Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361F5C9/C6A3DD50A37711EBBC09D782F8AEA228/930A9658686111EE8777D9794AD9E6FC.roa
File:                     930A9658686111EE8777D9794AD9E6FC.roa (raw, json)
Hash identifier:          Gd7O6jWoDjX8X8K8K9x3aAf6PJtrIP1FNa+8qOggwFg=
Subject key identifier:   E7:2D:5E:30:72:D9:56:B8:4D:DB:5C:A4:D6:14:4E:EB:8E:B6:A4:D2
Certificate issuer:       /CN=F361F5C9AF/serialNumber=B7DEB01BACBB4B5A7E9C782FFF99FD8E5DC06CB2
Certificate serial:       03B9
Authority key identifier: B7:DE:B0:1B:AC:BB:4B:5A:7E:9C:78:2F:FF:99:FD:8E:5D:C0:6C:B2
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/t96wG6y7S1p-nHgv_5n9jl3AbLI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F361F5C9/C6A3DD50A37711EBBC09D782F8AEA228/930A9658686111EE8777D9794AD9E6FC.roa
Signing time:             Wed 11 Oct 2023 18:11:18 +0000
ROA not before:           Wed 11 Oct 2023 18:11:14 +0000
ROA not after:            Fri 31 Dec 2049 18:11:14 +0000
asID:                     328475
IP address blocks:        102.211.136.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F361F5C9/C6A3DD50A37711EBBC09D782F8AEA228/t96wG6y7S1p-nHgv_5n9jl3AbLI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F361F5C9/C6A3DD50A37711EBBC09D782F8AEA228/t96wG6y7S1p-nHgv_5n9jl3AbLI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/t96wG6y7S1p-nHgv_5n9jl3AbLI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 953 (0x3b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F361F5C9AF/serialNumber=B7DEB01BACBB4B5A7E9C782FFF99FD8E5DC06CB2
        Validity
            Not Before: Oct 11 18:11:14 2023 GMT
            Not After : Dec 31 18:11:14 2049 GMT
        Subject: CN=6526e546-c16e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:40:46:9e:ca:fb:41:2a:89:45:67:8f:a9:d2:
                    53:ba:a3:21:ad:fc:56:c0:aa:bf:be:30:99:86:3a:
                    63:1e:7d:37:6f:d4:a8:4f:9c:d0:31:3e:c5:0a:da:
                    17:ef:66:06:51:87:7b:b1:29:a3:18:5b:0c:81:78:
                    23:f8:94:be:0a:ae:d0:48:92:c6:dd:12:30:42:4a:
                    15:9f:48:27:ba:44:16:59:98:2c:16:f3:71:bf:17:
                    de:26:85:ef:55:c4:e3:ad:45:ad:c5:0b:19:94:8c:
                    94:66:9b:9e:e7:d1:f0:f6:cd:f3:d7:6c:7b:bb:25:
                    ee:b2:95:6b:81:ea:a7:d6:fa:c5:2b:0d:f7:32:ef:
                    13:44:1c:6e:ab:a6:b5:83:45:8d:06:55:bf:03:d8:
                    92:8b:57:29:b9:69:f9:d8:98:dc:80:63:1d:eb:1e:
                    00:06:04:d3:ab:67:0c:58:0c:de:65:97:1e:45:ab:
                    9e:57:ae:96:40:31:45:1b:c9:83:14:d4:e0:10:12:
                    1e:ac:7b:4b:28:f6:6d:41:ce:dc:54:b5:43:63:b9:
                    24:0e:7a:44:34:d1:8b:52:00:be:cc:0b:ab:9a:d1:
                    5b:12:0a:4f:d0:ca:ea:8f:5e:7f:a6:95:3a:97:53:
                    59:2e:5f:0b:43:e1:22:2b:82:7b:e5:bf:09:ed:d4:
                    72:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:2D:5E:30:72:D9:56:B8:4D:DB:5C:A4:D6:14:4E:EB:8E:B6:A4:D2
            X509v3 Authority Key Identifier:
                keyid:B7:DE:B0:1B:AC:BB:4B:5A:7E:9C:78:2F:FF:99:FD:8E:5D:C0:6C:B2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F361F5C9/C6A3DD50A37711EBBC09D782F8AEA228/t96wG6y7S1p-nHgv_5n9jl3AbLI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/t96wG6y7S1p-nHgv_5n9jl3AbLI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361F5C9/C6A3DD50A37711EBBC09D782F8AEA228/930A9658686111EE8777D9794AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.211.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:18:28:cf:05:96:ec:f7:02:6e:56:5f:30:66:37:9c:bd:61:
         25:c2:ae:96:72:23:86:fb:99:80:04:d0:b4:db:3d:7f:8b:31:
         6f:d1:cc:77:1b:c6:0a:74:f7:06:54:20:fe:11:7a:45:0b:5b:
         88:d4:66:48:12:7c:2a:45:5f:2e:aa:50:16:87:e3:9c:fd:87:
         a2:15:87:4a:f5:e8:2f:a0:b4:9c:cf:90:1d:6f:b1:bb:bc:8b:
         1b:5f:8e:23:04:ff:da:e9:b3:04:17:72:ab:57:cb:85:b6:6a:
         1f:3c:a6:df:10:f2:b6:8c:4a:f0:1f:14:f7:bd:c9:4c:fe:64:
         76:37:fd:0c:c6:09:e6:a3:db:4b:39:01:2c:35:bc:f7:99:58:
         66:fb:67:cd:9c:37:e3:b5:db:69:95:7f:2c:58:38:c8:f1:9b:
         9e:c8:2f:27:05:c9:63:8c:4a:13:d8:23:e0:51:7f:98:76:2c:
         d0:7c:1b:f5:f4:83:db:f7:5f:59:9c:00:f5:f8:98:5b:da:f7:
         02:0b:e8:97:4a:a9:32:03:48:08:e7:c8:4f:13:14:dd:22:a9:
         66:e0:f3:a1:4b:d5:1f:56:c1:4d:a5:ec:e6:bf:86:49:44:8a:
         e8:42:aa:90:ab:a9:89:d4:d2:36:9f:8b:60:51:e6:85:3a:b7:
         77:8a:44:7f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA7kwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MUY1QzlBRjExMC8GA1UEBRMoQjdERUIwMUJBQ0JCNEI1QTdFOUM3ODJGRkY5OUZE
OEU1REMwNkNCMjAeFw0yMzEwMTExODExMTRaFw00OTEyMzExODExMTRaMBgxFjAU
BgNVBAMTDTY1MjZlNTQ2LWMxNmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCyQEaeyvtBKolFZ4+p0lO6oyGt/FbAqr++MJmGOmMefTdv1KhPnNAxPsUK
2hfvZgZRh3uxKaMYWwyBeCP4lL4KrtBIksbdEjBCShWfSCe6RBZZmCwW83G/F94m
he9VxOOtRa3FCxmUjJRmm57n0fD2zfPXbHu7Je6ylWuB6qfW+sUrDfcy7xNEHG6r
prWDRY0GVb8D2JKLVym5afnYmNyAYx3rHgAGBNOrZwxYDN5llx5Fq55XrpZAMUUb
yYMU1OAQEh6se0so9m1BztxUtUNjuSQOekQ00YtSAL7MC6ua0VsSCk/QyuqPXn+m
lTqXU1kuXwtD4SIrgnvlvwnt1HJ9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU5y1e
MHLZVrhN21yk1hRO6462pNIwHwYDVR0jBBgwFoAUt96wG6y7S1p+nHgv/5n9jl3A
bLIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjFGNUM5L0M2QTNERDUwQTM3NzExRUJCQzA5RDc4MkY4QUVBMjI4L3Q5NndH
Nnk3UzFwLW5IZ3ZfNW45amwzQWJMSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3Q5NndHNnk3UzFwLW5IZ3ZfNW45amwzQWJMSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjFGNUM5L0M2QTNERDUwQTM3NzExRUJCQzA5RDc4MkY4
QUVBMjI4LzkzMEE5NjU4Njg2MTExRUU4Nzc3RDk3OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm04gwDQYJKoZIhvcNAQEL
BQADggEBAIMYKM8Fluz3Am5WXzBmN5y9YSXCrpZyI4b7mYAE0LTbPX+LMW/RzHcb
xgp09wZUIP4RekULW4jUZkgSfCpFXy6qUBaH45z9h6IVh0r16C+gtJzPkB1vsbu8
ixtfjiME/9rpswQXcqtXy4W2ah88pt8Q8raMSvAfFPe9yUz+ZHY3/QzGCeaj20s5
ASw1vPeZWGb7Z82cN+O122mVfyxYOMjxm57ILycFyWOMShPYI+BRf5h2LNB8G/X0
g9v3X1mcAPX4mFva9wIL6JdKqTIDSAjnyE8TFN0iqWbg86FL1R9WwU2l7Oa/hklE
iuhCqpCrqYnU0jafi2BR5oU6t3eKRH8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org