Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/C6E512D02BBE11EE9D4024784AD9E6FC.roa
File:                     C6E512D02BBE11EE9D4024784AD9E6FC.roa (raw, json)
Hash identifier:          FHSJSUwRgieq399OwC78tMZjwgLm2LwCcXQ9PDUKKh4=
Subject key identifier:   A8:7B:45:5D:61:19:E8:3A:8A:99:CF:CC:A7:32:E7:C9:E6:09:80:3F
Certificate issuer:       /CN=F3618519AF/serialNumber=7BD8A2D0454D6263E227FA7EEA6A1F865AF02406
Certificate serial:       0383
Authority key identifier: 7B:D8:A2:D0:45:4D:62:63:E2:27:FA:7E:EA:6A:1F:86:5A:F0:24:06
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/e9ii0EVNYmPiJ_p-6mofhlrwJAY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/C6E512D02BBE11EE9D4024784AD9E6FC.roa
Signing time:             Wed 26 Jul 2023 14:14:48 +0000
ROA not before:           Wed 26 Jul 2023 14:14:44 +0000
ROA not after:            Mon 31 Jul 2028 14:14:44 +0000
asID:                     328813
IP address blocks:        102.220.203.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/e9ii0EVNYmPiJ_p-6mofhlrwJAY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/e9ii0EVNYmPiJ_p-6mofhlrwJAY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/e9ii0EVNYmPiJ_p-6mofhlrwJAY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 899 (0x383)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3618519AF/serialNumber=7BD8A2D0454D6263E227FA7EEA6A1F865AF02406
        Validity
            Not Before: Jul 26 14:14:44 2023 GMT
            Not After : Jul 31 14:14:44 2028 GMT
        Subject: CN=64c12a57-5508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e4:43:28:bc:d0:34:01:fa:aa:7a:7c:36:fc:
                    eb:f9:e3:a7:ba:5f:ba:8d:00:ab:15:7a:5c:5f:1c:
                    ca:27:fd:c0:96:12:2e:0d:65:55:a8:5a:1c:ed:85:
                    58:47:9c:32:bf:4f:56:d8:67:59:bd:03:1a:89:ee:
                    bd:27:82:a9:a7:17:41:49:81:7a:18:5e:38:c0:b8:
                    df:06:ee:8c:c4:91:95:01:b1:18:08:db:ad:d9:f0:
                    07:8e:3c:70:5f:bf:03:c8:09:bd:fc:78:b1:1a:56:
                    cc:0e:a3:4c:d6:eb:26:c2:10:42:01:e3:57:df:76:
                    bf:59:ec:a1:d9:a6:c7:6e:8a:24:46:8c:80:ce:e0:
                    e5:ed:4d:ac:0a:17:63:15:bd:2c:db:58:62:f4:29:
                    24:49:85:c6:ed:0a:e7:a8:34:d2:93:5d:74:9c:07:
                    fe:61:84:e4:bb:66:2e:dd:3f:a7:ce:ad:cb:d3:04:
                    77:0c:12:9e:44:1e:d7:61:e2:07:6d:54:11:c5:ac:
                    f4:bc:5f:7b:2c:fa:a6:ca:57:4d:c3:46:cf:c7:27:
                    7b:c0:58:90:30:1d:0a:d9:3c:7b:69:a6:de:b3:64:
                    ce:e7:ad:c1:a5:a1:df:37:9a:d0:76:d5:bf:40:25:
                    09:1b:7a:68:db:b2:ba:79:0c:20:91:1d:90:45:a5:
                    25:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:7B:45:5D:61:19:E8:3A:8A:99:CF:CC:A7:32:E7:C9:E6:09:80:3F
            X509v3 Authority Key Identifier:
                keyid:7B:D8:A2:D0:45:4D:62:63:E2:27:FA:7E:EA:6A:1F:86:5A:F0:24:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/e9ii0EVNYmPiJ_p-6mofhlrwJAY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/e9ii0EVNYmPiJ_p-6mofhlrwJAY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3618519/2BFB6B42916111EB9B0F954AF8AEA228/C6E512D02BBE11EE9D4024784AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:31:c2:b1:c8:dc:7f:56:4a:de:04:00:82:ca:72:98:61:5b:
         d9:03:b7:ec:4f:0b:02:89:93:1c:e3:8b:32:a2:b2:ed:e8:3e:
         24:95:3c:36:33:b5:26:cf:1e:47:d6:5c:93:5a:1b:b8:c7:13:
         31:41:55:c1:9b:79:89:64:7d:5f:32:c0:a0:99:79:1f:48:3c:
         85:e8:57:58:5a:c7:94:4d:0b:7c:95:c0:ad:6f:6e:50:f8:7d:
         0e:4d:17:46:cb:a2:27:00:ad:07:5e:3a:28:4a:99:4b:48:fb:
         6d:cd:28:2f:0b:7d:25:b6:38:a8:52:27:2b:93:2e:f5:ec:6f:
         ca:27:bd:31:3d:03:b1:78:43:8d:4a:98:57:04:a6:d0:64:05:
         56:bb:bd:53:6f:a3:2f:21:b7:55:8c:87:e7:d1:96:19:9e:60:
         9f:e7:be:e1:80:fb:e9:00:47:f8:0d:ce:2d:bd:15:30:7d:fb:
         ef:63:d2:49:83:8e:92:db:7f:4d:5c:ac:30:c4:83:93:c8:60:
         97:fe:d3:44:6f:42:4a:67:5c:c5:15:83:be:6b:80:68:2f:23:
         3e:62:d7:51:62:7c:44:db:99:c0:d3:11:26:ec:d2:e5:3a:f4:
         e3:58:fb:bc:e5:a7:c6:9e:67:6a:de:03:4b:4f:ac:bc:e6:70:
         da:0d:ad:a0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA4MwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MTg1MTlBRjExMC8GA1UEBRMoN0JEOEEyRDA0NTRENjI2M0UyMjdGQTdFRUE2QTFG
ODY1QUYwMjQwNjAeFw0yMzA3MjYxNDE0NDRaFw0yODA3MzExNDE0NDRaMBgxFjAU
BgNVBAMTDTY0YzEyYTU3LTU1MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDD5EMovNA0Afqqenw2/Ov546e6X7qNAKsVelxfHMon/cCWEi4NZVWoWhzt
hVhHnDK/T1bYZ1m9AxqJ7r0ngqmnF0FJgXoYXjjAuN8G7ozEkZUBsRgI263Z8AeO
PHBfvwPICb38eLEaVswOo0zW6ybCEEIB41ffdr9Z7KHZpsduiiRGjIDO4OXtTawK
F2MVvSzbWGL0KSRJhcbtCueoNNKTXXScB/5hhOS7Zi7dP6fOrcvTBHcMEp5EHtdh
4gdtVBHFrPS8X3ss+qbKV03DRs/HJ3vAWJAwHQrZPHtppt6zZM7nrcGlod83mtB2
1b9AJQkbemjbsrp5DCCRHZBFpSVvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUqHtF
XWEZ6DqKmc/MpzLnyeYJgD8wHwYDVR0jBBgwFoAUe9ii0EVNYmPiJ/p+6mofhlrw
JAYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE4NTE5LzJCRkI2QjQyOTE2MTExRUI5QjBGOTU0QUY4QUVBMjI4L2U5aWkw
RVZOWW1QaUpfcC02bW9maGxyd0pBWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2U5aWkwRVZOWW1QaUpfcC02bW9maGxyd0pBWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE4NTE5LzJCRkI2QjQyOTE2MTExRUI5QjBGOTU0QUY4
QUVBMjI4L0M2RTUxMkQwMkJCRTExRUU5RDQwMjQ3ODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm3MswDQYJKoZIhvcNAQEL
BQADggEBAHgxwrHI3H9WSt4EAILKcphhW9kDt+xPCwKJkxzjizKisu3oPiSVPDYz
tSbPHkfWXJNaG7jHEzFBVcGbeYlkfV8ywKCZeR9IPIXoV1hax5RNC3yVwK1vblD4
fQ5NF0bLoicArQdeOihKmUtI+23NKC8LfSW2OKhSJyuTLvXsb8onvTE9A7F4Q41K
mFcEptBkBVa7vVNvoy8ht1WMh+fRlhmeYJ/nvuGA++kAR/gNzi29FTB9++9j0kmD
jpLbf01crDDEg5PIYJf+00RvQkpnXMUVg75rgGgvIz5i11FifETbmcDTESbs0uU6
9ONY+7zlp8aeZ2reA0tPrLzmcNoNraA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:24 2024 by rpki-client on console-fra.rpki-client.org