Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/5C13DD242BBE11EE8DF71B774AD9E6FC.roa
File:                     5C13DD242BBE11EE8DF71B774AD9E6FC.roa (raw, json)
Hash identifier:          Kmtx9yA4EA/1OUqEVlxhgLvzaEtY9kMXLyFAqK8NDI4=
Subject key identifier:   52:D2:F5:2D:DA:50:F1:39:5E:38:A9:10:81:3E:37:74:01:13:98:41
Certificate issuer:       /CN=F3618519AF/serialNumber=7BD8A2D0454D6263E227FA7EEA6A1F865AF02406
Certificate serial:       0381
Authority key identifier: 7B:D8:A2:D0:45:4D:62:63:E2:27:FA:7E:EA:6A:1F:86:5A:F0:24:06
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/e9ii0EVNYmPiJ_p-6mofhlrwJAY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/5C13DD242BBE11EE8DF71B774AD9E6FC.roa
Signing time:             Wed 26 Jul 2023 14:11:48 +0000
ROA not before:           Wed 26 Jul 2023 14:11:45 +0000
ROA not after:            Mon 31 Jul 2028 14:11:45 +0000
asID:                     328813
IP address blocks:        102.220.202.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/e9ii0EVNYmPiJ_p-6mofhlrwJAY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/e9ii0EVNYmPiJ_p-6mofhlrwJAY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/e9ii0EVNYmPiJ_p-6mofhlrwJAY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 897 (0x381)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3618519AF/serialNumber=7BD8A2D0454D6263E227FA7EEA6A1F865AF02406
        Validity
            Not Before: Jul 26 14:11:45 2023 GMT
            Not After : Jul 31 14:11:45 2028 GMT
        Subject: CN=64c129a4-679c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:8c:b0:6d:24:00:28:e1:1c:6f:f6:6e:ec:f3:
                    32:e8:93:f6:10:c1:2a:3c:f2:9a:97:d2:de:8c:26:
                    06:c8:8b:62:82:f3:3a:0e:c3:6e:e2:76:a2:83:f8:
                    97:6e:31:1f:da:d7:8a:96:8e:4c:f0:0b:d2:6b:97:
                    49:79:8e:1b:69:57:fd:35:7e:44:31:e1:73:ef:10:
                    c5:4d:80:25:87:bb:bb:87:96:6e:c0:93:07:36:dc:
                    90:e6:29:79:ba:cf:66:71:db:4f:af:59:33:9f:69:
                    b0:13:7b:11:c0:4f:49:39:df:3e:8b:47:50:9a:a5:
                    87:25:14:f6:97:98:ba:bd:58:41:6a:26:37:75:ca:
                    7a:8c:28:47:53:34:2b:9f:2e:73:c3:2e:79:35:8a:
                    84:d0:43:7f:51:a4:f4:35:5d:e2:3a:b5:26:50:78:
                    76:4e:ba:6f:7c:03:df:a2:3b:b1:7e:b9:ed:36:a0:
                    8e:95:f3:7d:b9:49:6f:47:60:01:91:bb:f2:f8:66:
                    59:92:6f:bd:87:83:ca:e6:65:48:ae:c1:01:ec:6b:
                    be:e3:49:c4:c0:59:4e:74:c3:fa:8c:85:1a:66:f5:
                    1e:8f:20:96:c2:b4:e2:15:25:ff:ae:99:36:d0:6d:
                    59:82:ae:ac:52:7b:70:6e:87:62:c3:c1:4f:3f:a7:
                    07:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:D2:F5:2D:DA:50:F1:39:5E:38:A9:10:81:3E:37:74:01:13:98:41
            X509v3 Authority Key Identifier:
                keyid:7B:D8:A2:D0:45:4D:62:63:E2:27:FA:7E:EA:6A:1F:86:5A:F0:24:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/e9ii0EVNYmPiJ_p-6mofhlrwJAY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/e9ii0EVNYmPiJ_p-6mofhlrwJAY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/5C13DD242BBE11EE8DF71B774AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:f3:da:79:1c:b8:a3:01:dc:3e:43:f0:f7:67:9a:71:91:12:
         d9:8b:7c:cc:18:9b:74:99:37:e9:bc:c1:11:05:78:92:fe:cf:
         d4:bd:99:fa:0e:fb:ef:50:b5:40:6d:5c:00:5f:1d:df:22:95:
         64:5d:ae:38:db:04:41:b4:e3:8e:5e:b4:d7:43:bb:a0:3b:f9:
         08:e3:26:83:05:37:64:3f:cf:14:be:f2:0a:d1:65:7d:57:a6:
         d7:c8:84:24:2a:06:6e:e5:3e:d4:0e:ea:58:56:ba:0b:ea:1b:
         ac:56:d1:71:0b:62:44:1a:91:47:5a:98:07:9d:68:df:b1:2c:
         26:86:d5:26:8d:24:1b:c4:81:97:c1:57:96:29:d6:a3:bc:6f:
         bb:d9:c8:5e:89:f2:45:a3:09:23:81:fb:4f:36:34:9e:28:87:
         40:1c:41:84:6d:07:8f:2f:f8:40:10:92:e8:04:1b:1d:dc:e3:
         bc:7b:8d:87:46:c8:7d:98:f9:41:f8:0b:f2:59:a0:29:ef:e3:
         81:77:32:a1:02:b1:1c:8f:45:43:a4:8b:cd:1a:5e:6d:37:27:
         d4:21:b7:96:df:d9:79:e5:c2:cb:5b:7d:05:f6:05:28:28:0f:
         b3:e4:27:ea:cb:9e:d2:42:e2:e9:82:32:e3:33:59:53:43:ed:
         38:0a:6b:2b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA4EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MTg1MTlBRjExMC8GA1UEBRMoN0JEOEEyRDA0NTRENjI2M0UyMjdGQTdFRUE2QTFG
ODY1QUYwMjQwNjAeFw0yMzA3MjYxNDExNDVaFw0yODA3MzExNDExNDVaMBgxFjAU
BgNVBAMTDTY0YzEyOWE0LTY3OWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDjLBtJAAo4Rxv9m7s8zLok/YQwSo88pqX0t6MJgbIi2KC8zoOw27idqKD
+JduMR/a14qWjkzwC9Jrl0l5jhtpV/01fkQx4XPvEMVNgCWHu7uHlm7Akwc23JDm
KXm6z2Zx20+vWTOfabATexHAT0k53z6LR1CapYclFPaXmLq9WEFqJjd1ynqMKEdT
NCufLnPDLnk1ioTQQ39RpPQ1XeI6tSZQeHZOum98A9+iO7F+ue02oI6V8325SW9H
YAGRu/L4ZlmSb72Hg8rmZUiuwQHsa77jScTAWU50w/qMhRpm9R6PIJbCtOIVJf+u
mTbQbVmCrqxSe3Buh2LDwU8/pwdVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUUtL1
LdpQ8TleOKkQgT43dAETmEEwHwYDVR0jBBgwFoAUe9ii0EVNYmPiJ/p+6mofhlrw
JAYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE4NTE5LzJCRkI2QjQyOTE2MTExRUI5QjBGOTU0QUY4QUVBMjI4L2U5aWkw
RVZOWW1QaUpfcC02bW9maGxyd0pBWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2U5aWkwRVZOWW1QaUpfcC02bW9maGxyd0pBWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE4NTE5LzJCRkI2QjQyOTE2MTExRUI5QjBGOTU0QUY4
QUVBMjI4LzVDMTNERDI0MkJCRTExRUU4REY3MUI3NzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm3MowDQYJKoZIhvcNAQEL
BQADggEBAGLz2nkcuKMB3D5D8PdnmnGREtmLfMwYm3SZN+m8wREFeJL+z9S9mfoO
++9QtUBtXABfHd8ilWRdrjjbBEG0445etNdDu6A7+QjjJoMFN2Q/zxS+8grRZX1X
ptfIhCQqBm7lPtQO6lhWugvqG6xW0XELYkQakUdamAedaN+xLCaG1SaNJBvEgZfB
V5Yp1qO8b7vZyF6J8kWjCSOB+082NJ4oh0AcQYRtB48v+EAQkugEGx3c47x7jYdG
yH2Y+UH4C/JZoCnv44F3MqECsRyPRUOki80aXm03J9Qht5bf2XnlwstbfQX2BSgo
D7PkJ+rLntJC4umCMuMzWVND7TgKays=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:17 2024 by rpki-client on console-ams.rpki-client.org