Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/8A93B966FCAC11EEB5E08043017001B1.roa
File:                     8A93B966FCAC11EEB5E08043017001B1.roa (raw, json)
Hash identifier:          +Yn1klJkTI+WjQVN6Jn1qbbYPk1lKGViTx8zi5U4lfE=
Subject key identifier:   B0:2C:03:FE:19:A5:F6:62:22:A9:E9:59:43:85:E1:0E:3F:08:5A:10
Certificate issuer:       /CN=F3659F22AF/serialNumber=5556D637278A4D6987D448763BD3CAEBA058A50F
Certificate serial:       0A
Authority key identifier: 55:56:D6:37:27:8A:4D:69:87:D4:48:76:3B:D3:CA:EB:A0:58:A5:0F
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/8A93B966FCAC11EEB5E08043017001B1.roa
Signing time:             Wed 17 Apr 2024 11:20:48 +0000
ROA not before:           Wed 17 Apr 2024 11:20:45 +0000
ROA not after:            Tue 01 Apr 2025 11:20:45 +0000
asID:                     328711
IP address blocks:        102.222.159.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Nov 2024 00:05:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10 (0xa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3659F22AF/serialNumber=5556D637278A4D6987D448763BD3CAEBA058A50F
        Validity
            Not Before: Apr 17 11:20:45 2024 GMT
            Not After : Apr  1 11:20:45 2025 GMT
        Subject: CN=661fb090-ecc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:fd:cc:e9:8b:18:85:15:69:c8:39:09:97:8e:
                    21:7d:d0:5b:90:c6:22:8f:52:77:a4:51:c2:6a:19:
                    15:89:7f:da:2f:fe:2d:5f:db:eb:98:70:46:77:ee:
                    cd:36:73:12:ce:b0:ce:24:a7:e7:4c:47:30:14:e5:
                    0e:3f:6f:66:3f:dc:ec:0e:b6:e3:7f:cc:c6:1a:bc:
                    e5:e0:84:21:a0:e7:05:ac:13:ef:43:a5:65:0e:3f:
                    86:8b:59:b1:50:e7:0c:4d:67:a9:69:eb:ac:2f:16:
                    58:07:7c:e6:eb:6f:c3:eb:e9:03:50:43:a1:9c:ef:
                    af:f9:60:ed:98:59:08:94:62:05:a5:21:b9:be:0c:
                    72:77:54:cc:fd:39:d6:f4:8f:e7:a5:dd:0a:73:bd:
                    ea:83:e6:91:e2:74:c1:4f:9a:17:19:27:ba:66:ee:
                    79:84:15:bb:2e:5e:80:90:d2:e2:f0:23:0d:5c:fa:
                    97:77:5b:58:94:ef:05:3f:75:25:38:f4:f0:5c:ce:
                    c1:05:61:2f:4a:d8:12:ed:ad:66:0d:d5:8e:f0:d1:
                    e5:23:13:97:76:d7:cc:16:c4:2f:53:f4:71:23:dc:
                    8c:76:4b:d7:2f:d6:f4:c4:12:c7:f1:cd:1a:cc:4d:
                    c0:47:54:47:07:ad:68:b3:79:9e:2b:6b:40:ec:46:
                    2d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:2C:03:FE:19:A5:F6:62:22:A9:E9:59:43:85:E1:0E:3F:08:5A:10
            X509v3 Authority Key Identifier:
                keyid:55:56:D6:37:27:8A:4D:69:87:D4:48:76:3B:D3:CA:EB:A0:58:A5:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/8A93B966FCAC11EEB5E08043017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.222.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:f7:91:d4:46:5c:1b:a0:00:a4:cc:89:86:94:da:48:4b:79:
         00:eb:a4:19:b6:b3:97:e5:ed:cb:98:47:7b:d1:1a:91:71:f5:
         7d:81:0a:6e:0d:8f:1a:81:54:28:a9:d4:34:17:d8:35:b9:b3:
         93:c6:c8:74:4a:24:76:5a:8b:55:1f:47:d5:2e:ff:03:06:52:
         f8:c7:aa:eb:45:bf:ea:2c:24:66:be:68:eb:02:dd:95:ba:2e:
         5c:50:36:61:e7:ef:9e:d0:6e:23:8c:06:6e:95:78:dd:32:65:
         8f:36:e3:ce:1f:a4:b0:36:14:07:d4:2f:07:4f:77:04:55:c2:
         2f:dc:1a:aa:60:de:b4:02:49:9d:a5:c6:ac:3b:19:9e:e6:5c:
         ad:20:6b:bd:ae:11:99:b1:b0:17:e3:7c:32:c1:24:91:14:ca:
         b3:b4:a6:09:e2:9d:60:b3:df:0a:2f:9a:69:46:8f:b0:84:02:
         61:17:20:4e:83:c0:38:94:f9:e1:e1:d9:26:7d:55:9f:22:8e:
         98:11:a9:dc:22:29:0b:7a:6c:36:d9:c3:7d:6b:31:40:aa:ef:
         ac:35:cd:59:64:36:f6:df:bb:f8:98:f4:31:2a:50:db:f7:b7:
         91:a5:c7:61:68:06:e9:2b:c4:bb:56:82:2f:73:00:ff:1f:2f:
         3a:5a:ca:c0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
OUYyMkFGMTEwLwYDVQQFEyg1NTU2RDYzNzI3OEE0RDY5ODdENDQ4NzYzQkQzQ0FF
QkEwNThBNTBGMB4XDTI0MDQxNzExMjA0NVoXDTI1MDQwMTExMjA0NVowGDEWMBQG
A1UEAxMNNjYxZmIwOTAtZWNjNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANP9zOmLGIUVacg5CZeOIX3QW5DGIo9Sd6RRwmoZFYl/2i/+LV/b65hwRnfu
zTZzEs6wziSn50xHMBTlDj9vZj/c7A6243/Mxhq85eCEIaDnBawT70OlZQ4/hotZ
sVDnDE1nqWnrrC8WWAd85utvw+vpA1BDoZzvr/lg7ZhZCJRiBaUhub4McndUzP05
1vSP56XdCnO96oPmkeJ0wU+aFxknumbueYQVuy5egJDS4vAjDVz6l3dbWJTvBT91
JTj08FzOwQVhL0rYEu2tZg3VjvDR5SMTl3bXzBbEL1P0cSPcjHZL1y/W9MQSx/HN
GsxNwEdURwetaLN5nitrQOxGLVECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSwLAP+
GaX2YiKp6VlDheEOPwhaEDAfBgNVHSMEGDAWgBRVVtY3J4pNaYfUSHY708rroFil
DzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTlGMjIvOUEwODMyRjZGQ0FCMTFFRUE2OTAxQjNEMDE3MDAxQjEvVlZiV055
ZUtUV21IMUVoMk85UEs2NkJZcFE4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVlZiV055ZUtUV21IMUVoMk85UEs2NkJZcFE4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTlGMjIvOUEwODMyRjZGQ0FCMTFFRUE2OTAxQjNEMDE3
MDAxQjEvOEE5M0I5NjZGQ0FDMTFFRUI1RTA4MDQzMDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbenzANBgkqhkiG9w0BAQsF
AAOCAQEAMfeR1EZcG6AApMyJhpTaSEt5AOukGbazl+Xty5hHe9EakXH1fYEKbg2P
GoFUKKnUNBfYNbmzk8bIdEokdlqLVR9H1S7/AwZS+Meq60W/6iwkZr5o6wLdlbou
XFA2YefvntBuI4wGbpV43TJljzbjzh+ksDYUB9QvB093BFXCL9waqmDetAJJnaXG
rDsZnuZcrSBrva4RmbGwF+N8MsEkkRTKs7SmCeKdYLPfCi+aaUaPsIQCYRcgToPA
OJT54eHZJn1VnyKOmBGp3CIpC3psNtnDfWsxQKrvrDXNWWQ29t+7+Jj0MSpQ2/e3
kaXHYWgG6SvEu1aCL3MA/x8vOlrKwA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:56:33 2024 by rpki-client on console-ams.rpki-client.org