Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/713637E2430511EF8D31C1B4762E951A.roa
File:                     713637E2430511EF8D31C1B4762E951A.roa (raw, json)
Hash identifier:          XgucdZJFSHLF82LjXuONLje3sg0CXcYD64YQFtXaBac=
Subject key identifier:   D9:2F:2B:0B:28:0D:A0:82:AC:DF:E9:4D:9C:E8:CE:B5:92:DE:7F:34
Certificate issuer:       /CN=F36C1FBFAF/serialNumber=7DEAB771D66B17B0EE872E91F18D3C5A16C22FB0
Certificate serial:       11
Authority key identifier: 7D:EA:B7:71:D6:6B:17:B0:EE:87:2E:91:F1:8D:3C:5A:16:C2:2F:B0
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/713637E2430511EF8D31C1B4762E951A.roa
Signing time:             Mon 15 Jul 2024 23:53:33 +0000
ROA not before:           Tue 16 Jul 2024 23:53:29 +0000
ROA not after:            Sun 31 Dec 2034 23:53:29 +0000
asID:                     329429
IP address blocks:        102.213.164.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.mft
                          rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17 (0x11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C1FBFAF/serialNumber=7DEAB771D66B17B0EE872E91F18D3C5A16C22FB0
        Validity
            Not Before: Jul 16 23:53:29 2024 GMT
            Not After : Dec 31 23:53:29 2034 GMT
        Subject: CN=6695b67c-59de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:55:5d:4d:2b:87:f1:d7:93:fe:89:15:52:f5:
                    c1:26:9c:ba:57:e8:5e:78:01:78:5a:d4:a1:be:85:
                    3a:5a:32:61:dd:c8:3b:4f:d4:3f:b3:e1:85:38:56:
                    40:b2:3f:7c:7c:ba:99:f3:1f:fe:e3:c1:f2:47:8d:
                    93:89:65:6d:57:0d:48:63:f2:31:fb:d7:fb:08:24:
                    37:15:c1:34:0f:e7:a6:5a:f7:c4:8b:07:d8:c0:7f:
                    63:50:1f:9d:b2:77:37:be:b2:9c:46:9e:a7:05:d5:
                    8a:2b:e9:ad:eb:14:8f:77:1b:d2:a3:8f:58:ad:3b:
                    ca:2d:f2:89:cc:44:cb:76:77:8c:83:48:00:8f:10:
                    96:3d:b3:cb:8f:0a:2f:98:44:5e:05:40:60:53:b8:
                    f8:fa:ae:91:43:78:98:2f:d7:57:98:97:26:4d:2f:
                    b8:50:52:2d:c4:63:b6:8e:d9:54:88:2a:c1:da:55:
                    41:8a:6d:3b:fc:9b:f5:a3:2e:2b:20:b6:50:bb:4b:
                    57:09:fc:03:97:ba:b5:bc:c6:e9:89:70:20:54:14:
                    3b:96:ba:9a:b1:a7:5c:52:fd:06:5c:b1:4c:34:e0:
                    7e:3d:20:49:2f:1e:d4:e3:ef:68:e0:6b:91:c9:5c:
                    bf:7d:06:ed:4f:72:34:36:12:5b:2d:56:b7:89:4c:
                    a3:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:2F:2B:0B:28:0D:A0:82:AC:DF:E9:4D:9C:E8:CE:B5:92:DE:7F:34
            X509v3 Authority Key Identifier:
                keyid:7D:EA:B7:71:D6:6B:17:B0:EE:87:2E:91:F1:8D:3C:5A:16:C2:2F:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/713637E2430511EF8D31C1B4762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.213.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         47:8e:9c:18:bb:fd:22:7c:84:ac:8d:3b:5d:0c:88:3a:50:b2:
         20:51:8f:9e:05:dd:b0:19:89:00:89:e8:80:b8:47:ef:5e:ce:
         fe:e0:c0:f3:c2:8d:7f:4f:c9:00:ea:94:87:be:97:dd:af:c2:
         29:42:08:0d:55:cf:3e:fb:4c:81:70:18:cd:4f:c6:fb:b5:07:
         5a:c3:30:19:6d:ca:53:ab:c2:5f:30:80:54:4b:f6:e0:4d:67:
         d7:7f:84:97:d5:ed:8f:92:e5:d9:b8:92:10:00:17:7c:d2:e4:
         cd:ee:ef:26:04:96:3d:2c:ab:08:2f:21:fd:aa:7c:ac:41:77:
         70:2c:77:d4:d3:60:2d:4e:dc:fa:a6:3a:b7:1f:1d:dc:7d:0e:
         a6:00:86:dc:63:a7:e0:bd:17:6b:56:88:5d:48:0f:96:a0:7c:
         84:99:6c:22:b8:f5:db:b2:01:9c:8a:65:60:ff:3f:a1:ff:d7:
         63:40:ea:f8:01:11:99:68:b4:6a:30:c5:88:2d:bc:d5:7f:61:
         94:35:4d:4b:ba:20:43:55:d2:b2:f0:db:e9:94:59:9b:42:37:
         bd:0a:b0:d5:18:61:4c:72:4c:cc:ae:b4:5f:2a:5f:d8:1b:3f:
         2b:e0:14:54:f0:2c:47:8c:8b:6e:00:7b:83:d0:e0:e4:18:eb:
         d9:e0:a3:f7
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MUZCRkFGMTEwLwYDVQQFEyg3REVBQjc3MUQ2NkIxN0IwRUU4NzJFOTFGMThEM0M1
QTE2QzIyRkIwMB4XDTI0MDcxNjIzNTMyOVoXDTM0MTIzMTIzNTMyOVowGDEWMBQG
A1UEAxMNNjY5NWI2N2MtNTlkZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlVXU0rh/HXk/6JFVL1wSaculfoXngBeFrUob6FOloyYd3IO0/UP7PhhThW
QLI/fHy6mfMf/uPB8keNk4llbVcNSGPyMfvX+wgkNxXBNA/nplr3xIsH2MB/Y1Af
nbJ3N76ynEaepwXViivpresUj3cb0qOPWK07yi3yicxEy3Z3jINIAI8Qlj2zy48K
L5hEXgVAYFO4+PqukUN4mC/XV5iXJk0vuFBSLcRjto7ZVIgqwdpVQYptO/yb9aMu
KyC2ULtLVwn8A5e6tbzG6YlwIFQUO5a6mrGnXFL9BlyxTDTgfj0gSS8e1OPvaOBr
kclcv30G7U9yNDYSWy1Wt4lMo/sCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTZLysL
KA2ggqzf6U2c6M61kt5/NDAfBgNVHSMEGDAWgBR96rdx1msXsO6HLpHxjTxaFsIv
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzFGQkYvMTU2NDM2RDIzRTdCMTFFRjgxQ0JDNjgwNzYyRTk1MUEvZmVxM2Nk
WnJGN0R1aHk2UjhZMDhXaGJDTDdBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZmVxM2NkWnJGN0R1aHk2UjhZMDhXaGJDTDdBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzFGQkYvMTU2NDM2RDIzRTdCMTFFRjgxQ0JDNjgwNzYy
RTk1MUEvNzEzNjM3RTI0MzA1MTFFRjhEMzFDMUI0NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbVpDANBgkqhkiG9w0BAQsF
AAOCAQEAR46cGLv9InyErI07XQyIOlCyIFGPngXdsBmJAInogLhH717O/uDA88KN
f0/JAOqUh76X3a/CKUIIDVXPPvtMgXAYzU/G+7UHWsMwGW3KU6vCXzCAVEv24E1n
13+El9Xtj5Ll2biSEAAXfNLkze7vJgSWPSyrCC8h/ap8rEF3cCx31NNgLU7c+qY6
tx8d3H0OpgCG3GOn4L0Xa1aIXUgPlqB8hJlsIrj127IBnIplYP8/of/XY0Dq+AER
mWi0ajDFiC281X9hlDVNS7ogQ1XSsvDb6ZRZm0I3vQqw1RhhTHJMzK60Xypf2Bs/
K+AUVPAsR4yLbgB7g9Dg5Bjr2eCj9w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org