Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/C96F4D9CC3F211ED8B3F1BD0F1222468.roa
File:                     C96F4D9CC3F211ED8B3F1BD0F1222468.roa (raw, json)
Hash identifier:          o7cW1+3HMZb5Mpe6+lzxsb3ID9BGRwC3rWFdxd+zpDk=
Subject key identifier:   81:32:55:D1:7E:D7:AD:32:BF:EC:6F:7B:9D:13:85:88:5E:36:6F:7B
Certificate issuer:       /CN=F36ED057AF/serialNumber=44BE4CE57E115E0BCB34E6B9EB0C5723AEBD2274
Certificate serial:       0587
Authority key identifier: 44:BE:4C:E5:7E:11:5E:0B:CB:34:E6:B9:EB:0C:57:23:AE:BD:22:74
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/RL5M5X4RXgvLNOa56wxXI669InQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/C96F4D9CC3F211ED8B3F1BD0F1222468.roa
Signing time:             Thu 16 Mar 2023 12:05:05 +0000
ROA not before:           Thu 16 Mar 2023 12:04:59 +0000
ROA not after:            Wed 30 Nov 2033 12:04:59 +0000
asID:                     328423
IP address blocks:        102.68.180.0/22 maxlen: 24
                          2c0f:ecb0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/RL5M5X4RXgvLNOa56wxXI669InQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/RL5M5X4RXgvLNOa56wxXI669InQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/RL5M5X4RXgvLNOa56wxXI669InQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1415 (0x587)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36ED057AF/serialNumber=44BE4CE57E115E0BCB34E6B9EB0C5723AEBD2274
        Validity
            Not Before: Mar 16 12:04:59 2023 GMT
            Not After : Nov 30 12:04:59 2033 GMT
        Subject: CN=641305f1-a524
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a1:4b:91:31:d4:80:5f:24:0a:c3:1f:a9:f9:
                    24:77:39:3b:1b:49:d8:9c:e2:7a:f8:28:4a:de:38:
                    30:d0:e2:7e:13:36:32:9a:99:19:df:bd:05:34:53:
                    0a:f2:f6:ff:22:79:6a:bc:71:a6:32:e9:ab:7a:fc:
                    73:9e:3a:2b:65:6b:3f:89:86:cf:46:16:3d:a1:5f:
                    39:99:90:4d:7a:5c:6b:c2:7c:94:92:71:08:38:6b:
                    8d:6f:58:e5:94:3e:15:27:43:e3:56:b0:be:77:fc:
                    f1:6b:df:ef:76:06:77:71:9e:e7:fa:79:f6:ad:7b:
                    8a:11:f4:a6:3d:26:42:1a:64:95:72:61:62:37:f8:
                    6c:47:92:e6:8e:58:ef:d9:79:42:27:ee:7a:ff:a2:
                    16:8d:8b:16:fa:1b:b0:56:c5:29:f4:cf:a9:86:4d:
                    63:bc:e6:84:e5:cf:01:39:7d:e4:ff:d6:19:94:c5:
                    25:18:01:2b:67:28:c4:71:00:65:e7:28:d3:e7:8c:
                    50:b2:80:9e:bb:36:43:0f:98:d9:28:03:3a:b8:7e:
                    9f:48:81:52:bd:58:e0:d8:ae:ca:1b:2f:92:67:94:
                    21:1f:aa:07:eb:b6:96:bd:3c:6a:1c:98:9a:3d:91:
                    64:41:8b:ff:94:27:b7:44:ee:6e:18:f7:c1:ba:93:
                    a6:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:32:55:D1:7E:D7:AD:32:BF:EC:6F:7B:9D:13:85:88:5E:36:6F:7B
            X509v3 Authority Key Identifier:
                keyid:44:BE:4C:E5:7E:11:5E:0B:CB:34:E6:B9:EB:0C:57:23:AE:BD:22:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/RL5M5X4RXgvLNOa56wxXI669InQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RL5M5X4RXgvLNOa56wxXI669InQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/C96F4D9CC3F211ED8B3F1BD0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.68.180.0/22
                IPv6:
                  2c0f:ecb0::/32

    Signature Algorithm: sha256WithRSAEncryption
         6e:77:e3:ff:13:40:1c:69:86:8d:16:a4:92:94:91:aa:41:00:
         e6:f2:7f:51:b2:19:35:01:47:8c:a2:95:a1:04:d9:f8:43:1e:
         67:4d:89:84:9a:a8:66:ab:c8:b9:e5:82:22:2f:5d:2a:cf:e6:
         23:2b:53:e4:2d:2b:57:f4:87:49:41:2e:15:36:97:ec:40:83:
         fe:bb:36:68:9f:4b:56:10:6c:46:92:be:b6:08:c0:7f:11:b9:
         96:d8:75:7c:08:b3:f9:71:5a:9d:51:19:70:40:be:e4:90:c7:
         d9:00:dc:4a:fd:4f:c4:e8:59:3b:94:9f:3a:11:9e:56:02:3d:
         49:07:d1:9a:c4:db:be:59:61:81:e0:d1:52:86:67:a2:e9:9e:
         c4:08:4c:8f:7b:68:b8:c7:9a:3c:bd:3f:32:9b:6c:ca:02:53:
         e5:bb:89:9b:a2:c0:f3:ed:e0:05:f0:4d:65:3f:c4:2a:1e:7c:
         b6:51:5e:17:bd:90:be:6c:1b:97:86:61:48:66:cf:10:59:14:
         89:82:03:0f:d7:bf:17:b2:3e:dd:d2:c3:2a:17:d5:b3:e8:1e:
         a4:0e:b0:c5:31:76:7f:8b:3e:a1:72:2d:d6:bf:43:56:23:e1:
         5a:cf:1b:bc:1e:2c:fc:e2:2d:eb:d2:00:9f:40:73:d4:3c:61:
         03:c0:1a:1a
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBYcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RUQwNTdBRjExMC8GA1UEBRMoNDRCRTRDRTU3RTExNUUwQkNCMzRFNkI5RUIwQzU3
MjNBRUJEMjI3NDAeFw0yMzAzMTYxMjA0NTlaFw0zMzExMzAxMjA0NTlaMBgxFjAU
BgNVBAMMDTY0MTMwNWYxLWE1MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8oUuRMdSAXyQKwx+p+SR3OTsbSdic4nr4KEreODDQ4n4TNjKamRnfvQU0
Uwry9v8ieWq8caYy6at6/HOeOitlaz+Jhs9GFj2hXzmZkE16XGvCfJSScQg4a41v
WOWUPhUnQ+NWsL53/PFr3+92Bndxnuf6efate4oR9KY9JkIaZJVyYWI3+GxHkuaO
WO/ZeUIn7nr/ohaNixb6G7BWxSn0z6mGTWO85oTlzwE5feT/1hmUxSUYAStnKMRx
AGXnKNPnjFCygJ67NkMPmNkoAzq4fp9IgVK9WODYrsobL5JnlCEfqgfrtpa9PGoc
mJo9kWRBi/+UJ7dE7m4Y98G6k6b5AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUgTJV
0X7XrTK/7G97nROFiF42b3swHwYDVR0jBBgwFoAURL5M5X4RXgvLNOa56wxXI669
InQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVEMDU3LzM0NTU4NjIwODZCRDExRTk4RDhERTgyRUY4QUVBMjI4L1JMNU01
WDRSWGd2TE5PYTU2d3hYSTY2OUluUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1JMNU01WDRSWGd2TE5PYTU2d3hYSTY2OUluUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVEMDU3LzM0NTU4NjIwODZCRDExRTk4RDhERTgyRUY4
QUVBMjI4L0M5NkY0RDlDQzNGMjExRUQ4QjNGMUJEMEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJmRLQwDQQCAAIwBwMFACwP
7LAwDQYJKoZIhvcNAQELBQADggEBAG534/8TQBxpho0WpJKUkapBAObyf1GyGTUB
R4yilaEE2fhDHmdNiYSaqGaryLnlgiIvXSrP5iMrU+QtK1f0h0lBLhU2l+xAg/67
NmifS1YQbEaSvrYIwH8RuZbYdXwIs/lxWp1RGXBAvuSQx9kA3Er9T8ToWTuUnzoR
nlYCPUkH0ZrE275ZYYHg0VKGZ6LpnsQITI97aLjHmjy9PzKbbMoCU+W7iZuiwPPt
4AXwTWU/xCoefLZRXhe9kL5sG5eGYUhmzxBZFImCAw/XvxeyPt3SwyoX1bPoHqQO
sMUxdn+LPqFyLda/Q1Yj4VrPG7weLPziLevSAJ9Ac9Q8YQPAGho=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:31 2024 by rpki-client on console-ams.rpki-client.org