Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/9AFFC288088811ECA106161ED8A014CE.roa
File:                     9AFFC288088811ECA106161ED8A014CE.roa (raw, json)
Hash identifier:          n5/zbJHWphCVF1gSPvRvD8gTp/hchzu2QDEHR8pwfCE=
Subject key identifier:   FA:4D:64:6A:B1:E3:92:04:20:E5:62:56:3C:08:9D:9C:25:EE:97:DA
Certificate issuer:       /CN=F3667885AF/serialNumber=C4A7961E002AA89D50BEA2252D4F94B1EEF66A23
Certificate serial:       05
Authority key identifier: C4:A7:96:1E:00:2A:A8:9D:50:BE:A2:25:2D:4F:94:B1:EE:F6:6A:23
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/xKeWHgAqqJ1QvqIlLU-Use72aiM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/9AFFC288088811ECA106161ED8A014CE.roa
Signing time:             Sun 29 Aug 2021 05:18:55 +0000
ROA not before:           Sun 29 Aug 2021 05:18:51 +0000
ROA not after:            Sat 31 Aug 2024 05:18:51 +0000
asID:                     328315
IP address blocks:        102.164.80.0/20 maxlen: 24
                          2c0f:eec8::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/xKeWHgAqqJ1QvqIlLU-Use72aiM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/xKeWHgAqqJ1QvqIlLU-Use72aiM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/xKeWHgAqqJ1QvqIlLU-Use72aiM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3667885AF/serialNumber=C4A7961E002AA89D50BEA2252D4F94B1EEF66A23
        Validity
            Not Before: Aug 29 05:18:51 2021 GMT
            Not After : Aug 31 05:18:51 2024 GMT
        Subject: CN=612b18bf-bf88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:e3:dc:85:40:d1:63:30:cd:48:75:4c:3b:ce:
                    d5:dc:bd:09:be:6d:1c:6a:6f:bf:57:fa:01:61:2d:
                    0d:2d:be:c2:25:1c:b3:5f:65:5f:fc:90:f9:5c:d7:
                    15:3c:33:02:28:b2:80:31:aa:11:e5:4c:85:dd:72:
                    11:95:95:a8:a5:2a:6e:be:a8:ce:f6:0a:23:1a:8c:
                    b4:ca:23:4c:4a:9a:cb:06:01:fe:79:ad:f4:04:7e:
                    0b:15:8d:25:a1:7a:39:d0:3f:9e:e0:c9:48:75:44:
                    ff:d9:66:ac:5a:ba:ec:15:58:c4:a2:a9:9f:a9:da:
                    53:96:b9:2b:f3:13:09:63:87:c9:23:42:dd:41:8e:
                    55:72:29:2c:e7:85:59:ec:00:e0:45:55:c3:9e:f6:
                    3c:22:16:07:dc:27:40:80:2e:d4:04:8d:e3:76:3b:
                    bc:a5:0c:53:d0:62:c9:7e:4c:a0:88:c9:ed:91:d0:
                    02:d1:d3:87:29:1c:17:35:2a:e1:2f:14:10:b6:01:
                    24:b3:64:9d:89:65:66:4e:08:60:1d:84:21:3d:22:
                    7d:f2:1b:49:c5:a0:9e:77:6e:d4:cd:22:f8:1b:2a:
                    c1:6a:f4:02:44:38:eb:a6:30:0b:86:05:e8:3a:dc:
                    27:05:73:a1:ce:79:ca:03:60:76:0c:c0:d7:43:6a:
                    ed:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:4D:64:6A:B1:E3:92:04:20:E5:62:56:3C:08:9D:9C:25:EE:97:DA
            X509v3 Authority Key Identifier:
                keyid:C4:A7:96:1E:00:2A:A8:9D:50:BE:A2:25:2D:4F:94:B1:EE:F6:6A:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/xKeWHgAqqJ1QvqIlLU-Use72aiM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/xKeWHgAqqJ1QvqIlLU-Use72aiM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3667885/2F732490067811ECB5D5945AD8A014CE/9AFFC288088811ECA106161ED8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.164.80.0/20
                IPv6:
                  2c0f:eec8::/32

    Signature Algorithm: sha256WithRSAEncryption
         3e:5a:09:36:03:ba:83:63:cf:a4:e3:6f:5b:38:03:c3:39:fa:
         d0:8b:4c:6f:bc:29:e1:f8:59:88:f7:63:98:c0:70:e4:dc:19:
         e4:a0:c8:08:99:17:c6:57:99:33:8c:90:05:16:bf:6d:be:f8:
         44:be:58:1a:42:59:ce:d6:14:5e:eb:61:3d:aa:79:30:00:54:
         a9:fc:68:8b:98:18:2d:45:e2:4f:bf:71:4a:75:b8:17:51:26:
         2b:fb:50:b5:1e:d7:9a:44:6a:48:ec:68:c0:98:06:89:09:fd:
         6d:27:78:53:18:37:1f:3a:55:98:44:9c:b9:e1:28:9b:f2:f6:
         83:ee:ef:6c:4e:64:fc:04:82:8a:03:bb:74:5b:0c:47:16:04:
         9d:5d:76:b9:e5:91:64:b0:e0:41:e1:e0:1a:83:92:91:66:6d:
         c5:c6:c0:8a:d5:fa:4a:5d:29:63:a5:d8:d0:84:a1:a4:84:e8:
         7e:ff:80:2b:6e:02:ce:b0:86:c8:c3:91:27:39:45:c3:55:f7:
         43:c8:7f:95:6d:b4:a3:6f:5c:cf:55:c5:96:2c:10:13:bb:08:
         12:8d:8c:d3:15:4d:f7:9a:63:32:8b:f5:73:ca:1f:27:86:92:
         0e:e8:70:da:c2:97:3f:7d:8f:68:66:52:54:a0:bb:ec:fc:10:
         18:17:72:e3
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY2
Nzg4NUFGMTEwLwYDVQQFEyhDNEE3OTYxRTAwMkFBODlENTBCRUEyMjUyRDRGOTRC
MUVFRjY2QTIzMB4XDTIxMDgyOTA1MTg1MVoXDTI0MDgzMTA1MTg1MVowGDEWMBQG
A1UEAwwNNjEyYjE4YmYtYmY4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzj3IVA0WMwzUh1TDvO1dy9Cb5tHGpvv1f6AWEtDS2+wiUcs19lX/yQ+VzX
FTwzAiiygDGqEeVMhd1yEZWVqKUqbr6ozvYKIxqMtMojTEqaywYB/nmt9AR+CxWN
JaF6OdA/nuDJSHVE/9lmrFq67BVYxKKpn6naU5a5K/MTCWOHySNC3UGOVXIpLOeF
WewA4EVVw572PCIWB9wnQIAu1ASN43Y7vKUMU9BiyX5MoIjJ7ZHQAtHThykcFzUq
4S8UELYBJLNknYllZk4IYB2EIT0iffIbScWgnndu1M0i+BsqwWr0AkQ466YwC4YF
6DrcJwVzoc55ygNgdgzA10Nq7WMCAwEAAaOCArQwggKwMB0GA1UdDgQWBBT6TWRq
seOSBCDlYlY8CJ2cJe6X2jAfBgNVHSMEGDAWgBTEp5YeACqonVC+oiUtT5Sx7vZq
IzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Njc4ODUvMkY3MzI0OTAwNjc4MTFFQ0I1RDU5NDVBRDhBMDE0Q0UveEtlV0hn
QXFxSjFRdnFJbExVLVVzZTcyYWlNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveEtlV0hnQXFxSjFRdnFJbExVLVVzZTcyYWlNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Njc4ODUvMkY3MzI0OTAwNjc4MTFFQ0I1RDU5NDVBRDhB
MDE0Q0UvOUFGRkMyODgwODg4MTFFQ0ExMDYxNjFFRDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBGakUDANBAIAAjAHAwUALA/u
yDANBgkqhkiG9w0BAQsFAAOCAQEAPloJNgO6g2PPpONvWzgDwzn60ItMb7wp4fhZ
iPdjmMBw5NwZ5KDICJkXxleZM4yQBRa/bb74RL5YGkJZztYUXuthPap5MABUqfxo
i5gYLUXiT79xSnW4F1EmK/tQtR7XmkRqSOxowJgGiQn9bSd4Uxg3HzpVmEScueEo
m/L2g+7vbE5k/ASCigO7dFsMRxYEnV12ueWRZLDgQeHgGoOSkWZtxcbAitX6Sl0p
Y6XY0IShpITofv+AK24CzrCGyMORJzlFw1X3Q8h/lW20o29cz1XFliwQE7sIEo2M
0xVN95pjMov1c8ofJ4aSDuhw2sKXP32PaGZSVKC77PwQGBdy4w==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:51 2024 by rpki-client on console-fra.rpki-client.org