Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/E6DE7EBE8D4211EFA067D55F762E951A.roa
File:                     E6DE7EBE8D4211EFA067D55F762E951A.roa (raw, json)
Hash identifier:          XynghcvRrVJHhpQc+IXhw4iRTlFTpfLVpynvJCkgqaE=
Subject key identifier:   E2:44:EF:19:E9:87:6C:61:56:7D:8C:1C:58:53:1D:26:3C:DA:35:FF
Certificate issuer:       /CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Certificate serial:       31
Authority key identifier: 25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/E6DE7EBE8D4211EFA067D55F762E951A.roa
Signing time:             Fri 18 Oct 2024 11:19:55 +0000
ROA not before:           Fri 18 Oct 2024 11:19:51 +0000
ROA not after:            Wed 18 Oct 2034 11:19:51 +0000
asID:                     37680
IP address blocks:        102.132.240.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 49 (0x31)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
        Validity
            Not Before: Oct 18 11:19:51 2024 GMT
            Not After : Oct 18 11:19:51 2034 GMT
        Subject: CN=6712445b-ad6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:3c:a6:22:6e:0d:bf:85:a0:ab:44:41:3b:80:
                    44:12:55:6e:d6:fd:1e:83:23:10:df:e9:70:e4:36:
                    f5:8a:f4:ff:55:c9:7c:4f:fb:5a:ba:7b:b7:dd:d0:
                    9b:08:c2:12:dd:6a:b2:90:c0:71:44:49:95:08:d7:
                    67:93:49:06:51:6e:88:9e:09:46:69:57:fe:e6:6b:
                    ee:2b:c1:81:c6:4f:c4:a9:c4:19:01:a2:e3:fc:67:
                    29:65:13:92:8e:0f:b2:1a:22:a8:f8:4a:bf:13:ae:
                    d9:88:f6:1e:e3:0c:47:ab:15:82:51:f1:bf:75:f9:
                    11:83:af:02:fa:f9:a9:e1:72:91:e9:e3:5f:43:72:
                    67:07:5f:73:71:6b:bb:bf:e4:34:06:d9:67:87:70:
                    cd:8e:be:df:f5:50:26:01:4b:b7:fe:ff:30:6d:c6:
                    19:3a:05:91:04:c8:3a:ac:cf:54:b9:9b:98:f4:e9:
                    d6:56:0a:f3:fc:be:63:54:e0:24:8f:59:1e:1a:7a:
                    04:6a:b3:e6:64:74:2f:d0:3a:c7:fe:e2:7d:b2:66:
                    e9:0c:12:55:38:bd:24:60:cf:a5:90:96:64:67:52:
                    d3:84:b2:9a:d0:14:9a:87:f6:32:33:c3:59:00:79:
                    b9:e5:e7:72:c0:fe:2d:99:c8:8e:b3:b0:87:75:b3:
                    9d:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:44:EF:19:E9:87:6C:61:56:7D:8C:1C:58:53:1D:26:3C:DA:35:FF
            X509v3 Authority Key Identifier:
                keyid:25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/E6DE7EBE8D4211EFA067D55F762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.132.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         89:f7:44:0e:73:90:c0:e8:2b:86:57:37:87:8c:80:5e:26:49:
         b9:84:dd:27:07:4e:28:9d:1e:bb:67:69:4c:8f:e1:8f:65:8a:
         00:52:88:12:11:42:ef:c0:bd:1e:61:fe:38:3c:a5:c2:fc:b4:
         f3:47:50:a4:79:4c:cb:6a:32:c5:e3:cb:4e:00:29:91:d1:4c:
         98:02:ed:72:91:3a:c9:69:63:20:8d:92:39:5e:2f:fc:1c:b9:
         70:2d:e9:ac:db:82:38:c3:40:51:63:d3:f2:2d:ae:2d:5f:f0:
         5b:e7:d4:6b:61:81:4d:c7:8c:f5:2c:1c:b5:0f:fa:a3:51:d3:
         43:d1:4e:f3:ad:ee:e2:73:26:22:76:f9:2b:1c:65:ea:22:12:
         16:32:5d:24:f0:2b:7a:47:26:12:18:7e:36:d1:15:90:61:27:
         31:f3:31:16:4a:ba:08:b2:d8:43:88:a9:79:dd:6e:89:d5:43:
         be:c9:dd:e2:1c:35:b4:ae:5e:84:93:83:74:d5:12:29:2a:4f:
         c6:bc:3e:68:31:09:c4:4b:e4:a0:df:48:d2:67:b9:65:42:ed:
         4e:91:cf:27:9c:e3:95:0a:29:63:fd:eb:56:93:a4:f2:0b:6d:
         b4:2b:46:ca:ca:74:0c:bc:c8:6c:ec:7a:e7:29:12:7d:9d:e0:
         ef:4c:b2:1a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBMTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QzZDOEFGMTEwLwYDVQQFEygyNTExQkFENDA3OEQ0NjcyQUNGNDMyNDI5OTIxOENF
NDg1NUQwMzlEMB4XDTI0MTAxODExMTk1MVoXDTM0MTAxODExMTk1MVowGDEWMBQG
A1UEAxMNNjcxMjQ0NWItYWQ2YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMY8piJuDb+FoKtEQTuARBJVbtb9HoMjEN/pcOQ29Yr0/1XJfE/7Wrp7t93Q
mwjCEt1qspDAcURJlQjXZ5NJBlFuiJ4JRmlX/uZr7ivBgcZPxKnEGQGi4/xnKWUT
ko4PshoiqPhKvxOu2Yj2HuMMR6sVglHxv3X5EYOvAvr5qeFykenjX0NyZwdfc3Fr
u7/kNAbZZ4dwzY6+3/VQJgFLt/7/MG3GGToFkQTIOqzPVLmbmPTp1lYK8/y+Y1Tg
JI9ZHhp6BGqz5mR0L9A6x/7ifbJm6QwSVTi9JGDPpZCWZGdS04SymtAUmof2MjPD
WQB5ueXncsD+LZnIjrOwh3Wznf8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTiRO8Z
6YdsYVZ9jBxYUx0mPNo1/zAfBgNVHSMEGDAWgBQlEbrUB41Gcqz0MkKZIYzkhV0D
nTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYyRTk1MUEvSlJHNjFB
ZU5SbktzOURKQ21TR001SVZkQTUwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSlJHNjFBZU5SbktzOURKQ21TR001SVZkQTUwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYy
RTk1MUEvRTZERTdFQkU4RDQyMTFFRkEwNjdENTVGNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGaE8DANBgkqhkiG9w0BAQsF
AAOCAQEAifdEDnOQwOgrhlc3h4yAXiZJuYTdJwdOKJ0eu2dpTI/hj2WKAFKIEhFC
78C9HmH+ODylwvy080dQpHlMy2oyxePLTgApkdFMmALtcpE6yWljII2SOV4v/By5
cC3prNuCOMNAUWPT8i2uLV/wW+fUa2GBTceM9SwctQ/6o1HTQ9FO863u4nMmInb5
Kxxl6iISFjJdJPArekcmEhh+NtEVkGEnMfMxFkq6CLLYQ4iped1uidVDvsnd4hw1
tK5ehJODdNUSKSpPxrw+aDEJxEvkoN9I0me5ZULtTpHPJ5zjlQopY/3rVpOk8gtt
tCtGysp0DLzIbOx65ykSfZ3g70yyGg==
-----END CERTIFICATE-----
Generated at Sun Nov 24 04:29:40 2024 by rpki-client on console-fra.rpki-client.org