Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/6BD3D72C1C4B11EFA0DF5FE57CDC24C2.roa
File:                     6BD3D72C1C4B11EFA0DF5FE57CDC24C2.roa (raw, json)
Hash identifier:          kVAT6LvKNfd1TJNrUHJDtuhrBoJ6grfJU6Qzk3woG9A=
Subject key identifier:   CB:65:FA:09:77:8B:8C:60:49:EE:21:AC:A2:1D:0A:9E:CC:7A:E1:74
Certificate issuer:       /CN=F36C2BF2AF/serialNumber=FB85E08E5DBB05C95B7BD0DA7E5FE6FCE39826FF
Certificate serial:       1A
Authority key identifier: FB:85:E0:8E:5D:BB:05:C9:5B:7B:D0:DA:7E:5F:E6:FC:E3:98:26:FF
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/6BD3D72C1C4B11EFA0DF5FE57CDC24C2.roa
Signing time:             Mon 27 May 2024 17:06:13 +0000
ROA not before:           Tue 28 May 2024 17:06:09 +0000
ROA not after:            Thu 28 May 2026 17:06:09 +0000
asID:                     328941
IP address blocks:        102.219.86.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26 (0x1a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C2BF2AF/serialNumber=FB85E08E5DBB05C95B7BD0DA7E5FE6FCE39826FF
        Validity
            Not Before: May 28 17:06:09 2024 GMT
            Not After : May 28 17:06:09 2026 GMT
        Subject: CN=6654bd85-448d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:5d:cd:87:d7:12:1b:93:89:fa:47:c8:c3:1d:
                    ea:6c:9d:fa:97:be:a3:af:4f:ec:91:f1:8c:e9:1a:
                    9b:c7:50:dc:06:e0:33:76:10:07:51:e6:2c:1c:33:
                    0d:40:22:f4:f3:25:46:08:45:cc:53:79:df:48:a7:
                    18:17:84:1d:7a:1a:e0:a2:96:26:35:39:13:95:e7:
                    f1:18:93:55:a0:43:0c:52:c7:20:1e:11:d9:f8:cd:
                    28:33:e6:ae:7e:a7:31:d6:c8:d8:b3:94:03:b2:cd:
                    88:d2:8a:db:bf:9e:29:93:6b:7c:28:96:3c:70:19:
                    f5:9f:f7:49:d1:ad:59:6c:e0:ec:54:7e:31:17:3c:
                    94:32:8f:9e:27:f1:df:6d:48:bc:06:92:14:bf:84:
                    3a:c2:c3:7d:57:17:17:ce:11:b0:d6:e1:3c:a3:cd:
                    49:38:6b:bf:3c:ab:3a:cc:2c:19:fc:ae:67:b4:32:
                    1c:73:6e:1a:36:d5:85:4b:18:dd:dc:30:34:ef:52:
                    26:60:2c:01:cb:4c:32:68:8a:88:e8:fb:06:e2:d7:
                    2a:9e:1d:e2:bb:c6:cc:cb:2a:d4:d5:3e:96:7d:17:
                    38:09:a3:55:6f:39:80:e1:5e:e0:7b:38:c0:5b:8a:
                    13:26:8e:6e:d3:68:a6:7f:8c:01:73:8f:90:81:e8:
                    c1:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:65:FA:09:77:8B:8C:60:49:EE:21:AC:A2:1D:0A:9E:CC:7A:E1:74
            X509v3 Authority Key Identifier:
                keyid:FB:85:E0:8E:5D:BB:05:C9:5B:7B:D0:DA:7E:5F:E6:FC:E3:98:26:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/6BD3D72C1C4B11EFA0DF5FE57CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.219.86.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4f:62:90:09:cb:41:e7:94:ea:41:a5:29:6a:76:ef:05:98:b1:
         1a:f3:a5:40:ed:6f:df:e4:0d:3e:e4:2a:ca:16:f2:f2:d3:a4:
         f4:62:33:8d:6c:b3:33:d5:7b:01:29:13:9e:d0:13:e4:ab:00:
         8a:18:c1:0f:ef:03:69:be:46:4c:ce:c7:e5:e4:c3:65:49:09:
         db:71:24:fc:e1:5b:f7:6d:06:eb:0e:72:8c:26:0f:68:ae:5d:
         07:09:75:ae:00:15:40:23:b6:88:0a:27:83:a4:61:ca:c9:46:
         b4:fc:74:cc:dd:fb:37:8c:ee:43:93:9f:87:57:fe:90:5b:42:
         bd:41:3a:59:6b:85:bd:c5:93:90:0a:cd:96:cb:fa:74:e8:4f:
         98:f9:00:08:95:56:43:e3:b7:87:90:af:30:dc:73:34:ce:a5:
         4e:5f:9b:6a:57:d2:df:1f:e0:00:0e:aa:f2:92:d6:ab:96:81:
         15:0f:e4:59:b0:3e:31:4c:8a:c0:e2:24:eb:c4:d8:84:42:9d:
         f3:f8:c7:44:76:c0:20:42:a0:a2:f7:c7:5c:0e:f0:8b:26:19:
         92:45:e0:a2:79:66:44:dd:24:1f:b4:b8:e9:d7:7d:45:47:c2:
         46:e1:a7:ed:b4:a5:a7:e0:e2:3f:f7:d0:65:08:e5:5c:5f:cf:
         4d:6d:a9:ec
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBGjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MkJGMkFGMTEwLwYDVQQFEyhGQjg1RTA4RTVEQkIwNUM5NUI3QkQwREE3RTVGRTZG
Q0UzOTgyNkZGMB4XDTI0MDUyODE3MDYwOVoXDTI2MDUyODE3MDYwOVowGDEWMBQG
A1UEAxMNNjY1NGJkODUtNDQ4ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANldzYfXEhuTifpHyMMd6myd+pe+o69P7JHxjOkam8dQ3AbgM3YQB1HmLBwz
DUAi9PMlRghFzFN530inGBeEHXoa4KKWJjU5E5Xn8RiTVaBDDFLHIB4R2fjNKDPm
rn6nMdbI2LOUA7LNiNKK27+eKZNrfCiWPHAZ9Z/3SdGtWWzg7FR+MRc8lDKPnifx
321IvAaSFL+EOsLDfVcXF84RsNbhPKPNSThrvzyrOswsGfyuZ7QyHHNuGjbVhUsY
3dwwNO9SJmAsActMMmiKiOj7BuLXKp4d4rvGzMsq1NU+ln0XOAmjVW85gOFe4Hs4
wFuKEyaObtNopn+MAXOPkIHowQMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTLZfoJ
d4uMYEnuIayiHQqezHrhdDAfBgNVHSMEGDAWgBT7heCOXbsFyVt70Np+X+b845gm
/zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzJCRjIvREFCQUI4N0UxOUVDMTFFRkJDQkY1RTJDMDE3MDAxQjEvLTRYZ2ps
MjdCY2xiZTlEYWZsX21fT09ZSnY4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvLTRYZ2psMjdCY2xiZTlEYWZsX21fT09ZSnY4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzJCRjIvREFCQUI4N0UxOUVDMTFFRkJDQkY1RTJDMDE3
MDAxQjEvNkJEM0Q3MkMxQzRCMTFFRkEwREY1RkU1N0NEQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbbVjANBgkqhkiG9w0BAQsF
AAOCAQEAT2KQCctB55TqQaUpanbvBZixGvOlQO1v3+QNPuQqyhby8tOk9GIzjWyz
M9V7ASkTntAT5KsAihjBD+8Dab5GTM7H5eTDZUkJ23Ek/OFb920G6w5yjCYPaK5d
Bwl1rgAVQCO2iAong6RhyslGtPx0zN37N4zuQ5Ofh1f+kFtCvUE6WWuFvcWTkArN
lsv6dOhPmPkACJVWQ+O3h5CvMNxzNM6lTl+balfS3x/gAA6q8pLWq5aBFQ/kWbA+
MUyKwOIk68TYhEKd8/jHRHbAIEKgovfHXA7wiyYZkkXgonlmRN0kH7S46dd9RUfC
RuGn7bSlp+DiP/fQZQjlXF/PTW2p7A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:23 2024 by rpki-client on console-ams.rpki-client.org