Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/293DA02E0E9411EFB4C6A635017001B1.roa
File:                     293DA02E0E9411EFB4C6A635017001B1.roa (raw, json)
Hash identifier:          3+KIiU4tfg4VsfxzRAEbpE5pkr5DnXevqMRkIzk01FM=
Subject key identifier:   A4:D8:1B:96:01:7E:CF:28:40:11:06:EA:B1:CA:47:A8:86:93:CE:12
Certificate issuer:       /CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
Certificate serial:       0453
Authority key identifier: 60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/293DA02E0E9411EFB4C6A635017001B1.roa
Signing time:             Fri 10 May 2024 06:11:38 +0000
ROA not before:           Fri 10 May 2024 06:11:35 +0000
ROA not after:            Fri 10 May 2030 06:11:35 +0000
asID:                     56913
IP address blocks:        102.215.229.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 20 Jun 2024 00:05:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1107 (0x453)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
        Validity
            Not Before: May 10 06:11:35 2024 GMT
            Not After : May 10 06:11:35 2030 GMT
        Subject: CN=663dba9a-25a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:09:b0:f9:c2:a4:75:9e:d6:e6:f0:e2:cc:a9:
                    e7:20:78:cc:28:aa:b3:65:01:de:13:d4:e9:c3:4f:
                    de:f9:b6:e1:61:4c:cb:3f:90:39:6c:d4:07:40:79:
                    32:bd:a9:dc:b1:eb:e2:95:03:49:da:79:11:33:a0:
                    ce:de:9c:0a:52:bc:07:7a:ac:f3:9a:c2:1d:1a:99:
                    2d:dd:86:65:4e:11:18:71:31:8e:9a:52:b3:04:79:
                    ee:1f:19:ca:b5:c6:ce:70:d8:d1:d6:d2:8e:ef:da:
                    97:27:31:b1:41:de:83:90:e9:89:c3:b2:4e:f6:94:
                    34:d0:43:1d:c7:55:54:69:8f:eb:35:cc:18:45:29:
                    43:cd:3b:24:b2:b9:e9:77:fc:5c:46:d0:0b:b4:2e:
                    ea:9a:c4:e4:7d:a4:0a:12:69:03:a2:c5:43:c1:77:
                    f8:0f:1f:b7:2d:7a:3e:a0:02:46:31:39:a0:57:fb:
                    e4:51:06:14:18:67:0a:78:79:00:fe:d7:be:d7:5c:
                    5e:03:3f:1f:6e:b1:d9:95:9b:8b:77:74:aa:ea:c3:
                    10:18:2c:82:ec:43:14:1e:63:d7:e1:bc:dc:37:84:
                    ef:bc:6e:e0:dc:05:48:91:70:19:37:11:66:3e:bf:
                    18:bb:eb:09:11:c8:eb:33:b9:2d:a1:42:7e:1d:4b:
                    de:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:D8:1B:96:01:7E:CF:28:40:11:06:EA:B1:CA:47:A8:86:93:CE:12
            X509v3 Authority Key Identifier:
                keyid:60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/293DA02E0E9411EFB4C6A635017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.215.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:67:0c:7c:e4:63:b7:d6:75:1a:c1:4a:4f:a1:5b:f1:a7:88:
         1e:c2:cc:d8:1f:79:67:0b:c2:5b:03:03:f2:40:73:79:fe:6f:
         47:25:fa:c8:98:27:63:b3:da:4e:77:51:12:1c:63:27:35:b4:
         dd:63:3f:26:9d:ff:4f:68:89:eb:82:69:1e:c3:67:47:0c:ca:
         35:40:21:36:cf:4b:bd:5c:a1:4b:51:e8:38:cd:3b:a2:fd:5c:
         d6:dc:a4:56:93:6c:85:2e:a3:ba:05:2c:2c:83:79:4c:19:06:
         3c:e1:c4:8b:08:74:93:4d:68:3e:49:a5:76:21:86:c4:2d:23:
         97:0d:fb:88:c4:e9:a6:df:34:53:14:84:bd:6b:d8:cc:dc:07:
         64:a1:3b:0e:d1:2a:a6:2b:2c:a2:e3:c3:7c:ae:1e:c8:ae:2c:
         6b:e3:0b:0e:9c:65:08:58:41:39:e6:dd:af:a1:35:ba:d8:e5:
         f3:e9:25:0e:e6:15:ba:69:62:5f:10:82:d2:e1:01:07:3a:e5:
         01:0d:01:2e:c9:b8:d4:09:f8:6e:a8:41:cf:09:3b:80:65:4e:
         b2:b5:6d:e3:60:86:3d:e1:d9:f3:21:d8:2a:77:d4:4d:3e:03:
         27:94:5d:43:0d:2d:52:fa:35:96:d9:d0:f6:09:fb:82:1a:3c:
         48:e3:06:42
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBFMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTQ2NTlBRjExMC8GA1UEBRMoNjBBMEU1RDFBQzY2QzhBRTNCN0M5RTZBOEVGNUJD
MDRCOEJCQjg4RTAeFw0yNDA1MTAwNjExMzVaFw0zMDA1MTAwNjExMzVaMBgxFjAU
BgNVBAMTDTY2M2RiYTlhLTI1YTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDwCbD5wqR1ntbm8OLMqecgeMwoqrNlAd4T1OnDT975tuFhTMs/kDls1AdA
eTK9qdyx6+KVA0naeREzoM7enApSvAd6rPOawh0amS3dhmVOERhxMY6aUrMEee4f
Gcq1xs5w2NHW0o7v2pcnMbFB3oOQ6YnDsk72lDTQQx3HVVRpj+s1zBhFKUPNOySy
uel3/FxG0Au0LuqaxOR9pAoSaQOixUPBd/gPH7ctej6gAkYxOaBX++RRBhQYZwp4
eQD+177XXF4DPx9usdmVm4t3dKrqwxAYLILsQxQeY9fhvNw3hO+8buDcBUiRcBk3
EWY+vxi76wkRyOszuS2hQn4dS941AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpNgb
lgF+zyhAEQbqscpHqIaTzhIwHwYDVR0jBBgwFoAUYKDl0axmyK47fJ5qjvW8BLi7
uI4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVBNDBENTc3L1lLRGww
YXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1lLRGwwYXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVB
NDBENTc3LzI5M0RBMDJFMEU5NDExRUZCNEM2QTYzNTAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1+UwDQYJKoZIhvcNAQEL
BQADggEBAINnDHzkY7fWdRrBSk+hW/GniB7CzNgfeWcLwlsDA/JAc3n+b0cl+siY
J2Oz2k53URIcYyc1tN1jPyad/09oieuCaR7DZ0cMyjVAITbPS71coUtR6DjNO6L9
XNbcpFaTbIUuo7oFLCyDeUwZBjzhxIsIdJNNaD5JpXYhhsQtI5cN+4jE6abfNFMU
hL1r2MzcB2ShOw7RKqYrLKLjw3yuHsiuLGvjCw6cZQhYQTnm3a+hNbrY5fPpJQ7m
FbppYl8QgtLhAQc65QENAS7JuNQJ+G6oQc8JO4BlTrK1beNghj3h2fMh2Cp31E0+
AyeUXUMNLVL6NZbZ0PYJ+4IaPEjjBkI=
-----END CERTIFICATE-----
Generated at Tue Jun 18 02:56:14 2024 by rpki-client on console-fra.rpki-client.org