Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/71FA729823C111EDAB9AEEC9F1222468.roa
File:                     71FA729823C111EDAB9AEEC9F1222468.roa (raw, json)
Hash identifier:          ajHfktHCX6C5ICjcze8RYAaozdvM825xVJ6eHLup0/c=
Subject key identifier:   CF:43:D0:0E:F9:D5:49:EB:42:53:14:1D:30:42:42:B1:6B:61:08:75
Certificate issuer:       /CN=F36C65C6AF/serialNumber=C08F3EDC59158942C2DF39F1425E6EB82168BE3E
Certificate serial:       01E0
Authority key identifier: C0:8F:3E:DC:59:15:89:42:C2:DF:39:F1:42:5E:6E:B8:21:68:BE:3E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/wI8-3FkViULC3znxQl5uuCFovj4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/71FA729823C111EDAB9AEEC9F1222468.roa
Signing time:             Wed 24 Aug 2022 15:28:47 +0000
ROA not before:           Wed 24 Aug 2022 15:28:43 +0000
ROA not after:            Tue 31 Aug 2032 15:28:43 +0000
asID:                     327901
IP address blocks:        102.141.128.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/wI8-3FkViULC3znxQl5uuCFovj4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/wI8-3FkViULC3znxQl5uuCFovj4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/wI8-3FkViULC3znxQl5uuCFovj4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 480 (0x1e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C65C6AF/serialNumber=C08F3EDC59158942C2DF39F1425E6EB82168BE3E
        Validity
            Not Before: Aug 24 15:28:43 2022 GMT
            Not After : Aug 31 15:28:43 2032 GMT
        Subject: CN=630643af-d3e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:09:0e:8a:59:56:86:00:1b:7f:a4:07:19:30:
                    60:24:94:1e:ef:37:8f:4e:c5:4a:8d:f3:bf:4e:80:
                    37:64:aa:b5:bc:12:a3:9c:5e:57:4e:2f:01:42:c1:
                    a1:42:6d:45:2d:a5:60:6c:79:bb:5c:8b:a5:8b:ed:
                    1f:12:42:94:71:fb:14:79:64:6b:14:b5:d6:58:dc:
                    f8:e6:0d:4c:d1:9d:1e:7c:5c:44:cf:83:04:3a:0d:
                    6b:4a:3e:e0:57:cd:c8:a5:ff:4b:b7:d1:6f:49:8a:
                    77:d4:42:07:f3:04:98:6b:87:b7:04:02:d9:82:55:
                    68:46:e2:70:fe:69:b5:1f:32:13:94:11:3e:0f:65:
                    db:7a:98:c7:e2:dc:6d:b2:2c:4e:3a:98:1e:fd:98:
                    b6:98:60:84:b5:a2:b9:c1:c8:c2:90:cd:0b:f0:95:
                    7c:9e:90:4b:47:d6:df:df:5d:63:0d:04:7d:d6:40:
                    89:37:6f:9b:2d:54:6d:19:57:88:11:7b:08:a5:a7:
                    b9:74:7f:80:73:cd:ac:cd:3a:f7:06:03:0c:33:8c:
                    40:99:78:b5:1d:b7:30:7d:75:27:13:b3:98:92:5e:
                    27:04:ba:d4:32:d1:90:ba:f5:c6:8a:c5:67:30:d7:
                    da:a1:a1:8a:a3:88:7d:3b:be:f9:a8:b9:98:f3:a9:
                    0e:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:43:D0:0E:F9:D5:49:EB:42:53:14:1D:30:42:42:B1:6B:61:08:75
            X509v3 Authority Key Identifier:
                keyid:C0:8F:3E:DC:59:15:89:42:C2:DF:39:F1:42:5E:6E:B8:21:68:BE:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/wI8-3FkViULC3znxQl5uuCFovj4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wI8-3FkViULC3znxQl5uuCFovj4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/71FA729823C111EDAB9AEEC9F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.141.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         b9:54:66:c8:03:33:3a:14:3b:cd:8f:28:ad:06:b3:a2:18:6f:
         72:c2:69:b2:c2:61:a7:18:a6:66:65:92:ec:15:7e:35:f4:07:
         99:31:0e:01:6b:89:e0:50:52:74:49:74:7f:e9:59:69:cc:50:
         0f:e4:6f:0b:d7:0b:5f:31:eb:bf:75:8e:49:e3:f6:64:61:77:
         36:0d:5e:91:80:86:64:e9:cb:46:21:38:f0:1e:09:b9:4d:42:
         e0:92:d9:cc:0f:b9:f3:66:3f:c4:34:01:73:b2:82:c6:7a:ac:
         08:f9:f5:a9:a5:11:9c:4c:3a:a9:48:e0:26:75:67:e3:b4:f6:
         9a:7e:58:55:b7:7f:66:a7:1d:51:e5:bf:a4:27:fa:cc:ed:6c:
         cf:fe:64:89:e5:ee:5e:33:0f:5c:62:d2:44:2c:79:2e:c8:65:
         93:76:ad:8b:27:fd:77:b4:85:61:55:6c:9f:fd:d2:fc:5b:14:
         d1:2c:0d:cb:1d:26:7a:05:cf:01:b6:27:a0:b7:bd:f5:ad:fe:
         16:90:e9:11:17:3d:c4:bd:f6:d3:a9:b8:9d:fc:48:2f:86:a4:
         67:30:40:7c:f0:1e:7f:0d:b7:19:52:3b:95:2e:09:8b:6b:6c:
         b1:15:cb:ff:4d:dc:26:1a:37:e8:fa:c8:1e:2b:ed:51:6e:a2:
         7c:a8:e1:7f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAeAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzY1QzZBRjExMC8GA1UEBRMoQzA4RjNFREM1OTE1ODk0MkMyREYzOUYxNDI1RTZF
QjgyMTY4QkUzRTAeFw0yMjA4MjQxNTI4NDNaFw0zMjA4MzExNTI4NDNaMBgxFjAU
BgNVBAMMDTYzMDY0M2FmLWQzZTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPCQ6KWVaGABt/pAcZMGAklB7vN49OxUqN879OgDdkqrW8EqOcXldOLwFC
waFCbUUtpWBsebtci6WL7R8SQpRx+xR5ZGsUtdZY3PjmDUzRnR58XETPgwQ6DWtK
PuBXzcil/0u30W9JinfUQgfzBJhrh7cEAtmCVWhG4nD+abUfMhOUET4PZdt6mMfi
3G2yLE46mB79mLaYYIS1ornByMKQzQvwlXyekEtH1t/fXWMNBH3WQIk3b5stVG0Z
V4gRewilp7l0f4BzzazNOvcGAwwzjECZeLUdtzB9dScTs5iSXicEutQy0ZC69caK
xWcw19qhoYqjiH07vvmouZjzqQ6/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUz0PQ
DvnVSetCUxQdMEJCsWthCHUwHwYDVR0jBBgwFoAUwI8+3FkViULC3znxQl5uuCFo
vj4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM2NUM2LzAzMzhEOUI0Q0Y1QjExRUJCMkU3QTUxNkY4QUVBMjI4L3dJOC0z
RmtWaVVMQzN6bnhRbDV1dUNGb3ZqNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dJOC0zRmtWaVVMQzN6bnhRbDV1dUNGb3ZqNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM2NUM2LzAzMzhEOUI0Q0Y1QjExRUJCMkU3QTUxNkY4
QUVBMjI4LzcxRkE3Mjk4MjNDMTExRURBQjlBRUVDOUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAZmjYAwDQYJKoZIhvcNAQEL
BQADggEBALlUZsgDMzoUO82PKK0Gs6IYb3LCabLCYacYpmZlkuwVfjX0B5kxDgFr
ieBQUnRJdH/pWWnMUA/kbwvXC18x6791jknj9mRhdzYNXpGAhmTpy0YhOPAeCblN
QuCS2cwPufNmP8Q0AXOygsZ6rAj59amlEZxMOqlI4CZ1Z+O09pp+WFW3f2anHVHl
v6Qn+sztbM/+ZInl7l4zD1xi0kQseS7IZZN2rYsn/Xe0hWFVbJ/90vxbFNEsDcsd
JnoFzwG2J6C3vfWt/haQ6REXPcS99tOpuJ38SC+GpGcwQHzwHn8NtxlSO5UuCYtr
bLEVy/9N3CYaN+j6yB4r7VFuonyo4X8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org