Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/A46FECBA0D4611EF94FE720E017001B1.roa
File:                     A46FECBA0D4611EF94FE720E017001B1.roa (raw, json)
Hash identifier:          1+eZFsoTVxew2nM8QAmKo9cbdoGw9gIVLATJ2Cve9BY=
Subject key identifier:   E9:0D:F2:B1:ED:12:F6:97:E1:44:AC:8E:C9:CE:88:59:90:25:BB:BE
Certificate issuer:       /CN=F36EF7D0AF/serialNumber=3A553B6EF80BF922312F96B8DDC1F219A8C4121B
Certificate serial:       018D
Authority key identifier: 3A:55:3B:6E:F8:0B:F9:22:31:2F:96:B8:DD:C1:F2:19:A8:C4:12:1B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/A46FECBA0D4611EF94FE720E017001B1.roa
Signing time:             Wed 08 May 2024 14:24:13 +0000
ROA not before:           Wed 08 May 2024 14:24:10 +0000
ROA not after:            Wed 08 May 2030 14:24:10 +0000
asID:                     56683
IP address blocks:        102.211.233.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 397 (0x18d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36EF7D0AF/serialNumber=3A553B6EF80BF922312F96B8DDC1F219A8C4121B
        Validity
            Not Before: May  8 14:24:10 2024 GMT
            Not After : May  8 14:24:10 2030 GMT
        Subject: CN=663b8b0d-db95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:8f:79:ff:99:36:96:dc:4f:14:e7:65:43:99:
                    29:78:68:58:30:1e:42:77:cd:9a:d6:fb:72:06:6c:
                    40:1f:62:22:04:8b:70:50:08:5f:6f:01:61:a1:5c:
                    e2:51:e9:bb:ad:2e:d7:54:e6:0b:0a:cf:db:18:7e:
                    93:f8:4d:88:4f:d1:e8:de:0b:55:c6:f9:f0:a3:bd:
                    14:e7:07:cd:b1:7e:62:58:32:63:59:f8:c0:f6:61:
                    08:6d:cc:57:3b:47:d5:f1:5a:69:95:d7:fd:59:5a:
                    73:f8:98:12:56:3e:3a:0e:bc:4a:47:c7:61:f9:a1:
                    0d:49:7d:5b:9f:da:a0:00:38:e6:9e:00:68:80:cd:
                    6f:6e:a3:c9:da:e1:52:e1:49:bb:24:7e:34:59:24:
                    41:5e:12:5e:ac:00:d5:8c:ce:2c:68:57:b3:07:d6:
                    67:b5:cd:dc:1b:eb:f5:83:d9:6b:c1:cf:25:6d:b8:
                    21:8d:43:7a:09:68:e6:d2:9b:8e:ea:c8:1e:a8:f0:
                    c7:04:1d:23:6c:9b:2b:be:ad:fe:f8:0a:96:c3:07:
                    9a:40:9c:82:dd:a9:49:7c:45:f6:e4:18:a2:b2:45:
                    68:d9:d9:2a:62:1f:2c:4b:61:b4:17:03:7a:10:f6:
                    c6:f4:33:1c:1a:7e:c3:43:7d:04:ae:97:2f:2c:2d:
                    cf:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:0D:F2:B1:ED:12:F6:97:E1:44:AC:8E:C9:CE:88:59:90:25:BB:BE
            X509v3 Authority Key Identifier:
                keyid:3A:55:3B:6E:F8:0B:F9:22:31:2F:96:B8:DD:C1:F2:19:A8:C4:12:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/A46FECBA0D4611EF94FE720E017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.211.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:3d:91:46:89:7b:f6:eb:d3:f6:4d:72:d9:5d:bc:1a:db:98:
         d6:f4:cc:76:7d:82:38:65:bb:b2:bd:30:fc:2c:6e:ca:28:52:
         55:e3:9a:c4:58:e0:a4:d8:99:c8:3a:15:6b:37:e2:8c:f5:68:
         00:d2:a6:60:00:79:53:da:af:e3:b0:3c:e6:67:b4:8a:c8:67:
         41:58:2c:ad:3e:9a:67:69:3e:ba:31:3e:4e:bb:39:f6:ba:7c:
         c8:40:8f:2b:ff:31:ec:82:28:13:f7:89:f0:26:0d:62:90:85:
         82:3b:84:df:11:de:76:14:05:b2:dc:96:6d:81:2e:7a:14:88:
         cc:01:a9:03:77:5d:91:ce:18:8d:81:fa:d1:2d:06:04:c1:d4:
         f5:61:66:39:ed:a6:c8:37:a2:61:ac:ae:9a:5f:e7:01:df:a8:
         34:ce:2f:86:17:a8:0d:33:71:07:e3:2c:78:26:e1:cf:09:5b:
         97:47:b4:39:1c:e0:38:8c:0e:37:12:e4:cd:69:50:7a:c2:8a:
         68:66:a2:5e:84:62:ae:48:a6:a7:e5:49:a5:a9:0a:84:35:56:
         d7:75:10:09:22:55:c2:78:57:9b:c8:dd:93:45:3c:87:12:39:
         5a:13:75:4d:ed:75:cc:17:4a:f6:6a:4f:17:de:4b:31:87:17:
         69:d3:c3:44
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAY0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RUY3RDBBRjExMC8GA1UEBRMoM0E1NTNCNkVGODBCRjkyMjMxMkY5NkI4RERDMUYy
MTlBOEM0MTIxQjAeFw0yNDA1MDgxNDI0MTBaFw0zMDA1MDgxNDI0MTBaMBgxFjAU
BgNVBAMTDTY2M2I4YjBkLWRiOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8j3n/mTaW3E8U52VDmSl4aFgwHkJ3zZrW+3IGbEAfYiIEi3BQCF9vAWGh
XOJR6butLtdU5gsKz9sYfpP4TYhP0ejeC1XG+fCjvRTnB82xfmJYMmNZ+MD2YQht
zFc7R9XxWmmV1/1ZWnP4mBJWPjoOvEpHx2H5oQ1JfVuf2qAAOOaeAGiAzW9uo8na
4VLhSbskfjRZJEFeEl6sANWMzixoV7MH1me1zdwb6/WD2WvBzyVtuCGNQ3oJaObS
m47qyB6o8McEHSNsmyu+rf74CpbDB5pAnILdqUl8RfbkGKKyRWjZ2SpiHyxLYbQX
A3oQ9sb0MxwafsNDfQSuly8sLc8HAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6Q3y
se0S9pfhRKyOyc6IWZAlu74wHwYDVR0jBBgwFoAUOlU7bvgL+SIxL5a43cHyGajE
EhswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVGN0QwLzM2RTQwQTE2RjJGQjExRUQ4MjFCOUQ4MDRBRDlFNkZDL09sVTdi
dmdMLVNJeEw1YTQzY0h5R2FqRUVocy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL09sVTdidmdMLVNJeEw1YTQzY0h5R2FqRUVocy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVGN0QwLzM2RTQwQTE2RjJGQjExRUQ4MjFCOUQ4MDRB
RDlFNkZDL0E0NkZFQ0JBMEQ0NjExRUY5NEZFNzIwRTAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm0+kwDQYJKoZIhvcNAQEL
BQADggEBAEE9kUaJe/br0/ZNctldvBrbmNb0zHZ9gjhlu7K9MPwsbsooUlXjmsRY
4KTYmcg6FWs34oz1aADSpmAAeVPar+OwPOZntIrIZ0FYLK0+mmdpProxPk67Ofa6
fMhAjyv/MeyCKBP3ifAmDWKQhYI7hN8R3nYUBbLclm2BLnoUiMwBqQN3XZHOGI2B
+tEtBgTB1PVhZjntpsg3omGsrppf5wHfqDTOL4YXqA0zcQfjLHgm4c8JW5dHtDkc
4DiMDjcS5M1pUHrCimhmol6EYq5IpqflSaWpCoQ1Vtd1EAkiVcJ4V5vI3ZNFPIcS
OVoTdU3tdcwXSvZqTxfeSzGHF2nTw0Q=
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:12 2024 by rpki-client on console-fra.rpki-client.org