Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/B77376ACD5AA11EEB33131A4775412E6.roa
File:                     B77376ACD5AA11EEB33131A4775412E6.roa (raw, json)
Hash identifier:          zxfvPEymIGP+/7cg1EGEyQR/t5Gie6/ZfCLSy+jKY0I=
Subject key identifier:   C4:EE:E6:4F:BE:6E:51:F1:A4:66:35:65:0A:E9:0B:92:CE:A8:16:D8
Certificate issuer:       /CN=F364789CAF/serialNumber=D1F7C00EF3EB06E8817CFDC1DB96060407E49C0D
Certificate serial:       05B5
Authority key identifier: D1:F7:C0:0E:F3:EB:06:E8:81:7C:FD:C1:DB:96:06:04:07:E4:9C:0D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/B77376ACD5AA11EEB33131A4775412E6.roa
Signing time:             Tue 27 Feb 2024 19:59:29 +0000
ROA not before:           Tue 27 Feb 2024 19:59:26 +0000
ROA not after:            Thu 01 Feb 2029 19:59:26 +0000
asID:                     328608
IP address blocks:        102.219.64.0/22 maxlen: 24
                          102.223.44.0/22 maxlen: 24
                          102.223.196.0/22 maxlen: 24
                          2c0f:ebd0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/0ffADvPrBuiBfP3B25YGBAfknA0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/0ffADvPrBuiBfP3B25YGBAfknA0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1461 (0x5b5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F364789CAF/serialNumber=D1F7C00EF3EB06E8817CFDC1DB96060407E49C0D
        Validity
            Not Before: Feb 27 19:59:26 2024 GMT
            Not After : Feb  1 19:59:26 2029 GMT
        Subject: CN=65de3f21-2d16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:54:ed:ca:c5:70:e0:c4:4d:60:7b:d2:c6:73:
                    db:3d:e4:76:1f:d2:4d:66:b3:72:5d:62:aa:5a:10:
                    d7:c9:80:44:ac:56:df:e1:e6:4a:75:cb:fe:4c:96:
                    1e:d9:aa:5c:a3:ef:0a:38:f5:74:a8:2e:6f:be:11:
                    fc:aa:8c:08:1b:4f:58:5e:52:34:c8:8f:ab:64:8c:
                    d0:22:bc:cb:53:2d:ab:46:f8:a2:2c:b7:3e:6a:95:
                    50:a3:e3:03:93:00:0e:4a:b5:d5:20:dd:2c:09:d6:
                    fd:88:5c:d1:ca:fa:84:b6:48:18:d6:5d:f2:ba:67:
                    f4:a0:7b:9c:36:82:da:b5:19:a7:a5:6e:c1:1d:7a:
                    9b:67:92:f9:ad:08:af:92:98:34:40:ac:bf:42:e5:
                    25:e0:c5:fd:2e:b3:52:d8:2b:f0:ab:7e:d8:3a:72:
                    88:72:06:4a:3b:6f:82:54:fb:8d:56:15:c5:ad:ec:
                    c6:ab:e8:3b:b3:50:6d:3c:f6:f9:8b:3b:cb:c7:04:
                    0f:90:44:81:27:a3:5a:8a:31:83:eb:93:43:25:c5:
                    d7:f4:bf:22:75:15:19:e3:e1:93:8c:eb:f1:7b:6b:
                    d9:7d:47:6c:c2:ac:f2:e6:8c:91:8c:e3:f0:8e:fb:
                    ba:8b:76:1c:3a:30:87:42:c2:5d:0b:6d:3a:e6:09:
                    b3:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:EE:E6:4F:BE:6E:51:F1:A4:66:35:65:0A:E9:0B:92:CE:A8:16:D8
            X509v3 Authority Key Identifier:
                keyid:D1:F7:C0:0E:F3:EB:06:E8:81:7C:FD:C1:DB:96:06:04:07:E4:9C:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/0ffADvPrBuiBfP3B25YGBAfknA0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/B77376ACD5AA11EEB33131A4775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.219.64.0/22
                  102.223.44.0/22
                  102.223.196.0/22
                IPv6:
                  2c0f:ebd0::/32

    Signature Algorithm: sha256WithRSAEncryption
         c0:86:ca:bd:12:d0:db:b4:07:8a:f8:eb:55:9a:af:cc:fe:a6:
         2c:6b:4f:e4:1c:4d:39:b4:0c:09:76:80:9e:85:93:79:77:43:
         91:b9:61:96:70:54:d0:1d:43:44:e1:43:76:5b:c3:db:e3:20:
         60:06:62:b1:d9:3a:c2:80:96:42:08:8e:bd:4a:9e:a4:6e:1c:
         23:ef:26:d3:48:27:6c:a1:12:c9:50:f2:05:b3:ab:a5:34:e8:
         c8:d2:d1:3e:87:cd:05:8f:3d:af:de:79:b5:7f:cf:14:bd:17:
         46:9f:cb:e5:b7:de:2f:de:86:6f:5d:b7:0a:23:a7:b0:79:a6:
         ca:da:f9:f6:8c:90:f6:54:b7:4d:49:7d:3b:cb:f2:ec:57:69:
         43:92:d3:8a:f8:66:e8:e6:9a:9d:f8:75:a5:15:77:dc:72:9c:
         28:0f:96:b2:4d:30:44:8e:84:7e:1f:57:a7:e9:7a:52:1c:bc:
         05:b3:14:9a:8b:a6:30:9d:ac:59:5d:a6:07:5a:ff:6c:48:1c:
         09:17:2e:e6:87:56:88:a2:47:3c:e1:9a:60:e9:04:b0:72:44:
         f5:ac:11:39:3a:94:69:b5:91:20:e7:1d:89:dd:41:09:bf:ed:
         c6:2b:ed:b6:10:34:00:34:9e:33:96:9c:7b:c7:35:b4:65:43:
         15:5c:ce:fe
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICBbUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDc4OUNBRjExMC8GA1UEBRMoRDFGN0MwMEVGM0VCMDZFODgxN0NGREMxREI5NjA2
MDQwN0U0OUMwRDAeFw0yNDAyMjcxOTU5MjZaFw0yOTAyMDExOTU5MjZaMBgxFjAU
BgNVBAMTDTY1ZGUzZjIxLTJkMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDmVO3KxXDgxE1ge9LGc9s95HYf0k1ms3JdYqpaENfJgESsVt/h5kp1y/5M
lh7Zqlyj7wo49XSoLm++EfyqjAgbT1heUjTIj6tkjNAivMtTLatG+KIstz5qlVCj
4wOTAA5KtdUg3SwJ1v2IXNHK+oS2SBjWXfK6Z/Sge5w2gtq1GaelbsEdeptnkvmt
CK+SmDRArL9C5SXgxf0us1LYK/Crftg6cohyBko7b4JU+41WFcWt7Mar6DuzUG08
9vmLO8vHBA+QRIEno1qKMYPrk0Mlxdf0vyJ1FRnj4ZOM6/F7a9l9R2zCrPLmjJGM
4/CO+7qLdhw6MIdCwl0LbTrmCbMBAgMBAAGjggLAMIICvDAdBgNVHQ4EFgQUxO7m
T75uUfGkZjVlCukLks6oFtgwHwYDVR0jBBgwFoAU0ffADvPrBuiBfP3B25YGBAfk
nA0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ3ODlDLzcyRUZBRjRDOTEwMTExRUFCRDNGMjQ3M0Y4QUVBMjI4LzBmZkFE
dlByQnVpQmZQM0IyNVlHQkFma25BMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzBmZkFEdlByQnVpQmZQM0IyNVlHQkFma25BMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ3ODlDLzcyRUZBRjRDOTEwMTExRUFCRDNGMjQ3M0Y4
QUVBMjI4L0I3NzM3NkFDRDVBQTExRUVCMzMxMzFBNDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAJm20ADBAJm3ywDBAJm38Qw
DQQCAAIwBwMFACwP69AwDQYJKoZIhvcNAQELBQADggEBAMCGyr0S0Nu0B4r461Wa
r8z+pixrT+QcTTm0DAl2gJ6Fk3l3Q5G5YZZwVNAdQ0ThQ3Zbw9vjIGAGYrHZOsKA
lkIIjr1KnqRuHCPvJtNIJ2yhEslQ8gWzq6U06MjS0T6HzQWPPa/eebV/zxS9F0af
y+W33i/ehm9dtwojp7B5psra+faMkPZUt01JfTvL8uxXaUOS04r4Zujmmp34daUV
d9xynCgPlrJNMESOhH4fV6fpelIcvAWzFJqLpjCdrFldpgda/2xIHAkXLuaHVoii
RzzhmmDpBLByRPWsETk6lGm1kSDnHYndQQm/7cYr7bYQNAA0njOWnHvHNbRlQxVc
zv4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:34 2024 by rpki-client on console-ams.rpki-client.org