Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/70135CE8563C11EE84A463324AD9E6FC.roa
File:                     70135CE8563C11EE84A463324AD9E6FC.roa (raw, json)
Hash identifier:          FAzApSbefpRaVqlqwSbC+qhl5egdnzLXqnPgFd8tD84=
Subject key identifier:   C8:86:D3:F7:BF:6A:64:A0:C3:5B:4C:49:6F:76:97:44:F4:35:5C:2B
Certificate issuer:       /CN=F36EC712AF/serialNumber=FF0328200078AC36F02D7101D034B7BE597EA158
Certificate serial:       C9
Authority key identifier: FF:03:28:20:00:78:AC:36:F0:2D:71:01:D0:34:B7:BE:59:7E:A1:58
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_wMoIAB4rDbwLXEB0DS3vll-oVg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/70135CE8563C11EE84A463324AD9E6FC.roa
Signing time:             Mon 18 Sep 2023 16:00:07 +0000
ROA not before:           Mon 18 Sep 2023 16:00:03 +0000
ROA not after:            Sun 18 Sep 2033 16:00:03 +0000
asID:                     328611
IP address blocks:        102.216.137.0/24 maxlen: 24
                          102.216.138.0/24 maxlen: 24
                          102.216.139.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/_wMoIAB4rDbwLXEB0DS3vll-oVg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/_wMoIAB4rDbwLXEB0DS3vll-oVg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_wMoIAB4rDbwLXEB0DS3vll-oVg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 201 (0xc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36EC712AF/serialNumber=FF0328200078AC36F02D7101D034B7BE597EA158
        Validity
            Not Before: Sep 18 16:00:03 2023 GMT
            Not After : Sep 18 16:00:03 2033 GMT
        Subject: CN=65087407-135a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:df:7f:79:20:3a:cc:43:19:3b:33:fc:53:6f:
                    fc:2e:2c:cf:78:20:cb:da:34:36:0f:cc:b9:19:fa:
                    49:13:9f:dd:40:8f:ed:3e:c0:92:48:d5:77:17:28:
                    07:95:21:20:16:81:7c:9a:b8:df:bf:5f:37:76:d5:
                    86:6a:66:70:d5:35:b9:5f:92:22:e7:9c:c1:41:7f:
                    b2:24:0c:4b:3b:9d:77:33:0e:c8:a2:3c:24:f2:e6:
                    c0:9b:2f:7d:ac:4f:30:d5:33:ff:d6:2c:80:30:94:
                    00:1d:aa:82:9b:d2:b7:ce:b1:8e:b7:3c:72:3c:c9:
                    b3:fc:9c:89:0e:bc:5c:aa:6f:3d:e4:28:7b:5b:ee:
                    dd:63:16:c9:b2:31:f2:52:0c:56:7e:98:1c:56:b5:
                    08:86:9e:43:9f:f3:32:ba:73:0b:06:9e:62:25:13:
                    ee:ca:9a:d4:09:20:c1:5d:d5:3b:f8:28:d1:86:82:
                    6b:61:ae:26:79:38:a9:e2:49:b7:97:35:0c:bc:09:
                    b8:31:8f:9d:1c:36:21:03:cc:34:95:85:88:41:eb:
                    d3:e6:e2:77:00:da:78:66:31:4e:7f:64:01:bd:44:
                    6b:fd:33:2c:60:b7:15:4b:d2:a2:20:f4:5e:ce:47:
                    43:d2:eb:92:eb:c7:ae:12:1c:0f:cb:84:e1:b4:27:
                    85:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:86:D3:F7:BF:6A:64:A0:C3:5B:4C:49:6F:76:97:44:F4:35:5C:2B
            X509v3 Authority Key Identifier:
                keyid:FF:03:28:20:00:78:AC:36:F0:2D:71:01:D0:34:B7:BE:59:7E:A1:58

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/_wMoIAB4rDbwLXEB0DS3vll-oVg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_wMoIAB4rDbwLXEB0DS3vll-oVg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/70135CE8563C11EE84A463324AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.216.137.0-102.216.139.255

    Signature Algorithm: sha256WithRSAEncryption
         58:b4:fb:45:31:8d:c0:0e:78:e2:a4:81:95:34:22:a6:c4:e2:
         b9:d1:fa:09:09:bd:0c:8b:a1:14:ac:2c:db:02:ea:66:f4:92:
         c0:c4:4a:fe:da:b0:05:20:c1:f6:41:bd:9e:a9:a0:89:90:f6:
         54:cb:31:83:f2:21:30:f6:c2:b4:1e:d5:ff:3b:9e:e6:45:24:
         4e:d3:4e:59:19:c0:fe:b3:78:13:4e:dc:1c:28:ff:24:11:c3:
         5f:8b:a3:b5:4b:a2:76:38:87:36:b8:70:ce:6e:ff:e1:ff:01:
         3e:38:6d:0b:60:c9:a4:60:91:8c:15:57:c2:60:b5:6f:fe:7f:
         7b:49:81:36:68:ed:9c:34:66:fb:b3:80:e6:2b:d8:d8:1f:00:
         98:0d:89:b9:b2:b8:85:93:4a:2e:2c:29:ab:9c:09:ec:9b:df:
         f6:90:3a:d2:6a:d4:53:35:86:93:e8:39:85:7d:80:c3:fc:fd:
         74:8d:36:80:01:69:80:1c:8a:fb:bc:72:eb:e7:59:bf:89:e5:
         df:57:4d:5b:08:f7:30:53:ed:8b:d2:6f:0c:fc:fa:7f:a1:28:
         92:d3:e6:cf:df:79:20:f6:ed:d5:5e:8e:98:94:85:1e:cd:96:
         a4:53:30:7b:43:a2:83:6e:20:ad:3d:8e:4f:8e:87:9e:65:73:
         c0:ad:95:b1
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RUM3MTJBRjExMC8GA1UEBRMoRkYwMzI4MjAwMDc4QUMzNkYwMkQ3MTAxRDAzNEI3
QkU1OTdFQTE1ODAeFw0yMzA5MTgxNjAwMDNaFw0zMzA5MTgxNjAwMDNaMBgxFjAU
BgNVBAMTDTY1MDg3NDA3LTEzNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDM3395IDrMQxk7M/xTb/wuLM94IMvaNDYPzLkZ+kkTn91Aj+0+wJJI1XcX
KAeVISAWgXyauN+/Xzd21YZqZnDVNblfkiLnnMFBf7IkDEs7nXczDsiiPCTy5sCb
L32sTzDVM//WLIAwlAAdqoKb0rfOsY63PHI8ybP8nIkOvFyqbz3kKHtb7t1jFsmy
MfJSDFZ+mBxWtQiGnkOf8zK6cwsGnmIlE+7KmtQJIMFd1Tv4KNGGgmthriZ5OKni
SbeXNQy8Cbgxj50cNiEDzDSVhYhB69Pm4ncA2nhmMU5/ZAG9RGv9MyxgtxVL0qIg
9F7OR0PS65Lrx64SHA/LhOG0J4UpAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUyIbT
979qZKDDW0xJb3aXRPQ1XCswHwYDVR0jBBgwFoAU/wMoIAB4rDbwLXEB0DS3vll+
oVgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVDNzEyLzY2NTc5NzA2QkY2RTExRUQ5MzNDRTQ4MkYxMjIyNDY4L193TW9J
QUI0ckRid0xYRUIwRFMzdmxsLW9WZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL193TW9JQUI0ckRid0xYRUIwRFMzdmxsLW9WZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVDNzEyLzY2NTc5NzA2QkY2RTExRUQ5MzNDRTQ4MkYx
MjIyNDY4LzcwMTM1Q0U4NTYzQzExRUU4NEE0NjMzMjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEAGbYiQMEAmbYiDANBgkq
hkiG9w0BAQsFAAOCAQEAWLT7RTGNwA544qSBlTQipsTiudH6CQm9DIuhFKws2wLq
ZvSSwMRK/tqwBSDB9kG9nqmgiZD2VMsxg/IhMPbCtB7V/zue5kUkTtNOWRnA/rN4
E07cHCj/JBHDX4ujtUuidjiHNrhwzm7/4f8BPjhtC2DJpGCRjBVXwmC1b/5/e0mB
NmjtnDRm+7OA5ivY2B8AmA2JubK4hZNKLiwpq5wJ7Jvf9pA60mrUUzWGk+g5hX2A
w/z9dI02gAFpgByK+7xy6+dZv4nl31dNWwj3MFPti9JvDPz6f6EoktPmz995IPbt
1V6OmJSFHs2WpFMwe0Oig24grT2OT46HnmVzwK2VsQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 04:18:07 2024 by rpki-client on console-ams.rpki-client.org