Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/60E94C82DA8611EDB9B5F0E52F6D8C1D.roa
File:                     60E94C82DA8611EDB9B5F0E52F6D8C1D.roa (raw, json)
Hash identifier:          uN0Q1zV+VPkcLgC9gryjBgSon2OLOyHeE5NbuOjD/vU=
Subject key identifier:   BF:70:BC:6E:39:FD:78:A5:A1:F0:7C:95:E1:F4:27:46:B2:8E:4B:8C
Certificate issuer:       /CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
Certificate serial:       05D6
Authority key identifier: FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/60E94C82DA8611EDB9B5F0E52F6D8C1D.roa
Signing time:             Fri 14 Apr 2023 05:37:01 +0000
ROA not before:           Fri 14 Apr 2023 05:36:57 +0000
ROA not after:            Thu 14 Apr 2033 05:36:57 +0000
asID:                     327733
IP address blocks:        102.212.50.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1494 (0x5d6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
        Validity
            Not Before: Apr 14 05:36:57 2023 GMT
            Not After : Apr 14 05:36:57 2033 GMT
        Subject: CN=6438e67c-50c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:c8:72:5d:0a:00:c2:de:d7:49:2c:3b:d3:a4:
                    ac:b6:e8:ee:78:cf:c8:45:66:a3:11:ee:9a:96:33:
                    f0:7c:f0:f8:13:df:b7:95:56:75:1e:fc:6b:6e:55:
                    06:49:5b:fd:46:df:e0:b3:d2:f9:8c:f0:80:2c:cf:
                    f7:80:07:37:66:14:c3:61:07:75:12:5e:cd:6a:cc:
                    d7:2b:39:77:e8:08:b8:a7:b6:51:f7:95:3b:3d:9a:
                    09:6c:82:ba:f1:e5:2c:7c:1b:f3:0b:ca:0d:32:57:
                    72:cd:9d:37:58:fb:e4:b7:52:d5:db:07:7e:2e:e9:
                    85:68:9a:d8:23:c4:c3:37:3a:a5:10:e8:ac:d7:76:
                    a1:c6:58:a5:b1:4f:e9:7a:a8:f5:02:5d:86:d0:7e:
                    4a:5c:33:38:b9:e5:60:46:04:85:48:2a:33:90:51:
                    bc:50:ac:ff:2c:bb:46:8c:29:13:ec:a7:ba:cb:39:
                    53:1e:7b:b3:df:af:11:d2:49:89:ae:a3:5a:46:a8:
                    85:8c:81:b4:86:73:61:a1:d7:ad:58:8f:25:1c:59:
                    7d:f4:c0:a4:cc:c7:d4:13:54:9c:ce:a3:8d:fd:4f:
                    05:d6:a2:2e:77:1e:a3:7f:55:5f:d9:c5:02:d8:23:
                    f0:b4:9a:50:8f:e8:a3:4c:dd:60:ea:17:9d:ac:b3:
                    58:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:70:BC:6E:39:FD:78:A5:A1:F0:7C:95:E1:F4:27:46:B2:8E:4B:8C
            X509v3 Authority Key Identifier:
                keyid:FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/60E94C82DA8611EDB9B5F0E52F6D8C1D.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:4d:b4:17:ed:cd:ee:e3:cf:88:a9:76:d0:e8:38:fa:c8:a2:
         74:3f:ae:12:66:30:87:fd:5b:50:1e:c3:d0:71:fd:9e:06:ed:
         64:b7:15:25:13:07:bc:e5:ff:0b:af:9d:95:63:ac:a0:27:c3:
         7c:d1:74:08:06:4a:f8:64:14:b9:68:7e:94:2f:2e:d3:d2:a7:
         b4:a9:d9:3d:3d:c5:7e:01:56:4b:77:76:cd:f2:21:31:45:23:
         a0:87:1d:d4:ea:89:e8:e9:e4:00:61:07:2c:84:f7:74:f9:de:
         67:86:b0:c2:7c:ca:8a:b5:85:cf:f3:d2:e5:9e:8f:d6:bd:0a:
         b5:ae:bb:d1:e1:0a:88:42:8b:3a:e4:bc:f0:56:46:55:8f:52:
         fe:55:0a:a6:c3:06:f0:c8:b5:d0:db:ef:d6:ec:b1:71:1c:ab:
         8b:25:b2:10:00:53:3c:3b:8e:08:70:0b:8d:dc:f7:c6:38:24:
         7e:d4:89:47:b1:f2:23:65:a3:f8:dd:b6:34:fa:a3:ec:69:86:
         9e:13:e7:43:a7:71:6c:47:eb:e9:d3:e9:75:5d:71:d5:94:39:
         6c:b4:ab:a9:02:4b:f1:db:7c:37:dd:59:b7:bf:f6:b8:fa:6d:
         ab:c2:db:4c:72:29:5b:4c:88:be:01:31:0a:ea:04:ad:dc:0a:
         13:f9:4e:80
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBdYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RTM3M0RBRjExMC8GA1UEBRMoRkQ4RTA0NTg4NEIxNjY5RUJENDMwQUU1NjY3MjFE
OTc0MDRBNkNFODAeFw0yMzA0MTQwNTM2NTdaFw0zMzA0MTQwNTM2NTdaMBgxFjAU
BgNVBAMMDTY0MzhlNjdjLTUwYzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDgyHJdCgDC3tdJLDvTpKy26O54z8hFZqMR7pqWM/B88PgT37eVVnUe/Gtu
VQZJW/1G3+Cz0vmM8IAsz/eABzdmFMNhB3USXs1qzNcrOXfoCLintlH3lTs9mgls
grrx5Sx8G/MLyg0yV3LNnTdY++S3UtXbB34u6YVomtgjxMM3OqUQ6KzXdqHGWKWx
T+l6qPUCXYbQfkpcMzi55WBGBIVIKjOQUbxQrP8su0aMKRPsp7rLOVMee7PfrxHS
SYmuo1pGqIWMgbSGc2Gh161YjyUcWX30wKTMx9QTVJzOo439TwXWoi53HqN/VV/Z
xQLYI/C0mlCP6KNM3WDqF52ss1jLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUv3C8
bjn9eKWh8HyV4fQnRrKOS4wwHwYDVR0jBBgwFoAU/Y4EWISxZp69QwrlZnIdl0BK
bOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4QUVBMjI4L19ZNEVX
SVN4WnA2OVF3cmxabklkbDBCS2JPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL19ZNEVXSVN4WnA2OVF3cmxabklkbDBCS2JPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4
QUVBMjI4LzYwRTk0QzgyREE4NjExRURCOUI1RjBFNTJGNkQ4QzFELnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1DIwDQYJKoZIhvcNAQEL
BQADggEBAHtNtBftze7jz4ipdtDoOPrIonQ/rhJmMIf9W1Aew9Bx/Z4G7WS3FSUT
B7zl/wuvnZVjrKAnw3zRdAgGSvhkFLlofpQvLtPSp7Sp2T09xX4BVkt3ds3yITFF
I6CHHdTqiejp5ABhByyE93T53meGsMJ8yoq1hc/z0uWej9a9CrWuu9HhCohCizrk
vPBWRlWPUv5VCqbDBvDItdDb79bssXEcq4slshAAUzw7jghwC43c98Y4JH7UiUex
8iNlo/jdtjT6o+xphp4T50OncWxH6+nT6XVdcdWUOWy0q6kCS/HbfDfdWbe/9rj6
bavC20xyKVtMiL4BMQrqBK3cChP5ToA=
-----END CERTIFICATE-----
Generated at Sun Jun 16 01:45:56 2024 by rpki-client on console-fra.rpki-client.org