Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E8936/7CC16FAE90EC11EDB3D1D3F7F1222468/DFF1E77490ED11ED942A0B7DF1222468.roa
File:                     DFF1E77490ED11ED942A0B7DF1222468.roa (raw, json)
Hash identifier:          9WA9paanDgVyhx1/5/CO95xKP5kF7OW8npO/gngIuxQ=
Subject key identifier:   8F:DE:7D:22:CB:33:9E:10:4C:AB:8A:D4:DD:7C:D4:74:31:87:D6:78
Certificate issuer:       /CN=F36E8936AF/serialNumber=3D2AF3534465E3FAECA95BBD231F723C8A06F5D1
Certificate serial:       02
Authority key identifier: 3D:2A:F3:53:44:65:E3:FA:EC:A9:5B:BD:23:1F:72:3C:8A:06:F5:D1
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PSrzU0Rl4_rsqVu9Ix9yPIoG9dE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E8936/7CC16FAE90EC11EDB3D1D3F7F1222468/DFF1E77490ED11ED942A0B7DF1222468.roa
Signing time:             Tue 10 Jan 2023 13:51:26 +0000
ROA not before:           Tue 10 Jan 2023 13:51:15 +0000
ROA not after:            Sun 09 Jan 2033 13:51:15 +0000
asID:                     328216
IP address blocks:        102.141.96.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E8936/7CC16FAE90EC11EDB3D1D3F7F1222468/PSrzU0Rl4_rsqVu9Ix9yPIoG9dE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E8936/7CC16FAE90EC11EDB3D1D3F7F1222468/PSrzU0Rl4_rsqVu9Ix9yPIoG9dE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PSrzU0Rl4_rsqVu9Ix9yPIoG9dE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E8936AF/serialNumber=3D2AF3534465E3FAECA95BBD231F723C8A06F5D1
        Validity
            Not Before: Jan 10 13:51:15 2023 GMT
            Not After : Jan  9 13:51:15 2033 GMT
        Subject: CN=63bd6d5e-3f66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ec:70:14:06:66:bf:63:d7:7b:3c:35:fd:c8:
                    31:a3:83:0d:8b:86:67:30:e4:f6:95:26:7c:d6:6f:
                    e0:ca:ea:5d:93:59:36:57:36:c3:73:7f:24:9a:b3:
                    8b:e0:2d:6d:c0:98:85:40:8b:9a:a2:82:c4:dd:8b:
                    84:23:5e:b1:ec:a1:39:a0:20:5e:e7:ce:14:69:33:
                    22:de:af:d4:67:1a:d4:e8:4c:a0:5a:b8:07:4c:07:
                    64:34:a7:6a:56:e8:76:74:8c:b4:94:26:76:5b:51:
                    cb:fb:d1:46:66:97:7b:fc:c1:ef:6c:b4:bb:e2:da:
                    96:0d:4e:3f:32:49:49:b4:66:b5:a9:47:60:d1:4e:
                    be:8a:be:e8:10:cf:27:b0:f5:01:ca:45:76:84:a5:
                    c8:f5:43:79:cf:12:2f:a9:5f:4b:bf:b3:1e:8e:47:
                    f0:2a:ea:15:ac:4e:cf:39:b4:38:fd:81:6f:b9:a6:
                    7a:e0:43:c4:65:e0:94:fb:ee:fb:60:4e:40:ce:09:
                    45:ee:0b:35:03:a4:e3:40:21:3f:a0:c0:7b:a6:2a:
                    b3:fd:62:aa:5c:fa:0e:1c:43:b0:b4:3d:06:63:b5:
                    25:de:82:ac:ec:59:e4:74:8a:64:2e:97:1b:f8:41:
                    e3:4e:71:99:8a:60:aa:ba:24:6f:78:4a:16:23:54:
                    6b:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:DE:7D:22:CB:33:9E:10:4C:AB:8A:D4:DD:7C:D4:74:31:87:D6:78
            X509v3 Authority Key Identifier:
                keyid:3D:2A:F3:53:44:65:E3:FA:EC:A9:5B:BD:23:1F:72:3C:8A:06:F5:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E8936/7CC16FAE90EC11EDB3D1D3F7F1222468/PSrzU0Rl4_rsqVu9Ix9yPIoG9dE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PSrzU0Rl4_rsqVu9Ix9yPIoG9dE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E8936/7CC16FAE90EC11EDB3D1D3F7F1222468/DFF1E77490ED11ED942A0B7DF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.141.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         9b:f9:1a:0b:95:1a:b4:75:38:f1:c7:b3:2c:9b:e1:6e:b9:32:
         3f:ad:44:47:65:91:08:95:4e:b9:2e:62:46:1b:23:58:ec:78:
         69:1c:ed:94:c0:bb:01:18:66:4c:7a:65:62:69:13:03:4a:01:
         bf:fe:ac:94:9d:b9:96:74:61:91:99:25:78:1f:4c:fe:68:a3:
         a4:b4:11:ab:fa:a2:c4:72:7a:6b:3a:41:d2:7b:e2:3c:b3:35:
         ca:2a:2b:4b:78:7d:03:eb:da:8f:d9:f2:42:03:73:3e:92:12:
         d1:c7:ea:15:b6:ed:fb:84:15:d7:b5:67:ff:00:39:d7:f1:60:
         17:60:99:66:3e:f3:57:10:46:37:ba:34:05:a7:e7:5f:d7:5b:
         9d:a1:7c:f1:9d:15:23:b6:91:91:b0:05:9d:8f:f3:3d:8d:2d:
         70:a6:3b:2b:cb:b8:0b:e3:c7:55:91:08:83:09:5e:98:be:59:
         41:b8:18:bf:a5:6f:69:b8:51:64:53:39:7e:5b:de:c0:da:84:
         bc:d3:de:56:a9:e6:94:86:f9:41:32:c6:b8:07:ad:74:3a:f2:
         39:7e:a6:b5:99:85:ae:4e:2a:9c:62:c4:fe:b9:74:54:57:1b:
         6b:29:b8:77:40:db:d4:e3:2d:83:43:83:90:c0:4e:95:b2:93:
         4b:f0:44:12
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZF
ODkzNkFGMTEwLwYDVQQFEygzRDJBRjM1MzQ0NjVFM0ZBRUNBOTVCQkQyMzFGNzIz
QzhBMDZGNUQxMB4XDTIzMDExMDEzNTExNVoXDTMzMDEwOTEzNTExNVowGDEWMBQG
A1UEAwwNNjNiZDZkNWUtM2Y2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnscBQGZr9j13s8Nf3IMaODDYuGZzDk9pUmfNZv4MrqXZNZNlc2w3N/JJqz
i+AtbcCYhUCLmqKCxN2LhCNeseyhOaAgXufOFGkzIt6v1Gca1OhMoFq4B0wHZDSn
albodnSMtJQmdltRy/vRRmaXe/zB72y0u+Lalg1OPzJJSbRmtalHYNFOvoq+6BDP
J7D1AcpFdoSlyPVDec8SL6lfS7+zHo5H8CrqFaxOzzm0OP2Bb7mmeuBDxGXglPvu
+2BOQM4JRe4LNQOk40AhP6DAe6Yqs/1iqlz6DhxDsLQ9BmO1Jd6CrOxZ5HSKZC6X
G/hB405xmYpgqrokb3hKFiNUaxsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSP3n0i
yzOeEEyritTdfNR0MYfWeDAfBgNVHSMEGDAWgBQ9KvNTRGXj+uypW70jH3I8igb1
0TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTg5MzYvN0NDMTZGQUU5MEVDMTFFREIzRDFEM0Y3RjEyMjI0NjgvUFNyelUw
Umw0X3JzcVZ1OUl4OXlQSW9HOWRFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFNyelUwUmw0X3JzcVZ1OUl4OXlQSW9HOWRFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTg5MzYvN0NDMTZGQUU5MEVDMTFFREIzRDFEM0Y3RjEy
MjI0NjgvREZGMUU3NzQ5MEVEMTFFRDk0MkEwQjdERjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGaNYDANBgkqhkiG9w0BAQsF
AAOCAQEAm/kaC5UatHU48cezLJvhbrkyP61ER2WRCJVOuS5iRhsjWOx4aRztlMC7
ARhmTHplYmkTA0oBv/6slJ25lnRhkZkleB9M/mijpLQRq/qixHJ6azpB0nviPLM1
yiorS3h9A+vaj9nyQgNzPpIS0cfqFbbt+4QV17Vn/wA51/FgF2CZZj7zVxBGN7o0
BafnX9dbnaF88Z0VI7aRkbAFnY/zPY0tcKY7K8u4C+PHVZEIgwlemL5ZQbgYv6Vv
abhRZFM5flvewNqEvNPeVqnmlIb5QTLGuAetdDryOX6mtZmFrk4qnGLE/rl0VFcb
aym4d0Db1OMtg0ODkMBOlbKTS/BEEg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:31 2024 by rpki-client on console-ams.rpki-client.org