Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/8B2EE3D4C8D911EE80F257A9775412E6.roa
File:                     8B2EE3D4C8D911EE80F257A9775412E6.roa (raw, json)
Hash identifier:          1cy+v56PJKgLWKuDFqvEBK/xdhNPG/ra+949RIiFv7k=
Subject key identifier:   DF:57:22:A5:FE:18:59:50:43:6E:C9:55:61:41:F3:AE:B0:2B:C5:78
Certificate issuer:       /CN=F365BE89AF/serialNumber=C3B4A3DDB2DACFC5388EEEC7359D214664496A01
Certificate serial:       1B
Authority key identifier: C3:B4:A3:DD:B2:DA:CF:C5:38:8E:EE:C7:35:9D:21:46:64:49:6A:01
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/8B2EE3D4C8D911EE80F257A9775412E6.roa
Signing time:             Sun 11 Feb 2024 12:31:56 +0000
ROA not before:           Sun 11 Feb 2024 12:31:53 +0000
ROA not after:            Tue 11 Feb 2025 12:31:53 +0000
asID:                     329007
IP address blocks:        102.216.252.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27 (0x1b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F365BE89AF/serialNumber=C3B4A3DDB2DACFC5388EEEC7359D214664496A01
        Validity
            Not Before: Feb 11 12:31:53 2024 GMT
            Not After : Feb 11 12:31:53 2025 GMT
        Subject: CN=65c8be3c-c59d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:d3:3b:63:ae:8e:7c:13:6c:f4:48:d9:49:84:
                    42:14:99:e2:07:1d:5e:57:f0:f3:df:3c:bf:d3:da:
                    fb:f7:7f:85:35:dd:0c:be:18:61:d0:10:81:fa:fc:
                    d1:af:90:3d:0a:d9:7b:d7:2f:cf:4a:4c:2b:dc:0d:
                    6a:dd:f2:47:10:ef:d1:2a:57:2e:dc:09:c9:42:11:
                    36:2d:05:ca:56:8e:7c:25:08:62:7e:25:6b:b4:5a:
                    8e:a1:f9:4b:29:48:d5:c0:85:02:f6:e0:ff:86:b0:
                    dd:dc:15:21:cc:a5:84:cb:31:29:72:74:2f:9f:80:
                    9e:96:2e:60:18:5b:49:98:0e:86:5a:ce:3c:2c:33:
                    57:4a:5b:8d:12:ba:c8:46:93:38:d3:57:d5:d8:5e:
                    62:54:71:26:78:4a:3f:5b:c1:55:86:86:fd:85:33:
                    d6:d7:0a:64:38:36:02:e5:76:4e:67:73:07:d2:9d:
                    31:82:b0:0f:0b:a0:ed:d1:17:f7:00:07:a6:df:99:
                    80:de:33:62:8a:13:94:3e:d1:1a:e0:36:52:a0:cd:
                    e6:5d:20:2d:e8:95:da:d3:04:a2:d1:47:90:34:2a:
                    ef:30:2b:9d:24:e0:00:8d:35:df:80:cd:c3:c0:2f:
                    a4:38:a8:5b:43:25:96:05:77:57:6c:8b:3c:ac:ed:
                    6c:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:57:22:A5:FE:18:59:50:43:6E:C9:55:61:41:F3:AE:B0:2B:C5:78
            X509v3 Authority Key Identifier:
                keyid:C3:B4:A3:DD:B2:DA:CF:C5:38:8E:EE:C7:35:9D:21:46:64:49:6A:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/w7Sj3bLaz8U4ju7HNZ0hRmRJagE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365BE89/099B483ABE8E11EEB195A98E775412E6/8B2EE3D4C8D911EE80F257A9775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.216.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:07:52:c0:30:10:43:51:ac:ee:c5:6d:37:ce:a8:05:e2:2b:
         ef:e0:4f:c5:46:eb:ca:e4:9b:3b:d0:48:1d:56:d0:2a:e8:a9:
         c2:12:87:59:a2:f7:ae:e2:9d:9a:bf:9b:d9:a9:9b:d4:ce:4a:
         ad:3c:98:da:02:5f:b5:34:11:ea:6f:db:b8:58:47:52:03:0f:
         d3:83:a2:16:5f:8f:5f:02:f9:31:4b:6f:3c:d1:52:d6:ee:f4:
         29:3f:c0:a5:ac:fd:28:65:5a:78:94:e7:ed:b6:82:fd:80:9b:
         e2:cf:e9:79:32:82:a3:55:e9:7b:c8:2c:90:92:94:eb:6d:35:
         65:9c:51:c6:4f:12:38:27:bf:fc:b0:bc:55:59:93:13:01:cb:
         43:af:1c:ef:f8:be:5f:7d:0d:09:0e:47:de:8c:6e:d6:a2:38:
         3e:13:aa:a4:fc:af:4c:e2:6e:85:a0:1f:15:fd:48:9c:50:29:
         2e:f0:48:1a:d2:66:be:18:2c:78:3f:3f:ce:ab:6c:15:5f:7c:
         d6:2b:28:a6:62:e0:ec:1e:3b:df:17:90:a6:f6:4b:fc:56:42:
         26:b3:84:da:93:a2:41:04:78:0d:32:6d:42:b8:c1:26:72:e6:
         44:68:af:ea:6b:46:50:5b:39:58:69:a9:2f:89:95:c8:a7:53:
         dc:02:ea:98
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBGzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
QkU4OUFGMTEwLwYDVQQFEyhDM0I0QTNEREIyREFDRkM1Mzg4RUVFQzczNTlEMjE0
NjY0NDk2QTAxMB4XDTI0MDIxMTEyMzE1M1oXDTI1MDIxMTEyMzE1M1owGDEWMBQG
A1UEAxMNNjVjOGJlM2MtYzU5ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPLTO2OujnwTbPRI2UmEQhSZ4gcdXlfw8988v9Pa+/d/hTXdDL4YYdAQgfr8
0a+QPQrZe9cvz0pMK9wNat3yRxDv0SpXLtwJyUIRNi0FylaOfCUIYn4la7RajqH5
SylI1cCFAvbg/4aw3dwVIcylhMsxKXJ0L5+AnpYuYBhbSZgOhlrOPCwzV0pbjRK6
yEaTONNX1dheYlRxJnhKP1vBVYaG/YUz1tcKZDg2AuV2TmdzB9KdMYKwDwug7dEX
9wAHpt+ZgN4zYooTlD7RGuA2UqDN5l0gLeiV2tMEotFHkDQq7zArnSTgAI0134DN
w8AvpDioW0MllgV3V2yLPKztbL8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTfVyKl
/hhZUENuyVVhQfOusCvFeDAfBgNVHSMEGDAWgBTDtKPdstrPxTiO7sc1nSFGZElq
ATAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUJFODkvMDk5QjQ4M0FCRThFMTFFRUIxOTVBOThFNzc1NDEyRTYvdzdTajNi
TGF6OFU0anU3SE5aMGhSbVJKYWdFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdzdTajNiTGF6OFU0anU3SE5aMGhSbVJKYWdFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUJFODkvMDk5QjQ4M0FCRThFMTFFRUIxOTVBOThFNzc1
NDEyRTYvOEIyRUUzRDRDOEQ5MTFFRTgwRjI1N0E5Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbY/DANBgkqhkiG9w0BAQsF
AAOCAQEALwdSwDAQQ1Gs7sVtN86oBeIr7+BPxUbryuSbO9BIHVbQKuipwhKHWaL3
ruKdmr+b2amb1M5KrTyY2gJftTQR6m/buFhHUgMP04OiFl+PXwL5MUtvPNFS1u70
KT/Apaz9KGVaeJTn7baC/YCb4s/peTKCo1Xpe8gskJKU6201ZZxRxk8SOCe//LC8
VVmTEwHLQ68c7/i+X30NCQ5H3oxu1qI4PhOqpPyvTOJuhaAfFf1InFApLvBIGtJm
vhgseD8/zqtsFV981isopmLg7B473xeQpvZL/FZCJrOE2pOiQQR4DTJtQrjBJnLm
RGiv6mtGUFs5WGmpL4mVyKdT3ALqmA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:35 2024 by rpki-client on console-ams.rpki-client.org