Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3662F58/7594EBF2498711EA969C9454F8AEA228/61D9EFE8D21F11EE9A695056775412E6.roa
File:                     61D9EFE8D21F11EE9A695056775412E6.roa (raw, json)
Hash identifier:          sHwcRAoEIh3+NnhsNE7+YK15IM8uU90vV0uO3YY5oHk=
Subject key identifier:   E6:9F:33:58:5A:95:CE:CB:1A:AF:FF:36:79:53:9D:43:49:DF:77:D2
Certificate issuer:       /CN=F3662F58AF/serialNumber=ECF6F3539A4FE08CA26D17F98DCB159A047CBFE8
Certificate serial:       05F4
Authority key identifier: EC:F6:F3:53:9A:4F:E0:8C:A2:6D:17:F9:8D:CB:15:9A:04:7C:BF:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/7PbzU5pP4IyibRf5jcsVmgR8v-g.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3662F58/7594EBF2498711EA969C9454F8AEA228/61D9EFE8D21F11EE9A695056775412E6.roa
Signing time:             Fri 23 Feb 2024 07:44:32 +0000
ROA not before:           Fri 23 Feb 2024 07:44:29 +0000
ROA not after:            Thu 23 Feb 2034 07:44:29 +0000
asID:                     328501
IP address blocks:        102.64.112.0/23 maxlen: 24
                          102.216.36.0/23 maxlen: 24
                          2001:43f8:13b0::/48 maxlen: 48
                          2001:43f8:13b1::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3662F58/7594EBF2498711EA969C9454F8AEA228/7PbzU5pP4IyibRf5jcsVmgR8v-g.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3662F58/7594EBF2498711EA969C9454F8AEA228/7PbzU5pP4IyibRf5jcsVmgR8v-g.mft
                          rsync://rpki.afrinic.net/repository/afrinic/7PbzU5pP4IyibRf5jcsVmgR8v-g.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1524 (0x5f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3662F58AF/serialNumber=ECF6F3539A4FE08CA26D17F98DCB159A047CBFE8
        Validity
            Not Before: Feb 23 07:44:29 2024 GMT
            Not After : Feb 23 07:44:29 2034 GMT
        Subject: CN=65d84ce0-b69c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:19:83:18:09:f7:cd:b4:fb:9b:5c:77:a9:7a:
                    65:ac:1e:af:4d:b2:c9:90:d2:83:f2:53:63:b1:03:
                    9a:09:a3:85:dc:30:95:50:eb:48:8f:eb:72:b9:e8:
                    8e:97:9d:4b:44:a3:c1:42:9b:29:d6:c1:84:91:56:
                    02:fc:4f:fe:a8:d7:c0:b6:d6:f0:28:d9:6b:26:6b:
                    0f:9b:5c:92:35:17:fd:43:31:d2:c4:e5:f9:04:14:
                    1c:22:7d:fb:92:3f:61:46:b8:42:c3:b4:5f:d8:be:
                    24:07:62:ab:c1:00:9f:8b:f5:e8:af:af:0e:e0:ef:
                    ca:77:9f:c2:2a:71:be:d0:6f:01:81:84:87:a5:96:
                    a7:67:12:ba:2a:c7:39:9e:d0:63:1a:07:87:d9:cb:
                    bc:cc:d9:3c:2c:28:34:82:97:c9:a7:e1:aa:d5:82:
                    3f:ed:d1:73:e3:4f:89:8c:e7:a5:82:e8:81:4d:ec:
                    95:44:9c:89:d3:f8:38:0d:12:8e:46:42:ce:d9:12:
                    04:39:36:35:03:0f:59:b8:e7:db:ea:76:90:d0:b0:
                    fb:3f:a3:d4:a4:0a:ef:e5:a9:f1:3f:2e:fb:83:46:
                    c4:be:50:9a:25:74:03:56:17:06:ab:74:f2:b7:f8:
                    64:8d:18:f5:62:11:1b:ba:57:52:16:c8:1a:dc:a2:
                    8d:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:9F:33:58:5A:95:CE:CB:1A:AF:FF:36:79:53:9D:43:49:DF:77:D2
            X509v3 Authority Key Identifier:
                keyid:EC:F6:F3:53:9A:4F:E0:8C:A2:6D:17:F9:8D:CB:15:9A:04:7C:BF:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3662F58/7594EBF2498711EA969C9454F8AEA228/7PbzU5pP4IyibRf5jcsVmgR8v-g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/7PbzU5pP4IyibRf5jcsVmgR8v-g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3662F58/7594EBF2498711EA969C9454F8AEA228/61D9EFE8D21F11EE9A695056775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.64.112.0/23
                  102.216.36.0/23
                IPv6:
                  2001:43f8:13b0::/47

    Signature Algorithm: sha256WithRSAEncryption
         d3:63:94:8b:cc:51:1b:1f:6d:18:2b:3c:ab:31:26:4f:5a:97:
         b4:7b:3c:c7:03:25:e9:3e:4e:43:a8:40:b2:72:0e:9f:a9:a0:
         00:af:21:c3:1e:99:06:88:e4:94:3a:c9:fd:03:00:a4:44:7f:
         6c:a0:a3:cf:c1:c0:9c:fe:0d:f8:bf:8e:d5:96:a7:18:05:e8:
         c3:b5:58:ec:17:12:31:2c:ac:a0:ed:2a:99:3d:42:fc:00:3f:
         91:2a:07:8e:67:b5:24:cd:2f:4d:a6:44:49:cb:10:71:ef:9e:
         6c:08:f7:b7:81:1d:23:fa:65:2f:ef:02:98:ec:51:04:63:e6:
         63:fc:b0:08:80:cc:71:76:50:38:29:59:ac:cf:c4:22:27:db:
         84:52:96:40:26:01:dd:82:c4:3f:69:1d:75:3f:3d:a0:d0:bd:
         9f:71:d5:50:6c:38:d5:81:07:28:e4:25:f9:9b:a9:13:c4:9c:
         a5:ba:c9:bb:d8:29:10:e9:56:d2:33:c4:b4:8e:8d:34:03:82:
         96:f3:a2:31:25:02:8f:c0:32:8d:be:33:fd:fc:45:ee:de:33:
         40:5b:d4:0a:3f:24:65:f2:44:5c:08:1c:6a:c3:c2:f4:44:a2:
         be:17:24:c3:cb:70:30:82:52:5c:59:37:b5:63:7c:dd:07:08:
         a9:e3:04:0b
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICBfQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjJGNThBRjExMC8GA1UEBRMoRUNGNkYzNTM5QTRGRTA4Q0EyNkQxN0Y5OERDQjE1
OUEwNDdDQkZFODAeFw0yNDAyMjMwNzQ0MjlaFw0zNDAyMjMwNzQ0MjlaMBgxFjAU
BgNVBAMTDTY1ZDg0Y2UwLWI2OWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDNGYMYCffNtPubXHepemWsHq9NssmQ0oPyU2OxA5oJo4XcMJVQ60iP63K5
6I6XnUtEo8FCmynWwYSRVgL8T/6o18C21vAo2Wsmaw+bXJI1F/1DMdLE5fkEFBwi
ffuSP2FGuELDtF/YviQHYqvBAJ+L9eivrw7g78p3n8Iqcb7QbwGBhIellqdnEroq
xzme0GMaB4fZy7zM2TwsKDSCl8mn4arVgj/t0XPjT4mM56WC6IFN7JVEnInT+DgN
Eo5GQs7ZEgQ5NjUDD1m459vqdpDQsPs/o9SkCu/lqfE/LvuDRsS+UJoldANWFwar
dPK3+GSNGPViERu6V1IWyBrcoo0HAgMBAAGjggK8MIICuDAdBgNVHQ4EFgQU5p8z
WFqVzssar/82eVOdQ0nfd9IwHwYDVR0jBBgwFoAU7PbzU5pP4IyibRf5jcsVmgR8
v+gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYyRjU4Lzc1OTRFQkYyNDk4NzExRUE5NjlDOTQ1NEY4QUVBMjI4LzdQYnpV
NXBQNEl5aWJSZjVqY3NWbWdSOHYtZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzdQYnpVNXBQNEl5aWJSZjVqY3NWbWdSOHYtZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYyRjU4Lzc1OTRFQkYyNDk4NzExRUE5NjlDOTQ1NEY4
QUVBMjI4LzYxRDlFRkU4RDIxRjExRUU5QTY5NTA1Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAFmQHADBAFm2CQwDwQCAAIw
CQMHASABQ/gTsDANBgkqhkiG9w0BAQsFAAOCAQEA02OUi8xRGx9tGCs8qzEmT1qX
tHs8xwMl6T5OQ6hAsnIOn6mgAK8hwx6ZBojklDrJ/QMApER/bKCjz8HAnP4N+L+O
1ZanGAXow7VY7BcSMSysoO0qmT1C/AA/kSoHjme1JM0vTaZEScsQce+ebAj3t4Ed
I/plL+8CmOxRBGPmY/ywCIDMcXZQOClZrM/EIifbhFKWQCYB3YLEP2kddT89oNC9
n3HVUGw41YEHKOQl+ZupE8ScpbrJu9gpEOlW0jPEtI6NNAOClvOiMSUCj8Ayjb4z
/fxF7t4zQFvUCj8kZfJEXAgcasPC9ESivhckw8twMIJSXFk3tWN83QcIqeMECw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:27 2024 by rpki-client on console-fra.rpki-client.org