Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/EBFDEB1CDA8511EDAD8DC8E42F6D8C1D.roa
File:                     EBFDEB1CDA8511EDAD8DC8E42F6D8C1D.roa (raw, json)
Hash identifier:          T0K4k+0IgpuVi35+ZPDqnwWPZANeAHrt4BvXYlWbXMI=
Subject key identifier:   A3:59:EA:67:80:8A:3F:DE:78:19:C9:68:CB:F4:62:BC:35:20:9A:A6
Certificate issuer:       /CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
Certificate serial:       05D0
Authority key identifier: FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/EBFDEB1CDA8511EDAD8DC8E42F6D8C1D.roa
Signing time:             Fri 14 Apr 2023 05:33:44 +0000
ROA not before:           Fri 14 Apr 2023 05:33:40 +0000
ROA not after:            Thu 14 Apr 2033 05:33:40 +0000
asID:                     327733
IP address blocks:        102.212.48.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1488 (0x5d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
        Validity
            Not Before: Apr 14 05:33:40 2023 GMT
            Not After : Apr 14 05:33:40 2033 GMT
        Subject: CN=6438e5b8-e9b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d6:62:59:0a:8a:82:8b:56:b8:72:f5:ec:41:
                    36:a9:9f:dc:10:1e:66:bc:62:64:b5:7a:47:f3:b2:
                    57:55:11:53:05:82:29:78:be:49:d1:eb:d3:d6:36:
                    0a:3a:6b:88:ef:72:ed:b9:50:8e:46:28:b7:a1:2a:
                    79:95:b2:92:14:97:cd:f4:bb:b1:ed:e7:ba:a3:81:
                    1a:f3:44:8b:e7:35:36:cb:f8:4a:6b:d2:f0:c7:fe:
                    25:3f:fe:86:9b:71:54:34:16:45:8a:e3:b2:54:68:
                    a5:d6:68:7a:a0:99:b4:59:fb:c6:80:75:f9:ed:dd:
                    f1:f1:93:67:82:e2:7a:05:0c:cb:76:3e:4d:27:37:
                    24:de:43:23:64:d4:1c:b1:87:96:cd:47:be:4a:75:
                    b4:8e:ed:83:3c:dd:55:3d:c1:aa:6d:31:28:df:3e:
                    07:a7:92:0f:7f:00:36:d0:f1:8b:28:ef:18:d1:fd:
                    54:7f:39:13:47:71:96:12:25:82:f3:e8:39:1d:49:
                    cc:d0:1b:a0:82:f8:3a:bb:50:49:29:e7:82:ef:51:
                    30:72:ae:bf:4b:2a:00:9d:a0:18:44:1d:e4:56:d9:
                    dc:c5:ee:cb:17:96:2d:f7:55:b6:b7:d3:0e:c5:f5:
                    0b:65:61:d6:9f:22:1f:8d:41:e9:69:ab:6c:0d:32:
                    4a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:59:EA:67:80:8A:3F:DE:78:19:C9:68:CB:F4:62:BC:35:20:9A:A6
            X509v3 Authority Key Identifier:
                keyid:FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/EBFDEB1CDA8511EDAD8DC8E42F6D8C1D.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         16:f6:17:72:52:2a:5f:67:bc:53:4a:b7:65:7a:b8:2b:d2:38:
         fe:58:40:56:6c:30:bf:cb:ca:d1:7e:49:41:71:a8:fe:f7:98:
         e8:86:5f:ec:ae:3f:f4:ee:a3:f6:eb:35:9b:d3:7d:d9:b0:e3:
         68:d7:e0:a8:95:c1:3e:74:a9:83:33:65:d1:ff:6e:d5:77:66:
         7c:15:1a:b9:7a:f4:c0:6c:30:b7:2d:c9:f3:7b:a6:ac:56:3e:
         d5:52:00:09:61:3f:38:f7:df:76:51:ff:83:54:64:6a:4e:6a:
         8f:db:73:ce:68:24:f5:81:94:a3:c9:4a:ad:ba:70:91:38:65:
         93:1c:ab:df:b4:44:09:d5:67:0b:3b:f3:cb:73:db:3c:7f:6b:
         82:1b:df:32:71:43:31:c4:73:3c:aa:f5:5e:32:ed:fd:38:bc:
         d6:5d:55:30:d0:68:63:e1:9a:ef:1e:d7:1e:e7:a4:57:c6:6b:
         e9:e2:d9:d9:97:cb:26:78:cc:5f:89:e1:9f:21:0f:a6:da:b5:
         4d:49:9d:a6:fb:b3:08:9d:17:c7:ad:5b:e4:68:be:56:b8:b0:
         f1:8b:95:27:bd:ec:2e:76:12:41:5e:e4:3e:da:43:2a:96:59:
         e0:1e:34:95:19:c8:4d:19:bf:5a:24:16:e8:95:78:e7:eb:75:
         0a:cd:03:c5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBdAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RTM3M0RBRjExMC8GA1UEBRMoRkQ4RTA0NTg4NEIxNjY5RUJENDMwQUU1NjY3MjFE
OTc0MDRBNkNFODAeFw0yMzA0MTQwNTMzNDBaFw0zMzA0MTQwNTMzNDBaMBgxFjAU
BgNVBAMMDTY0MzhlNWI4LWU5YjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC61mJZCoqCi1a4cvXsQTapn9wQHma8YmS1ekfzsldVEVMFgil4vknR69PW
Ngo6a4jvcu25UI5GKLehKnmVspIUl830u7Ht57qjgRrzRIvnNTbL+Epr0vDH/iU/
/oabcVQ0FkWK47JUaKXWaHqgmbRZ+8aAdfnt3fHxk2eC4noFDMt2Pk0nNyTeQyNk
1Byxh5bNR75KdbSO7YM83VU9waptMSjfPgenkg9/ADbQ8Yso7xjR/VR/ORNHcZYS
JYLz6DkdSczQG6CC+Dq7UEkp54LvUTByrr9LKgCdoBhEHeRW2dzF7ssXli33Vba3
0w7F9QtlYdafIh+NQelpq2wNMkq5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUo1nq
Z4CKP954Gcloy/RivDUgmqYwHwYDVR0jBBgwFoAU/Y4EWISxZp69QwrlZnIdl0BK
bOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4QUVBMjI4L19ZNEVX
SVN4WnA2OVF3cmxabklkbDBCS2JPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL19ZNEVXSVN4WnA2OVF3cmxabklkbDBCS2JPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4
QUVBMjI4L0VCRkRFQjFDREE4NTExRURBRDhEQzhFNDJGNkQ4QzFELnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1DAwDQYJKoZIhvcNAQEL
BQADggEBABb2F3JSKl9nvFNKt2V6uCvSOP5YQFZsML/LytF+SUFxqP73mOiGX+yu
P/Tuo/brNZvTfdmw42jX4KiVwT50qYMzZdH/btV3ZnwVGrl69MBsMLctyfN7pqxW
PtVSAAlhPzj333ZR/4NUZGpOao/bc85oJPWBlKPJSq26cJE4ZZMcq9+0RAnVZws7
88tz2zx/a4Ib3zJxQzHEczyq9V4y7f04vNZdVTDQaGPhmu8e1x7npFfGa+ni2dmX
yyZ4zF+J4Z8hD6batU1Jnab7swidF8etW+Rovla4sPGLlSe97C52EkFe5D7aQyqW
WeAeNJUZyE0Zv1okFuiVeOfrdQrNA8U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:30 2024 by rpki-client on console-ams.rpki-client.org