Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CA1C4/17267A9AF42B11EB91881E34D8A014CE/E22275A0F42B11EB8DE13535D8A014CE.roa
File:                     E22275A0F42B11EB8DE13535D8A014CE.roa (raw, json)
Hash identifier:          ixRAeAOi1PIeYWgmp7z7mBTbmz/nQmCMeTxu8P6RJX8=
Subject key identifier:   48:4F:8E:72:50:7B:C3:61:B9:AB:BA:32:59:F4:53:35:81:15:C3:DF
Certificate issuer:       /CN=F36CA1C4AF/serialNumber=63C340E10AD75680C7AA3CDD00DBE48D7D419DE6
Certificate serial:       02
Authority key identifier: 63:C3:40:E1:0A:D7:56:80:C7:AA:3C:DD:00:DB:E4:8D:7D:41:9D:E6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/Y8NA4QrXVoDHqjzdANvkjX1BneY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36CA1C4/17267A9AF42B11EB91881E34D8A014CE/E22275A0F42B11EB8DE13535D8A014CE.roa
Signing time:             Tue 03 Aug 2021 07:25:16 +0000
ROA not before:           Tue 03 Aug 2021 07:25:10 +0000
ROA not after:            Wed 20 Aug 2031 07:25:10 +0000
asID:                     37356
IP address blocks:        102.177.0.0/18 maxlen: 24
                          196.6.242.0/24 maxlen: 24
                          196.11.63.0/24 maxlen: 24
                          196.61.16.0/20 maxlen: 24
                          197.155.96.0/19 maxlen: 24
                          197.221.160.0/19 maxlen: 24
                          2c0f:f390::/32 maxlen: 64
                          2c0f:fa58::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36CA1C4/17267A9AF42B11EB91881E34D8A014CE/Y8NA4QrXVoDHqjzdANvkjX1BneY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36CA1C4/17267A9AF42B11EB91881E34D8A014CE/Y8NA4QrXVoDHqjzdANvkjX1BneY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/Y8NA4QrXVoDHqjzdANvkjX1BneY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36CA1C4AF/serialNumber=63C340E10AD75680C7AA3CDD00DBE48D7D419DE6
        Validity
            Not Before: Aug  3 07:25:10 2021 GMT
            Not After : Aug 20 07:25:10 2031 GMT
        Subject: CN=6108ef5c-e222
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:2f:50:66:56:11:b2:7d:32:7b:c2:19:63:8d:
                    40:f5:1d:75:10:fa:35:c1:37:8c:e0:e8:29:14:d0:
                    5f:91:37:04:e9:91:a6:9c:f3:17:c8:ad:7c:82:f8:
                    20:a8:4f:47:49:bd:75:af:b4:e5:fd:54:d3:20:99:
                    86:7c:86:eb:5c:e4:57:fd:02:f5:e5:15:af:ac:7d:
                    e8:3a:13:6c:19:4f:7a:12:32:b0:ac:ec:25:b0:55:
                    14:82:99:db:e4:91:2a:c4:a8:f7:a4:c4:30:7d:f7:
                    e7:89:8a:43:e0:77:f4:90:d7:22:47:71:bc:7e:7b:
                    95:c1:44:5f:2e:5d:51:1a:94:cc:03:05:57:27:ef:
                    38:0f:f0:c2:a8:25:83:33:45:24:6b:e5:a9:a0:d3:
                    57:0b:fb:a0:4a:cc:e3:fc:5d:3f:0a:e2:8f:af:3d:
                    ce:b9:79:45:ad:52:7c:a8:4d:f3:52:ef:e9:25:b6:
                    11:e3:8c:fc:81:7f:89:ba:5a:dd:9a:2c:4f:36:e1:
                    dc:05:b5:b3:ff:f7:9e:74:20:75:86:f7:b6:50:3a:
                    ef:9c:90:e3:5c:64:7f:5a:9c:46:d7:4c:95:0d:43:
                    b2:de:dc:12:17:0c:b4:4d:89:96:e4:1f:40:d7:af:
                    3f:d6:3d:a7:ab:ad:c9:40:3b:0b:aa:58:da:c7:e3:
                    30:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:4F:8E:72:50:7B:C3:61:B9:AB:BA:32:59:F4:53:35:81:15:C3:DF
            X509v3 Authority Key Identifier:
                keyid:63:C3:40:E1:0A:D7:56:80:C7:AA:3C:DD:00:DB:E4:8D:7D:41:9D:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36CA1C4/17267A9AF42B11EB91881E34D8A014CE/Y8NA4QrXVoDHqjzdANvkjX1BneY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Y8NA4QrXVoDHqjzdANvkjX1BneY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CA1C4/17267A9AF42B11EB91881E34D8A014CE/E22275A0F42B11EB8DE13535D8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.0.0/18
                  196.6.242.0/24
                  196.11.63.0/24
                  196.61.16.0/20
                  197.155.96.0/19
                  197.221.160.0/19
                IPv6:
                  2c0f:f390::/32
                  2c0f:fa58::/32

    Signature Algorithm: sha256WithRSAEncryption
         2c:61:00:88:d5:26:20:cc:a7:2f:45:0d:59:b5:de:68:c8:ea:
         21:38:c1:92:d9:51:ad:62:ae:6b:26:6f:d1:69:2e:d3:a5:d2:
         16:6a:1e:31:a4:c8:38:a8:ee:2b:76:b6:1c:ac:32:e4:01:8a:
         c0:cb:78:71:ea:96:8b:2f:bc:f0:ef:85:b0:50:4a:82:6e:56:
         cc:ec:06:56:db:13:48:aa:5b:50:78:b0:c2:2d:1f:0e:f8:9f:
         05:e8:c1:ac:5b:31:c5:47:70:13:b2:b5:71:a1:93:d7:a2:53:
         ca:30:a9:3f:40:e2:31:02:ef:f0:d5:d5:ec:67:72:74:b8:c4:
         ba:db:fc:c3:5f:8f:a7:7f:b9:c6:5b:e8:a0:ec:24:f4:0e:23:
         cf:98:8c:c3:dd:63:56:ac:21:32:30:ba:ab:ab:31:59:ad:f7:
         d3:7a:23:7f:18:5c:ce:bf:4b:5b:de:06:ab:91:34:21:c2:6a:
         0b:93:fe:03:5f:08:0a:cf:12:33:3c:9d:53:33:ed:33:1f:2a:
         8c:30:0c:51:de:dc:cc:af:54:fd:16:d6:13:d8:9d:12:e1:2b:
         c8:6e:28:c7:98:b2:d9:a4:61:3c:b6:66:63:ad:c8:39:bf:46:
         56:6f:b5:8e:d7:c6:f6:ef:c9:ce:bd:9d:6b:96:56:71:13:fe:
         ee:cd:8e:b7
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZD
QTFDNEFGMTEwLwYDVQQFEyg2M0MzNDBFMTBBRDc1NjgwQzdBQTNDREQwMERCRTQ4
RDdENDE5REU2MB4XDTIxMDgwMzA3MjUxMFoXDTMxMDgyMDA3MjUxMFowGDEWMBQG
A1UEAwwNNjEwOGVmNWMtZTIyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgvUGZWEbJ9MnvCGWONQPUddRD6NcE3jODoKRTQX5E3BOmRppzzF8itfIL4
IKhPR0m9da+05f1U0yCZhnyG61zkV/0C9eUVr6x96DoTbBlPehIysKzsJbBVFIKZ
2+SRKsSo96TEMH3354mKQ+B39JDXIkdxvH57lcFEXy5dURqUzAMFVyfvOA/wwqgl
gzNFJGvlqaDTVwv7oErM4/xdPwrij689zrl5Ra1SfKhN81Lv6SW2EeOM/IF/ibpa
3ZosTzbh3AW1s//3nnQgdYb3tlA675yQ41xkf1qcRtdMlQ1Dst7cEhcMtE2JluQf
QNevP9Y9p6utyUA7C6pY2sfjMEkCAwEAAaOCAtkwggLVMB0GA1UdDgQWBBRIT45y
UHvDYbmrujJZ9FM1gRXD3zAfBgNVHSMEGDAWgBRjw0DhCtdWgMeqPN0A2+SNfUGd
5jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0ExQzQvMTcyNjdBOUFGNDJCMTFFQjkxODgxRTM0RDhBMDE0Q0UvWThOQTRR
clhWb0RIcWp6ZEFOdmtqWDFCbmVZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWThOQTRRclhWb0RIcWp6ZEFOdmtqWDFCbmVZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0ExQzQvMTcyNjdBOUFGNDJCMTFFQjkxODgxRTM0RDhB
MDE0Q0UvRTIyMjc1QTBGNDJCMTFFQjhERTEzNTM1RDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBTBggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAMEBmaxAAMEAMQG8gMEAMQLPwME
BMQ9EAMEBcWbYAMEBcXdoDAUBAIAAjAOAwUALA/zkAMFACwP+lgwDQYJKoZIhvcN
AQELBQADggEBACxhAIjVJiDMpy9FDVm13mjI6iE4wZLZUa1irmsmb9FpLtOl0hZq
HjGkyDio7it2thysMuQBisDLeHHqlosvvPDvhbBQSoJuVszsBlbbE0iqW1B4sMIt
Hw74nwXowaxbMcVHcBOytXGhk9eiU8owqT9A4jEC7/DV1exncnS4xLrb/MNfj6d/
ucZb6KDsJPQOI8+YjMPdY1asITIwuqurMVmt99N6I38YXM6/S1veBquRNCHCaguT
/gNfCArPEjM8nVMz7TMfKowwDFHe3MyvVP0W1hPYnRLhK8huKMeYstmkYTy2ZmOt
yDm/RlZvtY7Xxvbvyc69nWuWVnET/u7Njrc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org