Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364FE7F/8CEFCC7490B811EDBCC9A5ECF1222468/9093EBECEA8211EE9446CC99775412E6.roa
File:                     9093EBECEA8211EE9446CC99775412E6.roa (raw, json)
Hash identifier:          DcDH5wFQnVUfU26v4luxsXa3eW9biUwnVqKcce51e3I=
Subject key identifier:   2C:4C:FF:A7:C1:EC:F9:F7:2C:B4:64:EB:64:5A:2A:8A:39:97:F4:C1
Certificate issuer:       /CN=F364FE7FAF/serialNumber=4102690498AC378BFFEFEE27BC695F91A123BF43
Certificate serial:       01D4
Authority key identifier: 41:02:69:04:98:AC:37:8B:FF:EF:EE:27:BC:69:5F:91:A1:23:BF:43
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/QQJpBJisN4v_7-4nvGlfkaEjv0M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F364FE7F/8CEFCC7490B811EDBCC9A5ECF1222468/9093EBECEA8211EE9446CC99775412E6.roa
Signing time:             Mon 25 Mar 2024 08:34:59 +0000
ROA not before:           Mon 25 Mar 2024 08:34:55 +0000
ROA not after:            Mon 25 Mar 2030 08:34:55 +0000
asID:                     328200
IP address blocks:        102.209.112.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F364FE7F/8CEFCC7490B811EDBCC9A5ECF1222468/QQJpBJisN4v_7-4nvGlfkaEjv0M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F364FE7F/8CEFCC7490B811EDBCC9A5ECF1222468/QQJpBJisN4v_7-4nvGlfkaEjv0M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/QQJpBJisN4v_7-4nvGlfkaEjv0M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 468 (0x1d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F364FE7FAF/serialNumber=4102690498AC378BFFEFEE27BC695F91A123BF43
        Validity
            Not Before: Mar 25 08:34:55 2024 GMT
            Not After : Mar 25 08:34:55 2030 GMT
        Subject: CN=66013733-405b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:2d:3a:4c:f9:62:fc:ed:40:e5:e2:b5:ba:bb:
                    2f:89:cc:2a:37:97:b7:76:bf:c7:b1:53:03:12:c0:
                    ce:b8:0e:77:95:be:a7:4e:d3:47:8b:ec:85:49:06:
                    9e:b3:ad:be:86:13:71:8e:58:cf:cf:43:4c:11:33:
                    cf:d3:35:09:9a:35:59:e5:dd:1d:82:62:6d:f4:f6:
                    5a:ad:90:d9:41:80:4b:ec:b7:84:a2:6a:15:e4:79:
                    f9:4f:43:c3:13:0c:d1:99:47:ae:e8:f1:9d:5c:45:
                    1e:b9:c3:db:3d:a7:36:fd:ca:66:ed:bd:9b:07:fd:
                    4a:7e:d3:21:d4:6f:6d:27:41:66:5c:5c:39:e9:62:
                    c1:40:0f:d6:9a:02:3b:6d:27:ce:00:8b:cf:70:be:
                    f9:21:36:96:22:09:91:a7:31:79:b3:da:8a:87:2e:
                    3d:0a:28:c6:75:77:66:b7:9a:81:8f:64:d2:ab:02:
                    6e:ea:42:66:40:a2:3e:bc:0b:12:36:60:f5:89:2a:
                    2b:fe:13:ff:f9:77:a5:b0:e5:92:4a:c4:2d:f8:cb:
                    03:35:63:00:7a:df:e8:49:ee:87:16:5c:64:57:48:
                    14:9e:d9:e7:a7:8a:16:be:af:3f:35:ff:b5:7d:ff:
                    fa:65:c6:f8:a8:72:b0:30:d3:6f:87:33:1d:0f:bd:
                    af:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:4C:FF:A7:C1:EC:F9:F7:2C:B4:64:EB:64:5A:2A:8A:39:97:F4:C1
            X509v3 Authority Key Identifier:
                keyid:41:02:69:04:98:AC:37:8B:FF:EF:EE:27:BC:69:5F:91:A1:23:BF:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F364FE7F/8CEFCC7490B811EDBCC9A5ECF1222468/QQJpBJisN4v_7-4nvGlfkaEjv0M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QQJpBJisN4v_7-4nvGlfkaEjv0M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364FE7F/8CEFCC7490B811EDBCC9A5ECF1222468/9093EBECEA8211EE9446CC99775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         47:2b:2c:66:65:9d:43:c2:e6:8d:89:73:c4:13:38:4d:4e:a2:
         0e:1b:2f:02:e4:14:28:4f:dd:83:e5:95:9f:e5:03:ea:fd:e6:
         6a:0d:ba:6b:0a:2c:e3:71:ab:3c:1a:d0:c9:91:34:43:a9:3e:
         6a:47:6a:34:f1:84:1a:6f:28:4f:33:05:60:9b:d8:de:d1:e5:
         4f:da:45:89:c1:6c:cb:bf:a3:87:a7:0e:42:6a:8c:d9:d0:64:
         a7:71:24:f4:33:8b:1f:f3:2e:f8:2d:90:4a:b2:98:f6:9a:23:
         22:e0:c1:9b:8f:52:c0:af:be:88:a8:67:73:2a:72:83:b3:0b:
         84:77:27:70:c9:47:8c:6b:94:ee:c0:e6:4e:cd:67:1d:aa:bc:
         eb:24:8f:c1:e7:82:0c:bd:7a:9c:7e:0e:ac:46:02:12:fa:5a:
         ed:96:e2:4b:e1:ea:72:76:91:80:1d:54:69:52:d6:1c:f6:22:
         ac:93:aa:52:29:8f:de:69:f0:1b:5a:74:c1:8a:09:69:b4:5c:
         28:e1:bf:4c:fb:a7:53:24:df:04:0f:f1:e1:ae:b1:41:a8:9c:
         c1:98:3c:cd:85:ac:0f:0e:fe:32:1f:fa:91:36:06:1f:a4:f8:
         05:65:f7:6b:15:c0:03:b7:4d:5e:ef:dd:83:38:08:e8:c6:6f:
         5b:f5:34:ec
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAdQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NEZFN0ZBRjExMC8GA1UEBRMoNDEwMjY5MDQ5OEFDMzc4QkZGRUZFRTI3QkM2OTVG
OTFBMTIzQkY0MzAeFw0yNDAzMjUwODM0NTVaFw0zMDAzMjUwODM0NTVaMBgxFjAU
BgNVBAMTDTY2MDEzNzMzLTQwNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDbLTpM+WL87UDl4rW6uy+JzCo3l7d2v8exUwMSwM64DneVvqdO00eL7IVJ
Bp6zrb6GE3GOWM/PQ0wRM8/TNQmaNVnl3R2CYm309lqtkNlBgEvst4SiahXkeflP
Q8MTDNGZR67o8Z1cRR65w9s9pzb9ymbtvZsH/Up+0yHUb20nQWZcXDnpYsFAD9aa
AjttJ84Ai89wvvkhNpYiCZGnMXmz2oqHLj0KKMZ1d2a3moGPZNKrAm7qQmZAoj68
CxI2YPWJKiv+E//5d6Ww5ZJKxC34ywM1YwB63+hJ7ocWXGRXSBSe2eeniha+rz81
/7V9//plxviocrAw02+HMx0Pva/JAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQULEz/
p8Hs+fcstGTrZFoqijmX9MEwHwYDVR0jBBgwFoAUQQJpBJisN4v/7+4nvGlfkaEj
v0MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjRGRTdGLzhDRUZDQzc0OTBCODExRURCQ0M5QTVFQ0YxMjIyNDY4L1FRSnBC
SmlzTjR2XzctNG52R2xma2FFanYwTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1FRSnBCSmlzTjR2XzctNG52R2xma2FFanYwTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjRGRTdGLzhDRUZDQzc0OTBCODExRURCQ0M5QTVFQ0Yx
MjIyNDY4LzkwOTNFQkVDRUE4MjExRUU5NDQ2Q0M5OTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0XAwDQYJKoZIhvcNAQEL
BQADggEBAEcrLGZlnUPC5o2Jc8QTOE1Oog4bLwLkFChP3YPllZ/lA+r95moNumsK
LONxqzwa0MmRNEOpPmpHajTxhBpvKE8zBWCb2N7R5U/aRYnBbMu/o4enDkJqjNnQ
ZKdxJPQzix/zLvgtkEqymPaaIyLgwZuPUsCvvoioZ3MqcoOzC4R3J3DJR4xrlO7A
5k7NZx2qvOskj8Hnggy9epx+DqxGAhL6Wu2W4kvh6nJ2kYAdVGlS1hz2IqyTqlIp
j95p8BtadMGKCWm0XCjhv0z7p1Mk3wQP8eGusUGonMGYPM2FrA8O/jIf+pE2Bh+k
+AVl92sVwAO3TV7v3YM4COjGb1v1NOw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org