Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3656BB8/D79EEB94891C11EEAF65C7604AD9E6FC/5AA6ED769BE611EE88684334D25BE465.roa
File:                     5AA6ED769BE611EE88684334D25BE465.roa (raw, json)
Hash identifier:          J9soXt+A2SzJz6ium1VPFEErWV44KnKWZA3DTIrB3Z8=
Subject key identifier:   1A:0C:F1:F6:76:3E:D4:4C:BA:90:8E:D2:CD:D7:99:84:AF:F5:18:35
Certificate issuer:       /CN=F3656BB8AF/serialNumber=F67066439ACD9EAFD4899FC68C6075C70CE39AD5
Certificate serial:       26
Authority key identifier: F6:70:66:43:9A:CD:9E:AF:D4:89:9F:C6:8C:60:75:C7:0C:E3:9A:D5
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9nBmQ5rNnq_UiZ_GjGB1xwzjmtU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3656BB8/D79EEB94891C11EEAF65C7604AD9E6FC/5AA6ED769BE611EE88684334D25BE465.roa
Signing time:             Sat 16 Dec 2023 07:40:16 +0000
ROA not before:           Sat 16 Dec 2023 07:40:12 +0000
ROA not after:            Mon 19 Dec 2033 07:40:12 +0000
asID:                     16509
IP address blocks:        102.210.191.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3656BB8/D79EEB94891C11EEAF65C7604AD9E6FC/9nBmQ5rNnq_UiZ_GjGB1xwzjmtU.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3656BB8/D79EEB94891C11EEAF65C7604AD9E6FC/9nBmQ5rNnq_UiZ_GjGB1xwzjmtU.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9nBmQ5rNnq_UiZ_GjGB1xwzjmtU.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38 (0x26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3656BB8AF/serialNumber=F67066439ACD9EAFD4899FC68C6075C70CE39AD5
        Validity
            Not Before: Dec 16 07:40:12 2023 GMT
            Not After : Dec 19 07:40:12 2033 GMT
        Subject: CN=657d5460-23e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e2:33:b2:d9:2b:85:1e:cb:4b:b5:24:dc:4b:
                    92:f7:07:e2:23:ff:e6:26:7a:8e:4c:6b:3b:68:17:
                    09:67:c2:ff:18:5e:d4:c6:2f:a4:94:fa:1a:7a:38:
                    a7:85:da:1f:6c:04:50:20:67:38:f3:61:71:79:a6:
                    c0:fb:2a:3f:3f:83:1b:17:62:b0:0d:8f:4c:a7:ed:
                    93:c9:0a:d7:f5:16:65:54:40:87:c0:15:35:17:f6:
                    72:00:c0:9e:5d:41:d2:bd:31:32:a1:80:24:29:9d:
                    f8:0e:d1:60:54:6c:80:ba:d8:9e:bf:50:24:c9:7e:
                    e6:31:6d:99:0d:99:b1:a1:13:e1:49:f2:fb:30:64:
                    01:5c:af:38:c7:a0:7e:82:00:7a:3d:db:11:82:cf:
                    df:86:1e:55:33:e5:3d:83:6c:c3:fb:17:99:7f:99:
                    a5:2d:73:00:79:57:25:c8:e3:5f:02:09:a7:f2:cb:
                    31:dd:a3:4b:eb:c9:a1:7d:c2:37:f5:1d:bd:22:91:
                    f3:8c:fc:af:1f:0d:0c:a2:4a:51:71:b1:60:df:c6:
                    b4:33:33:40:d2:87:3c:15:dd:cf:6b:36:5c:8e:b4:
                    04:17:94:b4:db:d3:8b:91:cd:3b:03:db:e7:0e:c1:
                    5e:82:98:18:e9:9e:c3:60:6f:7f:11:4c:ba:83:c1:
                    2c:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:0C:F1:F6:76:3E:D4:4C:BA:90:8E:D2:CD:D7:99:84:AF:F5:18:35
            X509v3 Authority Key Identifier:
                keyid:F6:70:66:43:9A:CD:9E:AF:D4:89:9F:C6:8C:60:75:C7:0C:E3:9A:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3656BB8/D79EEB94891C11EEAF65C7604AD9E6FC/9nBmQ5rNnq_UiZ_GjGB1xwzjmtU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9nBmQ5rNnq_UiZ_GjGB1xwzjmtU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3656BB8/D79EEB94891C11EEAF65C7604AD9E6FC/5AA6ED769BE611EE88684334D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.210.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:e5:3a:75:93:09:8a:59:8d:cc:3c:8f:59:70:49:71:d1:e2:
         1b:ea:22:3e:7a:f8:8c:b3:13:c1:72:7a:b0:ba:3e:03:a8:00:
         af:39:a2:5c:30:8b:6b:72:c3:a6:fc:02:67:3b:9f:a2:86:62:
         3e:cd:86:5f:2e:5f:1d:17:6c:52:63:07:68:2a:72:4c:8c:88:
         12:42:dd:d6:57:6c:32:18:38:2b:6a:f5:4b:2b:a5:35:7c:b4:
         ab:2a:ea:87:48:44:02:c2:77:57:c0:e0:2b:3d:1e:45:21:07:
         07:55:d7:aa:97:fb:67:ee:43:6d:ad:41:58:15:e3:42:92:20:
         ea:49:9a:cb:c1:1b:41:65:94:54:5b:13:d2:be:b1:b8:01:42:
         f1:f3:5e:8c:2b:55:7c:df:62:95:c7:9e:cc:42:13:32:e7:a4:
         65:b7:94:db:f1:cc:15:51:84:77:29:3f:20:33:c8:14:a0:70:
         fc:7a:b9:d6:7b:c9:d8:03:32:7a:8b:4d:e3:03:5b:9b:30:37:
         cb:c8:9e:0b:6e:03:23:f5:59:55:a5:86:e1:92:06:f7:23:d5:
         62:91:ea:0c:12:a7:cb:3b:14:fa:4a:20:99:97:20:31:c8:1a:
         f2:2b:32:a9:87:89:a5:18:fc:bd:56:8a:9e:50:47:29:34:56:
         3d:33:78:ff
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NkJCOEFGMTEwLwYDVQQFEyhGNjcwNjY0MzlBQ0Q5RUFGRDQ4OTlGQzY4QzYwNzVD
NzBDRTM5QUQ1MB4XDTIzMTIxNjA3NDAxMloXDTMzMTIxOTA3NDAxMlowGDEWMBQG
A1UEAxMNNjU3ZDU0NjAtMjNlNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKriM7LZK4Uey0u1JNxLkvcH4iP/5iZ6jkxrO2gXCWfC/xhe1MYvpJT6Gno4
p4XaH2wEUCBnOPNhcXmmwPsqPz+DGxdisA2PTKftk8kK1/UWZVRAh8AVNRf2cgDA
nl1B0r0xMqGAJCmd+A7RYFRsgLrYnr9QJMl+5jFtmQ2ZsaET4Uny+zBkAVyvOMeg
foIAej3bEYLP34YeVTPlPYNsw/sXmX+ZpS1zAHlXJcjjXwIJp/LLMd2jS+vJoX3C
N/UdvSKR84z8rx8NDKJKUXGxYN/GtDMzQNKHPBXdz2s2XI60BBeUtNvTi5HNOwPb
5w7BXoKYGOmew2BvfxFMuoPBLEsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQaDPH2
dj7UTLqQjtLN15mEr/UYNTAfBgNVHSMEGDAWgBT2cGZDms2er9SJn8aMYHXHDOOa
1TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTZCQjgvRDc5RUVCOTQ4OTFDMTFFRUFGNjVDNzYwNEFEOUU2RkMvOW5CbVE1
ck5ucV9VaVpfR2pHQjF4d3pqbXRVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOW5CbVE1ck5ucV9VaVpfR2pHQjF4d3pqbXRVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTZCQjgvRDc5RUVCOTQ4OTFDMTFFRUFGNjVDNzYwNEFE
OUU2RkMvNUFBNkVENzY5QkU2MTFFRTg4Njg0MzM0RDI1QkU0NjUucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbSvzANBgkqhkiG9w0BAQsF
AAOCAQEAc+U6dZMJilmNzDyPWXBJcdHiG+oiPnr4jLMTwXJ6sLo+A6gArzmiXDCL
a3LDpvwCZzufooZiPs2GXy5fHRdsUmMHaCpyTIyIEkLd1ldsMhg4K2r1SyulNXy0
qyrqh0hEAsJ3V8DgKz0eRSEHB1XXqpf7Z+5Dba1BWBXjQpIg6kmay8EbQWWUVFsT
0r6xuAFC8fNejCtVfN9ilceezEITMuekZbeU2/HMFVGEdyk/IDPIFKBw/Hq51nvJ
2AMyeotN4wNbmzA3y8ieC24DI/VZVaWG4ZIG9yPVYpHqDBKnyzsU+kogmZcgMcga
8isyqYeJpRj8vVaKnlBHKTRWPTN4/w==
-----END CERTIFICATE-----
Generated at Sun Nov 24 03:17:55 2024 by rpki-client on console-ams.rpki-client.org