Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/3DA37FA805CA11EE97650D344AD9E6FC.roa
File:                     3DA37FA805CA11EE97650D344AD9E6FC.roa (raw, json)
Hash identifier:          qnjPAnaVGfXdRft23JxV+6Cp0V+QdoJKnDCoKaZOhOc=
Subject key identifier:   FC:37:2F:CD:A0:06:1B:1D:1B:8D:33:03:A8:D5:9D:13:81:78:07:12
Certificate issuer:       /CN=F36E29EDAF/serialNumber=2A3CC9E5519A5A5BB13D08310CA934824896FA5A
Certificate serial:       019A
Authority key identifier: 2A:3C:C9:E5:51:9A:5A:5B:B1:3D:08:31:0C:A9:34:82:48:96:FA:5A
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/KjzJ5VGaWluxPQgxDKk0gkiW-lo.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/3DA37FA805CA11EE97650D344AD9E6FC.roa
Signing time:             Thu 08 Jun 2023 07:01:07 +0000
ROA not before:           Thu 08 Jun 2023 07:01:03 +0000
ROA not after:            Tue 08 Jun 2032 07:01:03 +0000
asID:                     327996
IP address blocks:        102.212.128.0/22 maxlen: 22
                          102.212.128.0/24 maxlen: 24
                          102.212.129.0/24 maxlen: 24
                          102.212.130.0/24 maxlen: 24
                          102.212.131.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/KjzJ5VGaWluxPQgxDKk0gkiW-lo.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/KjzJ5VGaWluxPQgxDKk0gkiW-lo.mft
                          rsync://rpki.afrinic.net/repository/afrinic/KjzJ5VGaWluxPQgxDKk0gkiW-lo.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 410 (0x19a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E29EDAF/serialNumber=2A3CC9E5519A5A5BB13D08310CA934824896FA5A
        Validity
            Not Before: Jun  8 07:01:03 2023 GMT
            Not After : Jun  8 07:01:03 2032 GMT
        Subject: CN=64817cb3-09d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:79:93:f9:3e:f8:90:72:45:3c:90:55:e2:c7:
                    9b:9d:60:34:a9:c8:78:59:3e:09:7a:d6:5c:64:7e:
                    62:f6:8f:a6:b3:e2:86:d3:1e:88:c0:ce:33:3a:6c:
                    66:04:ae:9e:fa:97:52:4d:8d:e6:e1:17:6a:13:24:
                    b8:ce:de:f1:a9:4f:25:ef:6c:b1:3e:df:b6:ee:d0:
                    4d:08:8b:46:ba:de:d7:4a:8c:91:3c:ca:e7:55:4a:
                    3a:72:6a:8b:e8:d7:f4:94:6c:18:62:91:c9:70:4d:
                    90:44:00:1e:44:2a:3f:a3:2a:34:b7:2f:fc:8b:fa:
                    14:5f:e7:bf:8f:f9:58:8d:e3:c0:a4:32:da:46:b5:
                    21:b0:e4:ab:43:78:1b:a0:57:31:e6:f3:e1:8d:c6:
                    6c:f6:89:a1:fe:98:ed:2b:6e:7c:7e:56:b1:62:b5:
                    3d:13:7c:19:ce:29:aa:45:84:d3:ae:70:b7:5e:ea:
                    d0:d1:9c:b5:5a:69:33:50:d3:c3:8f:f1:12:4a:50:
                    4f:be:b5:b6:12:07:13:1b:a0:ac:8b:77:cd:a5:e0:
                    8c:28:61:87:e6:70:a6:68:25:fa:dd:6f:48:be:eb:
                    22:54:88:7a:57:26:d0:4b:c8:c2:13:41:a4:8a:64:
                    d9:f6:fd:24:e0:17:47:6b:af:2c:78:a0:36:55:5f:
                    bd:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:37:2F:CD:A0:06:1B:1D:1B:8D:33:03:A8:D5:9D:13:81:78:07:12
            X509v3 Authority Key Identifier:
                keyid:2A:3C:C9:E5:51:9A:5A:5B:B1:3D:08:31:0C:A9:34:82:48:96:FA:5A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/KjzJ5VGaWluxPQgxDKk0gkiW-lo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KjzJ5VGaWluxPQgxDKk0gkiW-lo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E29ED/1C5B5D02DC0911EC9CEBDE9BF1222468/3DA37FA805CA11EE97650D344AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:77:36:9d:82:39:dc:d0:73:da:45:88:62:3b:5b:a5:54:ae:
         1f:21:b4:af:9a:76:bc:d7:fc:55:4c:11:42:46:20:03:69:0e:
         c1:b0:7d:af:5e:4b:40:07:b5:86:88:5b:04:00:77:92:72:e1:
         19:98:bb:7b:8c:40:7b:c6:5e:d7:54:c4:01:37:e0:a8:a2:54:
         a6:c0:2a:77:32:2c:b3:c0:07:a5:38:81:65:40:ab:1a:89:ce:
         7c:de:c5:e8:7b:c4:79:9c:fa:4c:a1:63:20:7a:b7:a0:ee:b7:
         07:d1:6f:5a:76:80:4d:ab:e4:96:09:df:7a:69:d2:48:29:10:
         af:51:cc:a6:b5:65:cc:2f:cd:c8:d6:30:d8:c8:b9:a7:d8:ae:
         1b:bf:e3:3d:bf:53:73:ae:83:f6:14:e4:91:85:e7:63:0b:cf:
         cc:a2:55:01:f1:eb:fb:03:b8:0f:72:3a:a6:51:0b:ac:7a:d8:
         8e:36:d6:b2:dc:89:97:bf:24:08:0c:3b:26:4b:c8:94:82:16:
         17:a0:7e:8d:c0:2b:42:75:a8:e1:35:4b:e8:07:11:f2:dd:d9:
         01:df:ee:92:25:24:b7:90:5e:34:7c:87:58:fe:4c:3e:38:c2:
         71:47:f8:8e:47:a2:88:6c:97:c1:a3:80:c5:61:87:dd:9b:d1:
         7d:d7:94:e1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAZowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTI5RURBRjExMC8GA1UEBRMoMkEzQ0M5RTU1MTlBNUE1QkIxM0QwODMxMENBOTM0
ODI0ODk2RkE1QTAeFw0yMzA2MDgwNzAxMDNaFw0zMjA2MDgwNzAxMDNaMBgxFjAU
BgNVBAMTDTY0ODE3Y2IzLTA5ZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/eZP5PviQckU8kFXix5udYDSpyHhZPgl61lxkfmL2j6az4obTHojAzjM6
bGYErp76l1JNjebhF2oTJLjO3vGpTyXvbLE+37bu0E0Ii0a63tdKjJE8yudVSjpy
aovo1/SUbBhikclwTZBEAB5EKj+jKjS3L/yL+hRf57+P+ViN48CkMtpGtSGw5KtD
eBugVzHm8+GNxmz2iaH+mO0rbnx+VrFitT0TfBnOKapFhNOucLde6tDRnLVaaTNQ
08OP8RJKUE++tbYSBxMboKyLd82l4IwoYYfmcKZoJfrdb0i+6yJUiHpXJtBLyMIT
QaSKZNn2/STgF0drryx4oDZVX701AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU/Dcv
zaAGGx0bjTMDqNWdE4F4BxIwHwYDVR0jBBgwFoAUKjzJ5VGaWluxPQgxDKk0gkiW
+lowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUyOUVELzFDNUI1RDAyREMwOTExRUM5Q0VCREU5QkYxMjIyNDY4L0tqeko1
VkdhV2x1eFBRZ3hES2swZ2tpVy1sby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0tqeko1VkdhV2x1eFBRZ3hES2swZ2tpVy1sby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUyOUVELzFDNUI1RDAyREMwOTExRUM5Q0VCREU5QkYx
MjIyNDY4LzNEQTM3RkE4MDVDQTExRUU5NzY1MEQzNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1IAwDQYJKoZIhvcNAQEL
BQADggEBAFd3Np2COdzQc9pFiGI7W6VUrh8htK+adrzX/FVMEUJGIANpDsGwfa9e
S0AHtYaIWwQAd5Jy4RmYu3uMQHvGXtdUxAE34KiiVKbAKncyLLPAB6U4gWVAqxqJ
znzexeh7xHmc+kyhYyB6t6DutwfRb1p2gE2r5JYJ33pp0kgpEK9RzKa1ZcwvzcjW
MNjIuafYrhu/4z2/U3Oug/YU5JGF52MLz8yiVQHx6/sDuA9yOqZRC6x62I421rLc
iZe/JAgMOyZLyJSCFhegfo3AK0J1qOE1S+gHEfLd2QHf7pIlJLeQXjR8h1j+TD44
wnFH+I5Hoohsl8GjgMVhh92b0X3XlOE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:29 2024 by rpki-client on console-ams.rpki-client.org