Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/AD702BCA216B11EFA0A890177DDC24C2.roa
File:                     AD702BCA216B11EFA0A890177DDC24C2.roa (raw, json)
Hash identifier:          L2LITle01miKDVPWtOlGBo1zGUpqyZVW4YbQ391uSR8=
Subject key identifier:   E1:3D:8D:76:4B:FF:99:8C:57:D0:88:C6:03:06:34:97:B3:81:68:91
Certificate issuer:       /CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Certificate serial:       019C
Authority key identifier: 87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/AD702BCA216B11EFA0A890177DDC24C2.roa
Signing time:             Mon 03 Jun 2024 05:39:43 +0000
ROA not before:           Mon 03 Jun 2024 05:39:39 +0000
ROA not after:            Tue 01 Jan 2030 05:39:39 +0000
asID:                     37684
IP address blocks:        102.221.34.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 412 (0x19c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
        Validity
            Not Before: Jun  3 05:39:39 2024 GMT
            Not After : Jan  1 05:39:39 2030 GMT
        Subject: CN=665d571f-4df5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:cc:6e:ce:72:3f:5b:ad:1c:fb:00:2f:17:a3:
                    fc:74:da:a7:af:c7:0e:31:97:a6:99:fd:c0:a8:06:
                    8a:0a:d4:52:43:30:0b:bc:87:9a:9a:77:72:e8:16:
                    ad:f6:0f:d5:e5:6f:e0:80:c9:1c:98:44:db:ee:10:
                    2c:a9:17:70:7d:ee:a1:7a:cd:bb:22:2c:3f:44:78:
                    a8:c3:c5:88:ff:88:2a:0b:30:21:49:7c:7f:99:1b:
                    91:51:84:c0:0e:79:fa:51:7e:4f:ed:4e:70:95:1b:
                    df:ae:f8:b7:80:04:72:dc:0f:7c:e5:d4:b6:4d:6f:
                    b9:ac:4c:c7:68:c8:d4:4d:81:cd:24:23:32:9c:3f:
                    79:dc:74:f5:91:46:be:59:83:71:4d:cf:30:ac:c0:
                    8d:7e:62:16:18:67:89:67:3f:c0:1d:b4:18:50:49:
                    0c:3b:59:3a:4e:fb:93:32:9c:9c:c8:ae:72:bb:70:
                    a6:6d:13:6a:54:7b:05:fe:46:b3:c6:4e:97:fb:d5:
                    5e:4c:c6:7c:7f:7b:67:8f:34:00:89:a3:47:b3:5f:
                    a7:0b:11:d1:ab:43:44:52:39:29:13:fc:87:78:da:
                    f6:ec:36:a8:a8:a8:33:0a:52:38:77:91:da:fc:9f:
                    89:af:15:40:e5:fe:82:8a:07:99:c6:ca:bc:bf:fc:
                    46:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:3D:8D:76:4B:FF:99:8C:57:D0:88:C6:03:06:34:97:B3:81:68:91
            X509v3 Authority Key Identifier:
                keyid:87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/AD702BCA216B11EFA0A890177DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.221.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:96:76:6b:69:6d:3d:b6:6f:13:ed:d8:10:40:0d:c6:ed:38:
         7e:1c:15:18:06:84:e6:b4:fd:24:5a:4e:d0:c5:2e:0d:9a:e7:
         95:16:3e:05:f8:f6:61:ab:30:77:4c:cf:f8:6c:45:a6:c7:bf:
         0f:51:66:f9:9b:c9:f1:57:37:1b:13:16:c5:39:4f:33:6d:e5:
         04:46:e8:8d:69:02:10:95:03:6a:e5:0b:1f:cf:9b:5e:9f:87:
         b1:29:b2:64:0f:a7:6e:b9:de:fd:24:54:1d:28:e9:54:10:83:
         22:e1:cc:e0:19:c6:ff:b7:45:69:8b:09:62:db:5f:b9:d7:75:
         74:7f:6e:4e:e8:55:40:7c:18:64:89:72:d9:a2:b9:38:24:c3:
         b9:2f:7b:a8:80:1a:43:b6:1d:4b:a5:49:3d:15:c5:1b:97:ac:
         f0:37:ce:4c:7d:8b:c6:64:91:98:4b:51:24:67:9d:b9:30:64:
         46:5e:c7:55:a4:66:ab:07:e3:a8:0a:03:4d:0a:ea:e8:f8:f2:
         fc:96:93:4a:7f:1f:00:85:db:9a:19:e2:0a:64:e7:e0:11:b6:
         f7:be:87:f2:14:67:c5:21:3f:99:0d:ee:20:88:4b:24:fb:8f:
         b8:3b:20:36:59:be:c9:8c:1f:bc:57:bd:0d:6b:9a:8c:35:3d:
         b9:34:8f:f1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAZwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTJCOENBRjExMC8GA1UEBRMoODcyMTMwRTY5QjNGQjgwMzVCMUIyNUQzRjZGQjk3
NEEyQTA3OEVDQzAeFw0yNDA2MDMwNTM5MzlaFw0zMDAxMDEwNTM5MzlaMBgxFjAU
BgNVBAMTDTY2NWQ1NzFmLTRkZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGzG7Ocj9brRz7AC8Xo/x02qevxw4xl6aZ/cCoBooK1FJDMAu8h5qad3Lo
Fq32D9Xlb+CAyRyYRNvuECypF3B97qF6zbsiLD9EeKjDxYj/iCoLMCFJfH+ZG5FR
hMAOefpRfk/tTnCVG9+u+LeABHLcD3zl1LZNb7msTMdoyNRNgc0kIzKcP3ncdPWR
Rr5Zg3FNzzCswI1+YhYYZ4lnP8AdtBhQSQw7WTpO+5MynJzIrnK7cKZtE2pUewX+
RrPGTpf71V5Mxnx/e2ePNACJo0ezX6cLEdGrQ0RSOSkT/Id42vbsNqioqDMKUjh3
kdr8n4mvFUDl/oKKB5nGyry//EbrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4T2N
dkv/mYxX0IjGAwY0l7OBaJEwHwYDVR0jBBgwFoAUhyEw5ps/uANbGyXT9vuXSioH
jswwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRBRDlFNkZDL2h5RXc1
cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2h5RXc1cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRB
RDlFNkZDL0FENzAyQkNBMjE2QjExRUZBMEE4OTAxNzdEREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm3SIwDQYJKoZIhvcNAQEL
BQADggEBACGWdmtpbT22bxPt2BBADcbtOH4cFRgGhOa0/SRaTtDFLg2a55UWPgX4
9mGrMHdMz/hsRabHvw9RZvmbyfFXNxsTFsU5TzNt5QRG6I1pAhCVA2rlCx/Pm16f
h7EpsmQPp2653v0kVB0o6VQQgyLhzOAZxv+3RWmLCWLbX7nXdXR/bk7oVUB8GGSJ
ctmiuTgkw7kve6iAGkO2HUulST0VxRuXrPA3zkx9i8ZkkZhLUSRnnbkwZEZex1Wk
ZqsH46gKA00K6uj48vyWk0p/HwCF25oZ4gpk5+ARtve+h/IUZ8UhP5kN7iCISyT7
j7g7IDZZvsmMH7xXvQ1rmow1Pbk0j/E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:30 2024 by rpki-client on console-ams.rpki-client.org