Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/7F0A8334DA8611ED854699E62F6D8C1D.roa
File:                     7F0A8334DA8611ED854699E62F6D8C1D.roa (raw, json)
Hash identifier:          GP3NdP5uExbY2GZHQJ+RZAHZhDY8bRc/dyrY/rF4P6I=
Subject key identifier:   4D:52:1D:E6:84:79:AC:42:08:98:B2:81:22:DB:F2:08:16:7F:52:39
Certificate issuer:       /CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
Certificate serial:       05D8
Authority key identifier: FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/7F0A8334DA8611ED854699E62F6D8C1D.roa
Signing time:             Fri 14 Apr 2023 05:37:51 +0000
ROA not before:           Fri 14 Apr 2023 05:37:47 +0000
ROA not after:            Thu 14 Apr 2033 05:37:47 +0000
asID:                     327733
IP address blocks:        102.212.51.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1496 (0x5d8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
        Validity
            Not Before: Apr 14 05:37:47 2023 GMT
            Not After : Apr 14 05:37:47 2033 GMT
        Subject: CN=6438e6af-e256
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:a3:4c:77:83:51:ba:41:d0:5c:0a:d5:c1:f2:
                    7c:1b:53:f9:6a:1d:5b:ab:67:88:e0:76:b1:6b:f1:
                    64:5b:65:00:eb:a8:71:3a:dc:14:48:93:b9:b1:4d:
                    9c:83:ce:21:e3:46:9b:c2:06:7e:15:17:f2:ba:cf:
                    65:bf:95:6c:12:a0:ed:0a:b9:c6:9a:0b:c9:ff:eb:
                    19:df:58:9b:8b:f8:10:8e:68:5f:8c:0f:c7:c9:03:
                    b6:7a:ef:2d:e1:ba:40:15:4f:b3:ea:47:fe:50:eb:
                    76:36:6e:94:4d:28:bc:b8:6d:73:93:dc:ae:30:45:
                    92:e4:a6:33:52:d6:8f:13:85:57:f1:62:63:c3:bd:
                    69:fc:45:97:11:7f:5e:6c:1e:ff:51:60:41:8d:eb:
                    f1:ee:f0:e3:6d:93:e0:ac:17:bd:89:03:6c:7d:b1:
                    96:34:35:4b:1d:19:9e:0a:63:a2:44:70:33:a9:69:
                    d3:f0:11:fb:4f:d5:6e:f0:3d:28:d9:4f:08:e2:b8:
                    9c:e2:d3:89:86:53:86:2d:e8:21:55:fa:38:58:29:
                    e2:44:a4:6a:4c:6c:b9:d0:28:d6:f2:27:2d:e5:a6:
                    24:56:b7:19:0c:e4:44:a8:bf:7b:f7:f6:2a:d2:c0:
                    62:e5:e1:92:0a:0b:f4:5f:bf:51:de:0b:3e:f8:f6:
                    b8:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:52:1D:E6:84:79:AC:42:08:98:B2:81:22:DB:F2:08:16:7F:52:39
            X509v3 Authority Key Identifier:
                keyid:FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/7F0A8334DA8611ED854699E62F6D8C1D.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:f9:75:37:68:fa:dc:31:25:50:1b:76:d9:1f:84:ea:fc:cb:
         48:a8:30:5f:94:b1:c4:8a:b1:10:85:1d:99:d1:c6:7a:60:2e:
         75:a0:79:59:04:46:f5:59:bb:a6:49:6f:6a:0b:19:e3:cb:89:
         e1:4b:2a:aa:fd:cd:68:b4:77:40:1f:34:32:b1:4a:42:d6:7e:
         2d:6b:21:2f:d5:1b:ad:45:40:f4:58:30:90:0b:71:e7:3c:6f:
         51:85:de:61:cb:21:a2:19:c0:71:fd:4b:36:41:b1:7f:53:c1:
         39:37:6e:9c:83:ee:e8:9d:83:9b:6b:7e:e3:51:0c:63:7d:d7:
         60:7d:a8:9f:ef:6b:ff:6e:4d:f9:78:e7:2c:f1:fe:74:99:d7:
         3a:2c:f5:af:31:53:74:1a:cf:a0:ab:8e:61:7c:88:ea:7c:2c:
         48:c9:da:c9:2d:1c:98:e9:99:1a:ed:33:8a:d6:fe:21:c8:13:
         e0:31:76:3d:ea:73:42:9d:e8:f1:6b:58:b7:02:7f:42:0a:1b:
         0b:72:05:81:e8:51:0a:f7:ea:0f:ed:d7:21:6e:f8:a0:2c:20:
         12:b4:3e:56:08:f2:75:32:3b:a0:48:f5:35:15:49:16:59:55:
         5b:9c:b2:7d:cc:98:ac:f9:11:9c:9e:73:ec:b0:e9:51:cd:cc:
         55:2b:b2:f5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBdgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RTM3M0RBRjExMC8GA1UEBRMoRkQ4RTA0NTg4NEIxNjY5RUJENDMwQUU1NjY3MjFE
OTc0MDRBNkNFODAeFw0yMzA0MTQwNTM3NDdaFw0zMzA0MTQwNTM3NDdaMBgxFjAU
BgNVBAMMDTY0MzhlNmFmLWUyNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDto0x3g1G6QdBcCtXB8nwbU/lqHVurZ4jgdrFr8WRbZQDrqHE63BRIk7mx
TZyDziHjRpvCBn4VF/K6z2W/lWwSoO0KucaaC8n/6xnfWJuL+BCOaF+MD8fJA7Z6
7y3hukAVT7PqR/5Q63Y2bpRNKLy4bXOT3K4wRZLkpjNS1o8ThVfxYmPDvWn8RZcR
f15sHv9RYEGN6/Hu8ONtk+CsF72JA2x9sZY0NUsdGZ4KY6JEcDOpadPwEftP1W7w
PSjZTwjiuJzi04mGU4Yt6CFV+jhYKeJEpGpMbLnQKNbyJy3lpiRWtxkM5ESov3v3
9irSwGLl4ZIKC/Rfv1HeCz749rh/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUTVId
5oR5rEIImLKBItvyCBZ/UjkwHwYDVR0jBBgwFoAU/Y4EWISxZp69QwrlZnIdl0BK
bOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4QUVBMjI4L19ZNEVX
SVN4WnA2OVF3cmxabklkbDBCS2JPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL19ZNEVXSVN4WnA2OVF3cmxabklkbDBCS2JPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4
QUVBMjI4LzdGMEE4MzM0REE4NjExRUQ4NTQ2OTlFNjJGNkQ4QzFELnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1DMwDQYJKoZIhvcNAQEL
BQADggEBAJ35dTdo+twxJVAbdtkfhOr8y0ioMF+UscSKsRCFHZnRxnpgLnWgeVkE
RvVZu6ZJb2oLGePLieFLKqr9zWi0d0AfNDKxSkLWfi1rIS/VG61FQPRYMJALcec8
b1GF3mHLIaIZwHH9SzZBsX9TwTk3bpyD7uidg5trfuNRDGN912B9qJ/va/9uTfl4
5yzx/nSZ1zos9a8xU3Qaz6CrjmF8iOp8LEjJ2sktHJjpmRrtM4rW/iHIE+Axdj3q
c0Kd6PFrWLcCf0IKGwtyBYHoUQr36g/t1yFu+KAsIBK0PlYI8nUyO6BI9TUVSRZZ
VVucsn3MmKz5EZyec+yw6VHNzFUrsvU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:30 2024 by rpki-client on console-ams.rpki-client.org