Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F1344/6C278A18F61711EC8170AAABF1222468/D83E4E26F61711EC8578F9ACF1222468.roa
File:                     D83E4E26F61711EC8578F9ACF1222468.roa (raw, json)
Hash identifier:          skbNDT3ppZgY3ou45+uEjEyueX8K01a5I/sQR4qbdro=
Subject key identifier:   8F:B8:00:94:1C:43:96:79:02:CD:FF:E0:40:CD:E6:26:86:03:32:08
Certificate issuer:       /CN=F36F1344AF/serialNumber=63E0A90C2B2A4B42A44AD44C8570E4BFFBF75CF4
Certificate serial:       06
Authority key identifier: 63:E0:A9:0C:2B:2A:4B:42:A4:4A:D4:4C:85:70:E4:BF:FB:F7:5C:F4
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/Y-CpDCsqS0KkStRMhXDkv_v3XPQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F1344/6C278A18F61711EC8170AAABF1222468/D83E4E26F61711EC8578F9ACF1222468.roa
Signing time:             Mon 27 Jun 2022 12:51:21 +0000
ROA not before:           Mon 27 Jun 2022 12:51:18 +0000
ROA not after:            Sun 27 Jun 2032 12:51:18 +0000
asID:                     328948
IP address blocks:        102.218.16.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F1344/6C278A18F61711EC8170AAABF1222468/Y-CpDCsqS0KkStRMhXDkv_v3XPQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F1344/6C278A18F61711EC8170AAABF1222468/Y-CpDCsqS0KkStRMhXDkv_v3XPQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/Y-CpDCsqS0KkStRMhXDkv_v3XPQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 20 Jun 2024 00:05:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F1344AF/serialNumber=63E0A90C2B2A4B42A44AD44C8570E4BFFBF75CF4
        Validity
            Not Before: Jun 27 12:51:18 2022 GMT
            Not After : Jun 27 12:51:18 2032 GMT
        Subject: CN=62b9a7c9-34a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e9:a9:49:26:e8:a0:9a:e7:01:5e:b7:7a:3a:
                    6c:a3:34:0c:d3:f6:4c:c8:ee:bc:c6:0a:7f:d7:5c:
                    9b:9e:d0:19:86:79:04:fd:55:2b:f5:2d:84:1a:e0:
                    3c:92:7e:76:82:2c:1e:92:be:e4:8d:77:41:8e:63:
                    fc:0f:2d:7d:00:1a:96:e0:ef:53:bd:56:00:0d:2c:
                    8a:7e:a6:a5:58:ae:2f:3d:c7:66:a6:0a:7f:df:bd:
                    de:46:fe:1c:60:a6:50:2b:76:4b:da:20:e0:d5:59:
                    b5:e5:9c:54:54:15:10:4a:ca:3d:ad:e0:f7:db:55:
                    94:34:4b:2a:c8:72:b9:0c:a8:72:53:95:58:b2:2a:
                    92:1c:e6:c0:dd:b6:d6:b6:41:3e:b0:57:c9:08:35:
                    b8:97:cc:77:2e:35:73:c5:45:38:21:0e:30:12:b8:
                    1b:76:76:16:d4:e6:71:88:79:62:91:40:a7:ee:59:
                    01:b1:f3:51:cd:92:05:fd:9a:3a:89:4f:3c:94:88:
                    0f:72:e0:aa:98:77:5d:91:62:3f:ab:50:42:e3:3a:
                    9d:dd:3b:a8:6a:91:cf:84:0c:4a:8f:77:f2:63:7e:
                    fb:4b:ec:60:a9:f3:57:07:8b:d1:63:ca:be:de:24:
                    9d:d9:ee:c1:a0:48:d7:1a:33:15:66:d0:d4:95:f3:
                    4e:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:B8:00:94:1C:43:96:79:02:CD:FF:E0:40:CD:E6:26:86:03:32:08
            X509v3 Authority Key Identifier:
                keyid:63:E0:A9:0C:2B:2A:4B:42:A4:4A:D4:4C:85:70:E4:BF:FB:F7:5C:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F1344/6C278A18F61711EC8170AAABF1222468/Y-CpDCsqS0KkStRMhXDkv_v3XPQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Y-CpDCsqS0KkStRMhXDkv_v3XPQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F1344/6C278A18F61711EC8170AAABF1222468/D83E4E26F61711EC8578F9ACF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.218.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:e2:ba:44:43:92:68:1a:93:1c:d2:a7:2c:75:92:4a:d2:0c:
         93:4c:67:c6:22:ad:fc:53:9c:67:8d:25:f7:7a:25:80:33:8c:
         0c:7f:54:00:3d:f5:a2:a1:fe:6c:a4:7d:da:96:56:a1:88:28:
         44:53:8b:dc:59:17:2c:98:44:d0:9d:1e:d1:ff:97:46:bb:1d:
         3f:9b:64:0b:ef:78:4a:64:62:9f:9f:52:c6:03:47:9b:04:11:
         5c:42:11:23:19:b2:f1:e3:8a:2d:a8:3b:02:b4:ee:fb:f8:f5:
         23:1f:1e:fc:b7:65:78:a8:27:5f:58:92:bd:78:03:51:7b:2b:
         58:ce:88:c0:3f:e3:3b:4e:f4:e1:18:dd:6a:80:51:ff:0f:56:
         1c:20:be:46:e0:e9:f2:93:83:4e:23:a8:e6:56:35:f8:84:e9:
         ae:cf:e2:18:c4:17:9f:7c:67:6c:a3:37:f1:4f:50:74:2f:45:
         de:d3:e7:43:48:c0:ad:3a:89:f1:5f:c1:7d:42:a6:69:dc:c4:
         95:3d:4d:7d:50:ff:70:4d:0b:0a:54:9d:74:c5:e4:0a:f1:c9:
         55:7e:62:41:db:83:2d:9f:f6:f5:bd:43:3a:0c:c4:41:6e:ac:
         94:2b:b1:b1:e8:16:6b:30:04:f7:ea:c8:e6:ea:67:ee:b9:0b:
         06:5a:44:12
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZG
MTM0NEFGMTEwLwYDVQQFEyg2M0UwQTkwQzJCMkE0QjQyQTQ0QUQ0NEM4NTcwRTRC
RkZCRjc1Q0Y0MB4XDTIyMDYyNzEyNTExOFoXDTMyMDYyNzEyNTExOFowGDEWMBQG
A1UEAwwNNjJiOWE3YzktMzRhODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnpqUkm6KCa5wFet3o6bKM0DNP2TMjuvMYKf9dcm57QGYZ5BP1VK/UthBrg
PJJ+doIsHpK+5I13QY5j/A8tfQAaluDvU71WAA0sin6mpViuLz3HZqYKf9+93kb+
HGCmUCt2S9og4NVZteWcVFQVEErKPa3g99tVlDRLKshyuQyoclOVWLIqkhzmwN22
1rZBPrBXyQg1uJfMdy41c8VFOCEOMBK4G3Z2FtTmcYh5YpFAp+5ZAbHzUc2SBf2a
OolPPJSID3Lgqph3XZFiP6tQQuM6nd07qGqRz4QMSo938mN++0vsYKnzVweL0WPK
vt4kndnuwaBI1xozFWbQ1JXzTp8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSPuACU
HEOWeQLN/+BAzeYmhgMyCDAfBgNVHSMEGDAWgBRj4KkMKypLQqRK1EyFcOS/+/dc
9DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjEzNDQvNkMyNzhBMThGNjE3MTFFQzgxNzBBQUFCRjEyMjI0NjgvWS1DcERD
c3FTMEtrU3RSTWhYRGt2X3YzWFBRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWS1DcERDc3FTMEtrU3RSTWhYRGt2X3YzWFBRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjEzNDQvNkMyNzhBMThGNjE3MTFFQzgxNzBBQUFCRjEy
MjI0NjgvRDgzRTRFMjZGNjE3MTFFQzg1NzhGOUFDRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbaEDANBgkqhkiG9w0BAQsF
AAOCAQEAceK6REOSaBqTHNKnLHWSStIMk0xnxiKt/FOcZ40l93olgDOMDH9UAD31
oqH+bKR92pZWoYgoRFOL3FkXLJhE0J0e0f+XRrsdP5tkC+94SmRin59SxgNHmwQR
XEIRIxmy8eOKLag7ArTu+/j1Ix8e/LdleKgnX1iSvXgDUXsrWM6IwD/jO0704Rjd
aoBR/w9WHCC+RuDp8pODTiOo5lY1+ITprs/iGMQXn3xnbKM38U9QdC9F3tPnQ0jA
rTqJ8V/BfUKmadzElT1NfVD/cE0LClSddMXkCvHJVX5iQduDLZ/29b1DOgzEQW6s
lCuxsegWazAE9+rI5upn7rkLBlpEEg==
-----END CERTIFICATE-----
Generated at Tue Jun 18 02:56:18 2024 by rpki-client on console-fra.rpki-client.org