Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/63FF131ECBD211EEB933CA84775412E6.roa
File:                     63FF131ECBD211EEB933CA84775412E6.roa (raw, json)
Hash identifier:          yK1f2ZwWbUbh9pLIwEau+PoX7oQm1JMNE9rftEPDtB4=
Subject key identifier:   2A:BC:09:DF:54:9D:95:39:EF:96:DC:7C:A4:04:AD:94:88:8C:E5:E7
Certificate issuer:       /CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Certificate serial:       011E
Authority key identifier: 87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/63FF131ECBD211EEB933CA84775412E6.roa
Signing time:             Thu 15 Feb 2024 07:18:18 +0000
ROA not before:           Thu 15 Feb 2024 07:18:14 +0000
ROA not after:            Tue 01 Jan 2030 07:18:14 +0000
asID:                     37684
IP address blocks:        102.221.32.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 286 (0x11e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
        Validity
            Not Before: Feb 15 07:18:14 2024 GMT
            Not After : Jan  1 07:18:14 2030 GMT
        Subject: CN=65cdbaba-a42e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:be:15:eb:76:08:2b:f6:d1:1f:fd:5d:6f:4e:
                    76:16:8e:08:ea:c7:a2:fb:17:c5:d0:d4:42:a4:8c:
                    91:0d:ef:0f:95:46:96:88:5f:c1:21:a4:c9:07:2a:
                    19:d1:c4:37:80:57:fa:30:cb:03:ff:a2:12:e3:d4:
                    af:b5:92:5a:1c:44:11:ee:d1:ca:b0:d6:24:75:f4:
                    a2:2f:81:48:9f:f9:16:4f:15:e9:11:dd:d5:6f:70:
                    54:ca:9f:04:15:13:a1:d8:5e:23:c3:a1:84:99:41:
                    83:ba:4e:a9:59:69:19:97:d2:41:61:4b:f1:af:9c:
                    1c:0e:5f:53:42:c4:cf:2f:09:40:0f:93:73:47:1c:
                    45:7b:81:9c:77:c0:d6:5b:6b:cf:59:6f:c2:27:e0:
                    47:6d:95:d7:bb:a7:eb:4a:6f:fc:0e:95:ae:b2:60:
                    f9:e6:02:17:56:38:ed:2e:ed:e0:be:38:0e:2b:9c:
                    82:2b:a0:c5:3b:26:45:a7:da:4a:83:9d:94:74:c9:
                    24:4b:50:b3:23:69:d5:ea:87:76:67:fb:b1:1b:fb:
                    74:73:1d:aa:d8:56:d1:ae:dc:26:e5:2c:7b:97:76:
                    ea:a6:07:66:9e:9f:89:50:c2:32:c0:bc:0a:36:47:
                    56:e3:a0:ae:a8:53:84:43:d1:fb:d0:5a:da:52:90:
                    00:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:BC:09:DF:54:9D:95:39:EF:96:DC:7C:A4:04:AD:94:88:8C:E5:E7
            X509v3 Authority Key Identifier:
                keyid:87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/63FF131ECBD211EEB933CA84775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.221.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:cb:95:53:80:ce:2d:9b:15:f8:fc:3a:e2:38:d5:79:c2:21:
         3a:88:14:a3:c0:3f:41:96:af:6f:be:26:bc:a0:f3:e6:ad:f1:
         e7:c7:08:6b:5c:be:28:a0:c6:e1:7f:93:5d:f4:38:dc:ac:d8:
         2d:f1:c0:41:ed:02:25:5e:9d:5d:8c:70:60:f2:58:1c:1b:43:
         f2:63:72:9f:1a:d3:2d:fa:ed:10:21:7c:cc:a1:af:14:e1:b6:
         d9:4c:4a:fd:5c:a6:e4:f8:4b:ea:c3:4f:20:ae:15:24:e1:2c:
         57:ed:23:98:c1:11:cd:bd:8a:59:7a:4c:cc:0f:20:82:5a:4c:
         45:53:da:aa:56:3f:06:94:dd:66:0c:01:c1:d2:4c:6d:9b:e2:
         f0:8c:1c:a5:89:60:c6:e8:0c:c0:54:ca:34:54:6c:04:00:6f:
         ed:c9:f8:88:21:4e:eb:d9:26:d3:cd:c5:d9:14:4b:1c:d7:08:
         14:9a:f4:cb:b6:3f:e3:1c:37:c7:09:7e:2d:8a:99:ec:be:49:
         a1:0d:5d:9f:de:08:bb:0f:4a:e1:67:0c:30:36:52:b4:4f:5b:
         97:34:b1:cc:99:31:fa:16:1e:91:9a:b4:6f:fe:b4:91:2d:22:
         05:2a:9e:c7:11:90:67:55:f9:5e:22:77:3e:65:0b:68:61:bc:
         77:5a:fe:26
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAR4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTJCOENBRjExMC8GA1UEBRMoODcyMTMwRTY5QjNGQjgwMzVCMUIyNUQzRjZGQjk3
NEEyQTA3OEVDQzAeFw0yNDAyMTUwNzE4MTRaFw0zMDAxMDEwNzE4MTRaMBgxFjAU
BgNVBAMTDTY1Y2RiYWJhLWE0MmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7vhXrdggr9tEf/V1vTnYWjgjqx6L7F8XQ1EKkjJEN7w+VRpaIX8EhpMkH
KhnRxDeAV/owywP/ohLj1K+1klocRBHu0cqw1iR19KIvgUif+RZPFekR3dVvcFTK
nwQVE6HYXiPDoYSZQYO6TqlZaRmX0kFhS/GvnBwOX1NCxM8vCUAPk3NHHEV7gZx3
wNZba89Zb8In4Edtlde7p+tKb/wOla6yYPnmAhdWOO0u7eC+OA4rnIIroMU7JkWn
2kqDnZR0ySRLULMjadXqh3Zn+7Eb+3RzHarYVtGu3CblLHuXduqmB2aen4lQwjLA
vAo2R1bjoK6oU4RD0fvQWtpSkADtAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKrwJ
31SdlTnvltx8pAStlIiM5ecwHwYDVR0jBBgwFoAUhyEw5ps/uANbGyXT9vuXSioH
jswwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRBRDlFNkZDL2h5RXc1
cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2h5RXc1cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRB
RDlFNkZDLzYzRkYxMzFFQ0JEMjExRUVCOTMzQ0E4NDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm3SAwDQYJKoZIhvcNAQEL
BQADggEBAELLlVOAzi2bFfj8OuI41XnCITqIFKPAP0GWr2++Jryg8+at8efHCGtc
viigxuF/k130ONys2C3xwEHtAiVenV2McGDyWBwbQ/Jjcp8a0y367RAhfMyhrxTh
ttlMSv1cpuT4S+rDTyCuFSThLFftI5jBEc29ill6TMwPIIJaTEVT2qpWPwaU3WYM
AcHSTG2b4vCMHKWJYMboDMBUyjRUbAQAb+3J+IghTuvZJtPNxdkUSxzXCBSa9Mu2
P+McN8cJfi2Kmey+SaENXZ/eCLsPSuFnDDA2UrRPW5c0scyZMfoWHpGatG/+tJEt
IgUqnscRkGdV+V4idz5lC2hhvHda/iY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org