Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FCD8D/2EB9F7C4E0E111EC939DEDD6F1222468/60D2AC14E0E211EC817382DAF1222468.roa
File:                     60D2AC14E0E211EC817382DAF1222468.roa (raw, json)
Hash identifier:          //5aRoRjO3zpCQq4iVOAY/MrzQveZBFgcw+KQ8Nh8YM=
Subject key identifier:   B9:69:77:11:DA:10:00:25:B8:4D:67:95:1B:0B:22:B2:4B:AF:DA:0D
Certificate issuer:       /CN=F36FCD8DAF/serialNumber=F9DCF8E486749E9A743FE473EBAD814D1CEC5FA9
Certificate serial:       02
Authority key identifier: F9:DC:F8:E4:86:74:9E:9A:74:3F:E4:73:EB:AD:81:4D:1C:EC:5F:A9
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/-dz45IZ0npp0P-Rz662BTRzsX6k.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FCD8D/2EB9F7C4E0E111EC939DEDD6F1222468/60D2AC14E0E211EC817382DAF1222468.roa
Signing time:             Tue 31 May 2022 13:05:44 +0000
ROA not before:           Tue 31 May 2022 13:05:40 +0000
ROA not after:            Mon 31 May 2032 13:05:40 +0000
asID:                     329058
IP address blocks:        102.215.244.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FCD8D/2EB9F7C4E0E111EC939DEDD6F1222468/-dz45IZ0npp0P-Rz662BTRzsX6k.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FCD8D/2EB9F7C4E0E111EC939DEDD6F1222468/-dz45IZ0npp0P-Rz662BTRzsX6k.mft
                          rsync://rpki.afrinic.net/repository/afrinic/-dz45IZ0npp0P-Rz662BTRzsX6k.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FCD8DAF/serialNumber=F9DCF8E486749E9A743FE473EBAD814D1CEC5FA9
        Validity
            Not Before: May 31 13:05:40 2022 GMT
            Not After : May 31 13:05:40 2032 GMT
        Subject: CN=629612a7-4dc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c9:70:d3:8b:3f:1c:fa:6f:78:ce:61:70:55:
                    1e:3e:d8:fd:a7:3e:af:a9:84:36:df:b6:40:b0:88:
                    86:46:b6:07:16:32:6f:a1:8b:09:66:a5:75:aa:d6:
                    35:0c:0a:ff:46:cf:ba:6b:a6:31:f6:af:67:b5:28:
                    61:c7:46:7c:e7:5e:b7:67:c5:88:54:4b:57:6c:f1:
                    5a:e4:92:c9:31:01:5a:60:4d:5a:58:34:ec:2b:1c:
                    5f:09:0e:22:0a:79:e8:e7:a1:2b:4e:82:33:ef:1e:
                    3c:14:1a:df:2d:cc:f8:0c:19:9e:ce:fb:4f:a0:96:
                    91:42:68:96:6e:f7:cb:b5:8e:2b:27:96:9d:8e:22:
                    bc:d3:cb:9b:7b:33:5f:33:a5:25:90:8f:65:73:89:
                    e7:c2:97:4d:a8:42:44:a9:a3:6d:1e:91:41:5c:16:
                    a6:51:da:97:16:19:32:c9:d4:c4:2f:39:33:cd:4f:
                    c0:d7:56:d7:fb:5e:16:7f:07:52:fb:1f:b9:3f:a9:
                    72:21:45:f9:1a:56:1e:6c:09:9a:74:60:e5:36:20:
                    54:3f:b7:25:c1:a0:bd:59:6d:a5:9f:19:27:2e:bf:
                    31:97:15:fb:ec:e3:66:5a:0c:1f:52:36:fe:5d:89:
                    97:70:fa:55:90:29:84:f5:71:fb:8f:02:f5:06:d7:
                    9f:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:69:77:11:DA:10:00:25:B8:4D:67:95:1B:0B:22:B2:4B:AF:DA:0D
            X509v3 Authority Key Identifier:
                keyid:F9:DC:F8:E4:86:74:9E:9A:74:3F:E4:73:EB:AD:81:4D:1C:EC:5F:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FCD8D/2EB9F7C4E0E111EC939DEDD6F1222468/-dz45IZ0npp0P-Rz662BTRzsX6k.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/-dz45IZ0npp0P-Rz662BTRzsX6k.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FCD8D/2EB9F7C4E0E111EC939DEDD6F1222468/60D2AC14E0E211EC817382DAF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.215.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:b5:26:4b:11:78:3a:c0:bc:7f:58:90:d9:d9:f7:0f:b8:df:
         ff:71:77:b8:7d:1c:e2:4e:42:10:6b:77:5a:10:ef:b5:3d:a4:
         c2:37:7f:1a:03:4b:b6:67:cd:c6:44:2d:62:4c:1b:e5:54:35:
         41:f2:16:53:1e:09:e5:78:51:77:41:fb:65:d7:01:5b:f9:29:
         68:34:09:6f:1d:43:0c:c8:bd:4f:36:de:8a:30:0b:3a:6a:49:
         00:c7:c9:5d:7b:f4:d9:54:8c:e8:38:34:15:74:ca:75:25:1c:
         d1:b8:38:12:f5:86:96:b0:68:3d:69:75:3c:2a:93:5a:11:e3:
         e5:8c:23:f6:87:80:3e:dc:21:7c:ed:30:ab:04:fb:42:f1:32:
         4c:4b:9c:cb:b8:d3:ef:93:e8:39:5d:a4:16:f5:db:b0:cb:5f:
         f1:2d:84:1a:e0:34:18:1d:f9:5b:b7:6e:95:08:c4:90:97:27:
         51:04:59:24:7a:2e:6b:4f:b4:6a:6d:f3:92:f1:d3:7a:fa:35:
         73:9d:44:19:27:03:ce:9b:b0:e2:70:6e:18:b8:89:d3:b3:93:
         74:51:fe:33:ab:1d:65:62:ee:5b:12:fd:2d:87:d5:a3:09:ca:
         f1:c0:9c:3b:b5:0c:e0:c6:d5:7e:e3:af:c6:07:a6:29:0c:91:
         13:e0:1b:c5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZG
Q0Q4REFGMTEwLwYDVQQFEyhGOURDRjhFNDg2NzQ5RTlBNzQzRkU0NzNFQkFEODE0
RDFDRUM1RkE5MB4XDTIyMDUzMTEzMDU0MFoXDTMyMDUzMTEzMDU0MFowGDEWMBQG
A1UEAwwNNjI5NjEyYTctNGRjMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3JcNOLPxz6b3jOYXBVHj7Y/ac+r6mENt+2QLCIhka2BxYyb6GLCWaldarW
NQwK/0bPumumMfavZ7UoYcdGfOdet2fFiFRLV2zxWuSSyTEBWmBNWlg07CscXwkO
Igp56OehK06CM+8ePBQa3y3M+AwZns77T6CWkUJolm73y7WOKyeWnY4ivNPLm3sz
XzOlJZCPZXOJ58KXTahCRKmjbR6RQVwWplHalxYZMsnUxC85M81PwNdW1/teFn8H
UvsfuT+pciFF+RpWHmwJmnRg5TYgVD+3JcGgvVltpZ8ZJy6/MZcV++zjZloMH1I2
/l2Jl3D6VZAphPVx+48C9QbXn9MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS5aXcR
2hAAJbhNZ5UbCyKyS6/aDTAfBgNVHSMEGDAWgBT53PjkhnSemnQ/5HPrrYFNHOxf
qTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkNEOEQvMkVCOUY3QzRFMEUxMTFFQzkzOURFREQ2RjEyMjI0NjgvLWR6NDVJ
WjBucHAwUC1SejY2MkJUUnpzWDZrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvLWR6NDVJWjBucHAwUC1SejY2MkJUUnpzWDZrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkNEOEQvMkVCOUY3QzRFMEUxMTFFQzkzOURFREQ2RjEy
MjI0NjgvNjBEMkFDMTRFMEUyMTFFQzgxNzM4MkRBRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbX9DANBgkqhkiG9w0BAQsF
AAOCAQEAdrUmSxF4OsC8f1iQ2dn3D7jf/3F3uH0c4k5CEGt3WhDvtT2kwjd/GgNL
tmfNxkQtYkwb5VQ1QfIWUx4J5XhRd0H7ZdcBW/kpaDQJbx1DDMi9TzbeijALOmpJ
AMfJXXv02VSM6Dg0FXTKdSUc0bg4EvWGlrBoPWl1PCqTWhHj5Ywj9oeAPtwhfO0w
qwT7QvEyTEucy7jT75PoOV2kFvXbsMtf8S2EGuA0GB35W7dulQjEkJcnUQRZJHou
a0+0am3zkvHTevo1c51EGScDzpuw4nBuGLiJ07OTdFH+M6sdZWLuWxL9LYfVownK
8cCcO7UM4MbVfuOvxgemKQyRE+AbxQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:14 2024 by rpki-client on console-ams.rpki-client.org