Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/331F5746A0F411ECAE812B975A40D577.roa
File:                     331F5746A0F411ECAE812B975A40D577.roa (raw, json)
Hash identifier:          FvEjzuf2UFe1epBdLgowypdTxhYaL6zKJK6RJCwngCw=
Subject key identifier:   CC:01:8C:B2:2E:8E:B7:91:1E:B4:36:F9:0D:9A:49:0E:14:28:C0:D2
Certificate issuer:       /CN=F36D3930AF/serialNumber=35CF067DC26EE4895F4B16AD9BD300FEABC3A353
Certificate serial:       02
Authority key identifier: 35:CF:06:7D:C2:6E:E4:89:5F:4B:16:AD:9B:D3:00:FE:AB:C3:A3:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/Nc8GfcJu5IlfSxatm9MA_qvDo1M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/331F5746A0F411ECAE812B975A40D577.roa
Signing time:             Fri 11 Mar 2022 04:32:03 +0000
ROA not before:           Fri 11 Mar 2022 04:31:59 +0000
ROA not after:            Fri 31 Dec 2032 04:31:59 +0000
asID:                     23889
IP address blocks:        102.112.0.0/13 maxlen: 24
                          196.20.128.0/17 maxlen: 24
                          196.192.0.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/Nc8GfcJu5IlfSxatm9MA_qvDo1M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/Nc8GfcJu5IlfSxatm9MA_qvDo1M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/Nc8GfcJu5IlfSxatm9MA_qvDo1M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D3930AF/serialNumber=35CF067DC26EE4895F4B16AD9BD300FEABC3A353
        Validity
            Not Before: Mar 11 04:31:59 2022 GMT
            Not After : Dec 31 04:31:59 2032 GMT
        Subject: CN=622ad0c3-200b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:4d:ad:05:fe:de:97:b4:3f:5c:88:98:60:82:
                    4e:a8:4f:cb:97:c0:44:07:e7:24:44:aa:dd:e2:d6:
                    66:31:d6:55:83:20:94:d3:ef:c8:be:cf:5d:a5:5d:
                    63:7e:af:b2:6a:d7:92:e5:c2:e9:ec:79:40:f4:d3:
                    0c:1b:4b:56:50:a7:9f:a1:ee:d1:0e:77:1d:fc:13:
                    ce:2e:a7:17:fd:83:71:80:fd:4f:bf:e0:b8:9c:e1:
                    c7:bb:2a:4c:3f:f8:e5:0d:eb:93:48:5f:99:92:f4:
                    05:5f:7c:1c:6d:2d:33:7c:cd:10:24:93:a3:87:61:
                    ba:93:86:b3:b8:02:cd:1a:4d:78:f9:8b:fb:48:1e:
                    9b:18:88:84:e9:ab:25:c3:37:73:5c:06:27:e7:6d:
                    5e:4b:c8:b2:66:5b:ed:b4:cb:8e:d8:67:ed:e5:8c:
                    30:04:0a:9e:0a:d0:50:cc:cb:c6:e2:a4:84:88:21:
                    68:26:9e:92:d1:13:d8:54:45:bb:1f:18:4d:e8:84:
                    ba:07:7f:91:94:4f:d4:06:a5:2f:ea:b6:54:64:15:
                    81:53:47:47:41:16:55:d4:c8:6d:80:32:5d:c0:09:
                    46:76:8d:37:75:8d:a2:1d:4a:b8:22:de:22:30:7f:
                    9e:0b:7e:55:bf:ba:0c:95:b4:34:46:20:0c:e7:1e:
                    30:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:01:8C:B2:2E:8E:B7:91:1E:B4:36:F9:0D:9A:49:0E:14:28:C0:D2
            X509v3 Authority Key Identifier:
                keyid:35:CF:06:7D:C2:6E:E4:89:5F:4B:16:AD:9B:D3:00:FE:AB:C3:A3:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/Nc8GfcJu5IlfSxatm9MA_qvDo1M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Nc8GfcJu5IlfSxatm9MA_qvDo1M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/331F5746A0F411ECAE812B975A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.112.0.0/13
                  196.20.128.0/17
                  196.192.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         5b:89:82:57:2c:7c:85:5f:d1:bf:38:45:1f:19:12:e0:6d:8f:
         1b:ba:cf:a8:cf:db:40:2e:91:f4:4e:a7:85:d9:87:52:9a:ba:
         6f:c4:d7:42:6c:f1:3a:16:07:0c:e3:6e:06:c5:78:78:ed:23:
         7a:ea:c5:4d:c1:de:07:57:c5:b1:25:f3:de:54:40:ac:ef:d8:
         ab:5d:9d:df:f1:a4:02:f8:80:20:62:01:b1:2f:17:7b:9c:ea:
         44:76:0f:5e:72:84:40:06:25:fd:b4:4f:8b:03:2b:80:b1:52:
         11:4c:85:a1:4d:f2:18:dd:39:7b:15:86:3d:6c:28:51:3b:63:
         f5:17:5e:bb:12:42:97:6b:f3:36:e4:52:a2:f1:c5:9b:d9:ea:
         f9:8a:14:ec:db:ea:ff:34:12:1b:9f:bd:99:d2:40:32:46:94:
         33:42:05:a1:1b:7a:57:1f:22:9a:6a:c8:2f:f7:8a:d8:ff:f7:
         c7:54:2a:b8:09:75:31:83:ae:c7:8e:b4:94:f1:cc:32:70:89:
         59:82:32:56:26:34:76:1d:f2:73:9b:20:4c:90:43:b3:94:6e:
         3a:2a:fb:58:fa:68:cd:1e:2d:02:f3:58:1e:da:f0:a7:b3:66:
         f7:9b:f7:93:b6:50:cf:9a:d5:d7:0f:4b:85:ac:c6:c0:98:e3:
         ef:f8:eb:c8
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZE
MzkzMEFGMTEwLwYDVQQFEygzNUNGMDY3REMyNkVFNDg5NUY0QjE2QUQ5QkQzMDBG
RUFCQzNBMzUzMB4XDTIyMDMxMTA0MzE1OVoXDTMyMTIzMTA0MzE1OVowGDEWMBQG
A1UEAwwNNjIyYWQwYzMtMjAwYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5NrQX+3pe0P1yImGCCTqhPy5fARAfnJESq3eLWZjHWVYMglNPvyL7PXaVd
Y36vsmrXkuXC6ex5QPTTDBtLVlCnn6Hu0Q53HfwTzi6nF/2DcYD9T7/guJzhx7sq
TD/45Q3rk0hfmZL0BV98HG0tM3zNECSTo4dhupOGs7gCzRpNePmL+0gemxiIhOmr
JcM3c1wGJ+dtXkvIsmZb7bTLjthn7eWMMAQKngrQUMzLxuKkhIghaCaektET2FRF
ux8YTeiEugd/kZRP1AalL+q2VGQVgVNHR0EWVdTIbYAyXcAJRnaNN3WNoh1KuCLe
IjB/ngt+Vb+6DJW0NEYgDOceML0CAwEAAaOCArAwggKsMB0GA1UdDgQWBBTMAYyy
Lo63kR60NvkNmkkOFCjA0jAfBgNVHSMEGDAWgBQ1zwZ9wm7kiV9LFq2b0wD+q8Oj
UzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDM5MzAvNjNDNDZFQzhBMEYzMTFFQzk0NkVEQTk0NUE0MEQ1NzcvTmM4R2Zj
SnU1SWxmU3hhdG05TUFfcXZEbzFNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTmM4R2ZjSnU1SWxmU3hhdG05TUFfcXZEbzFNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDM5MzAvNjNDNDZFQzhBMEYzMTFFQzk0NkVEQTk0NUE0
MEQ1NzcvMzMxRjU3NDZBMEY0MTFFQ0FFODEyQjk3NUE0MEQ1Nzcucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAqBggrBgEFBQcBBwEB/wQbMBkwFwQCAAEwEQMDA2ZwAwQHxBSAAwQExMAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBbiYJXLHyFX9G/OEUfGRLgbY8bus+oz9tALpH0TqeF
2YdSmrpvxNdCbPE6FgcM424GxXh47SN66sVNwd4HV8WxJfPeVECs79irXZ3f8aQC
+IAgYgGxLxd7nOpEdg9ecoRABiX9tE+LAyuAsVIRTIWhTfIY3Tl7FYY9bChRO2P1
F167EkKXa/M25FKi8cWb2er5ihTs2+r/NBIbn72Z0kAyRpQzQgWhG3pXHyKaasgv
94rY//fHVCq4CXUxg67HjrSU8cwycIlZgjJWJjR2HfJzmyBMkEOzlG46KvtY+mjN
Hi0C81ge2vCns2b3m/eTtlDPmtXXD0uFrMbAmOPv+OvI
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org