Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8F4F/70CC1DFE2A7511ECAEB63359D8A014CE/213A5430A56811EDA4A747ECF1222468.roa
File:                     213A5430A56811EDA4A747ECF1222468.roa (raw, json)
Hash identifier:          1FSpfH8lIptENuZgm87WorkUtErOg+Opdui1l/ZDS/k=
Subject key identifier:   B0:7D:DB:62:0F:3A:21:E6:0C:0F:10:74:4F:6C:25:81:2E:FD:F6:9A
Certificate issuer:       /CN=F36F8F4FRI/serialNumber=5BC54F284822A717B1AD4C37CF69D096CE7F6773
Certificate serial:       01F1
Authority key identifier: 5B:C5:4F:28:48:22:A7:17:B1:AD:4C:37:CF:69:D0:96:CE:7F:67:73
Authority info access:    rsync://rpki.afrinic.net/repository/ripe/W8VPKEgipxexrUw3z2nQls5_Z3M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/70CC1DFE2A7511ECAEB63359D8A014CE/213A5430A56811EDA4A747ECF1222468.roa
Signing time:             Sun 05 Feb 2023 15:16:57 +0000
ROA not before:           Sun 05 Feb 2023 15:16:53 +0000
ROA not after:            Wed 05 Feb 2025 15:16:53 +0000
asID:                     21003
IP address blocks:        62.240.32.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/70CC1DFE2A7511ECAEB63359D8A014CE/W8VPKEgipxexrUw3z2nQls5_Z3M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/70CC1DFE2A7511ECAEB63359D8A014CE/W8VPKEgipxexrUw3z2nQls5_Z3M.mft
                          rsync://rpki.afrinic.net/repository/ripe/W8VPKEgipxexrUw3z2nQls5_Z3M.cer
                          rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.crl
                          rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/ripe-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:30:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 497 (0x1f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F8F4FRI/serialNumber=5BC54F284822A717B1AD4C37CF69D096CE7F6773
        Validity
            Not Before: Feb  5 15:16:53 2023 GMT
            Not After : Feb  5 15:16:53 2025 GMT
        Subject: CN=63dfc869-8238
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:1f:00:b5:86:14:18:bd:99:c3:bc:38:df:a2:
                    07:b3:38:9c:ab:a2:21:55:f6:4e:16:6d:17:d1:e7:
                    6b:2e:f1:46:3d:7c:81:46:ad:99:db:d5:0e:62:8f:
                    39:ca:50:97:99:42:a6:8e:e7:18:e9:0d:60:65:8c:
                    95:6b:18:cd:6c:20:ab:13:35:cb:e3:89:33:df:61:
                    49:06:36:77:c6:ae:8d:79:28:a6:35:07:8d:68:09:
                    22:0b:c9:be:80:b3:28:c3:4c:24:6c:e7:04:58:df:
                    4c:41:a4:3a:24:66:5f:c3:d1:e6:af:d4:82:bb:c4:
                    7f:15:06:bf:ae:35:b1:e0:e9:3d:89:9c:fa:08:af:
                    f1:41:1b:0f:73:01:2a:a5:01:d4:f4:d5:52:0e:a2:
                    94:1a:d4:44:d9:e5:d0:89:ae:38:8b:11:67:9e:23:
                    af:11:ef:ce:da:0e:fd:f1:b9:6b:76:00:f7:5e:5d:
                    a3:b8:03:03:5b:f7:19:13:32:e1:30:47:cd:dc:3e:
                    96:61:29:5e:dd:bd:6f:c5:6d:b1:80:fe:47:24:4b:
                    77:32:7d:96:48:e8:66:57:35:eb:16:30:40:b1:be:
                    33:0a:36:d4:05:f1:60:86:59:6c:60:b4:90:c1:5c:
                    9c:7d:ad:91:67:c4:47:72:27:34:91:06:81:d8:67:
                    e2:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:7D:DB:62:0F:3A:21:E6:0C:0F:10:74:4F:6C:25:81:2E:FD:F6:9A
            X509v3 Authority Key Identifier:
                keyid:5B:C5:4F:28:48:22:A7:17:B1:AD:4C:37:CF:69:D0:96:CE:7F:67:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/70CC1DFE2A7511ECAEB63359D8A014CE/W8VPKEgipxexrUw3z2nQls5_Z3M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/ripe/W8VPKEgipxexrUw3z2nQls5_Z3M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/70CC1DFE2A7511ECAEB63359D8A014CE/213A5430A56811EDA4A747ECF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.240.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         15:74:12:11:fd:ab:31:95:1a:5d:9d:a8:4c:9f:fd:39:d9:e8:
         03:58:ad:11:98:ea:d2:94:e6:e7:ea:a7:bc:39:5d:aa:d0:f4:
         3f:c5:c4:7f:f3:e4:5c:dd:89:19:6f:58:9e:e5:e4:88:39:fc:
         24:0d:76:26:a2:60:f2:cb:57:d9:d8:80:26:74:85:55:2f:6c:
         2d:4d:60:e5:9c:a9:af:98:b6:2d:34:43:24:71:16:f2:b9:fa:
         c1:1c:d3:a3:ba:fa:4e:ab:9e:ba:29:95:f9:30:ea:2e:59:68:
         74:73:ab:47:fb:b8:ac:74:62:79:b0:b7:f1:58:88:c8:50:7c:
         f3:2f:78:2c:d5:c0:1e:8d:ef:f9:ff:d3:43:0d:a4:84:a8:8f:
         75:f6:cb:59:ae:3d:86:70:b6:11:c0:64:ad:9a:a6:06:46:67:
         ac:78:9e:ef:2e:4e:6c:2e:ca:21:34:1a:4e:66:21:2d:75:c6:
         2e:25:9d:99:b1:f8:5d:58:69:e8:e3:a6:6e:2f:b8:58:19:22:
         53:07:03:c9:d4:9e:32:56:b0:81:3b:0b:f3:f0:50:a5:e3:c0:
         d5:7c:b2:5b:38:d3:5a:bf:79:6c:a4:87:cd:bb:e9:26:68:f0:
         56:97:d2:45:77:e8:f6:ae:ae:69:7b:83:04:6b:c9:33:29:ec:
         81:01:0a:99
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAfEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RjhGNEZSSTExMC8GA1UEBRMoNUJDNTRGMjg0ODIyQTcxN0IxQUQ0QzM3Q0Y2OUQw
OTZDRTdGNjc3MzAeFw0yMzAyMDUxNTE2NTNaFw0yNTAyMDUxNTE2NTNaMBgxFjAU
BgNVBAMMDTYzZGZjODY5LTgyMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRHwC1hhQYvZnDvDjfogezOJyroiFV9k4WbRfR52su8UY9fIFGrZnb1Q5i
jznKUJeZQqaO5xjpDWBljJVrGM1sIKsTNcvjiTPfYUkGNnfGro15KKY1B41oCSIL
yb6AsyjDTCRs5wRY30xBpDokZl/D0eav1IK7xH8VBr+uNbHg6T2JnPoIr/FBGw9z
ASqlAdT01VIOopQa1ETZ5dCJrjiLEWeeI68R787aDv3xuWt2APdeXaO4AwNb9xkT
MuEwR83cPpZhKV7dvW/FbbGA/kckS3cyfZZI6GZXNesWMECxvjMKNtQF8WCGWWxg
tJDBXJx9rZFnxEdyJzSRBoHYZ+LrAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUsH3b
Yg86IeYMDxB0T2wlgS799powHwYDVR0jBBgwFoAUW8VPKEgipxexrUw3z2nQls5/
Z3MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY4RjRGLzcwQ0MxREZFMkE3NTExRUNBRUI2MzM1OUQ4QTAxNENFL1c4VlBL
RWdpcHhleHJVdzN6Mm5RbHM1X1ozTS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9yaXBl
L1c4VlBLRWdpcHhleHJVdzN6Mm5RbHM1X1ozTS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkY4RjRGLzcwQ0MxREZFMkE3NTExRUNBRUI2MzM1OUQ4QTAx
NENFLzIxM0E1NDMwQTU2ODExRURBNEE3NDdFQ0YxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU+8CAwDQYJKoZIhvcNAQELBQAD
ggEBABV0EhH9qzGVGl2dqEyf/TnZ6ANYrRGY6tKU5ufqp7w5XarQ9D/FxH/z5Fzd
iRlvWJ7l5Ig5/CQNdiaiYPLLV9nYgCZ0hVUvbC1NYOWcqa+Yti00QyRxFvK5+sEc
06O6+k6rnroplfkw6i5ZaHRzq0f7uKx0Ynmwt/FYiMhQfPMveCzVwB6N7/n/00MN
pISoj3X2y1muPYZwthHAZK2apgZGZ6x4nu8uTmwuyiE0Gk5mIS11xi4lnZmx+F1Y
aejjpm4vuFgZIlMHA8nUnjJWsIE7C/PwUKXjwNV8sls401q/eWykh8276SZo8FaX
0kV36Paurml7gwRryTMp7IEBCpk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:32 2024 by rpki-client on console-ams.rpki-client.org