Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/98C04A12A97411EEB3E86A9D775412E6.roa
File:                     98C04A12A97411EEB3E86A9D775412E6.roa (raw, json)
Hash identifier:          H0hGzlefh4R1FzcGtns6Coy7Ktc/yo8/1THWAE+hjxA=
Subject key identifier:   6D:57:36:8E:72:F9:C9:21:94:25:FF:13:13:15:2E:79:AD:6E:7D:CD
Certificate issuer:       /CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
Certificate serial:       05
Authority key identifier: E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/98C04A12A97411EEB3E86A9D775412E6.roa
Signing time:             Tue 02 Jan 2024 13:41:14 +0000
ROA not before:           Tue 02 Jan 2024 13:41:11 +0000
ROA not after:            Thu 02 Jan 2025 13:41:11 +0000
asID:                     37284
IP address blocks:        102.220.140.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C3A58AF/serialNumber=E15F50DDD28E02FD6E6966D5918D1B0BBF4684E8
        Validity
            Not Before: Jan  2 13:41:11 2024 GMT
            Not After : Jan  2 13:41:11 2025 GMT
        Subject: CN=6594127a-6544
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b9:ba:a7:8b:e6:85:84:2e:9a:44:6a:13:aa:
                    3b:34:c2:80:8d:3f:b7:e3:cb:e7:8f:91:16:1f:fc:
                    8b:0f:c9:17:ee:e9:46:9c:45:b1:91:27:9e:d7:1b:
                    0c:3f:7f:78:dd:0e:a6:0e:16:53:67:4d:bc:98:0a:
                    18:4e:14:d7:74:c5:94:1c:9e:9a:ec:51:1a:17:51:
                    3a:75:17:bb:86:14:50:f4:e3:3a:f1:44:7d:45:49:
                    8c:02:2d:6c:5c:ad:5d:63:0c:42:f7:1f:a7:66:a5:
                    83:02:0a:0f:69:6b:9c:bd:ee:a9:3e:67:c5:7c:1c:
                    44:99:85:04:7c:57:a9:67:2b:ac:17:cd:96:c3:da:
                    2d:4b:e3:f0:7e:44:4b:00:14:6e:85:50:99:e5:e5:
                    f4:76:69:12:08:e1:24:e3:98:8a:85:de:ae:25:66:
                    85:80:15:14:32:e8:de:50:76:8c:4d:67:60:83:bd:
                    d4:20:78:fe:22:84:6a:b9:95:df:a0:20:8c:04:23:
                    90:9b:7b:69:45:16:94:09:84:9f:72:bf:21:db:d5:
                    4d:98:d6:e0:1e:33:f6:d7:2c:37:1f:c7:0a:dd:de:
                    2e:43:3d:ce:e2:94:de:e3:35:b0:a0:8b:32:52:9f:
                    31:a4:15:a7:a8:c2:05:58:eb:2e:84:bf:00:f6:75:
                    18:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:57:36:8E:72:F9:C9:21:94:25:FF:13:13:15:2E:79:AD:6E:7D:CD
            X509v3 Authority Key Identifier:
                keyid:E1:5F:50:DD:D2:8E:02:FD:6E:69:66:D5:91:8D:1B:0B:BF:46:84:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/4V9Q3dKOAv1uaWbVkY0bC79GhOg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4V9Q3dKOAv1uaWbVkY0bC79GhOg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C3A58/1B78C60CA8BF11EEBB3CA855775412E6/98C04A12A97411EEB3E86A9D775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:bb:c3:81:9a:a3:29:a1:49:9f:5f:20:94:8f:b6:bd:96:ad:
         14:df:bc:20:4f:06:66:87:3e:14:4f:79:7e:9c:7b:ee:c6:e7:
         c4:22:31:81:0f:53:60:9f:81:fd:d2:16:79:56:ba:bc:ff:8e:
         b4:55:64:9c:e8:eb:de:9f:b4:48:32:52:4b:b6:e0:94:12:52:
         43:39:4a:4c:de:8d:38:c3:f5:6a:eb:ab:7b:91:ca:50:90:3f:
         05:1c:35:ab:10:bc:42:b3:74:fb:ff:0f:ed:98:fa:8a:a2:71:
         ff:9d:24:9c:cc:8e:3b:db:cd:5c:8e:f4:96:38:e3:11:f8:68:
         55:ef:e4:6f:6e:3d:36:c7:45:f0:28:1f:ef:e9:74:ac:00:88:
         ee:e7:9e:e6:c1:89:35:ed:5f:3b:6f:13:6f:99:f5:9b:28:36:
         11:19:d1:29:fc:2d:c3:98:ac:b8:f2:85:24:ba:d9:e4:aa:1d:
         e7:b0:3d:7a:75:c6:13:c5:79:9c:68:fa:ac:51:a8:99:07:36:
         a2:36:0a:a5:c2:5c:74:20:f3:2b:58:80:34:a7:7b:ab:93:4c:
         bd:9a:36:3c:3e:b9:44:65:63:50:78:34:a9:35:59:27:db:f1:
         81:cc:76:1f:32:3c:a1:85:f7:6a:12:b0:ad:ac:c2:e3:b1:df:
         b2:67:e4:79
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
M0E1OEFGMTEwLwYDVQQFEyhFMTVGNTBEREQyOEUwMkZENkU2OTY2RDU5MThEMUIw
QkJGNDY4NEU4MB4XDTI0MDEwMjEzNDExMVoXDTI1MDEwMjEzNDExMVowGDEWMBQG
A1UEAxMNNjU5NDEyN2EtNjU0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+5uqeL5oWELppEahOqOzTCgI0/t+PL54+RFh/8iw/JF+7pRpxFsZEnntcb
DD9/eN0Opg4WU2dNvJgKGE4U13TFlByemuxRGhdROnUXu4YUUPTjOvFEfUVJjAIt
bFytXWMMQvcfp2algwIKD2lrnL3uqT5nxXwcRJmFBHxXqWcrrBfNlsPaLUvj8H5E
SwAUboVQmeXl9HZpEgjhJOOYioXeriVmhYAVFDLo3lB2jE1nYIO91CB4/iKEarmV
36AgjAQjkJt7aUUWlAmEn3K/IdvVTZjW4B4z9tcsNx/HCt3eLkM9zuKU3uM1sKCL
MlKfMaQVp6jCBVjrLoS/APZ1GP8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRtVzaO
cvnJIZQl/xMTFS55rW59zTAfBgNVHSMEGDAWgBThX1Dd0o4C/W5pZtWRjRsLv0aE
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzNBNTgvMUI3OEM2MENBOEJGMTFFRUJCM0NBODU1Nzc1NDEyRTYvNFY5UTNk
S09BdjF1YVdiVmtZMGJDNzlHaE9nLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNFY5UTNkS09BdjF1YVdiVmtZMGJDNzlHaE9nLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzNBNTgvMUI3OEM2MENBOEJGMTFFRUJCM0NBODU1Nzc1
NDEyRTYvOThDMDRBMTJBOTc0MTFFRUIzRTg2QTlENzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbcjDANBgkqhkiG9w0BAQsF
AAOCAQEAYrvDgZqjKaFJn18glI+2vZatFN+8IE8GZoc+FE95fpx77sbnxCIxgQ9T
YJ+B/dIWeVa6vP+OtFVknOjr3p+0SDJSS7bglBJSQzlKTN6NOMP1auure5HKUJA/
BRw1qxC8QrN0+/8P7Zj6iqJx/50knMyOO9vNXI70ljjjEfhoVe/kb249NsdF8Cgf
7+l0rACI7uee5sGJNe1fO28Tb5n1myg2ERnRKfwtw5isuPKFJLrZ5Kod57A9enXG
E8V5nGj6rFGomQc2ojYKpcJcdCDzK1iANKd7q5NMvZo2PD65RGVjUHg0qTVZJ9vx
gcx2HzI8oYX3ahKwrazC47HfsmfkeQ==
-----END CERTIFICATE-----
Generated at Mon Jun 17 03:35:08 2024 by rpki-client on console-fra.rpki-client.org