Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/AC37AA5E548311EE8AD04F384AD9E6FC.roa
File:                     AC37AA5E548311EE8AD04F384AD9E6FC.roa (raw, json)
Hash identifier:          gb0i7J3iBZcItd28/LaTSsogIfZ7oZGJSPN8MJDY/Uo=
Subject key identifier:   C3:9D:2C:36:51:AA:D3:CB:3E:35:AE:4D:02:50:BF:88:53:1B:1D:27
Certificate issuer:       /CN=F36EF186AF/serialNumber=F377D4D428F9465B15449C6AFD4532C422446964
Certificate serial:       06
Authority key identifier: F3:77:D4:D4:28:F9:46:5B:15:44:9C:6A:FD:45:32:C4:22:44:69:64
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/AC37AA5E548311EE8AD04F384AD9E6FC.roa
Signing time:             Sat 16 Sep 2023 11:25:00 +0000
ROA not before:           Sat 16 Sep 2023 11:24:57 +0000
ROA not after:            Fri 16 Sep 2033 11:24:57 +0000
asID:                     328611
IP address blocks:        102.211.4.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36EF186AF/serialNumber=F377D4D428F9465B15449C6AFD4532C422446964
        Validity
            Not Before: Sep 16 11:24:57 2023 GMT
            Not After : Sep 16 11:24:57 2033 GMT
        Subject: CN=6505908c-ed04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:21:d2:31:c0:89:d0:f5:33:67:ae:f1:23:d8:
                    59:d6:96:f2:d8:bf:2c:91:82:55:f3:a9:67:9a:69:
                    66:09:bc:48:f9:d9:a5:a0:1e:9d:c9:2c:45:93:cc:
                    2a:52:df:02:0b:b6:4d:21:44:93:3c:f5:67:f6:f9:
                    2d:44:d1:0a:1a:8e:a9:fc:bc:69:cf:05:03:d0:a3:
                    d4:76:2c:23:67:7a:fe:90:14:a4:ff:1c:47:9c:80:
                    fd:e1:63:09:e3:bb:a6:09:d5:99:7f:05:78:f4:22:
                    79:ac:24:c0:46:aa:9c:56:7d:7a:74:24:21:1e:3b:
                    e3:53:04:49:52:c6:b0:50:29:fb:1e:16:a4:2b:4a:
                    83:4d:91:f5:16:b2:28:7e:40:4c:f8:0f:ad:eb:09:
                    53:90:11:b6:35:7c:1c:af:ee:46:a0:ea:07:75:0a:
                    cc:43:4a:b0:9a:6a:78:87:a3:69:c6:30:72:21:9b:
                    39:6f:a0:08:6d:50:c6:33:3c:2b:97:ca:5e:7b:3c:
                    e2:99:7a:0e:94:ef:ad:b3:3d:79:35:84:c4:3f:1a:
                    ed:30:99:a8:5a:71:47:0f:c8:d5:51:71:78:fe:96:
                    b7:fc:b5:27:7a:2b:65:05:b9:b4:95:6a:e9:bc:6d:
                    ac:ef:a5:ea:5a:85:e3:f3:3f:f9:c1:23:52:85:6e:
                    82:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:9D:2C:36:51:AA:D3:CB:3E:35:AE:4D:02:50:BF:88:53:1B:1D:27
            X509v3 Authority Key Identifier:
                keyid:F3:77:D4:D4:28:F9:46:5B:15:44:9C:6A:FD:45:32:C4:22:44:69:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/83fU1Cj5RlsVRJxq_UUyxCJEaWQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF186/095B7A2A548011EE8C8F332D4AD9E6FC/AC37AA5E548311EE8AD04F384AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.211.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         05:dd:f1:28:7c:ef:0b:10:e5:5f:22:87:54:75:25:b9:af:06:
         ec:35:63:cd:3a:d4:b7:a6:52:37:1d:23:f9:6e:54:de:23:c0:
         82:15:f3:a5:6e:04:1a:e5:00:4d:ee:42:d2:ba:28:bb:72:7f:
         e3:c0:b9:eb:10:c1:1b:a4:78:f7:28:c5:9d:58:2e:a2:36:e5:
         7f:6a:7b:60:5c:34:27:d1:f6:6a:c5:e6:21:87:81:bd:ec:46:
         a9:31:33:f2:07:68:df:62:fe:d0:b5:fa:38:d9:09:6b:3a:0e:
         a7:82:aa:d4:dd:0c:08:28:41:3c:56:6e:c8:dc:00:73:a0:29:
         8a:e7:3c:b8:f7:e7:21:d8:49:3e:e9:3e:4f:74:4d:49:f6:e2:
         b8:d0:e4:a2:08:12:8c:5c:04:ca:19:c8:53:16:bf:5b:f3:cc:
         a6:f4:83:a1:20:14:f4:39:ca:3a:1f:9e:59:e5:16:4f:c1:97:
         e0:e7:a8:28:a5:3e:68:46:a8:d6:bd:da:5f:44:22:53:2b:b5:
         1e:50:71:d8:d1:0f:bd:bf:b4:f8:c5:50:57:f1:58:75:27:bb:
         a5:16:00:b8:c8:1f:10:b7:04:c6:9f:1e:ae:6e:14:5e:b3:b1:
         e1:57:37:0c:31:81:c8:f6:99:ef:d0:88:14:11:30:4c:52:43:
         84:54:12:db
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
RjE4NkFGMTEwLwYDVQQFEyhGMzc3RDRENDI4Rjk0NjVCMTU0NDlDNkFGRDQ1MzJD
NDIyNDQ2OTY0MB4XDTIzMDkxNjExMjQ1N1oXDTMzMDkxNjExMjQ1N1owGDEWMBQG
A1UEAxMNNjUwNTkwOGMtZWQwNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgh0jHAidD1M2eu8SPYWdaW8ti/LJGCVfOpZ5ppZgm8SPnZpaAencksRZPM
KlLfAgu2TSFEkzz1Z/b5LUTRChqOqfy8ac8FA9Cj1HYsI2d6/pAUpP8cR5yA/eFj
CeO7pgnVmX8FePQieawkwEaqnFZ9enQkIR4741MESVLGsFAp+x4WpCtKg02R9Ray
KH5ATPgPresJU5ARtjV8HK/uRqDqB3UKzENKsJpqeIejacYwciGbOW+gCG1QxjM8
K5fKXns84pl6DpTvrbM9eTWExD8a7TCZqFpxRw/I1VFxeP6Wt/y1J3orZQW5tJVq
6bxtrO+l6lqF4/M/+cEjUoVugm0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTDnSw2
UarTyz41rk0CUL+IUxsdJzAfBgNVHSMEGDAWgBTzd9TUKPlGWxVEnGr9RTLEIkRp
ZDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUYxODYvMDk1QjdBMkE1NDgwMTFFRThDOEYzMzJENEFEOUU2RkMvODNmVTFD
ajVSbHNWUkp4cV9VVXl4Q0pFYVdRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvODNmVTFDajVSbHNWUkp4cV9VVXl4Q0pFYVdRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RUYxODYvMDk1QjdBMkE1NDgwMTFFRThDOEYzMzJENEFE
OUU2RkMvQUMzN0FBNUU1NDgzMTFFRThBRDA0RjM4NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbTBDANBgkqhkiG9w0BAQsF
AAOCAQEABd3xKHzvCxDlXyKHVHUlua8G7DVjzTrUt6ZSNx0j+W5U3iPAghXzpW4E
GuUATe5C0roou3J/48C56xDBG6R49yjFnVguojblf2p7YFw0J9H2asXmIYeBvexG
qTEz8gdo32L+0LX6ONkJazoOp4Kq1N0MCChBPFZuyNwAc6Apiuc8uPfnIdhJPuk+
T3RNSfbiuNDkoggSjFwEyhnIUxa/W/PMpvSDoSAU9DnKOh+eWeUWT8GX4OeoKKU+
aEao1r3aX0QiUyu1HlBx2NEPvb+0+MVQV/FYdSe7pRYAuMgfELcExp8erm4UXrOx
4Vc3DDGByPaZ79CIFBEwTFJDhFQS2w==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:13 2024 by rpki-client on console-ams.rpki-client.org