Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/4433C912374E11EEBD8F3D764AD9E6FC.roa
File:                     4433C912374E11EEBD8F3D764AD9E6FC.roa (raw, json)
Hash identifier:          lHtBjObTBwNyVhJrHEQ/zHzgJmnlb42wMC73m5Dh7UE=
Subject key identifier:   B8:29:C2:A4:4A:68:AD:CC:BE:8C:C3:E1:D4:4D:FF:99:E7:6D:BC:AC
Certificate issuer:       /CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
Certificate serial:       0152
Authority key identifier: F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/4433C912374E11EEBD8F3D764AD9E6FC.roa
Signing time:             Thu 10 Aug 2023 07:19:39 +0000
ROA not before:           Thu 10 Aug 2023 07:19:34 +0000
ROA not after:            Mon 10 Aug 2026 07:19:34 +0000
asID:                     23764
IP address blocks:        102.217.167.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 338 (0x152)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
        Validity
            Not Before: Aug 10 07:19:34 2023 GMT
            Not After : Aug 10 07:19:34 2026 GMT
        Subject: CN=64d48f8b-4f64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d2:21:ec:fa:62:cb:37:10:6d:84:c7:e8:e7:
                    69:e6:3f:cc:ed:72:e6:7b:78:09:5b:ae:38:85:66:
                    20:02:6e:77:a1:ee:5b:b0:1a:6c:e8:c0:5b:ad:5e:
                    6e:3b:f5:f2:5d:92:fa:7b:f4:3d:11:9c:7c:b4:1d:
                    01:08:a8:04:7b:b4:b0:b1:a9:94:ac:07:5d:89:8c:
                    87:d4:18:95:cb:53:3c:d5:65:7e:da:fe:fb:6c:4e:
                    dc:41:d2:e5:4d:8f:57:06:b4:53:d1:7b:c3:37:c5:
                    ad:fe:17:bd:53:8d:62:04:b6:be:1a:fa:0c:15:65:
                    cd:7c:56:e1:69:8a:21:3b:26:71:96:ba:53:3b:ed:
                    6b:d7:89:86:de:7e:9b:97:63:70:50:f1:92:5c:f7:
                    22:b6:e5:c7:25:b2:3d:dd:c8:8a:3a:51:8c:2b:7f:
                    d5:70:7d:a3:41:6b:bb:96:70:8b:b4:5b:d4:1d:81:
                    69:42:59:4a:ff:9a:b9:55:5f:28:16:eb:0b:51:eb:
                    8e:0e:04:6e:22:49:5c:89:f4:8d:c9:b0:ad:4c:c4:
                    34:59:9e:55:3b:70:a1:4a:63:de:32:d7:e7:2a:38:
                    90:41:47:2e:a9:2d:c2:00:14:6d:7d:6b:20:72:18:
                    9e:02:2e:e2:fa:a3:0b:5b:b1:06:2f:76:a4:2d:1c:
                    a9:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:29:C2:A4:4A:68:AD:CC:BE:8C:C3:E1:D4:4D:FF:99:E7:6D:BC:AC
            X509v3 Authority Key Identifier:
                keyid:F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/4433C912374E11EEBD8F3D764AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:46:82:f6:49:2f:b4:2d:18:bd:f0:de:4e:62:a5:ca:ee:87:
         8f:02:10:ee:45:a7:a9:a6:b4:2b:74:9f:20:76:88:0f:01:01:
         72:aa:08:f4:eb:21:5d:92:0e:fa:41:be:c8:3d:13:a3:96:28:
         42:5c:40:b6:a8:be:63:34:bf:04:2a:47:14:dd:2f:e4:83:5a:
         63:c9:54:3c:9c:8c:12:10:b2:2e:19:06:ed:cc:d7:42:71:23:
         cd:5f:3c:5b:e8:dc:d9:ec:91:08:b1:c3:3b:5e:8b:e5:89:b2:
         2c:3e:68:6d:ae:46:43:ab:57:b0:74:58:3f:5e:84:f3:36:02:
         09:20:d9:a4:15:cb:ce:51:cb:73:03:0a:3e:ac:e9:74:6f:f8:
         8f:61:7a:64:a0:8f:36:0e:32:3d:48:86:48:89:e8:ba:83:a1:
         fd:82:5c:42:e1:9e:02:fe:49:a7:21:7e:ce:aa:08:cb:66:e2:
         ef:e9:ce:e3:8d:76:55:9d:05:54:86:c7:b1:16:47:34:3f:aa:
         76:2f:41:5f:e8:69:34:53:39:f0:da:ae:9c:81:93:4f:42:ba:
         d5:59:26:bf:2b:2c:34:36:c3:25:3c:17:64:3f:9d:6c:8c:39:
         1a:c8:9f:db:f1:aa:c2:a8:65:c2:bc:7d:81:d3:7a:bd:5c:ca:
         bc:20:71:b5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAVIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
REI0OTJBRjExMC8GA1UEBRMoRjQzRTA2NjhFRjcyQkQ4N0ZBNTM2OEJFMkI2ODE1
QzBCQ0I0MDE0OTAeFw0yMzA4MTAwNzE5MzRaFw0yNjA4MTAwNzE5MzRaMBgxFjAU
BgNVBAMTDTY0ZDQ4ZjhiLTRmNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQ0iHs+mLLNxBthMfo52nmP8ztcuZ7eAlbrjiFZiACbneh7luwGmzowFut
Xm479fJdkvp79D0RnHy0HQEIqAR7tLCxqZSsB12JjIfUGJXLUzzVZX7a/vtsTtxB
0uVNj1cGtFPRe8M3xa3+F71TjWIEtr4a+gwVZc18VuFpiiE7JnGWulM77WvXiYbe
fpuXY3BQ8ZJc9yK25cclsj3dyIo6UYwrf9VwfaNBa7uWcIu0W9QdgWlCWUr/mrlV
XygW6wtR644OBG4iSVyJ9I3JsK1MxDRZnlU7cKFKY94y1+cqOJBBRy6pLcIAFG19
ayByGJ4CLuL6owtbsQYvdqQtHKnPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUuCnC
pEporcy+jMPh1E3/medtvKwwHwYDVR0jBBgwFoAU9D4GaO9yvYf6U2i+K2gVwLy0
AUkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYxMjIyNDY4LzlENEdh
Tzl5dllmNlUyaS1LMmdWd0x5MEFVay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzlENEdhTzl5dllmNlUyaS1LMmdWd0x5MEFVay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYx
MjIyNDY4LzQ0MzNDOTEyMzc0RTExRUVCRDhGM0Q3NjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm2acwDQYJKoZIhvcNAQEL
BQADggEBAIlGgvZJL7QtGL3w3k5ipcruh48CEO5Fp6mmtCt0nyB2iA8BAXKqCPTr
IV2SDvpBvsg9E6OWKEJcQLaovmM0vwQqRxTdL+SDWmPJVDycjBIQsi4ZBu3M10Jx
I81fPFvo3NnskQixwztei+WJsiw+aG2uRkOrV7B0WD9ehPM2Agkg2aQVy85Ry3MD
Cj6s6XRv+I9hemSgjzYOMj1IhkiJ6LqDof2CXELhngL+Sachfs6qCMtm4u/pzuON
dlWdBVSGx7EWRzQ/qnYvQV/oaTRTOfDarpyBk09CutVZJr8rLDQ2wyU8F2Q/nWyM
ORrIn9vxqsKoZcK8fYHTer1cyrwgcbU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:28 2024 by rpki-client on console-ams.rpki-client.org