Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C6E7C/2BD3F1B6590111EDA097F2F0F1222468/65252E02590211EDBF02C4F3F1222468.roa
File:                     65252E02590211EDBF02C4F3F1222468.roa (raw, json)
Hash identifier:          8HArfLxEz3rtchRkhuCmvZh3DtTsygHByrQd6+pFS1Q=
Subject key identifier:   CC:8C:A4:65:A8:44:4A:A6:B7:4F:B3:AA:AF:07:9F:E9:75:11:5E:1C
Certificate issuer:       /CN=F36C6E7CAF/serialNumber=83DD126E5E585FFA93F5F1FF5DEEF6FFFDBBFFA6
Certificate serial:       06
Authority key identifier: 83:DD:12:6E:5E:58:5F:FA:93:F5:F1:FF:5D:EE:F6:FF:FD:BB:FF:A6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/g90Sbl5YX_qT9fH_Xe72__27_6Y.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C6E7C/2BD3F1B6590111EDA097F2F0F1222468/65252E02590211EDBF02C4F3F1222468.roa
Signing time:             Mon 31 Oct 2022 09:57:14 +0000
ROA not before:           Mon 31 Oct 2022 09:57:10 +0000
ROA not after:            Sun 31 Oct 2032 09:57:10 +0000
asID:                     328474
IP address blocks:        102.221.244.0/24 maxlen: 24
                          102.221.245.0/24 maxlen: 24
                          102.221.246.0/24 maxlen: 24
                          102.221.247.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C6E7C/2BD3F1B6590111EDA097F2F0F1222468/g90Sbl5YX_qT9fH_Xe72__27_6Y.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C6E7C/2BD3F1B6590111EDA097F2F0F1222468/g90Sbl5YX_qT9fH_Xe72__27_6Y.mft
                          rsync://rpki.afrinic.net/repository/afrinic/g90Sbl5YX_qT9fH_Xe72__27_6Y.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C6E7CAF/serialNumber=83DD126E5E585FFA93F5F1FF5DEEF6FFFDBBFFA6
        Validity
            Not Before: Oct 31 09:57:10 2022 GMT
            Not After : Oct 31 09:57:10 2032 GMT
        Subject: CN=635f9bfa-5048
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:29:b4:52:e4:3f:4a:d2:f6:b8:1f:5a:8a:3b:
                    3d:47:a9:3e:84:94:c8:cc:12:25:3c:1f:97:51:b8:
                    ba:7a:66:56:af:24:2a:27:32:2f:fd:b5:ea:6e:f0:
                    46:b0:d7:4b:fb:f3:8e:b3:e4:42:20:b5:e0:cb:34:
                    65:62:a6:20:6b:52:50:f6:7b:76:5c:ba:c4:d6:69:
                    a1:09:14:5e:3f:9b:10:c8:c2:d1:da:f4:e0:8c:cb:
                    7c:b0:f1:94:84:0e:14:fe:d7:2f:e6:5c:75:d3:e2:
                    87:71:04:83:48:76:be:e8:a1:56:c2:1c:04:2a:9b:
                    38:2c:20:9b:fb:1d:88:39:c6:4f:26:f0:e1:9d:77:
                    f1:d0:a9:e6:5a:aa:55:8b:85:cf:86:db:7c:fa:45:
                    f6:f4:16:3a:15:25:5a:9d:e4:ed:88:ab:03:ab:67:
                    0b:dd:f4:b4:75:d8:fb:27:13:42:eb:ce:8d:95:9b:
                    56:33:99:f0:e4:3b:1c:21:06:41:26:e4:6d:4c:d6:
                    93:78:2a:cb:a6:e3:00:f6:36:e1:1b:b6:cf:eb:24:
                    b9:25:93:05:3f:f9:27:e0:40:ea:8c:d3:3d:a3:6b:
                    ef:a0:55:f6:4d:1e:13:e8:07:e4:61:c5:f4:82:6f:
                    d6:dc:b2:86:ea:a5:b8:d9:f0:c9:39:e4:86:f2:7a:
                    76:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:8C:A4:65:A8:44:4A:A6:B7:4F:B3:AA:AF:07:9F:E9:75:11:5E:1C
            X509v3 Authority Key Identifier:
                keyid:83:DD:12:6E:5E:58:5F:FA:93:F5:F1:FF:5D:EE:F6:FF:FD:BB:FF:A6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C6E7C/2BD3F1B6590111EDA097F2F0F1222468/g90Sbl5YX_qT9fH_Xe72__27_6Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/g90Sbl5YX_qT9fH_Xe72__27_6Y.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C6E7C/2BD3F1B6590111EDA097F2F0F1222468/65252E02590211EDBF02C4F3F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.221.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9d:39:db:24:d9:a2:cf:9d:b9:1a:b7:e5:11:5f:20:df:62:cc:
         9b:06:4d:1e:60:9a:f0:99:21:76:35:4c:d6:af:3b:24:78:86:
         57:f0:70:69:2b:b9:72:57:33:01:7e:c3:fd:fa:3e:e0:49:cd:
         bb:32:68:13:2c:c9:d9:ff:23:a6:59:52:76:ea:0f:2a:2f:9a:
         c1:4f:9c:22:4a:f3:64:7d:74:2b:ec:f3:2b:d6:b2:42:ad:62:
         0f:af:dc:4b:15:6a:64:67:3e:59:9a:2a:cf:4a:d9:de:e4:a2:
         7d:06:72:e5:d8:82:72:a8:eb:db:d3:a2:b0:c1:1b:a6:13:9b:
         1e:c8:61:79:ef:4d:c8:7b:e2:7c:8e:5d:2c:5d:52:f8:58:97:
         8d:b1:7e:38:23:23:a6:6d:64:07:41:8f:07:d9:97:38:78:ff:
         e2:02:ae:e3:d4:60:16:12:70:72:40:9b:29:be:06:56:7f:1d:
         22:4b:44:f7:c4:1c:25:d6:15:27:f6:66:28:6d:0b:29:1d:ee:
         8e:9b:9c:aa:d2:e7:fd:38:71:af:02:56:7e:f8:db:11:3c:bd:
         4c:52:f6:5d:13:b2:02:5f:1c:8c:d8:aa:ba:88:40:23:09:f2:
         75:ab:71:29:9f:17:2a:49:8e:cb:42:99:cd:a3:7d:f9:4f:9a:
         39:d8:d5:a5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZD
NkU3Q0FGMTEwLwYDVQQFEyg4M0REMTI2RTVFNTg1RkZBOTNGNUYxRkY1REVFRjZG
RkZEQkJGRkE2MB4XDTIyMTAzMTA5NTcxMFoXDTMyMTAzMTA5NTcxMFowGDEWMBQG
A1UEAwwNNjM1ZjliZmEtNTA0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkptFLkP0rS9rgfWoo7PUepPoSUyMwSJTwfl1G4unpmVq8kKicyL/216m7w
RrDXS/vzjrPkQiC14Ms0ZWKmIGtSUPZ7dly6xNZpoQkUXj+bEMjC0dr04IzLfLDx
lIQOFP7XL+ZcddPih3EEg0h2vuihVsIcBCqbOCwgm/sdiDnGTybw4Z138dCp5lqq
VYuFz4bbfPpF9vQWOhUlWp3k7YirA6tnC930tHXY+ycTQuvOjZWbVjOZ8OQ7HCEG
QSbkbUzWk3gqy6bjAPY24Ru2z+skuSWTBT/5J+BA6ozTPaNr76BV9k0eE+gH5GHF
9IJv1tyyhuqluNnwyTnkhvJ6dtsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTMjKRl
qERKprdPs6qvB5/pdRFeHDAfBgNVHSMEGDAWgBSD3RJuXlhf+pP18f9d7vb//bv/
pjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzZFN0MvMkJEM0YxQjY1OTAxMTFFREEwOTdGMkYwRjEyMjI0NjgvZzkwU2Js
NVlYX3FUOWZIX1hlNzJfXzI3XzZZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZzkwU2JsNVlYX3FUOWZIX1hlNzJfXzI3XzZZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzZFN0MvMkJEM0YxQjY1OTAxMTFFREEwOTdGMkYwRjEy
MjI0NjgvNjUyNTJFMDI1OTAyMTFFREJGMDJDNEYzRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbd9DANBgkqhkiG9w0BAQsF
AAOCAQEAnTnbJNmiz525GrflEV8g32LMmwZNHmCa8JkhdjVM1q87JHiGV/BwaSu5
clczAX7D/fo+4EnNuzJoEyzJ2f8jpllSduoPKi+awU+cIkrzZH10K+zzK9ayQq1i
D6/cSxVqZGc+WZoqz0rZ3uSifQZy5diCcqjr29OisMEbphObHshhee9NyHvifI5d
LF1S+FiXjbF+OCMjpm1kB0GPB9mXOHj/4gKu49RgFhJwckCbKb4GVn8dIktE98Qc
JdYVJ/ZmKG0LKR3ujpucqtLn/ThxrwJWfvjbETy9TFL2XROyAl8cjNiquohAIwny
datxKZ8XKkmOy0KZzaN9+U+aOdjVpQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:26 2024 by rpki-client on console-ams.rpki-client.org