Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F5FE2/276A7B08F4E811EDAF88F3554AD9E6FC/7DC8C130F4E811ED9C4EAF564AD9E6FC.roa
File:                     7DC8C130F4E811ED9C4EAF564AD9E6FC.roa (raw, json)
Hash identifier:          ltiNgvE90KICnDnxrfyLW/ACPzajDwuRWMZImgr1DEE=
Subject key identifier:   3B:51:6E:B9:6F:9C:F8:6F:84:28:BF:C9:04:3B:E3:60:A9:A1:E8:60
Certificate issuer:       /CN=F36F5FE2AF/serialNumber=A46A002A995CD4BB77DFC4AD387EE9ECA560EAA4
Certificate serial:       02
Authority key identifier: A4:6A:00:2A:99:5C:D4:BB:77:DF:C4:AD:38:7E:E9:EC:A5:60:EA:A4
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/pGoAKplc1Lt338StOH7p7KVg6qQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F5FE2/276A7B08F4E811EDAF88F3554AD9E6FC/7DC8C130F4E811ED9C4EAF564AD9E6FC.roa
Signing time:             Wed 17 May 2023 19:24:50 +0000
ROA not before:           Wed 17 May 2023 19:24:44 +0000
ROA not after:            Sat 31 Dec 2033 19:24:44 +0000
asID:                     329253
IP address blocks:        102.213.192.0/22 maxlen: 24
                          2c0f:4540::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F5FE2/276A7B08F4E811EDAF88F3554AD9E6FC/pGoAKplc1Lt338StOH7p7KVg6qQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F5FE2/276A7B08F4E811EDAF88F3554AD9E6FC/pGoAKplc1Lt338StOH7p7KVg6qQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/pGoAKplc1Lt338StOH7p7KVg6qQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F5FE2AF/serialNumber=A46A002A995CD4BB77DFC4AD387EE9ECA560EAA4
        Validity
            Not Before: May 17 19:24:44 2023 GMT
            Not After : Dec 31 19:24:44 2033 GMT
        Subject: CN=64652a02-ddc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:88:8c:a7:ee:0b:ba:48:53:05:ec:4b:c7:20:
                    6d:a6:1e:b4:d7:80:38:d7:fa:c5:39:39:24:98:e1:
                    18:22:e0:e3:5c:82:5c:49:71:4a:15:ad:c1:0a:aa:
                    47:d8:3a:d0:8c:98:4e:59:1d:cb:94:10:c4:3d:3c:
                    c4:a2:b3:2c:29:61:b8:c1:b6:5f:01:f4:54:5f:64:
                    70:4d:a5:bd:f4:b2:fb:13:85:c8:fe:4f:08:2e:8b:
                    86:a3:3b:2e:ef:08:60:39:fc:4a:b1:27:3d:fa:ad:
                    dc:85:1d:df:a1:4a:f2:a0:1d:2b:e1:eb:03:eb:d4:
                    65:32:60:35:07:26:52:1c:57:db:d3:c7:74:57:7b:
                    97:7d:76:a7:82:be:9e:27:e3:8a:22:03:45:af:47:
                    9b:41:ad:0b:d2:ff:36:b8:1d:38:72:65:e7:c2:19:
                    15:77:b5:6f:c5:c7:49:8c:15:e1:d1:4f:57:e4:94:
                    10:0e:87:84:e2:2a:0c:35:6f:ff:2f:71:79:8a:ab:
                    28:66:3b:c3:44:e0:1f:40:18:92:93:96:ab:c3:a9:
                    24:db:ab:c8:14:ad:29:93:bc:06:7f:ab:c6:48:48:
                    a4:c7:72:6f:cf:8f:f4:37:8d:b3:12:7c:e2:2c:df:
                    56:f5:e6:94:af:5b:4a:1f:9b:9c:6e:5f:e9:58:9e:
                    8f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:51:6E:B9:6F:9C:F8:6F:84:28:BF:C9:04:3B:E3:60:A9:A1:E8:60
            X509v3 Authority Key Identifier:
                keyid:A4:6A:00:2A:99:5C:D4:BB:77:DF:C4:AD:38:7E:E9:EC:A5:60:EA:A4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F5FE2/276A7B08F4E811EDAF88F3554AD9E6FC/pGoAKplc1Lt338StOH7p7KVg6qQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/pGoAKplc1Lt338StOH7p7KVg6qQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F5FE2/276A7B08F4E811EDAF88F3554AD9E6FC/7DC8C130F4E811ED9C4EAF564AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.213.192.0/22
                IPv6:
                  2c0f:4540::/32

    Signature Algorithm: sha256WithRSAEncryption
         00:70:b4:03:b3:ec:b9:2d:14:dd:0b:f9:8d:ce:f3:d3:5d:fa:
         55:db:ef:cb:d0:ca:2b:03:1b:23:ce:6d:01:ec:ea:f3:36:cb:
         ad:60:e4:2d:46:c8:f6:41:1f:10:ee:78:02:d6:fc:99:17:ac:
         b4:34:a9:de:94:0b:78:34:00:7b:46:52:91:7e:ac:5a:cc:23:
         04:91:9a:15:8c:0a:fe:cc:86:cd:ef:04:af:fb:a3:83:ea:af:
         6c:0c:9c:36:09:0c:ea:8b:5c:12:71:40:02:b5:62:41:97:e6:
         bb:e1:0f:62:41:d2:68:d3:45:70:a8:8b:a1:25:86:1f:39:6c:
         b1:28:c7:c8:db:4f:30:68:bb:42:77:48:78:b3:11:ae:c3:8c:
         e3:a8:87:1a:5e:95:51:4c:fb:cc:d6:78:da:1b:85:9d:a9:bc:
         3f:e6:73:d8:cf:9d:c6:97:5f:11:16:0d:f8:88:83:60:95:10:
         01:a6:27:df:f5:b5:c8:15:09:32:a7:e3:e3:54:62:a9:38:71:
         02:2e:cf:a7:03:1b:32:77:3e:3d:cc:c0:42:68:61:b8:a0:b7:
         66:03:57:4e:82:be:05:46:c1:2c:57:0f:1d:ea:46:73:e3:cf:
         9b:d6:54:eb:59:63:e5:b5:ae:aa:43:73:80:88:e8:69:38:be:
         f5:07:36:fb
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
NUZFMkFGMTEwLwYDVQQFEyhBNDZBMDAyQTk5NUNENEJCNzdERkM0QUQzODdFRTlF
Q0E1NjBFQUE0MB4XDTIzMDUxNzE5MjQ0NFoXDTMzMTIzMTE5MjQ0NFowGDEWMBQG
A1UEAxMNNjQ2NTJhMDItZGRjMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaIjKfuC7pIUwXsS8cgbaYetNeAONf6xTk5JJjhGCLg41yCXElxShWtwQqq
R9g60IyYTlkdy5QQxD08xKKzLClhuMG2XwH0VF9kcE2lvfSy+xOFyP5PCC6LhqM7
Lu8IYDn8SrEnPfqt3IUd36FK8qAdK+HrA+vUZTJgNQcmUhxX29PHdFd7l312p4K+
nifjiiIDRa9Hm0GtC9L/NrgdOHJl58IZFXe1b8XHSYwV4dFPV+SUEA6HhOIqDDVv
/y9xeYqrKGY7w0TgH0AYkpOWq8OpJNuryBStKZO8Bn+rxkhIpMdyb8+P9DeNsxJ8
4izfVvXmlK9bSh+bnG5f6Viej48CAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ7UW65
b5z4b4Qov8kEO+NgqaHoYDAfBgNVHSMEGDAWgBSkagAqmVzUu3ffxK04funspWDq
pDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjVGRTIvMjc2QTdCMDhGNEU4MTFFREFGODhGMzU1NEFEOUU2RkMvcEdvQUtw
bGMxTHQzMzhTdE9IN3A3S1ZnNnFRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcEdvQUtwbGMxTHQzMzhTdE9IN3A3S1ZnNnFRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjVGRTIvMjc2QTdCMDhGNEU4MTFFREFGODhGMzU1NEFE
OUU2RkMvN0RDOEMxMzBGNEU4MTFFRDlDNEVBRjU2NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbVwDANBAIAAjAHAwUALA9F
QDANBgkqhkiG9w0BAQsFAAOCAQEAAHC0A7PsuS0U3Qv5jc7z0136Vdvvy9DKKwMb
I85tAezq8zbLrWDkLUbI9kEfEO54Atb8mRestDSp3pQLeDQAe0ZSkX6sWswjBJGa
FYwK/syGze8Er/ujg+qvbAycNgkM6otcEnFAArViQZfmu+EPYkHSaNNFcKiLoSWG
HzlssSjHyNtPMGi7QndIeLMRrsOM46iHGl6VUUz7zNZ42huFnam8P+Zz2M+dxpdf
ERYN+IiDYJUQAaYn3/W1yBUJMqfj41RiqThxAi7PpwMbMnc+PczAQmhhuKC3ZgNX
ToK+BUbBLFcPHepGc+PPm9ZU61lj5bWuqkNzgIjoaTi+9Qc2+w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:32 2024 by rpki-client on console-ams.rpki-client.org