Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/48EE643C11DF11EF9E5C3B0F017001B1.roa
File:                     48EE643C11DF11EF9E5C3B0F017001B1.roa (raw, json)
Hash identifier:          hiH0HoHnr0EOx/3zaCqOvbpfcNKXVvAzpo1J2FeM4Lc=
Subject key identifier:   F2:3D:B3:5A:DA:08:8F:D8:7A:75:3A:9C:5F:DB:AF:CC:13:0E:89:01
Certificate issuer:       /CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
Certificate serial:       045D
Authority key identifier: 60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/48EE643C11DF11EF9E5C3B0F017001B1.roa
Signing time:             Tue 14 May 2024 10:46:57 +0000
ROA not before:           Tue 14 May 2024 10:46:54 +0000
ROA not after:            Tue 14 May 2030 10:46:54 +0000
asID:                     979
IP address blocks:        102.215.231.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 20 Jun 2024 00:05:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1117 (0x45d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
        Validity
            Not Before: May 14 10:46:54 2024 GMT
            Not After : May 14 10:46:54 2030 GMT
        Subject: CN=66434121-6871
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e2:7f:50:26:4a:43:75:9c:d9:fe:00:c8:2a:
                    48:1f:72:5f:17:89:fb:78:46:43:3c:2b:22:86:18:
                    33:0b:9c:0b:16:8f:e8:9e:af:4c:87:13:65:84:c5:
                    ec:2b:be:9a:80:8c:f3:8b:68:d7:4c:0d:92:61:14:
                    f7:0a:7d:af:1c:2b:fa:ed:be:9f:c4:b6:98:7d:91:
                    38:a2:96:40:fd:8e:82:59:2e:91:7a:8b:3a:bb:24:
                    76:a9:19:25:8e:34:a1:d8:98:c6:ea:28:93:6e:4d:
                    8e:ca:8f:23:9e:38:2c:4d:5e:b9:9f:b7:ce:0a:65:
                    9a:db:79:94:7e:88:2f:55:22:cb:30:ad:10:33:46:
                    6f:a4:d1:b4:62:ca:42:81:68:09:c5:c2:36:5b:93:
                    6f:93:eb:70:60:f6:8e:4a:b2:21:00:de:cb:c0:5a:
                    54:2a:b1:74:54:51:8b:9c:70:1e:7b:ff:37:a9:41:
                    5e:bb:ef:bc:6b:83:4c:cc:be:6d:06:37:cb:03:db:
                    4b:1f:e3:52:2a:5d:ef:de:b3:4c:6f:8c:f8:77:7a:
                    e4:87:68:7a:ce:3d:db:e5:30:ac:05:fc:fc:83:39:
                    40:05:38:38:8d:d7:c2:36:7a:d0:dc:fd:94:5f:5a:
                    25:4e:4e:b7:0a:73:86:08:94:4a:61:97:02:75:e9:
                    7f:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:3D:B3:5A:DA:08:8F:D8:7A:75:3A:9C:5F:DB:AF:CC:13:0E:89:01
            X509v3 Authority Key Identifier:
                keyid:60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/48EE643C11DF11EF9E5C3B0F017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.215.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:4c:75:94:4e:90:f5:07:d4:24:e6:af:4d:10:f7:d0:47:3a:
         16:32:ce:af:54:2c:6d:e8:f1:8c:f8:d6:32:b2:ed:39:e8:b7:
         ca:c1:d7:b4:e5:cd:94:9f:7d:22:2e:93:b6:14:10:d1:7b:24:
         63:9a:32:a6:12:b2:2d:6a:5a:a1:d8:ab:96:71:b7:d4:5e:04:
         7d:98:62:76:20:f5:8e:45:89:b0:f3:3c:03:7c:f6:ae:8f:b4:
         ec:74:2c:78:cf:cd:c7:1c:ca:4f:ae:f2:26:a5:25:14:49:3d:
         8a:9f:0f:9c:02:9c:55:04:f4:bd:15:78:bf:b7:f7:83:6a:0a:
         d8:e9:b1:30:86:89:0f:7d:54:b4:52:61:92:f0:7c:9c:18:6d:
         3d:99:67:ef:61:6d:29:be:65:54:26:b7:b9:c6:a7:88:fe:f8:
         79:e6:ed:b1:41:b5:b5:3c:67:02:59:b1:cb:7c:28:1e:ca:5a:
         97:1a:1a:5d:55:dc:93:9c:72:26:1a:55:50:5b:4f:72:60:d1:
         42:d7:8b:29:00:08:21:0d:42:d8:77:e3:5c:9f:71:79:5b:38:
         4e:14:d3:be:7a:27:24:6e:3d:84:8b:96:97:1b:8f:52:f6:48:
         30:3c:ac:09:25:73:80:f3:6c:34:f6:3e:15:ed:41:dc:68:9b:
         36:8e:97:45
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBF0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTQ2NTlBRjExMC8GA1UEBRMoNjBBMEU1RDFBQzY2QzhBRTNCN0M5RTZBOEVGNUJD
MDRCOEJCQjg4RTAeFw0yNDA1MTQxMDQ2NTRaFw0zMDA1MTQxMDQ2NTRaMBgxFjAU
BgNVBAMTDTY2NDM0MTIxLTY4NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDA4n9QJkpDdZzZ/gDIKkgfcl8Xift4RkM8KyKGGDMLnAsWj+ier0yHE2WE
xewrvpqAjPOLaNdMDZJhFPcKfa8cK/rtvp/Etph9kTiilkD9joJZLpF6izq7JHap
GSWONKHYmMbqKJNuTY7KjyOeOCxNXrmft84KZZrbeZR+iC9VIsswrRAzRm+k0bRi
ykKBaAnFwjZbk2+T63Bg9o5KsiEA3svAWlQqsXRUUYuccB57/zepQV6777xrg0zM
vm0GN8sD20sf41IqXe/es0xvjPh3euSHaHrOPdvlMKwF/PyDOUAFODiN18I2etDc
/ZRfWiVOTrcKc4YIlEphlwJ16X8VAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8j2z
WtoIj9h6dTqcX9uvzBMOiQEwHwYDVR0jBBgwFoAUYKDl0axmyK47fJ5qjvW8BLi7
uI4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVBNDBENTc3L1lLRGww
YXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1lLRGwwYXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVB
NDBENTc3LzQ4RUU2NDNDMTFERjExRUY5RTVDM0IwRjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1+cwDQYJKoZIhvcNAQEL
BQADggEBADhMdZROkPUH1CTmr00Q99BHOhYyzq9ULG3o8Yz41jKy7Tnot8rB17Tl
zZSffSIuk7YUENF7JGOaMqYSsi1qWqHYq5Zxt9ReBH2YYnYg9Y5FibDzPAN89q6P
tOx0LHjPzcccyk+u8ialJRRJPYqfD5wCnFUE9L0VeL+394NqCtjpsTCGiQ99VLRS
YZLwfJwYbT2ZZ+9hbSm+ZVQmt7nGp4j++Hnm7bFBtbU8ZwJZsct8KB7KWpcaGl1V
3JOcciYaVVBbT3Jg0ULXiykACCENQth341yfcXlbOE4U0756JyRuPYSLlpcbj1L2
SDA8rAklc4DzbDT2PhXtQdxomzaOl0U=
-----END CERTIFICATE-----
Generated at Tue Jun 18 03:15:43 2024 by rpki-client on console-ams.rpki-client.org