Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/A1A5CE94563C11EE88D6F1324AD9E6FC.roa
File:                     A1A5CE94563C11EE88D6F1324AD9E6FC.roa (raw, json)
Hash identifier:          saKiwJ8KKnppgVVbmjEBrSXoNu9lhnFM5zhR+5yMxKU=
Subject key identifier:   DB:13:E8:31:70:39:1C:EC:D0:24:FE:F3:3A:65:68:19:B5:7B:D9:83
Certificate issuer:       /CN=F36EC712AF/serialNumber=FF0328200078AC36F02D7101D034B7BE597EA158
Certificate serial:       CB
Authority key identifier: FF:03:28:20:00:78:AC:36:F0:2D:71:01:D0:34:B7:BE:59:7E:A1:58
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_wMoIAB4rDbwLXEB0DS3vll-oVg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/A1A5CE94563C11EE88D6F1324AD9E6FC.roa
Signing time:             Mon 18 Sep 2023 16:01:31 +0000
ROA not before:           Mon 18 Sep 2023 16:01:27 +0000
ROA not after:            Sun 18 Sep 2033 16:01:27 +0000
asID:                     329160
IP address blocks:        102.216.136.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/_wMoIAB4rDbwLXEB0DS3vll-oVg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/_wMoIAB4rDbwLXEB0DS3vll-oVg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_wMoIAB4rDbwLXEB0DS3vll-oVg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 203 (0xcb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36EC712AF/serialNumber=FF0328200078AC36F02D7101D034B7BE597EA158
        Validity
            Not Before: Sep 18 16:01:27 2023 GMT
            Not After : Sep 18 16:01:27 2033 GMT
        Subject: CN=6508745a-c72d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:90:e5:a5:3b:ca:cb:b8:d0:d3:65:16:93:9f:
                    45:3f:66:7d:dd:d5:f4:3d:91:26:eb:80:51:0c:76:
                    f5:4f:7f:df:4a:70:56:da:d1:ea:52:42:43:57:41:
                    48:d4:41:cb:65:05:55:55:72:12:dc:69:35:97:68:
                    99:50:ed:2d:8c:e4:58:db:bc:1d:c2:ee:db:86:13:
                    fa:5e:10:50:50:2b:c4:5d:03:53:a8:0b:24:f9:a6:
                    d3:a6:68:e1:34:2e:c0:6c:18:f0:8c:e1:19:f3:5e:
                    73:fe:ec:56:73:77:2f:f6:3c:a7:14:d0:90:18:a2:
                    9e:36:e7:75:6b:1d:2a:ea:4d:d7:e0:bc:0e:2c:f9:
                    68:56:4d:35:06:37:40:6b:37:64:13:c9:8b:fd:52:
                    23:ab:cd:76:24:aa:6c:f6:e0:df:f5:6d:1d:72:86:
                    f2:27:64:94:e8:28:53:f6:ac:e2:d8:0d:59:8c:a2:
                    b7:ae:48:98:ea:39:52:ad:6d:53:65:17:87:eb:56:
                    52:0c:f8:75:80:43:dd:45:ae:19:44:48:54:52:30:
                    07:4a:d1:37:9f:9d:d3:72:81:62:1a:c3:be:d6:5c:
                    d4:38:f7:66:4f:32:b5:65:cd:7b:00:b5:24:67:41:
                    9e:c2:7c:aa:b4:fb:72:aa:cd:7f:30:40:02:58:c0:
                    04:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:13:E8:31:70:39:1C:EC:D0:24:FE:F3:3A:65:68:19:B5:7B:D9:83
            X509v3 Authority Key Identifier:
                keyid:FF:03:28:20:00:78:AC:36:F0:2D:71:01:D0:34:B7:BE:59:7E:A1:58

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/_wMoIAB4rDbwLXEB0DS3vll-oVg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_wMoIAB4rDbwLXEB0DS3vll-oVg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EC712/66579706BF6E11ED933CE482F1222468/A1A5CE94563C11EE88D6F1324AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.216.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:bb:2b:0d:5e:ff:8d:67:c3:a2:a5:69:c3:d8:59:3b:e9:b4:
         1c:a9:e5:a7:74:a2:49:46:96:a3:f2:63:c3:5d:13:f1:8a:b1:
         31:42:f5:b5:3b:ee:26:47:87:93:a6:96:e9:cb:f8:97:5c:72:
         14:ae:11:9b:eb:dd:a1:95:6a:da:eb:3d:b7:63:9f:08:dd:93:
         79:3f:d2:a6:9f:0c:a5:2a:a4:86:a3:e6:fa:13:85:55:c6:dd:
         97:c8:bc:fd:ba:1c:b0:d7:66:73:d3:02:9d:69:e3:a6:66:b2:
         ff:3d:02:5c:36:47:43:47:67:30:d9:65:e8:95:1d:1f:45:53:
         b3:43:16:fd:6d:52:e3:94:38:f9:e9:94:bf:ca:10:1f:b0:e0:
         26:90:a5:c0:d0:f5:b3:0e:a0:1f:5e:59:95:fa:46:fc:db:6c:
         1b:8b:45:f8:6a:80:f2:fa:15:e8:0f:ac:5c:8a:83:28:ee:db:
         14:2a:55:b8:ee:e9:cf:22:f1:86:2c:79:c8:be:06:02:ea:76:
         df:d2:9c:06:86:0f:66:3f:d6:a0:8b:c7:4e:b7:b4:4d:8a:f2:
         c2:df:35:17:e6:48:6b:dc:bd:c0:11:c4:af:e0:51:24:21:f2:
         0a:cb:2b:c5:21:ad:63:43:d5:8d:44:93:39:5e:43:a1:a1:a3:
         5d:0f:38:c3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAMswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RUM3MTJBRjExMC8GA1UEBRMoRkYwMzI4MjAwMDc4QUMzNkYwMkQ3MTAxRDAzNEI3
QkU1OTdFQTE1ODAeFw0yMzA5MTgxNjAxMjdaFw0zMzA5MTgxNjAxMjdaMBgxFjAU
BgNVBAMTDTY1MDg3NDVhLWM3MmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5kOWlO8rLuNDTZRaTn0U/Zn3d1fQ9kSbrgFEMdvVPf99KcFba0epSQkNX
QUjUQctlBVVVchLcaTWXaJlQ7S2M5FjbvB3C7tuGE/peEFBQK8RdA1OoCyT5ptOm
aOE0LsBsGPCM4RnzXnP+7FZzdy/2PKcU0JAYop4253VrHSrqTdfgvA4s+WhWTTUG
N0BrN2QTyYv9UiOrzXYkqmz24N/1bR1yhvInZJToKFP2rOLYDVmMoreuSJjqOVKt
bVNlF4frVlIM+HWAQ91FrhlESFRSMAdK0TefndNygWIaw77WXNQ492ZPMrVlzXsA
tSRnQZ7CfKq0+3KqzX8wQAJYwATpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2xPo
MXA5HOzQJP7zOmVoGbV72YMwHwYDVR0jBBgwFoAU/wMoIAB4rDbwLXEB0DS3vll+
oVgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVDNzEyLzY2NTc5NzA2QkY2RTExRUQ5MzNDRTQ4MkYxMjIyNDY4L193TW9J
QUI0ckRid0xYRUIwRFMzdmxsLW9WZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL193TW9JQUI0ckRid0xYRUIwRFMzdmxsLW9WZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVDNzEyLzY2NTc5NzA2QkY2RTExRUQ5MzNDRTQ4MkYx
MjIyNDY4L0ExQTVDRTk0NTYzQzExRUU4OEQ2RjEzMjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm2IgwDQYJKoZIhvcNAQEL
BQADggEBAIy7Kw1e/41nw6KlacPYWTvptByp5ad0oklGlqPyY8NdE/GKsTFC9bU7
7iZHh5OmlunL+JdcchSuEZvr3aGVatrrPbdjnwjdk3k/0qafDKUqpIaj5voThVXG
3ZfIvP26HLDXZnPTAp1p46Zmsv89Alw2R0NHZzDZZeiVHR9FU7NDFv1tUuOUOPnp
lL/KEB+w4CaQpcDQ9bMOoB9eWZX6RvzbbBuLRfhqgPL6FegPrFyKgyju2xQqVbju
6c8i8YYseci+BgLqdt/SnAaGD2Y/1qCLx063tE2K8sLfNRfmSGvcvcARxK/gUSQh
8grLK8UhrWND1Y1EkzleQ6Gho10POMM=
-----END CERTIFICATE-----
Generated at Sat Jun 15 03:05:55 2024 by rpki-client on console-fra.rpki-client.org