Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626C5B/EE6ADCC2CDF711EAA5AED244F8AEA228/273CF154890F11EEAE5F7C364AD9E6FC.roa
File:                     273CF154890F11EEAE5F7C364AD9E6FC.roa (raw, json)
Hash identifier:          6Zyoo60Pz+GnvK6rZB7VRukfQvQPSJF7/Al01Yw7AE8=
Subject key identifier:   BE:1F:3E:A8:29:A5:6F:CE:5E:B2:07:B6:AB:38:2A:9F:5A:59:C5:37
Certificate issuer:       /CN=F3626C5BAF/serialNumber=2CDF580E376755B1F8C6880842126DD63DD74EE7
Certificate serial:       04F8
Authority key identifier: 2C:DF:58:0E:37:67:55:B1:F8:C6:88:08:42:12:6D:D6:3D:D7:4E:E7
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/LN9YDjdnVbH4xogIQhJt1j3XTuc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3626C5B/EE6ADCC2CDF711EAA5AED244F8AEA228/273CF154890F11EEAE5F7C364AD9E6FC.roa
Signing time:             Wed 22 Nov 2023 08:14:27 +0000
ROA not before:           Wed 22 Nov 2023 08:14:23 +0000
ROA not after:            Tue 31 Dec 2030 08:14:23 +0000
asID:                     37468
IP address blocks:        102.211.152.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3626C5B/EE6ADCC2CDF711EAA5AED244F8AEA228/LN9YDjdnVbH4xogIQhJt1j3XTuc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3626C5B/EE6ADCC2CDF711EAA5AED244F8AEA228/LN9YDjdnVbH4xogIQhJt1j3XTuc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/LN9YDjdnVbH4xogIQhJt1j3XTuc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1272 (0x4f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3626C5BAF/serialNumber=2CDF580E376755B1F8C6880842126DD63DD74EE7
        Validity
            Not Before: Nov 22 08:14:23 2023 GMT
            Not After : Dec 31 08:14:23 2030 GMT
        Subject: CN=655db863-5212
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:5d:f6:62:b6:10:3c:f7:0d:09:42:fe:1c:d2:
                    b0:10:cc:7e:a8:5a:13:b6:53:3f:4c:e6:c9:6c:5f:
                    a1:c9:06:d2:23:94:6c:ad:a6:91:ca:dd:02:c5:45:
                    45:77:dc:52:0e:b7:d5:ac:66:61:9f:47:ad:8f:e9:
                    51:90:c9:52:ce:29:23:e2:f2:f5:71:b9:99:83:fa:
                    53:7c:47:b2:e2:48:77:73:8d:ab:24:c9:df:b1:50:
                    75:d2:26:32:a1:40:87:6a:0e:9d:c4:1e:65:85:6d:
                    98:25:6d:52:d0:4c:db:a2:b8:11:36:04:15:a9:4e:
                    9f:58:70:12:3f:48:15:e2:54:25:c4:e7:60:a7:dd:
                    6a:85:82:68:46:bc:8f:94:8e:a1:b5:ba:f9:71:c6:
                    30:51:b9:0c:bd:76:14:20:cd:81:d3:7d:db:f0:ae:
                    1a:e0:f2:46:ef:bf:52:85:d5:91:04:4e:3a:6b:03:
                    58:b8:83:02:99:25:4b:cb:61:3e:47:29:76:38:ff:
                    91:52:9d:4f:25:2f:b7:83:88:02:8a:bc:ea:cf:a9:
                    31:f2:15:66:32:50:19:03:a9:0b:d5:ad:6a:f5:e9:
                    66:ac:62:61:30:d4:9d:cf:d8:69:97:2e:74:7e:d1:
                    df:f4:60:f4:10:a2:31:69:2d:15:86:0b:a3:1b:32:
                    ef:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:1F:3E:A8:29:A5:6F:CE:5E:B2:07:B6:AB:38:2A:9F:5A:59:C5:37
            X509v3 Authority Key Identifier:
                keyid:2C:DF:58:0E:37:67:55:B1:F8:C6:88:08:42:12:6D:D6:3D:D7:4E:E7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3626C5B/EE6ADCC2CDF711EAA5AED244F8AEA228/LN9YDjdnVbH4xogIQhJt1j3XTuc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/LN9YDjdnVbH4xogIQhJt1j3XTuc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626C5B/EE6ADCC2CDF711EAA5AED244F8AEA228/273CF154890F11EEAE5F7C364AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.211.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:87:df:1b:d2:af:ff:59:b0:78:27:3b:1d:7d:88:ef:1d:b2:
         10:3d:80:79:fa:0f:fb:6b:65:45:a5:63:51:f9:84:dc:10:cb:
         62:59:60:ce:4c:9a:39:9a:3d:2b:73:98:9d:04:f9:20:d4:78:
         e9:f6:73:e8:ee:a4:43:7e:7f:76:23:e1:55:ff:72:49:3b:fe:
         44:0c:0b:ca:1a:82:a8:4e:f2:22:2b:13:5c:e7:99:6e:bb:14:
         ee:2b:06:18:7f:7d:a2:74:ce:05:18:15:71:4e:4a:8f:fa:15:
         91:b5:77:28:23:dd:69:28:4c:ad:03:8d:77:bd:2b:68:67:4e:
         c2:c9:8c:50:83:ad:c0:c3:50:ed:d7:15:53:48:c4:34:bc:9d:
         1a:a0:01:6d:32:4f:a3:74:ae:90:2a:c9:7b:98:7a:5f:c0:79:
         87:77:9f:2e:7b:5f:5a:d9:11:e9:de:e1:d6:3d:e2:ae:5c:fb:
         b9:df:3f:be:7f:dd:00:b4:b4:7f:88:8e:78:82:60:85:02:a0:
         a3:5a:db:4c:f8:f9:82:f5:86:d3:8b:01:34:bc:6d:98:5a:95:
         35:8c:0d:97:83:64:54:5e:94:16:cc:54:9f:b9:48:15:43:21:
         81:8b:e4:a0:be:51:29:68:7c:be:b5:ef:e9:3c:9b:4b:0e:f3:
         c2:0d:d0:fb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBPgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MjZDNUJBRjExMC8GA1UEBRMoMkNERjU4MEUzNzY3NTVCMUY4QzY4ODA4NDIxMjZE
RDYzREQ3NEVFNzAeFw0yMzExMjIwODE0MjNaFw0zMDEyMzEwODE0MjNaMBgxFjAU
BgNVBAMTDTY1NWRiODYzLTUyMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQClXfZithA89w0JQv4c0rAQzH6oWhO2Uz9M5slsX6HJBtIjlGytppHK3QLF
RUV33FIOt9WsZmGfR62P6VGQyVLOKSPi8vVxuZmD+lN8R7LiSHdzjaskyd+xUHXS
JjKhQIdqDp3EHmWFbZglbVLQTNuiuBE2BBWpTp9YcBI/SBXiVCXE52Cn3WqFgmhG
vI+UjqG1uvlxxjBRuQy9dhQgzYHTfdvwrhrg8kbvv1KF1ZEETjprA1i4gwKZJUvL
YT5HKXY4/5FSnU8lL7eDiAKKvOrPqTHyFWYyUBkDqQvVrWr16WasYmEw1J3P2GmX
LnR+0d/0YPQQojFpLRWGC6MbMu/fAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUvh8+
qCmlb85esge2qzgqn1pZxTcwHwYDVR0jBBgwFoAULN9YDjdnVbH4xogIQhJt1j3X
TucwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2QzVCL0VFNkFEQ0MyQ0RGNzExRUFBNUFFRDI0NEY4QUVBMjI4L0xOOVlE
amRuVmJINHhvZ0lRaEp0MWozWFR1Yy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0xOOVlEamRuVmJINHhvZ0lRaEp0MWozWFR1Yy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjI2QzVCL0VFNkFEQ0MyQ0RGNzExRUFBNUFFRDI0NEY4
QUVBMjI4LzI3M0NGMTU0ODkwRjExRUVBRTVGN0MzNjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm05gwDQYJKoZIhvcNAQEL
BQADggEBAGqH3xvSr/9ZsHgnOx19iO8dshA9gHn6D/trZUWlY1H5hNwQy2JZYM5M
mjmaPStzmJ0E+SDUeOn2c+jupEN+f3Yj4VX/ckk7/kQMC8oagqhO8iIrE1znmW67
FO4rBhh/faJ0zgUYFXFOSo/6FZG1dygj3WkoTK0DjXe9K2hnTsLJjFCDrcDDUO3X
FVNIxDS8nRqgAW0yT6N0rpAqyXuYel/AeYd3ny57X1rZEene4dY94q5c+7nfP75/
3QC0tH+IjniCYIUCoKNa20z4+YL1htOLATS8bZhalTWMDZeDZFRelBbMVJ+5SBVD
IYGL5KC+USlofL617+k8m0sO88IN0Ps=
-----END CERTIFICATE-----
Generated at Sun Nov 24 03:17:49 2024 by rpki-client on console-ams.rpki-client.org