Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/72FDA95EBED111EBB1E95938F8AEA228.roa
File:                     72FDA95EBED111EBB1E95938F8AEA228.roa (raw, json)
Hash identifier:          BFwqjnvA7M7iOe8MrvjQVzzYtcahDaV6kGy9p/HlFzg=
Subject key identifier:   3E:F6:8D:BF:B2:7F:2B:0B:3E:A0:79:2C:06:A9:43:FE:B9:FC:13:65
Certificate issuer:       /CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
Certificate serial:       02F9
Authority key identifier: FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/72FDA95EBED111EBB1E95938F8AEA228.roa
Signing time:             Thu 27 May 2021 09:53:55 +0000
ROA not before:           Thu 27 May 2021 09:53:52 +0000
ROA not after:            Tue 27 May 2031 09:53:52 +0000
asID:                     327733
IP address blocks:        102.23.94.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 761 (0x2f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
        Validity
            Not Before: May 27 09:53:52 2021 GMT
            Not After : May 27 09:53:52 2031 GMT
        Subject: CN=60af6c33-02c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:fc:ee:9a:ee:8f:e7:dc:69:0a:2d:37:56:d9:
                    25:5a:73:52:dd:93:96:12:bb:41:e2:70:e9:e2:dd:
                    bb:15:cc:66:98:dc:86:d8:0e:3d:b6:25:53:00:8c:
                    df:85:43:de:d5:27:c8:26:67:da:ac:2f:16:b9:d9:
                    9d:28:3d:0e:c8:56:4b:56:10:79:89:f7:10:8a:1c:
                    96:79:d4:2e:1d:c4:5f:9f:61:12:fc:ac:01:8c:c1:
                    e5:cd:3e:e4:42:bb:79:16:b9:a7:17:8a:af:23:a1:
                    da:f6:49:43:1c:16:01:da:92:a1:14:d0:46:16:67:
                    40:f0:b6:57:e7:b8:70:8c:89:32:9c:99:83:d4:12:
                    7d:90:22:c0:0b:dc:6b:b1:60:00:cc:c4:dc:84:f4:
                    d3:a8:dc:c9:8e:80:19:3b:1b:26:25:89:68:0a:2d:
                    97:ac:34:e1:ea:bc:c8:a1:ac:55:b1:76:b7:fe:8d:
                    8a:a1:a2:ce:7f:30:ea:c7:fb:43:c6:f0:ae:a2:a9:
                    bb:93:8b:a7:45:f6:b8:de:a7:1b:e6:85:84:11:1d:
                    07:f8:27:7c:46:93:aa:30:c4:7a:4e:74:ba:bc:a0:
                    13:43:be:12:cb:eb:38:b4:ac:13:50:53:70:0a:92:
                    32:d1:fd:f3:93:3f:81:6e:ef:7d:8a:ff:31:94:70:
                    3a:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:F6:8D:BF:B2:7F:2B:0B:3E:A0:79:2C:06:A9:43:FE:B9:FC:13:65
            X509v3 Authority Key Identifier:
                keyid:FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/72FDA95EBED111EBB1E95938F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.23.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2c:86:64:79:35:76:4b:20:94:a0:40:d1:1c:de:b5:10:57:03:
         bd:1f:88:34:74:1c:18:a1:88:02:10:0f:9d:61:14:05:76:0b:
         90:ab:4a:48:75:8b:82:88:4b:cd:96:59:90:69:da:62:99:6d:
         39:93:c0:b7:28:51:47:de:78:e3:08:5f:24:9a:99:e9:82:f4:
         0e:b9:e5:20:02:3c:23:ff:3c:92:14:f5:ba:60:9a:33:f3:d0:
         17:4d:e1:75:0b:b8:81:19:0f:50:0d:9f:3c:8b:3a:ce:c7:99:
         96:2f:c7:fb:ac:6b:3a:2a:92:a3:1f:7f:85:fe:49:53:98:3e:
         c3:3d:ab:72:a0:40:9b:5d:c5:04:79:6f:6d:39:4c:e0:4a:9e:
         cb:af:15:33:d0:e6:03:08:b7:7d:29:94:3e:23:94:a0:87:5c:
         5c:41:c6:f9:6a:89:a4:73:a4:44:be:ef:ff:5c:be:d6:d3:1e:
         ab:d9:43:0d:80:55:ae:bc:65:ab:af:c9:d7:6e:e1:11:8d:68:
         18:90:64:b8:39:71:c2:20:92:66:0b:1b:cb:ee:e2:f6:b8:f1:
         ea:97:39:55:04:af:c0:c5:82:0f:f2:aa:ac:b0:5f:4a:00:3a:
         21:13:dc:35:69:16:7b:f3:25:fa:02:76:07:8d:25:75:ca:ad:
         24:8c:01:25
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAvkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTM3M0RBRjExMC8GA1UEBRMoRkQ4RTA0NTg4NEIxNjY5RUJENDMwQUU1NjY3MjFE
OTc0MDRBNkNFODAeFw0yMTA1MjcwOTUzNTJaFw0zMTA1MjcwOTUzNTJaMBgxFjAU
BgNVBAMTDTYwYWY2YzMzLTAyYzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDK/O6a7o/n3GkKLTdW2SVac1Ldk5YSu0HicOni3bsVzGaY3IbYDj22JVMA
jN+FQ97VJ8gmZ9qsLxa52Z0oPQ7IVktWEHmJ9xCKHJZ51C4dxF+fYRL8rAGMweXN
PuRCu3kWuacXiq8jodr2SUMcFgHakqEU0EYWZ0DwtlfnuHCMiTKcmYPUEn2QIsAL
3GuxYADMxNyE9NOo3MmOgBk7GyYliWgKLZesNOHqvMihrFWxdrf+jYqhos5/MOrH
+0PG8K6iqbuTi6dF9rjepxvmhYQRHQf4J3xGk6owxHpOdLq8oBNDvhLL6zi0rBNQ
U3AKkjLR/fOTP4Fu732K/zGUcDqXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPvaN
v7J/Kws+oHksBqlD/rn8E2UwHwYDVR0jBBgwFoAU/Y4EWISxZp69QwrlZnIdl0BK
bOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4QUVBMjI4L19ZNEVX
SVN4WnA2OVF3cmxabklkbDBCS2JPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL19ZNEVXSVN4WnA2OVF3cmxabklkbDBCS2JPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4
QUVBMjI4LzcyRkRBOTVFQkVEMTExRUJCMUU5NTkzOEY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFmF14wDQYJKoZIhvcNAQEL
BQADggEBACyGZHk1dksglKBA0RzetRBXA70fiDR0HBihiAIQD51hFAV2C5CrSkh1
i4KIS82WWZBp2mKZbTmTwLcoUUfeeOMIXySamemC9A655SACPCP/PJIU9bpgmjPz
0BdN4XULuIEZD1ANnzyLOs7HmZYvx/usazoqkqMff4X+SVOYPsM9q3KgQJtdxQR5
b205TOBKnsuvFTPQ5gMIt30plD4jlKCHXFxBxvlqiaRzpES+7/9cvtbTHqvZQw2A
Va68Zauvyddu4RGNaBiQZLg5ccIgkmYLG8vu4va48eqXOVUEr8DFgg/yqqywX0oA
OiET3DVpFnvzJfoCdgeNJXXKrSSMASU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:19 2024 by rpki-client on console-fra.rpki-client.org