Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3619C2D/A3800BAE482011EFB826B541762E951A/74DC4CE4482111EFB52ABE46762E951A.roa
File:                     74DC4CE4482111EFB52ABE46762E951A.roa (raw, json)
Hash identifier:          IrKSaBlXTXvuFdDCMcmVoeGgt+ao2gr+1sDL9IuQ/x0=
Subject key identifier:   A2:AB:B5:A3:84:E3:3D:0D:A1:0F:C7:A5:7F:EF:DD:A9:33:D8:C1:77
Certificate issuer:       /CN=F3619C2DAF/serialNumber=0AB82A4981607D9B3369DC776DB0873DA0D75B4A
Certificate serial:       04
Authority key identifier: 0A:B8:2A:49:81:60:7D:9B:33:69:DC:77:6D:B0:87:3D:A0:D7:5B:4A
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CrgqSYFgfZszadx3bbCHPaDXW0o.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3619C2D/A3800BAE482011EFB826B541762E951A/74DC4CE4482111EFB52ABE46762E951A.roa
Signing time:             Mon 22 Jul 2024 11:56:40 +0000
ROA not before:           Mon 22 Jul 2024 11:56:37 +0000
ROA not after:            Sat 22 Jul 2034 11:56:37 +0000
asID:                     329373
IP address blocks:        102.210.124.0/22 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3619C2D/A3800BAE482011EFB826B541762E951A/CrgqSYFgfZszadx3bbCHPaDXW0o.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3619C2D/A3800BAE482011EFB826B541762E951A/CrgqSYFgfZszadx3bbCHPaDXW0o.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CrgqSYFgfZszadx3bbCHPaDXW0o.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3619C2DAF/serialNumber=0AB82A4981607D9B3369DC776DB0873DA0D75B4A
        Validity
            Not Before: Jul 22 11:56:37 2024 GMT
            Not After : Jul 22 11:56:37 2034 GMT
        Subject: CN=669e48f8-8447
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b5:80:67:99:93:1e:ef:57:1d:86:5d:95:06:
                    d6:99:41:11:11:e7:4a:9c:72:b0:9a:92:89:4e:6f:
                    0c:57:6d:b2:c9:9e:46:eb:aa:24:86:85:e6:09:62:
                    81:4a:27:68:4f:46:f2:d9:12:e9:54:88:27:29:c0:
                    84:88:9e:5b:1e:5f:45:85:50:dd:7c:08:ea:1e:cb:
                    e6:53:d0:f5:ae:61:79:44:fc:bb:89:30:6a:e9:7c:
                    14:84:fb:86:5d:71:77:c7:bc:62:a9:53:9f:c9:83:
                    55:6d:c4:49:4d:e2:c1:f1:e4:77:9c:58:31:a3:6e:
                    6a:19:f8:71:0b:f1:90:06:14:a7:2d:9d:f3:1d:fd:
                    56:21:83:90:c8:50:ac:1f:39:ec:6d:f0:b2:cc:06:
                    0c:41:48:60:1a:c4:1e:09:23:b5:2b:42:5e:69:76:
                    30:ca:b1:61:33:90:ab:7e:8e:98:7e:68:7b:f8:96:
                    96:cb:f9:fc:69:1c:b8:d0:59:ca:4a:6f:e2:1a:00:
                    b0:4a:65:66:ac:83:bd:77:6e:c6:36:6c:3b:b1:15:
                    c8:5c:b8:42:67:f2:58:bc:ae:fe:11:46:65:69:c4:
                    40:99:ee:36:a2:68:4f:f7:3b:b3:1f:40:e4:48:6a:
                    2e:7f:82:8f:10:21:4a:44:67:d6:18:a3:cc:6a:0e:
                    f9:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:AB:B5:A3:84:E3:3D:0D:A1:0F:C7:A5:7F:EF:DD:A9:33:D8:C1:77
            X509v3 Authority Key Identifier:
                keyid:0A:B8:2A:49:81:60:7D:9B:33:69:DC:77:6D:B0:87:3D:A0:D7:5B:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3619C2D/A3800BAE482011EFB826B541762E951A/CrgqSYFgfZszadx3bbCHPaDXW0o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CrgqSYFgfZszadx3bbCHPaDXW0o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3619C2D/A3800BAE482011EFB826B541762E951A/74DC4CE4482111EFB52ABE46762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.210.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         81:39:82:ea:a2:cc:b8:52:55:46:7d:3d:34:ed:be:d7:b1:db:
         f4:92:10:e0:a0:1e:d3:df:d9:b9:71:ca:af:3a:7b:37:ec:d5:
         f4:93:ae:a9:f5:1f:7c:b6:6c:65:e6:c6:3a:0d:96:2d:e9:c9:
         c3:cc:33:59:40:58:74:67:dd:a6:6c:1a:09:af:45:b4:e0:c3:
         3d:a2:93:c6:51:bc:12:56:37:b8:d7:ef:bd:9c:7c:c4:aa:e6:
         a4:f2:9f:ab:49:1f:12:2a:bc:5b:cd:58:92:b9:47:25:5b:b5:
         58:c0:c8:0c:05:41:7f:d1:42:ce:a7:a3:c8:83:a8:ba:ef:b9:
         1b:87:5e:42:f3:70:b2:41:f8:a9:4f:79:64:f0:ef:ff:18:d8:
         69:b9:23:d3:c3:66:85:ae:b4:29:7b:06:9d:f2:36:07:fe:ee:
         59:ef:41:a9:77:1a:45:2b:7f:3f:63:61:00:62:90:d5:53:4d:
         08:12:f0:d1:c2:40:a1:e9:a6:41:20:b2:d1:2a:ed:ee:c3:4f:
         72:14:ac:27:c6:ab:62:16:85:d0:be:90:11:3c:c5:f3:d4:97:
         da:d1:63:fc:22:a9:01:14:44:e5:af:0f:d4:cd:47:67:1c:7b:
         91:95:ae:15:8b:b8:b3:4f:64:1e:78:5a:66:9e:30:d5:87:0a:
         55:ad:12:69
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
OUMyREFGMTEwLwYDVQQFEygwQUI4MkE0OTgxNjA3RDlCMzM2OURDNzc2REIwODcz
REEwRDc1QjRBMB4XDTI0MDcyMjExNTYzN1oXDTM0MDcyMjExNTYzN1owGDEWMBQG
A1UEAxMNNjY5ZTQ4ZjgtODQ0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANe1gGeZkx7vVx2GXZUG1plBERHnSpxysJqSiU5vDFdtssmeRuuqJIaF5gli
gUonaE9G8tkS6VSIJynAhIieWx5fRYVQ3XwI6h7L5lPQ9a5heUT8u4kwaul8FIT7
hl1xd8e8YqlTn8mDVW3ESU3iwfHkd5xYMaNuahn4cQvxkAYUpy2d8x39ViGDkMhQ
rB857G3wsswGDEFIYBrEHgkjtStCXml2MMqxYTOQq36OmH5oe/iWlsv5/GkcuNBZ
ykpv4hoAsEplZqyDvXduxjZsO7EVyFy4QmfyWLyu/hFGZWnEQJnuNqJoT/c7sx9A
5EhqLn+CjxAhSkRn1hijzGoO+ZMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSiq7Wj
hOM9DaEPx6V/792pM9jBdzAfBgNVHSMEGDAWgBQKuCpJgWB9mzNp3HdtsIc9oNdb
SjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTlDMkQvQTM4MDBCQUU0ODIwMTFFRkI4MjZCNTQxNzYyRTk1MUEvQ3JncVNZ
RmdmWnN6YWR4M2JiQ0hQYURYVzBvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQ3JncVNZRmdmWnN6YWR4M2JiQ0hQYURYVzBvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTlDMkQvQTM4MDBCQUU0ODIwMTFFRkI4MjZCNTQxNzYy
RTk1MUEvNzREQzRDRTQ0ODIxMTFFRkI1MkFCRTQ2NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbSfDANBgkqhkiG9w0BAQsF
AAOCAQEAgTmC6qLMuFJVRn09NO2+17Hb9JIQ4KAe09/ZuXHKrzp7N+zV9JOuqfUf
fLZsZebGOg2WLenJw8wzWUBYdGfdpmwaCa9FtODDPaKTxlG8ElY3uNfvvZx8xKrm
pPKfq0kfEiq8W81YkrlHJVu1WMDIDAVBf9FCzqejyIOouu+5G4deQvNwskH4qU95
ZPDv/xjYabkj08Nmha60KXsGnfI2B/7uWe9BqXcaRSt/P2NhAGKQ1VNNCBLw0cJA
oemmQSCy0Srt7sNPchSsJ8arYhaF0L6QETzF89SX2tFj/CKpARRE5a8P1M1HZxx7
kZWuFYu4s09kHnhaZp4w1YcKVa0SaQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:42 2024 by rpki-client on console-ams.rpki-client.org