Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E94D7/42D42708D28511EC92ED97AFF1222468/B1A16132D28A11EC8F270DC0F1222468.roa
File:                     B1A16132D28A11EC8F270DC0F1222468.roa (raw, json)
Hash identifier:          4TQRBmeOxAbF3KLeP0SF+V9s9RzwKR9Ie0C7o3vk0Oo=
Subject key identifier:   43:34:C4:10:C9:03:06:19:D6:B2:F7:5A:91:17:EC:E6:AD:3F:95:92
Certificate issuer:       /CN=F36E94D7AF/serialNumber=6F80C0A1907680D97900DF451CD554D7FADBCC66
Certificate serial:       04
Authority key identifier: 6F:80:C0:A1:90:76:80:D9:79:00:DF:45:1C:D5:54:D7:FA:DB:CC:66
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/b4DAoZB2gNl5AN9FHNVU1_rbzGY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E94D7/42D42708D28511EC92ED97AFF1222468/B1A16132D28A11EC8F270DC0F1222468.roa
Signing time:             Fri 13 May 2022 07:02:47 +0000
ROA not before:           Fri 13 May 2022 07:02:43 +0000
ROA not after:            Thu 13 May 2032 07:02:43 +0000
asID:                     328510
IP address blocks:        102.217.176.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E94D7/42D42708D28511EC92ED97AFF1222468/b4DAoZB2gNl5AN9FHNVU1_rbzGY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E94D7/42D42708D28511EC92ED97AFF1222468/b4DAoZB2gNl5AN9FHNVU1_rbzGY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/b4DAoZB2gNl5AN9FHNVU1_rbzGY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E94D7AF/serialNumber=6F80C0A1907680D97900DF451CD554D7FADBCC66
        Validity
            Not Before: May 13 07:02:43 2022 GMT
            Not After : May 13 07:02:43 2032 GMT
        Subject: CN=627e0297-43c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:bc:ca:00:b3:c0:e1:2d:e5:3e:3b:ff:15:39:
                    3f:49:c0:50:d7:01:4e:51:37:bc:3e:50:66:ca:bd:
                    5d:95:7d:6b:35:5b:a1:5d:ca:61:65:71:a1:c8:92:
                    4c:77:69:ba:33:5c:cc:43:e1:f5:07:ac:8a:65:f0:
                    d5:a5:a4:86:9c:dd:c5:55:41:c7:74:40:e6:47:fd:
                    de:d7:e5:5f:12:4e:cd:a1:90:d2:9b:ee:1d:b3:40:
                    f8:83:52:af:94:1b:8f:76:16:23:54:49:9a:8d:ed:
                    03:a3:40:99:08:3b:17:31:24:3c:34:2a:a3:1e:ac:
                    38:22:a3:1c:1d:a1:88:8a:69:a7:29:ed:9b:1b:bc:
                    04:31:88:7e:fa:89:17:5e:42:8a:45:41:24:35:88:
                    89:3c:aa:25:2a:1e:fc:b3:0f:0c:47:78:49:f7:54:
                    48:8e:30:f4:4f:2d:80:86:4c:7c:d5:7a:7b:2e:2a:
                    bf:e6:7f:e0:40:44:09:01:14:1d:44:38:86:8b:93:
                    a3:a0:d8:f8:fa:5e:d3:d6:12:03:f6:31:5a:34:61:
                    70:75:30:fb:48:b1:2f:49:27:7c:6d:de:79:d3:12:
                    18:3b:d3:ac:52:28:59:c1:56:e5:64:b0:c1:1b:93:
                    11:f2:66:9b:b7:50:38:09:db:86:21:4f:b0:f3:fc:
                    28:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:34:C4:10:C9:03:06:19:D6:B2:F7:5A:91:17:EC:E6:AD:3F:95:92
            X509v3 Authority Key Identifier:
                keyid:6F:80:C0:A1:90:76:80:D9:79:00:DF:45:1C:D5:54:D7:FA:DB:CC:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E94D7/42D42708D28511EC92ED97AFF1222468/b4DAoZB2gNl5AN9FHNVU1_rbzGY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/b4DAoZB2gNl5AN9FHNVU1_rbzGY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E94D7/42D42708D28511EC92ED97AFF1222468/B1A16132D28A11EC8F270DC0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         96:7f:d5:cd:4a:e0:18:b6:5b:33:28:b1:53:1a:cd:67:e3:60:
         b3:d9:a9:65:ef:26:a7:3f:7b:88:d2:40:c1:5d:50:22:f5:28:
         c1:da:a4:06:44:c6:0a:16:42:37:5e:8f:a4:94:b8:92:7f:b7:
         aa:8f:c9:ca:b8:77:2d:90:15:88:ac:40:d3:b3:e7:a0:df:3e:
         c8:7c:8b:d4:c3:2c:b3:db:f2:b8:ad:45:0e:20:4c:ef:9d:ce:
         44:7b:6f:f6:f9:67:8e:96:c5:d0:5b:10:2c:6e:db:46:13:37:
         ce:d3:d4:87:eb:c0:0a:8d:96:c7:f6:ea:e2:e2:8a:1a:aa:c6:
         d5:c5:e4:59:24:60:87:30:b2:2a:b9:81:41:90:e1:32:dc:b6:
         78:64:17:d1:79:f1:f8:bc:5c:14:4c:84:a0:88:68:5d:0f:11:
         97:fb:75:57:a1:f9:d0:f3:8a:3a:c5:78:79:a4:6e:3c:d0:32:
         13:33:53:c4:8b:b8:1b:7f:56:32:b5:90:65:c2:41:7a:0b:f1:
         a5:36:90:5d:71:f7:76:7f:dc:ce:f9:92:32:f8:50:52:63:38:
         7c:6d:2d:ab:1d:34:59:46:1c:a5:52:9c:fc:a7:33:a7:17:67:
         8c:19:0d:8a:9d:cb:96:3c:d6:1b:82:6c:ea:cd:3f:84:bc:e8:
         87:0d:a7:58
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZF
OTREN0FGMTEwLwYDVQQFEyg2RjgwQzBBMTkwNzY4MEQ5NzkwMERGNDUxQ0Q1NTRE
N0ZBREJDQzY2MB4XDTIyMDUxMzA3MDI0M1oXDTMyMDUxMzA3MDI0M1owGDEWMBQG
A1UEAwwNNjI3ZTAyOTctNDNjNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALi8ygCzwOEt5T47/xU5P0nAUNcBTlE3vD5QZsq9XZV9azVboV3KYWVxociS
THdpujNczEPh9QesimXw1aWkhpzdxVVBx3RA5kf93tflXxJOzaGQ0pvuHbNA+INS
r5Qbj3YWI1RJmo3tA6NAmQg7FzEkPDQqox6sOCKjHB2hiIpppyntmxu8BDGIfvqJ
F15CikVBJDWIiTyqJSoe/LMPDEd4SfdUSI4w9E8tgIZMfNV6ey4qv+Z/4EBECQEU
HUQ4houTo6DY+Ppe09YSA/YxWjRhcHUw+0ixL0knfG3eedMSGDvTrFIoWcFW5WSw
wRuTEfJmm7dQOAnbhiFPsPP8KHUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRDNMQQ
yQMGGday91qRF+zmrT+VkjAfBgNVHSMEGDAWgBRvgMChkHaA2XkA30Uc1VTX+tvM
ZjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTk0RDcvNDJENDI3MDhEMjg1MTFFQzkyRUQ5N0FGRjEyMjI0NjgvYjREQW9a
QjJnTmw1QU45RkhOVlUxX3JiekdZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvYjREQW9aQjJnTmw1QU45RkhOVlUxX3JiekdZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTk0RDcvNDJENDI3MDhEMjg1MTFFQzkyRUQ5N0FGRjEy
MjI0NjgvQjFBMTYxMzJEMjhBMTFFQzhGMjcwREMwRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbZsDANBgkqhkiG9w0BAQsF
AAOCAQEAln/VzUrgGLZbMyixUxrNZ+Ngs9mpZe8mpz97iNJAwV1QIvUowdqkBkTG
ChZCN16PpJS4kn+3qo/Jyrh3LZAViKxA07PnoN8+yHyL1MMss9vyuK1FDiBM753O
RHtv9vlnjpbF0FsQLG7bRhM3ztPUh+vACo2Wx/bq4uKKGqrG1cXkWSRghzCyKrmB
QZDhMty2eGQX0Xnx+LxcFEyEoIhoXQ8Rl/t1V6H50POKOsV4eaRuPNAyEzNTxIu4
G39WMrWQZcJBegvxpTaQXXH3dn/czvmSMvhQUmM4fG0tqx00WUYcpVKc/Kczpxdn
jBkNip3LljzWG4Js6s0/hLzohw2nWA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org