Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F505D/1FB1B4B0EE5F11EDA8219C5A4AD9E6FC/67EE102447CF11EE9C03343D4AD9E6FC.roa
File:                     67EE102447CF11EE9C03343D4AD9E6FC.roa (raw, json)
Hash identifier:          O2NZ35ufqu4elRfMay9VZHxMEvo+nnYW2X0R4hlLTtM=
Subject key identifier:   7A:FB:81:EE:6F:BA:D4:B5:A1:D1:CC:A5:B6:5F:24:1A:FB:0B:AF:4B
Certificate issuer:       /CN=F36F505DAF/serialNumber=1DDB8E931F57A92817649830C4ED8ADD74EF49F9
Certificate serial:       7D
Authority key identifier: 1D:DB:8E:93:1F:57:A9:28:17:64:98:30:C4:ED:8A:DD:74:EF:49:F9
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/HduOkx9XqSgXZJgwxO2K3XTvSfk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F505D/1FB1B4B0EE5F11EDA8219C5A4AD9E6FC/67EE102447CF11EE9C03343D4AD9E6FC.roa
Signing time:             Thu 31 Aug 2023 07:24:22 +0000
ROA not before:           Thu 31 Aug 2023 07:24:19 +0000
ROA not after:            Sat 31 Aug 2030 07:24:19 +0000
asID:                     327907
IP address blocks:        102.212.44.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F505D/1FB1B4B0EE5F11EDA8219C5A4AD9E6FC/HduOkx9XqSgXZJgwxO2K3XTvSfk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F505D/1FB1B4B0EE5F11EDA8219C5A4AD9E6FC/HduOkx9XqSgXZJgwxO2K3XTvSfk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/HduOkx9XqSgXZJgwxO2K3XTvSfk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125 (0x7d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F505DAF/serialNumber=1DDB8E931F57A92817649830C4ED8ADD74EF49F9
        Validity
            Not Before: Aug 31 07:24:19 2023 GMT
            Not After : Aug 31 07:24:19 2030 GMT
        Subject: CN=64f04026-a43e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:54:d4:3a:33:79:c8:22:9c:37:bf:6e:2a:93:
                    56:ca:db:4c:57:17:39:63:7f:5e:db:df:f2:b5:82:
                    77:2a:ea:3c:d3:8b:ed:33:72:8d:3e:dc:55:26:02:
                    2d:7c:eb:80:ec:e6:61:c5:7e:04:98:c8:2f:2e:7f:
                    36:46:cc:6b:73:19:1d:10:a2:b3:62:79:d3:34:f9:
                    7b:37:0d:4c:0a:5e:ac:d1:f5:39:57:18:17:9b:78:
                    e6:26:bb:d8:d2:11:a6:a3:77:8b:c6:d3:52:d9:36:
                    be:49:47:44:ee:ff:af:b8:c0:68:2a:49:be:74:aa:
                    b1:34:b3:b9:4a:11:9f:72:79:08:4c:ec:c6:e3:5e:
                    c1:6d:13:a3:9c:1f:8d:d3:3b:10:06:02:f5:7a:df:
                    1d:23:f4:ec:dc:57:ae:b6:26:9f:0d:99:ee:2a:e6:
                    27:34:b1:a4:c8:6c:e2:96:10:25:5e:ee:50:89:f6:
                    58:79:54:d4:a0:82:3a:5c:57:3c:5f:fb:56:b3:09:
                    a4:76:ab:3d:fc:e1:7b:c6:f1:72:bc:b7:a1:5e:1d:
                    a2:ed:83:b5:dc:a0:fc:e5:9a:22:c6:66:95:d4:d5:
                    d1:71:f6:17:cd:22:f4:b2:59:de:7e:5c:56:35:c5:
                    9a:07:99:d2:61:08:dc:87:a9:b2:f1:a9:31:0c:81:
                    d4:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:FB:81:EE:6F:BA:D4:B5:A1:D1:CC:A5:B6:5F:24:1A:FB:0B:AF:4B
            X509v3 Authority Key Identifier:
                keyid:1D:DB:8E:93:1F:57:A9:28:17:64:98:30:C4:ED:8A:DD:74:EF:49:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F505D/1FB1B4B0EE5F11EDA8219C5A4AD9E6FC/HduOkx9XqSgXZJgwxO2K3XTvSfk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HduOkx9XqSgXZJgwxO2K3XTvSfk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F505D/1FB1B4B0EE5F11EDA8219C5A4AD9E6FC/67EE102447CF11EE9C03343D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:5f:f4:59:79:73:52:ef:32:b5:81:10:76:ab:05:87:39:89:
         8c:7d:bd:99:b3:70:e6:34:ef:6e:a2:98:02:7d:dd:c7:0e:d3:
         9a:99:4c:c2:9c:69:dd:c3:a4:f6:51:cb:7a:4d:65:76:bc:b1:
         b9:4e:f0:ab:8b:23:fb:6b:b9:d3:ae:a3:56:e3:d1:4f:6a:46:
         9c:71:32:34:06:95:2c:3b:99:3b:f1:ae:c9:49:5a:34:0c:ba:
         a6:3c:6f:02:0f:43:8b:29:06:2c:d3:9d:1d:9a:a3:6b:76:87:
         19:f9:44:f0:87:66:9b:96:69:45:5e:07:0f:8f:aa:29:45:84:
         42:32:4f:0d:7c:97:45:32:c2:75:aa:3d:da:92:0a:7a:70:c3:
         a6:e6:ad:15:bc:d1:37:c2:00:ed:ab:19:27:bc:f6:4f:9a:fd:
         24:42:6d:9a:19:6c:cc:d3:20:36:30:52:58:5d:66:bf:97:3b:
         9c:b0:61:a0:5c:9b:72:52:38:b0:56:94:7b:cd:26:45:ca:e0:
         d3:63:17:6d:be:e3:6d:e3:86:55:86:d2:33:32:53:9b:e9:bf:
         45:8f:19:37:45:fd:06:e5:5b:ed:d6:b6:56:f7:ae:68:30:c5:
         62:33:1a:a7:3d:a2:b7:51:2d:56:2e:9c:13:e6:22:f3:05:8f:
         fc:6e:34:9d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBfTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
NTA1REFGMTEwLwYDVQQFEygxRERCOEU5MzFGNTdBOTI4MTc2NDk4MzBDNEVEOEFE
RDc0RUY0OUY5MB4XDTIzMDgzMTA3MjQxOVoXDTMwMDgzMTA3MjQxOVowGDEWMBQG
A1UEAxMNNjRmMDQwMjYtYTQzZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZU1DozecginDe/biqTVsrbTFcXOWN/Xtvf8rWCdyrqPNOL7TNyjT7cVSYC
LXzrgOzmYcV+BJjILy5/NkbMa3MZHRCis2J50zT5ezcNTAperNH1OVcYF5t45ia7
2NIRpqN3i8bTUtk2vklHRO7/r7jAaCpJvnSqsTSzuUoRn3J5CEzsxuNewW0To5wf
jdM7EAYC9XrfHSP07NxXrrYmnw2Z7irmJzSxpMhs4pYQJV7uUIn2WHlU1KCCOlxX
PF/7VrMJpHarPfzhe8bxcry3oV4dou2Dtdyg/OWaIsZmldTV0XH2F80i9LJZ3n5c
VjXFmgeZ0mEI3IepsvGpMQyB1PcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR6+4Hu
b7rUtaHRzKW2XyQa+wuvSzAfBgNVHSMEGDAWgBQd246TH1epKBdkmDDE7YrddO9J
+TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjUwNUQvMUZCMUI0QjBFRTVGMTFFREE4MjE5QzVBNEFEOUU2RkMvSGR1T2t4
OVhxU2dYWkpnd3hPMkszWFR2U2ZrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSGR1T2t4OVhxU2dYWkpnd3hPMkszWFR2U2ZrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjUwNUQvMUZCMUI0QjBFRTVGMTFFREE4MjE5QzVBNEFE
OUU2RkMvNjdFRTEwMjQ0N0NGMTFFRTlDMDMzNDNENEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbULDANBgkqhkiG9w0BAQsF
AAOCAQEAF1/0WXlzUu8ytYEQdqsFhzmJjH29mbNw5jTvbqKYAn3dxw7TmplMwpxp
3cOk9lHLek1ldryxuU7wq4sj+2u5066jVuPRT2pGnHEyNAaVLDuZO/GuyUlaNAy6
pjxvAg9DiykGLNOdHZqja3aHGflE8Idmm5ZpRV4HD4+qKUWEQjJPDXyXRTLCdao9
2pIKenDDpuatFbzRN8IA7asZJ7z2T5r9JEJtmhlszNMgNjBSWF1mv5c7nLBhoFyb
clI4sFaUe80mRcrg02MXbb7jbeOGVYbSMzJTm+m/RY8ZN0X9BuVb7da2VveuaDDF
YjMapz2it1EtVi6cE+Yi8wWP/G40nQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org