjOTE3NjgtOThlMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6eBVubxibondp5RF8wbKQ8rSUIFOAshi0kiPwUHV6p0hflff6AJm2psYyZ
bzKuA3rsaAYxYtvGDPhAADy4un3pAPaBRkH825dzhOV3bArOJAe0GnotNW72Gsyw
IU+JeqxYSl4FygbfaYZERCbUSemeLFOb5klhlSPN4dliLKmCl0DORHee5sXLkdCF
mIPsZKOM9v7prJ+3QcAGHU7QaSPY4sufBXDiiheLFcOL5IMqZ+TrJpNT7kwDSYtJ
sj1D5Ny8Sbw0Dz/Av5YWqHYQvCpBAvK7Tc+tahWyRq+a0WIR/f4A1vbq3mwWZN9r
AJ1QL3dGsKmlTgw/cc9e5t69jiUCAwEAAaOCArowggK2MB0GA1UdDgQWBBRLe3Cu
GwbA2Qor2Ark6QddVMB0OzAfBgNVHSMEGDAWgBR0L6IDD6QMSx8p4GP/MucFMAn6
MzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkUyRUQvMkM0Q0U4MTA5N0RGMTFFREIzODg3OEYzRjEyMjI0NjgvZEMtaUF3
LWtERXNmS2VCal96TG5CVEFKLWpNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZEMtaUF3LWtERXNmS2VCal96TG5CVEFKLWpNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkUyRUQvMkM0Q0U4MTA5N0RGMTFFREIzODg3OEYzRjEy
MjI0NjgvQjE1OTg1Q0E5N0UxMTFFREI0MUFFNTdDRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmbVOAMEBGnrgDANBAIAAjAH
AwUALA/5QDANBgkqhkiG9w0BAQsFAAOCAQEAm9CoqozE21iTY2KS7x3q/jjdIV4I
LkpSRTdKEiTcJdCXSTN+QfY0dd9j0KMtlB0sYMa4hiaG0DIRZv6W+45I534aSwnb
i2nMwfP/Jub8q/booWG2d2gmaS3nSfcY51DkkHkN95m7mddScGgn9k8jEm+fIHSP
S5KR8R304pNmBp2iMruvyeQDrvOnv5EEnJcokdkNnYIPuA2g9xiXt/5egjmUH7hi
WV46bhmpOjL1AS1/c4CZGaYHxLZEwEURHYjat1i+TsThCv7WXGXKLJdDFxuzyIyz
jFWSDtIyDVln/ypn3KqwmzISdfE7jZQOaSc06dp2Ar687E9WcAM7H/3Ruw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:11 2024 by rpki-client on console-fra.rpki-client.org