Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/81BE3BD6ECDF11EEBC2B3D97775412E6.roa
File:                     81BE3BD6ECDF11EEBC2B3D97775412E6.roa (raw, json)
Hash identifier:          hwWQDZAVBCTcvtdC0E2H0gTUN7xTPD8/NsNk295s4ow=
Subject key identifier:   79:88:69:57:08:99:4B:9C:9F:95:63:DC:D3:F9:C2:CC:8D:D0:6F:08
Certificate issuer:       /CN=F366D4FEAF/serialNumber=5B99DEF0BA6545154DE2598559B3AEA8D26250B7
Certificate serial:       02
Authority key identifier: 5B:99:DE:F0:BA:65:45:15:4D:E2:59:85:59:B3:AE:A8:D2:62:50:B7
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/W5ne8LplRRVN4lmFWbOuqNJiULc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/81BE3BD6ECDF11EEBC2B3D97775412E6.roa
Signing time:             Thu 28 Mar 2024 08:45:20 +0000
ROA not before:           Thu 28 Mar 2024 08:45:16 +0000
ROA not after:            Sun 31 Dec 2034 08:45:16 +0000
asID:                     329014
IP address blocks:        102.210.28.0/22 maxlen: 22
                          102.216.154.0/23 maxlen: 23
                          2c0f:5740::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/W5ne8LplRRVN4lmFWbOuqNJiULc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/W5ne8LplRRVN4lmFWbOuqNJiULc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/W5ne8LplRRVN4lmFWbOuqNJiULc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366D4FEAF/serialNumber=5B99DEF0BA6545154DE2598559B3AEA8D26250B7
        Validity
            Not Before: Mar 28 08:45:16 2024 GMT
            Not After : Dec 31 08:45:16 2034 GMT
        Subject: CN=66052e20-afdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c4:27:d1:53:35:b9:0d:19:cd:17:0a:f8:f2:
                    e5:43:b2:cd:56:72:16:15:b2:a4:fe:cd:57:7e:7c:
                    38:f3:e1:2c:48:10:7b:2c:e3:45:81:fe:08:1b:34:
                    5f:08:9c:94:fc:a9:52:87:3f:96:ce:fb:df:72:06:
                    4b:73:63:4f:ba:60:37:59:eb:b9:ac:75:38:87:1f:
                    71:85:19:68:15:24:90:f6:9b:ce:db:d8:83:bf:a5:
                    30:e6:d8:0e:49:a3:09:7a:70:57:97:c8:95:da:07:
                    65:9f:4c:f7:37:b9:0e:c7:13:81:0a:5b:b1:98:f6:
                    6f:20:35:74:cf:82:e6:ef:36:6c:af:68:6a:10:6b:
                    e8:c5:a8:66:64:8d:7e:02:14:2f:4b:98:eb:21:29:
                    7b:8a:ae:3b:0f:db:b7:87:c0:e5:50:7f:8d:bc:13:
                    77:94:1d:e8:a9:2f:1a:d8:67:ce:1a:55:6f:28:c6:
                    9d:bd:34:46:16:03:b4:72:df:67:2c:45:80:1a:9e:
                    44:85:02:c4:90:5c:de:4e:6d:6c:20:e3:67:f2:e1:
                    78:e5:94:8e:d1:9b:f9:91:98:7a:e0:13:3b:1c:1f:
                    4e:bc:c4:b8:47:09:78:39:77:ed:5a:29:d3:dd:53:
                    b4:0a:16:78:af:6c:ae:66:fe:81:61:03:f8:d8:0a:
                    c6:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:88:69:57:08:99:4B:9C:9F:95:63:DC:D3:F9:C2:CC:8D:D0:6F:08
            X509v3 Authority Key Identifier:
                keyid:5B:99:DE:F0:BA:65:45:15:4D:E2:59:85:59:B3:AE:A8:D2:62:50:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/W5ne8LplRRVN4lmFWbOuqNJiULc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/W5ne8LplRRVN4lmFWbOuqNJiULc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366D4FE/514F0DB8ECDA11EE87AC6871775412E6/81BE3BD6ECDF11EEBC2B3D97775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.210.28.0/22
                  102.216.154.0/23
                IPv6:
                  2c0f:5740::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:12:ed:42:36:e9:aa:2e:32:ee:f0:cd:a6:cd:48:f7:ad:58:
         66:54:e3:fe:da:92:b1:f7:91:0e:19:2f:ad:cc:01:4c:94:72:
         c9:53:55:2d:d6:ec:58:e6:1a:09:f5:eb:56:33:fb:2c:b6:72:
         2e:dd:1a:6f:d0:ff:07:9d:ee:1f:1f:75:ca:14:49:0e:70:58:
         c2:63:ad:b3:0d:4d:76:80:d1:b5:51:92:79:1c:85:aa:eb:2d:
         ec:b1:81:d1:fd:c9:b0:b8:fc:db:58:8d:43:46:46:63:dd:34:
         85:2b:eb:8e:66:ed:c9:67:c1:50:53:a8:09:35:cf:12:2d:71:
         43:7b:ca:fc:f8:51:3e:fe:24:8d:0d:7d:bb:ac:76:e3:1b:b2:
         e4:c0:2c:03:07:83:fb:a0:bd:ac:d1:2f:b4:8f:be:fe:66:31:
         54:82:f5:08:36:b6:34:28:a8:48:58:aa:c1:38:04:55:c3:8f:
         a1:67:6e:cb:ac:0a:6b:f5:f0:78:c6:7b:f7:50:27:39:a3:e0:
         14:df:c3:38:87:37:98:ee:b3:30:c7:82:d2:bf:e5:ab:29:2d:
         20:31:7e:3a:1c:a7:6d:c6:df:55:97:18:62:2f:7c:6d:c9:21:
         39:f5:73:d7:16:be:02:13:5c:61:74:84:be:f9:fb:a3:06:bd:
         fd:62:64:52
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
RDRGRUFGMTEwLwYDVQQFEyg1Qjk5REVGMEJBNjU0NTE1NERFMjU5ODU1OUIzQUVB
OEQyNjI1MEI3MB4XDTI0MDMyODA4NDUxNloXDTM0MTIzMTA4NDUxNlowGDEWMBQG
A1UEAxMNNjYwNTJlMjAtYWZkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLEJ9FTNbkNGc0XCvjy5UOyzVZyFhWypP7NV358OPPhLEgQeyzjRYH+CBs0
XwiclPypUoc/ls7733IGS3NjT7pgN1nruax1OIcfcYUZaBUkkPabztvYg7+lMObY
DkmjCXpwV5fIldoHZZ9M9ze5DscTgQpbsZj2byA1dM+C5u82bK9oahBr6MWoZmSN
fgIUL0uY6yEpe4quOw/bt4fA5VB/jbwTd5Qd6KkvGthnzhpVbyjGnb00RhYDtHLf
ZyxFgBqeRIUCxJBc3k5tbCDjZ/LheOWUjtGb+ZGYeuATOxwfTrzEuEcJeDl37Vop
091TtAoWeK9srmb+gWED+NgKxukCAwEAAaOCArowggK2MB0GA1UdDgQWBBR5iGlX
CJlLnJ+VY9zT+cLMjdBvCDAfBgNVHSMEGDAWgBRbmd7wumVFFU3iWYVZs66o0mJQ
tzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkQ0RkUvNTE0RjBEQjhFQ0RBMTFFRTg3QUM2ODcxNzc1NDEyRTYvVzVuZThM
cGxSUlZONGxtRldiT3VxTkppVUxjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVzVuZThMcGxSUlZONGxtRldiT3VxTkppVUxjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkQ0RkUvNTE0RjBEQjhFQ0RBMTFFRTg3QUM2ODcxNzc1
NDEyRTYvODFCRTNCRDZFQ0RGMTFFRUJDMkIzRDk3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmbSHAMEAWbYmjANBAIAAjAH
AwUALA9XQDANBgkqhkiG9w0BAQsFAAOCAQEAUBLtQjbpqi4y7vDNps1I961YZlTj
/tqSsfeRDhkvrcwBTJRyyVNVLdbsWOYaCfXrVjP7LLZyLt0ab9D/B53uHx91yhRJ
DnBYwmOtsw1NdoDRtVGSeRyFqust7LGB0f3JsLj821iNQ0ZGY900hSvrjmbtyWfB
UFOoCTXPEi1xQ3vK/PhRPv4kjQ19u6x24xuy5MAsAweD+6C9rNEvtI++/mYxVIL1
CDa2NCioSFiqwTgEVcOPoWduy6wKa/XweMZ791AnOaPgFN/DOIc3mO6zMMeC0r/l
qyktIDF+OhynbcbfVZcYYi98bckhOfVz1xa+AhNcYXSEvvn7owa9/WJkUg==
-----END CERTIFICATE-----
Generated at Sun Nov 24 05:19:31 2024 by rpki-client on console-ams.rpki-client.org