Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/51E7667A198311EDA6FEC5BFF1222468.roa
File:                     51E7667A198311EDA6FEC5BFF1222468.roa (raw, json)
Hash identifier:          5AYXvFdqlcLtOaW600VeglJz5MATpO6Rt2/LbZme/P8=
Subject key identifier:   D3:1B:D9:59:FB:59:22:B1:D4:38:74:6B:15:AE:99:7E:42:45:52:D7
Certificate issuer:       /CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
Certificate serial:       04CC
Authority key identifier: FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/51E7667A198311EDA6FEC5BFF1222468.roa
Signing time:             Thu 11 Aug 2022 14:38:53 +0000
ROA not before:           Thu 11 Aug 2022 14:38:48 +0000
ROA not after:            Wed 11 Aug 2032 14:38:48 +0000
asID:                     327733
IP address blocks:        102.23.94.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1228 (0x4cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
        Validity
            Not Before: Aug 11 14:38:48 2022 GMT
            Not After : Aug 11 14:38:48 2032 GMT
        Subject: CN=62f5147c-d269
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:8c:d9:4e:3e:6b:b9:ab:12:c2:3f:35:2a:4a:
                    0f:13:4e:d1:05:69:50:f2:54:d5:cc:9a:45:cb:bb:
                    ee:00:35:79:99:d0:37:1b:4d:7a:54:6f:1a:10:77:
                    b8:e6:83:45:da:15:a6:bc:b1:ce:50:b5:e7:a0:8d:
                    bc:11:5c:dc:38:cf:fd:9b:24:ab:10:78:e6:b6:fa:
                    8a:9c:67:7c:ae:a6:1b:87:c1:8e:9d:24:d3:9d:ce:
                    d6:08:07:2d:69:ce:43:45:88:74:5b:cd:e5:64:fc:
                    09:0f:35:f9:ae:ae:04:b8:f5:25:ba:37:c1:63:48:
                    ed:b6:80:00:c7:ab:aa:84:9d:93:a6:80:00:c2:55:
                    99:30:5a:36:92:b0:08:63:6e:fc:07:65:6e:f0:41:
                    5a:fa:72:98:e2:7e:b6:38:a7:35:5d:e0:1c:89:84:
                    d1:1d:ea:ad:ff:b6:d3:33:35:a0:0a:00:c5:58:cf:
                    8f:56:6d:f7:e1:18:2b:a0:b0:b1:1d:e6:7c:84:2e:
                    87:44:f2:2f:49:1d:d5:bb:b0:68:8e:58:b5:29:70:
                    a7:6b:2c:ce:f2:d9:24:c7:e8:56:b0:b1:74:bf:08:
                    60:7b:8f:b7:f9:0c:11:a0:b5:75:89:1d:b8:4e:b0:
                    c1:55:9b:25:3c:38:bd:cf:33:10:95:5b:68:c4:61:
                    04:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:1B:D9:59:FB:59:22:B1:D4:38:74:6B:15:AE:99:7E:42:45:52:D7
            X509v3 Authority Key Identifier:
                keyid:FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/51E7667A198311EDA6FEC5BFF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.23.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:2d:3d:37:45:b7:ed:3e:62:ce:8e:52:28:27:15:2a:9e:78:
         08:a9:31:48:6a:54:4f:2e:f8:5d:b7:55:90:c5:00:a1:0c:5a:
         35:09:8e:2a:b1:9a:ba:08:bb:d2:30:ba:3f:bd:62:98:a7:0a:
         de:a9:11:1b:c4:64:df:4f:81:39:16:a5:1a:44:c5:a3:35:68:
         4c:c3:28:79:62:b1:1d:04:c6:68:f8:12:68:ea:0e:49:d6:0a:
         2d:38:db:f4:a5:5e:55:83:1b:7b:15:6e:52:f9:6d:88:6e:68:
         50:85:0b:31:73:94:cd:12:08:20:e1:e9:41:b5:87:d0:60:6e:
         f5:be:8a:e9:7a:bf:a6:39:cb:eb:23:70:6a:b3:88:d8:5d:85:
         b2:ae:7b:65:13:6e:1f:42:fd:12:6d:bb:04:d8:e8:6d:93:73:
         cc:43:54:8c:fe:27:7b:6b:b2:3a:5b:11:4c:34:a1:75:42:57:
         3f:61:b1:50:cb:af:36:ae:8a:8d:03:09:75:1c:de:b1:3c:bf:
         ca:d8:53:94:36:64:a3:5a:e7:86:93:c2:51:69:79:24:39:da:
         57:b6:15:bf:a6:48:59:93:62:d0:81:30:d4:3d:12:7c:7f:84:
         ef:9a:6e:41:93:ba:6c:f3:53:f3:79:25:6d:14:7b:19:ba:7e:
         7f:7e:19:b3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBMwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RTM3M0RBRjExMC8GA1UEBRMoRkQ4RTA0NTg4NEIxNjY5RUJENDMwQUU1NjY3MjFE
OTc0MDRBNkNFODAeFw0yMjA4MTExNDM4NDhaFw0zMjA4MTExNDM4NDhaMBgxFjAU
BgNVBAMMDTYyZjUxNDdjLWQyNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRjNlOPmu5qxLCPzUqSg8TTtEFaVDyVNXMmkXLu+4ANXmZ0DcbTXpUbxoQ
d7jmg0XaFaa8sc5QteegjbwRXNw4z/2bJKsQeOa2+oqcZ3yuphuHwY6dJNOdztYI
By1pzkNFiHRbzeVk/AkPNfmurgS49SW6N8FjSO22gADHq6qEnZOmgADCVZkwWjaS
sAhjbvwHZW7wQVr6cpjifrY4pzVd4ByJhNEd6q3/ttMzNaAKAMVYz49WbffhGCug
sLEd5nyELodE8i9JHdW7sGiOWLUpcKdrLM7y2STH6FawsXS/CGB7j7f5DBGgtXWJ
HbhOsMFVmyU8OL3PMxCVW2jEYQSTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0xvZ
WftZIrHUOHRrFa6ZfkJFUtcwHwYDVR0jBBgwFoAU/Y4EWISxZp69QwrlZnIdl0BK
bOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4QUVBMjI4L19ZNEVX
SVN4WnA2OVF3cmxabklkbDBCS2JPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL19ZNEVXSVN4WnA2OVF3cmxabklkbDBCS2JPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4
QUVBMjI4LzUxRTc2NjdBMTk4MzExRURBNkZFQzVCRkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmF14wDQYJKoZIhvcNAQEL
BQADggEBAIgtPTdFt+0+Ys6OUignFSqeeAipMUhqVE8u+F23VZDFAKEMWjUJjiqx
mroIu9Iwuj+9YpinCt6pERvEZN9PgTkWpRpExaM1aEzDKHlisR0Exmj4EmjqDknW
Ci042/SlXlWDG3sVblL5bYhuaFCFCzFzlM0SCCDh6UG1h9BgbvW+iul6v6Y5y+sj
cGqziNhdhbKue2UTbh9C/RJtuwTY6G2Tc8xDVIz+J3trsjpbEUw0oXVCVz9hsVDL
rzauio0DCXUc3rE8v8rYU5Q2ZKNa54aTwlFpeSQ52le2Fb+mSFmTYtCBMNQ9Enx/
hO+abkGTumzzU/N5JW0Uexm6fn9+GbM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:19 2024 by rpki-client on console-fra.rpki-client.org