Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/DDC0C1E25D0111EE990BC5574AD9E6FC.roa
File:                     DDC0C1E25D0111EE990BC5574AD9E6FC.roa (raw, json)
Hash identifier:          ZtzdpLg+cES3lAKHJfAJmzHsS72i6usJEHQFaVsAHMk=
Subject key identifier:   CD:5B:A5:E4:5C:20:B4:C3:8F:CC:AD:F5:7D:84:AC:BC:B0:B3:5F:F0
Certificate issuer:       /CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
Certificate serial:       0331
Authority key identifier: 1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/DDC0C1E25D0111EE990BC5574AD9E6FC.roa
Signing time:             Wed 27 Sep 2023 06:48:29 +0000
ROA not before:           Wed 27 Sep 2023 06:48:26 +0000
ROA not after:            Tue 30 Sep 2025 06:48:26 +0000
asID:                     328327
IP address blocks:        102.140.74.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 817 (0x331)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
        Validity
            Not Before: Sep 27 06:48:26 2023 GMT
            Not After : Sep 30 06:48:26 2025 GMT
        Subject: CN=6513d03d-28dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:94:6a:2f:5c:37:c9:04:29:59:2d:87:cf:4f:
                    28:aa:f3:40:d4:24:39:fa:ed:5e:45:e4:08:3b:c5:
                    50:54:9f:91:7b:1d:af:ff:ab:c1:ce:fa:17:d5:c2:
                    be:ff:d6:9a:91:66:2e:b6:d2:e2:8d:c0:ce:5a:a3:
                    07:38:97:45:5a:69:62:d7:01:88:83:7b:60:02:95:
                    03:29:08:66:24:96:3f:10:50:ad:b1:56:48:b3:b5:
                    a3:cc:26:36:d4:65:8c:e7:ab:6e:ae:d0:04:c9:5c:
                    89:aa:03:8f:ef:18:83:ee:6e:04:13:08:d0:b3:9f:
                    65:7c:76:38:0c:5c:9b:44:e1:f6:87:db:a8:91:bc:
                    83:5b:f4:83:af:72:f6:f5:2c:a0:76:97:c2:8e:9d:
                    af:fa:7c:db:65:f1:fc:35:90:ec:b0:7d:c3:ce:9c:
                    e9:6a:93:5f:b2:bf:c5:02:9b:da:9e:94:a3:84:b9:
                    f7:1c:73:af:88:70:f4:08:2c:f6:ee:09:75:95:13:
                    8d:ec:c2:4a:c7:60:76:36:8b:99:65:bb:cc:2d:5e:
                    70:7c:cf:6e:45:25:6d:ab:4c:a6:54:50:2d:27:dc:
                    8d:ab:a6:04:d8:b1:9c:6c:cd:f9:6e:97:cb:0b:11:
                    7e:11:d1:aa:26:91:df:7f:49:83:4a:15:ab:f7:c8:
                    20:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:5B:A5:E4:5C:20:B4:C3:8F:CC:AD:F5:7D:84:AC:BC:B0:B3:5F:F0
            X509v3 Authority Key Identifier:
                keyid:1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/DDC0C1E25D0111EE990BC5574AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.140.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:f0:57:f0:e7:83:24:92:b8:79:95:ec:28:17:b7:10:21:1a:
         02:82:8b:02:8c:b5:d0:34:77:bf:a9:f4:c4:d0:c7:2c:bf:cc:
         66:ca:8f:f5:a9:34:69:0e:67:62:9a:fa:4b:52:c0:fe:29:f4:
         57:49:8c:c2:4c:ae:9a:12:6b:6e:e3:58:9f:50:05:15:cb:9d:
         cf:28:3e:c3:5e:dd:05:db:b9:07:df:8d:a6:25:71:1a:ab:be:
         e6:82:08:79:b7:74:02:a6:2b:d2:be:d7:9e:7b:96:ec:18:6f:
         4e:c4:1b:81:77:8a:3a:c4:41:5a:b2:27:bf:83:53:b6:c1:03:
         9b:ce:16:62:8f:73:cf:25:e3:0d:aa:ac:a6:cc:a4:20:fa:2c:
         64:09:b0:73:23:e5:1d:fa:e7:7a:7c:0e:36:03:52:94:f0:e3:
         97:e4:3d:5e:56:7d:94:f2:76:7c:18:2c:7d:bc:d9:e1:98:6d:
         b6:c2:b3:b5:ef:31:6a:d6:e1:f9:4b:b6:ce:0f:51:f3:15:2e:
         68:1f:ee:5a:a2:d1:fd:6f:31:78:bb:bb:ab:9b:58:2c:ec:5a:
         75:e8:16:18:cc:fc:6e:1d:4f:70:e6:75:26:36:37:8f:42:52:
         6e:27:e3:d8:ab:af:9c:65:5c:d5:08:fa:6b:35:0e:13:79:c7:
         eb:e2:b0:8d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAzEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjFDMDZBRjExMC8GA1UEBRMoMUREMTZGRDY4QkZGN0NBQjFBQjkxQzU1REE2MUZD
MENERkY0MTc0MzAeFw0yMzA5MjcwNjQ4MjZaFw0yNTA5MzAwNjQ4MjZaMBgxFjAU
BgNVBAMTDTY1MTNkMDNkLTI4ZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDBlGovXDfJBClZLYfPTyiq80DUJDn67V5F5Ag7xVBUn5F7Ha//q8HO+hfV
wr7/1pqRZi620uKNwM5aowc4l0VaaWLXAYiDe2AClQMpCGYklj8QUK2xVkiztaPM
JjbUZYznq26u0ATJXImqA4/vGIPubgQTCNCzn2V8djgMXJtE4faH26iRvINb9IOv
cvb1LKB2l8KOna/6fNtl8fw1kOywfcPOnOlqk1+yv8UCm9qelKOEufccc6+IcPQI
LPbuCXWVE43swkrHYHY2i5llu8wtXnB8z25FJW2rTKZUUC0n3I2rpgTYsZxszflu
l8sLEX4R0aomkd9/SYNKFav3yCATAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzVul
5FwgtMOPzK31fYSsvLCzX/AwHwYDVR0jBBgwFoAUHdFv1ov/fKsauRxV2mH8DN/0
F0MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjIxQzA2LzU4QzlCNzhDMjA1OTExRUM5OTFCNjg3N0Q4QTAxNENFL0hkRnYx
b3ZfZktzYXVSeFYybUg4RE5fMEYwTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0hkRnYxb3ZfZktzYXVSeFYybUg4RE5fMEYwTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjIxQzA2LzU4QzlCNzhDMjA1OTExRUM5OTFCNjg3N0Q4
QTAxNENFL0REQzBDMUUyNUQwMTExRUU5OTBCQzU1NzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmjEowDQYJKoZIhvcNAQEL
BQADggEBAALwV/DngySSuHmV7CgXtxAhGgKCiwKMtdA0d7+p9MTQxyy/zGbKj/Wp
NGkOZ2Ka+ktSwP4p9FdJjMJMrpoSa27jWJ9QBRXLnc8oPsNe3QXbuQffjaYlcRqr
vuaCCHm3dAKmK9K+1557luwYb07EG4F3ijrEQVqyJ7+DU7bBA5vOFmKPc88l4w2q
rKbMpCD6LGQJsHMj5R3653p8DjYDUpTw45fkPV5WfZTydnwYLH282eGYbbbCs7Xv
MWrW4flLts4PUfMVLmgf7lqi0f1vMXi7u6ubWCzsWnXoFhjM/G4dT3DmdSY2N49C
Um4n49irr5xlXNUI+ms1DhN5x+visI0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:18 2024 by rpki-client on console-ams.rpki-client.org