Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/B23C0D6823C011ED85E19AC7F1222468.roa
File:                     B23C0D6823C011ED85E19AC7F1222468.roa (raw, json)
Hash identifier:          ycw2kblVv14coafRuI4bh8uZ423FHxoLlRXQjWcq7iE=
Subject key identifier:   75:22:32:FD:2A:89:6D:7D:E9:1F:4E:96:17:AB:9E:56:B9:5F:DB:95
Certificate issuer:       /CN=F36C65C6AF/serialNumber=C08F3EDC59158942C2DF39F1425E6EB82168BE3E
Certificate serial:       01D4
Authority key identifier: C0:8F:3E:DC:59:15:89:42:C2:DF:39:F1:42:5E:6E:B8:21:68:BE:3E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/wI8-3FkViULC3znxQl5uuCFovj4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/B23C0D6823C011ED85E19AC7F1222468.roa
Signing time:             Wed 24 Aug 2022 15:23:25 +0000
ROA not before:           Wed 24 Aug 2022 15:23:21 +0000
ROA not after:            Tue 31 Aug 2032 15:23:21 +0000
asID:                     327901
IP address blocks:        102.218.240.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/wI8-3FkViULC3znxQl5uuCFovj4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/wI8-3FkViULC3znxQl5uuCFovj4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/wI8-3FkViULC3znxQl5uuCFovj4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 468 (0x1d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C65C6AF/serialNumber=C08F3EDC59158942C2DF39F1425E6EB82168BE3E
        Validity
            Not Before: Aug 24 15:23:21 2022 GMT
            Not After : Aug 31 15:23:21 2032 GMT
        Subject: CN=6306426d-5314
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:73:c4:d4:0b:c5:e3:2d:c3:5b:ad:5d:c8:fa:
                    c1:62:fb:4e:01:6a:2d:0a:46:e0:24:7b:12:61:10:
                    6c:1e:3d:95:f0:45:1d:d2:52:5f:4f:ac:6a:1e:02:
                    bb:d0:f7:62:7e:7a:8c:2b:95:9d:f4:ea:54:3a:e7:
                    b5:17:98:04:39:81:62:a5:84:81:4f:db:dd:af:84:
                    26:8d:bf:cb:32:61:79:55:18:87:a6:b3:a7:6d:b2:
                    61:ec:6a:01:57:0a:bb:77:df:a5:30:86:d9:a4:65:
                    f9:1f:63:8d:08:cf:5f:c3:56:99:19:79:cd:52:d5:
                    6e:1a:c6:ad:99:64:a5:c5:d8:48:f6:28:47:cd:47:
                    ad:1f:d3:2b:de:61:f2:07:e8:2e:5e:04:56:0d:90:
                    6c:1f:4c:fe:ab:22:d7:a5:9d:4d:19:a1:40:e5:5e:
                    d6:af:5b:7c:e9:cd:0c:12:90:bd:fd:7c:90:70:df:
                    96:9a:54:65:d9:bd:21:e3:e5:63:2c:d6:77:3a:f1:
                    6a:ac:54:76:df:be:e3:a7:67:c0:1d:73:3d:9c:54:
                    7d:37:9b:3b:ec:a6:b3:09:a0:11:c1:77:e7:9e:c7:
                    40:c9:c8:9c:88:3c:82:5b:ad:43:97:34:cf:f6:c8:
                    fd:51:17:9d:22:ec:b7:73:b6:4b:61:7b:40:74:5f:
                    b1:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:22:32:FD:2A:89:6D:7D:E9:1F:4E:96:17:AB:9E:56:B9:5F:DB:95
            X509v3 Authority Key Identifier:
                keyid:C0:8F:3E:DC:59:15:89:42:C2:DF:39:F1:42:5E:6E:B8:21:68:BE:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/wI8-3FkViULC3znxQl5uuCFovj4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wI8-3FkViULC3znxQl5uuCFovj4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/0338D9B4CF5B11EBB2E7A516F8AEA228/B23C0D6823C011ED85E19AC7F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.218.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b3:d1:fe:9b:96:f8:13:85:13:73:0a:8c:f2:41:de:36:71:75:
         f5:21:73:33:be:a7:58:0d:88:0c:c9:83:b7:ee:6d:77:3c:dd:
         bb:60:d3:bd:2c:1c:ed:94:37:40:1d:b3:f6:f0:6e:ee:05:70:
         5a:c0:2e:41:0f:03:70:a7:42:c1:91:88:ae:c8:6a:e9:17:d8:
         98:24:0d:ca:c7:cc:3a:a7:42:3b:47:32:21:2c:18:d7:f3:f7:
         98:63:d5:84:96:3f:59:6e:35:72:0a:20:62:57:24:c4:c3:fe:
         51:cf:e0:09:10:e6:df:88:9a:cf:ed:10:b2:3e:dc:f8:95:1c:
         42:84:31:ca:3b:74:89:c3:aa:13:6e:58:bc:78:c0:94:62:96:
         f6:2f:35:00:1c:92:45:1e:9f:3f:d6:10:e4:ec:35:f3:5e:b8:
         25:32:4e:62:a6:79:49:37:8f:30:52:b7:85:14:b8:f0:a5:5b:
         70:d8:ef:02:9f:b3:ae:1c:a8:e6:ea:a0:26:6d:bf:dc:b4:81:
         8c:dc:1e:d7:03:08:72:4e:f9:b9:67:f5:a9:89:52:1c:78:b7:
         d3:1a:8c:7b:5a:3c:24:2a:a6:ea:a8:8a:0c:06:6b:6b:7e:3a:
         d8:81:e6:63:97:e5:a0:d9:60:35:13:b6:79:00:c6:67:0b:f6:
         3b:bc:a5:5d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAdQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzY1QzZBRjExMC8GA1UEBRMoQzA4RjNFREM1OTE1ODk0MkMyREYzOUYxNDI1RTZF
QjgyMTY4QkUzRTAeFw0yMjA4MjQxNTIzMjFaFw0zMjA4MzExNTIzMjFaMBgxFjAU
BgNVBAMMDTYzMDY0MjZkLTUzMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQChc8TUC8XjLcNbrV3I+sFi+04Bai0KRuAkexJhEGwePZXwRR3SUl9PrGoe
ArvQ92J+eowrlZ306lQ657UXmAQ5gWKlhIFP292vhCaNv8syYXlVGIems6dtsmHs
agFXCrt336UwhtmkZfkfY40Iz1/DVpkZec1S1W4axq2ZZKXF2Ej2KEfNR60f0yve
YfIH6C5eBFYNkGwfTP6rItelnU0ZoUDlXtavW3zpzQwSkL39fJBw35aaVGXZvSHj
5WMs1nc68WqsVHbfvuOnZ8Adcz2cVH03mzvsprMJoBHBd+eex0DJyJyIPIJbrUOX
NM/2yP1RF50i7Ldztkthe0B0X7E5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdSIy
/SqJbX3pH06WF6ueVrlf25UwHwYDVR0jBBgwFoAUwI8+3FkViULC3znxQl5uuCFo
vj4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM2NUM2LzAzMzhEOUI0Q0Y1QjExRUJCMkU3QTUxNkY4QUVBMjI4L3dJOC0z
RmtWaVVMQzN6bnhRbDV1dUNGb3ZqNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dJOC0zRmtWaVVMQzN6bnhRbDV1dUNGb3ZqNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM2NUM2LzAzMzhEOUI0Q0Y1QjExRUJCMkU3QTUxNkY4
QUVBMjI4L0IyM0MwRDY4MjNDMDExRUQ4NUUxOUFDN0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm2vAwDQYJKoZIhvcNAQEL
BQADggEBALPR/puW+BOFE3MKjPJB3jZxdfUhczO+p1gNiAzJg7fubXc83btg070s
HO2UN0Ads/bwbu4FcFrALkEPA3CnQsGRiK7IaukX2JgkDcrHzDqnQjtHMiEsGNfz
95hj1YSWP1luNXIKIGJXJMTD/lHP4AkQ5t+Ims/tELI+3PiVHEKEMco7dInDqhNu
WLx4wJRilvYvNQAckkUenz/WEOTsNfNeuCUyTmKmeUk3jzBSt4UUuPClW3DY7wKf
s64cqObqoCZtv9y0gYzcHtcDCHJO+bln9amJUhx4t9MajHtaPCQqpuqoigwGa2t+
OtiB5mOX5aDZYDUTtnkAxmcL9ju8pV0=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:41 2024 by rpki-client on console-ams.rpki-client.org