Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367278D/1D3860A0852A11EE9DCD1B734AD9E6FC/C450DAB0852B11EEA03755784AD9E6FC.roa
File:                     C450DAB0852B11EEA03755784AD9E6FC.roa (raw, json)
Hash identifier:          +41zmHN4DGC6b99Vfy5ZDUkMkjOSaYpSIq26rSH1w4E=
Subject key identifier:   23:30:AC:8C:1A:40:B5:41:63:E5:C9:99:76:67:C3:D2:AE:50:00:87
Certificate issuer:       /CN=F367278DAF/serialNumber=019C57AF353AA8DDD6AE5D19B551EE045EF0E469
Certificate serial:       02
Authority key identifier: 01:9C:57:AF:35:3A:A8:DD:D6:AE:5D:19:B5:51:EE:04:5E:F0:E4:69
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/AZxXrzU6qN3Wrl0ZtVHuBF7w5Gk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367278D/1D3860A0852A11EE9DCD1B734AD9E6FC/C450DAB0852B11EEA03755784AD9E6FC.roa
Signing time:             Fri 17 Nov 2023 09:29:12 +0000
ROA not before:           Fri 17 Nov 2023 09:29:09 +0000
ROA not after:            Sun 31 Dec 2034 09:29:09 +0000
asID:                     328920
IP address blocks:        102.219.68.0/22 maxlen: 24
                          2c0f:3100::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367278D/1D3860A0852A11EE9DCD1B734AD9E6FC/AZxXrzU6qN3Wrl0ZtVHuBF7w5Gk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367278D/1D3860A0852A11EE9DCD1B734AD9E6FC/AZxXrzU6qN3Wrl0ZtVHuBF7w5Gk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/AZxXrzU6qN3Wrl0ZtVHuBF7w5Gk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367278DAF/serialNumber=019C57AF353AA8DDD6AE5D19B551EE045EF0E469
        Validity
            Not Before: Nov 17 09:29:09 2023 GMT
            Not After : Dec 31 09:29:09 2034 GMT
        Subject: CN=65573268-1eb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:36:ef:63:7e:ba:98:1e:b0:da:d6:dd:ac:80:
                    6b:6a:36:9b:53:7b:f7:5c:10:11:63:8b:64:97:1f:
                    01:ae:02:dd:10:7c:12:a3:30:23:16:89:52:9c:e4:
                    78:ff:13:e7:6a:9b:b8:21:40:24:17:75:a6:c5:f4:
                    12:d2:6e:b3:8d:ae:47:55:44:62:a0:52:0d:d2:5e:
                    a4:4b:84:fe:da:60:58:ff:45:c3:70:87:0f:59:9c:
                    22:8c:c8:f1:26:72:c3:5c:c8:d9:7d:1d:dd:ee:5b:
                    66:a1:79:98:aa:0a:b2:30:5b:47:44:bc:bb:da:13:
                    c3:1a:08:f9:2d:6d:c0:e9:9d:11:b7:71:86:c9:3b:
                    5b:ca:55:3b:6d:32:86:de:18:ee:48:ec:36:55:ac:
                    d8:f7:9d:e4:69:8f:0d:b3:41:42:b6:16:7e:bb:5f:
                    f4:9e:46:1e:04:c2:b9:06:37:29:ae:98:20:6a:ba:
                    17:bb:b3:f2:ae:a1:3b:ef:93:41:e4:76:25:4b:64:
                    3a:3d:a8:39:5b:c9:f3:5f:8b:1a:0c:82:4f:66:7d:
                    09:6b:db:9f:cc:59:fc:51:e0:1d:a0:2c:36:7a:49:
                    4d:b0:85:f1:9f:9d:95:d1:5c:c4:19:22:e2:96:a8:
                    8e:a0:6d:17:da:11:89:db:c8:29:41:2a:36:6a:4c:
                    16:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:30:AC:8C:1A:40:B5:41:63:E5:C9:99:76:67:C3:D2:AE:50:00:87
            X509v3 Authority Key Identifier:
                keyid:01:9C:57:AF:35:3A:A8:DD:D6:AE:5D:19:B5:51:EE:04:5E:F0:E4:69

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367278D/1D3860A0852A11EE9DCD1B734AD9E6FC/AZxXrzU6qN3Wrl0ZtVHuBF7w5Gk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/AZxXrzU6qN3Wrl0ZtVHuBF7w5Gk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367278D/1D3860A0852A11EE9DCD1B734AD9E6FC/C450DAB0852B11EEA03755784AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.219.68.0/22
                IPv6:
                  2c0f:3100::/32

    Signature Algorithm: sha256WithRSAEncryption
         ad:73:e4:33:29:87:9a:ce:fb:6a:37:b8:ce:ba:3c:ca:13:4b:
         18:35:80:74:d7:86:f1:2a:2e:0d:1c:f8:f2:26:14:ed:b3:2f:
         4d:6d:81:95:d4:7f:4a:ed:2f:f0:71:95:50:44:1a:41:53:1f:
         de:5c:87:b5:a2:38:26:24:71:a2:a2:d3:b3:f4:72:9c:9c:71:
         16:a3:c8:35:9b:05:82:7f:f4:9d:ba:30:7c:f8:29:84:61:09:
         23:f8:a7:75:a9:de:92:da:3f:aa:dc:bd:62:62:c9:34:a7:21:
         41:48:62:94:f6:a1:ec:fb:de:77:09:a2:1c:53:e8:af:ad:67:
         b2:8a:d2:f9:57:58:0e:00:4f:10:7f:ec:22:70:99:42:30:78:
         ab:d1:37:d4:fc:46:62:af:7d:69:13:4f:47:44:e8:37:cb:48:
         9b:ff:ca:b1:f7:66:2a:95:26:54:2f:90:c1:56:fc:3e:24:19:
         91:9c:f7:5e:a9:41:de:b4:83:c9:d7:ba:84:ab:03:1e:a9:53:
         b5:a1:92:a1:91:5c:e3:96:ff:a2:12:7c:7b:c9:fa:91:93:7e:
         36:29:e5:60:d1:f3:d2:e0:36:82:7e:9d:37:9c:e0:f8:e8:ef:
         66:f2:6d:11:d8:6f:73:5d:1c:b5:79:5c:eb:73:ab:84:15:a3:
         bd:6e:a0:e0
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
Mjc4REFGMTEwLwYDVQQFEygwMTlDNTdBRjM1M0FBOERERDZBRTVEMTlCNTUxRUUw
NDVFRjBFNDY5MB4XDTIzMTExNzA5MjkwOVoXDTM0MTIzMTA5MjkwOVowGDEWMBQG
A1UEAxMNNjU1NzMyNjgtMWViMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMI272N+upgesNrW3ayAa2o2m1N791wQEWOLZJcfAa4C3RB8EqMwIxaJUpzk
eP8T52qbuCFAJBd1psX0EtJus42uR1VEYqBSDdJepEuE/tpgWP9Fw3CHD1mcIozI
8SZyw1zI2X0d3e5bZqF5mKoKsjBbR0S8u9oTwxoI+S1twOmdEbdxhsk7W8pVO20y
ht4Y7kjsNlWs2Ped5GmPDbNBQrYWfrtf9J5GHgTCuQY3Ka6YIGq6F7uz8q6hO++T
QeR2JUtkOj2oOVvJ81+LGgyCT2Z9CWvbn8xZ/FHgHaAsNnpJTbCF8Z+dldFcxBki
4paojqBtF9oRidvIKUEqNmpMFgsCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQjMKyM
GkC1QWPlyZl2Z8PSrlAAhzAfBgNVHSMEGDAWgBQBnFevNTqo3dauXRm1Ue4EXvDk
aTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzI3OEQvMUQzODYwQTA4NTJBMTFFRTlEQ0QxQjczNEFEOUU2RkMvQVp4WHJ6
VTZxTjNXcmwwWnRWSHVCRjd3NUdrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQVp4WHJ6VTZxTjNXcmwwWnRWSHVCRjd3NUdrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzI3OEQvMUQzODYwQTA4NTJBMTFFRTlEQ0QxQjczNEFE
OUU2RkMvQzQ1MERBQjA4NTJCMTFFRUEwMzc1NTc4NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbbRDANBAIAAjAHAwUALA8x
ADANBgkqhkiG9w0BAQsFAAOCAQEArXPkMymHms77aje4zro8yhNLGDWAdNeG8Sou
DRz48iYU7bMvTW2BldR/Su0v8HGVUEQaQVMf3lyHtaI4JiRxoqLTs/RynJxxFqPI
NZsFgn/0nbowfPgphGEJI/indanekto/qty9YmLJNKchQUhilPah7PvedwmiHFPo
r61nsorS+VdYDgBPEH/sInCZQjB4q9E31PxGYq99aRNPR0ToN8tIm//KsfdmKpUm
VC+QwVb8PiQZkZz3XqlB3rSDyde6hKsDHqlTtaGSoZFc45b/ohJ8e8n6kZN+Ninl
YNHz0uA2gn6dN5zg+OjvZvJtEdhvc10ctXlc63OrhBWjvW6g4A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org