Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/2A0AF02ED8D711EB93E56C7BF8AEA228.roa
File:                     2A0AF02ED8D711EB93E56C7BF8AEA228.roa (raw, json)
Hash identifier:          ZQ6oLNCOYoaY+3u19bx5mMnPdr11GM9m4rQK5cGUyGQ=
Subject key identifier:   36:C4:09:64:64:92:78:40:D5:6B:13:96:E6:87:A4:90:16:96:B9:79
Certificate issuer:       /CN=F36DE46FAF/serialNumber=68C5E4BAD5DCD564A2562753C9ACB632BD24CB50
Certificate serial:       02BD
Authority key identifier: 68:C5:E4:BA:D5:DC:D5:64:A2:56:27:53:C9:AC:B6:32:BD:24:CB:50
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/aMXkutXc1WSiVidTyay2Mr0ky1A.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/2A0AF02ED8D711EB93E56C7BF8AEA228.roa
Signing time:             Tue 29 Jun 2021 12:40:20 +0000
ROA not before:           Tue 29 Jun 2021 12:40:14 +0000
ROA not after:            Sun 29 Jun 2031 12:40:14 +0000
asID:                     36969
IP address blocks:        41.221.104.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/aMXkutXc1WSiVidTyay2Mr0ky1A.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/aMXkutXc1WSiVidTyay2Mr0ky1A.mft
                          rsync://rpki.afrinic.net/repository/afrinic/aMXkutXc1WSiVidTyay2Mr0ky1A.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 701 (0x2bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DE46FAF/serialNumber=68C5E4BAD5DCD564A2562753C9ACB632BD24CB50
        Validity
            Not Before: Jun 29 12:40:14 2021 GMT
            Not After : Jun 29 12:40:14 2031 GMT
        Subject: CN=60db14b4-fd8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:2c:c8:56:5f:c5:df:26:4a:fd:8a:c3:19:58:
                    a2:78:b6:2e:62:f9:c5:ed:c5:01:c5:0d:ef:09:c5:
                    9c:f2:97:33:e3:90:4e:88:26:53:d2:c5:c5:0a:93:
                    3f:88:61:40:fd:53:4c:ef:f4:3e:5a:78:20:4b:bc:
                    ff:80:cc:5e:8e:08:97:66:5e:0b:cb:7b:11:7d:ed:
                    56:6c:ed:6c:38:d9:e7:75:44:5c:18:3c:7b:4b:16:
                    16:8f:79:12:d0:a9:65:f9:63:d2:7d:d3:26:c7:a2:
                    3a:cf:0a:06:74:a7:94:1a:57:47:41:5b:61:df:fa:
                    6b:b7:53:39:81:62:bb:38:da:84:37:6f:d1:7f:86:
                    a8:18:fb:4d:17:06:d9:87:59:f7:b9:09:22:45:24:
                    63:af:49:bc:b8:54:65:9f:8b:82:23:44:5c:11:57:
                    3f:57:fa:a6:d6:0b:b8:72:eb:92:01:7c:55:8e:d0:
                    6e:eb:47:29:e4:3f:59:8d:b0:20:98:56:22:88:11:
                    07:01:b5:14:0b:2c:9a:c0:f4:03:03:7c:d2:c0:40:
                    81:cd:6f:b5:05:32:3d:bd:88:4e:66:df:a9:69:d3:
                    2e:e1:0d:87:ce:dc:8b:5f:28:46:d0:1e:2d:63:82:
                    8f:0d:8d:f6:a3:1f:ea:92:07:b3:10:d3:4f:12:a7:
                    c4:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:C4:09:64:64:92:78:40:D5:6B:13:96:E6:87:A4:90:16:96:B9:79
            X509v3 Authority Key Identifier:
                keyid:68:C5:E4:BA:D5:DC:D5:64:A2:56:27:53:C9:AC:B6:32:BD:24:CB:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/aMXkutXc1WSiVidTyay2Mr0ky1A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/aMXkutXc1WSiVidTyay2Mr0ky1A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DE46F/EB4934CCD5FE11E99528193BF8AEA228/2A0AF02ED8D711EB93E56C7BF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.221.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0e:e6:0a:57:e4:9b:5a:2a:2e:3a:91:eb:df:9c:55:04:79:1b:
         22:b3:e2:92:d9:20:42:e7:85:c2:cc:44:c4:55:5f:50:10:8a:
         6a:82:46:af:72:5a:84:85:7b:16:fe:3f:a4:a0:3e:fc:1f:89:
         96:30:6a:7a:e4:a2:e6:87:7e:45:2a:a4:c6:b7:b0:74:07:55:
         60:c4:e1:f0:57:f5:cc:83:f3:77:5b:9c:44:c6:db:51:d5:f6:
         70:4d:89:a1:21:18:f4:c2:a8:83:35:1c:02:84:b9:0f:68:bc:
         ce:56:77:a1:68:76:11:32:a2:c4:d9:4b:0c:d9:a4:61:b3:22:
         e2:5d:0d:05:09:69:67:82:73:3e:0e:81:8a:5e:f3:3e:6b:0c:
         40:77:71:69:bd:af:94:10:ec:8d:b4:53:df:31:5d:1d:b0:17:
         c7:ee:67:3d:b9:b4:1a:f7:90:66:ea:67:e2:fd:38:02:74:c7:
         52:fa:3e:c8:ef:66:36:e6:73:4a:93:aa:84:f9:10:8f:df:69:
         fb:31:ed:d5:54:47:99:4f:87:0c:36:4e:e9:da:3d:d3:05:be:
         0e:86:8b:24:af:b9:df:69:8a:1a:04:dc:d2:d8:9e:aa:fd:c0:
         8b:e7:33:f7:1a:04:b9:db:00:d9:95:f6:a4:e6:2a:3f:91:18:
         44:d0:d8:c0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAr0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
REU0NkZBRjExMC8GA1UEBRMoNjhDNUU0QkFENURDRDU2NEEyNTYyNzUzQzlBQ0I2
MzJCRDI0Q0I1MDAeFw0yMTA2MjkxMjQwMTRaFw0zMTA2MjkxMjQwMTRaMBgxFjAU
BgNVBAMTDTYwZGIxNGI0LWZkOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDOLMhWX8XfJkr9isMZWKJ4ti5i+cXtxQHFDe8JxZzylzPjkE6IJlPSxcUK
kz+IYUD9U0zv9D5aeCBLvP+AzF6OCJdmXgvLexF97VZs7Ww42ed1RFwYPHtLFhaP
eRLQqWX5Y9J90ybHojrPCgZ0p5QaV0dBW2Hf+mu3UzmBYrs42oQ3b9F/hqgY+00X
BtmHWfe5CSJFJGOvSby4VGWfi4IjRFwRVz9X+qbWC7hy65IBfFWO0G7rRynkP1mN
sCCYViKIEQcBtRQLLJrA9AMDfNLAQIHNb7UFMj29iE5m36lp0y7hDYfO3ItfKEbQ
Hi1jgo8NjfajH+qSB7MQ008Sp8RjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNsQJ
ZGSSeEDVaxOW5oekkBaWuXkwHwYDVR0jBBgwFoAUaMXkutXc1WSiVidTyay2Mr0k
y1AwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRFNDZGL0VCNDkzNENDRDVGRTExRTk5NTI4MTkzQkY4QUVBMjI4L2FNWGt1
dFhjMVdTaVZpZFR5YXkyTXIwa3kxQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2FNWGt1dFhjMVdTaVZpZFR5YXkyTXIwa3kxQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRFNDZGL0VCNDkzNENDRDVGRTExRTk5NTI4MTkzQkY4
QUVBMjI4LzJBMEFGMDJFRDhENzExRUI5M0U1NkM3QkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEp3WgwDQYJKoZIhvcNAQEL
BQADggEBAA7mClfkm1oqLjqR69+cVQR5GyKz4pLZIELnhcLMRMRVX1AQimqCRq9y
WoSFexb+P6SgPvwfiZYwanrkouaHfkUqpMa3sHQHVWDE4fBX9cyD83dbnETG21HV
9nBNiaEhGPTCqIM1HAKEuQ9ovM5Wd6FodhEyosTZSwzZpGGzIuJdDQUJaWeCcz4O
gYpe8z5rDEB3cWm9r5QQ7I20U98xXR2wF8fuZz25tBr3kGbqZ+L9OAJ0x1L6Psjv
Zjbmc0qTqoT5EI/fafsx7dVUR5lPhww2TunaPdMFvg6GiySvud9pihoE3NLYnqr9
wIvnM/caBLnbANmV9qTmKj+RGETQ2MA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:18 2024 by rpki-client on console-fra.rpki-client.org