Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/AC3D4D08BE9E11EEA64FBFAA775412E6.roa
File:                     AC3D4D08BE9E11EEA64FBFAA775412E6.roa (raw, json)
Hash identifier:          WfYokYZnTAkyut9ZfwPk7g8ZUxso2I/ndS+zQRque/A=
Subject key identifier:   B7:26:C2:89:73:3E:7F:99:50:72:33:0E:66:F8:F8:E0:78:84:31:4A
Certificate issuer:       /CN=F3675292AF/serialNumber=8579BC27E73D7B29108EBFF397FB6CFD5C6B0247
Certificate serial:       07
Authority key identifier: 85:79:BC:27:E7:3D:7B:29:10:8E:BF:F3:97:FB:6C:FD:5C:6B:02:47
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hXm8J-c9eykQjr_zl_ts_VxrAkc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/AC3D4D08BE9E11EEA64FBFAA775412E6.roa
Signing time:             Mon 29 Jan 2024 12:05:20 +0000
ROA not before:           Mon 29 Jan 2024 12:05:17 +0000
ROA not after:            Thu 29 Jan 2026 12:05:17 +0000
asID:                     21003
IP address blocks:        102.215.198.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/hXm8J-c9eykQjr_zl_ts_VxrAkc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/hXm8J-c9eykQjr_zl_ts_VxrAkc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hXm8J-c9eykQjr_zl_ts_VxrAkc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7 (0x7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3675292AF/serialNumber=8579BC27E73D7B29108EBFF397FB6CFD5C6B0247
        Validity
            Not Before: Jan 29 12:05:17 2024 GMT
            Not After : Jan 29 12:05:17 2026 GMT
        Subject: CN=65b79480-a19f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d8:57:ed:08:19:f0:45:c2:51:ee:cf:2d:bc:
                    cb:37:89:ff:8f:67:25:9a:22:3c:96:73:e7:ae:6b:
                    51:78:ec:a7:83:25:e9:c7:5c:8f:3b:c4:7d:b5:79:
                    28:3e:29:e9:51:83:83:87:9a:96:4d:9a:a2:b3:60:
                    63:e8:be:62:2a:9b:c0:fb:31:7e:e4:65:b9:3e:fc:
                    da:92:2e:2a:0d:f2:5a:71:ac:a6:6b:2d:33:89:99:
                    83:c5:4b:17:3f:33:15:7b:57:f2:c6:52:9d:d5:eb:
                    63:35:cf:fb:c9:b3:de:12:ea:2d:aa:4f:bc:ee:d9:
                    05:a8:a0:5d:f0:5f:7b:0f:8b:e8:4f:b8:c1:51:5b:
                    7b:94:11:3c:ab:b0:a5:5b:40:60:5d:f0:23:7e:e6:
                    9c:cd:79:de:ab:81:28:a8:ef:7d:83:4d:f4:5b:8f:
                    68:69:ac:20:f4:0c:c7:36:41:dd:7a:b8:12:2c:ab:
                    72:48:de:e1:79:f5:bd:f3:fc:df:e7:53:12:24:21:
                    fd:b7:9f:2d:c9:fd:36:9d:85:dd:c2:55:88:7c:95:
                    9d:68:05:ff:19:d0:c6:73:46:dd:b1:25:1a:66:0a:
                    0a:0d:d3:81:1b:4f:9b:7e:f8:75:6d:24:fc:03:7e:
                    64:2b:d9:82:f2:ca:0f:28:b4:57:ca:e3:c2:0e:f8:
                    c5:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:26:C2:89:73:3E:7F:99:50:72:33:0E:66:F8:F8:E0:78:84:31:4A
            X509v3 Authority Key Identifier:
                keyid:85:79:BC:27:E7:3D:7B:29:10:8E:BF:F3:97:FB:6C:FD:5C:6B:02:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/hXm8J-c9eykQjr_zl_ts_VxrAkc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hXm8J-c9eykQjr_zl_ts_VxrAkc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/AC3D4D08BE9E11EEA64FBFAA775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.215.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:98:21:ef:dd:b0:ac:68:a4:3b:29:ff:8a:cd:49:37:70:23:
         93:82:13:32:57:a3:0c:66:c7:8e:5c:e6:d0:7d:b6:c6:75:b0:
         d6:b0:65:13:45:02:59:f7:04:ff:fc:22:f2:4a:f9:ab:32:05:
         ec:0f:f8:dc:e7:03:40:4e:44:c8:08:8d:0a:15:47:4b:86:21:
         51:5d:79:f0:e2:99:53:70:59:56:ac:18:7a:08:bc:df:d7:85:
         a2:cf:d1:31:23:77:b3:75:37:63:46:8e:00:7c:54:b8:77:b6:
         7c:ec:81:18:99:d3:03:98:5d:01:1c:91:dc:69:c9:e0:14:97:
         2d:7a:ab:c2:1b:c2:92:1c:f6:d3:62:15:42:68:d3:15:ca:b4:
         35:c6:c8:43:ef:08:d5:23:24:95:70:42:25:17:a9:c8:93:7e:
         94:75:6c:5e:1e:38:6e:a5:ab:7b:ee:e6:a6:0d:c5:4e:5a:f5:
         fb:8e:51:78:a6:34:11:9e:8b:d1:09:cc:ac:07:59:d4:fd:17:
         24:02:84:80:be:5d:ef:20:3a:4c:ea:9e:3d:40:3e:ca:8f:0b:
         be:9d:ea:af:89:e8:2c:8a:22:33:77:ef:20:07:53:a9:b5:6d:
         e9:61:14:91:e4:29:74:e6:dd:d8:d6:d4:92:9a:2a:c8:b1:ed:
         ee:1f:d1:1a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NTI5MkFGMTEwLwYDVQQFEyg4NTc5QkMyN0U3M0Q3QjI5MTA4RUJGRjM5N0ZCNkNG
RDVDNkIwMjQ3MB4XDTI0MDEyOTEyMDUxN1oXDTI2MDEyOTEyMDUxN1owGDEWMBQG
A1UEAxMNNjViNzk0ODAtYTE5ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3YV+0IGfBFwlHuzy28yzeJ/49nJZoiPJZz565rUXjsp4Ml6cdcjzvEfbV5
KD4p6VGDg4ealk2aorNgY+i+YiqbwPsxfuRluT782pIuKg3yWnGspmstM4mZg8VL
Fz8zFXtX8sZSndXrYzXP+8mz3hLqLapPvO7ZBaigXfBfew+L6E+4wVFbe5QRPKuw
pVtAYF3wI37mnM153quBKKjvfYNN9FuPaGmsIPQMxzZB3Xq4Eiyrckje4Xn1vfP8
3+dTEiQh/befLcn9Np2F3cJViHyVnWgF/xnQxnNG3bElGmYKCg3TgRtPm374dW0k
/AN+ZCvZgvLKDyi0V8rjwg74xWMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS3JsKJ
cz5/mVByMw5m+PjgeIQxSjAfBgNVHSMEGDAWgBSFebwn5z17KRCOv/OX+2z9XGsC
RzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzUyOTIvMjY0RDE3RkVCRERDMTFFRUI0MUU0MTRENzc1NDEyRTYvaFhtOEot
YzlleWtRanJfemxfdHNfVnhyQWtjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaFhtOEotYzlleWtRanJfemxfdHNfVnhyQWtjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzUyOTIvMjY0RDE3RkVCRERDMTFFRUI0MUU0MTRENzc1
NDEyRTYvQUMzRDREMDhCRTlFMTFFRUE2NEZCRkFBNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbXxjANBgkqhkiG9w0BAQsF
AAOCAQEAA5gh792wrGikOyn/is1JN3Ajk4ITMlejDGbHjlzm0H22xnWw1rBlE0UC
WfcE//wi8kr5qzIF7A/43OcDQE5EyAiNChVHS4YhUV158OKZU3BZVqwYegi839eF
os/RMSN3s3U3Y0aOAHxUuHe2fOyBGJnTA5hdARyR3GnJ4BSXLXqrwhvCkhz202IV
QmjTFcq0NcbIQ+8I1SMklXBCJRepyJN+lHVsXh44bqWre+7mpg3FTlr1+45ReKY0
EZ6L0QnMrAdZ1P0XJAKEgL5d7yA6TOqePUA+yo8Lvp3qr4noLIoiM3fvIAdTqbVt
6WEUkeQpdObd2NbUkpoqyLHt7h/RGg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org