Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/D88D45EE5CFF11EE934D39514AD9E6FC.roa
File:                     D88D45EE5CFF11EE934D39514AD9E6FC.roa (raw, json)
Hash identifier:          dR1Cc5I2bmjrB40L2cZOkh5VtSV+QNlrEFIs81jyw1s=
Subject key identifier:   17:D2:20:C9:DA:FB:D6:6A:78:81:06:DE:74:FF:1B:11:CA:6F:EC:A4
Certificate issuer:       /CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
Certificate serial:       031A
Authority key identifier: 1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/D88D45EE5CFF11EE934D39514AD9E6FC.roa
Signing time:             Wed 27 Sep 2023 06:34:02 +0000
ROA not before:           Wed 27 Sep 2023 06:33:58 +0000
ROA not after:            Tue 30 Sep 2025 06:33:58 +0000
asID:                     328327
IP address blocks:        102.140.64.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 794 (0x31a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
        Validity
            Not Before: Sep 27 06:33:58 2023 GMT
            Not After : Sep 30 06:33:58 2025 GMT
        Subject: CN=6513ccd9-413d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:bf:99:d8:40:15:a8:a5:9a:89:28:fb:e4:12:
                    36:f9:02:d9:2d:a8:83:fa:4d:03:6d:6d:37:77:d0:
                    ae:09:31:cc:83:cd:1b:99:55:7e:4f:06:ab:c4:90:
                    f4:51:cd:ed:22:c2:cd:d6:64:7f:5a:a9:99:ad:c8:
                    ad:dd:59:cc:6b:ca:1e:f0:03:1f:aa:0a:7d:b3:57:
                    7a:29:16:92:b8:dc:53:fb:f4:d1:e8:98:f2:2a:b6:
                    75:8c:98:1d:b6:c2:6a:df:42:a2:55:8e:d7:52:79:
                    a8:b3:1f:79:ff:ca:32:22:b6:65:08:c3:51:91:cb:
                    04:55:d2:17:fb:80:bc:92:33:6c:23:6b:c9:ff:6c:
                    94:47:d2:ec:c4:2d:df:5f:68:03:b2:82:4f:3c:24:
                    bc:54:ef:b6:35:10:dd:1a:37:2b:f1:fe:d8:4e:bf:
                    e9:b3:57:87:73:3d:11:aa:e9:f4:59:5f:b4:92:ce:
                    8a:95:77:1b:50:7a:14:a8:8c:49:ce:70:ce:4d:0e:
                    de:1b:41:17:42:37:5f:19:ff:1e:99:de:eb:8d:14:
                    20:e9:6a:ea:cc:24:94:bd:33:b0:b5:69:7f:e3:45:
                    a5:04:e9:b0:fe:cf:6d:2c:db:69:9a:cc:c4:cf:f8:
                    3e:32:29:76:28:c1:2b:22:9e:d6:42:c9:c4:7c:cf:
                    ce:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:D2:20:C9:DA:FB:D6:6A:78:81:06:DE:74:FF:1B:11:CA:6F:EC:A4
            X509v3 Authority Key Identifier:
                keyid:1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/D88D45EE5CFF11EE934D39514AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.140.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:a9:4b:f1:b5:63:0b:d1:67:72:35:08:8a:36:b0:32:e7:17:
         e6:f8:6b:df:af:f6:4c:f4:97:59:39:83:95:97:69:71:3e:10:
         05:14:41:d7:16:ae:6d:9e:39:ef:1a:35:7c:04:d7:dc:41:62:
         fa:5b:79:9c:50:c7:7c:c9:ee:78:6c:32:04:29:45:56:35:ba:
         56:7c:40:b9:e7:13:d2:f2:bc:aa:16:4f:75:33:e0:20:9c:80:
         f9:df:b8:e2:36:eb:4a:a3:9a:df:2e:cd:76:70:8c:87:da:82:
         d5:ef:b6:e1:54:a0:af:01:ea:a7:f8:f6:df:24:6b:3c:0a:06:
         61:14:37:68:59:8c:2a:58:ca:4d:06:f5:fb:87:00:f9:f3:99:
         4b:6c:90:d9:29:2b:9e:9a:b5:ad:15:42:14:2d:02:1e:b5:dd:
         51:fd:5e:09:a5:bf:0b:1b:cf:1f:fe:1a:b1:30:71:be:7d:86:
         98:29:02:2a:1a:1e:07:7b:f1:fc:60:9a:30:d2:5b:e8:0b:90:
         a7:1d:5d:aa:82:d8:60:a7:5b:8d:1b:38:b4:4d:a9:0d:f3:66:
         7d:d5:e7:ed:9d:38:cc:62:9b:ad:df:d6:d7:99:9d:d7:90:ad:
         58:8c:ad:6e:c4:9d:0a:db:15:ab:6c:a9:e4:2b:0c:c4:b9:0f:
         ea:45:70:55
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAxowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjFDMDZBRjExMC8GA1UEBRMoMUREMTZGRDY4QkZGN0NBQjFBQjkxQzU1REE2MUZD
MENERkY0MTc0MzAeFw0yMzA5MjcwNjMzNThaFw0yNTA5MzAwNjMzNThaMBgxFjAU
BgNVBAMTDTY1MTNjY2Q5LTQxM2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCcv5nYQBWopZqJKPvkEjb5AtktqIP6TQNtbTd30K4JMcyDzRuZVX5PBqvE
kPRRze0iws3WZH9aqZmtyK3dWcxryh7wAx+qCn2zV3opFpK43FP79NHomPIqtnWM
mB22wmrfQqJVjtdSeaizH3n/yjIitmUIw1GRywRV0hf7gLySM2wja8n/bJRH0uzE
Ld9faAOygk88JLxU77Y1EN0aNyvx/thOv+mzV4dzPRGq6fRZX7SSzoqVdxtQehSo
jEnOcM5NDt4bQRdCN18Z/x6Z3uuNFCDpaurMJJS9M7C1aX/jRaUE6bD+z20s22ma
zMTP+D4yKXYowSsintZCycR8z87ZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUF9Ig
ydr71mp4gQbedP8bEcpv7KQwHwYDVR0jBBgwFoAUHdFv1ov/fKsauRxV2mH8DN/0
F0MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjIxQzA2LzU4QzlCNzhDMjA1OTExRUM5OTFCNjg3N0Q4QTAxNENFL0hkRnYx
b3ZfZktzYXVSeFYybUg4RE5fMEYwTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0hkRnYxb3ZfZktzYXVSeFYybUg4RE5fMEYwTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjIxQzA2LzU4QzlCNzhDMjA1OTExRUM5OTFCNjg3N0Q4
QTAxNENFL0Q4OEQ0NUVFNUNGRjExRUU5MzREMzk1MTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmjEAwDQYJKoZIhvcNAQEL
BQADggEBAFWpS/G1YwvRZ3I1CIo2sDLnF+b4a9+v9kz0l1k5g5WXaXE+EAUUQdcW
rm2eOe8aNXwE19xBYvpbeZxQx3zJ7nhsMgQpRVY1ulZ8QLnnE9LyvKoWT3Uz4CCc
gPnfuOI260qjmt8uzXZwjIfagtXvtuFUoK8B6qf49t8kazwKBmEUN2hZjCpYyk0G
9fuHAPnzmUtskNkpK56ata0VQhQtAh613VH9Xgmlvwsbzx/+GrEwcb59hpgpAioa
Hgd78fxgmjDSW+gLkKcdXaqC2GCnW40bOLRNqQ3zZn3V5+2dOMxim63f1teZndeQ
rViMrW7EnQrbFatsqeQrDMS5D+pFcFU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:24 2024 by rpki-client on console-fra.rpki-client.org