Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367676C/318C1E901A6111EE83E1D3814AD9E6FC/D7ED7CFCC51511EE85F58D50775412E6.roa
File:                     D7ED7CFCC51511EE85F58D50775412E6.roa (raw, json)
Hash identifier:          QAA9COkPZwe9PTmNfwL5wojLGp+HtJSiqKQk5ypGdaw=
Subject key identifier:   7F:58:77:A9:9C:CF:F7:0A:E2:E0:16:F6:54:83:2F:6E:54:23:28:60
Certificate issuer:       /CN=F367676CAF/serialNumber=0601535601327F433F8D8427204C50942084AD56
Certificate serial:       E7
Authority key identifier: 06:01:53:56:01:32:7F:43:3F:8D:84:27:20:4C:50:94:20:84:AD:56
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/BgFTVgEyf0M_jYQnIExQlCCErVY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367676C/318C1E901A6111EE83E1D3814AD9E6FC/D7ED7CFCC51511EE85F58D50775412E6.roa
Signing time:             Tue 06 Feb 2024 17:33:30 +0000
ROA not before:           Tue 06 Feb 2024 17:33:27 +0000
ROA not after:            Sun 06 Feb 2033 17:33:27 +0000
asID:                     329272
IP address blocks:        102.214.68.0/24 maxlen: 24
                          102.214.69.0/24 maxlen: 24
                          102.214.70.0/24 maxlen: 24
                          102.214.71.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367676C/318C1E901A6111EE83E1D3814AD9E6FC/BgFTVgEyf0M_jYQnIExQlCCErVY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367676C/318C1E901A6111EE83E1D3814AD9E6FC/BgFTVgEyf0M_jYQnIExQlCCErVY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/BgFTVgEyf0M_jYQnIExQlCCErVY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 231 (0xe7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367676CAF/serialNumber=0601535601327F433F8D8427204C50942084AD56
        Validity
            Not Before: Feb  6 17:33:27 2024 GMT
            Not After : Feb  6 17:33:27 2033 GMT
        Subject: CN=65c26d6a-041a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f4:cf:af:ea:61:6d:00:79:85:01:13:ce:44:
                    d2:72:03:fa:50:1a:22:16:c9:e6:e0:ea:d7:5c:d7:
                    f6:b3:3f:9f:07:d7:ee:e0:b0:dd:07:c8:f0:76:5c:
                    96:af:94:df:fe:1b:0e:9a:71:a1:8b:66:3e:f0:68:
                    07:26:4e:9e:3f:cf:91:88:86:80:7c:f0:c8:56:1f:
                    6b:6f:ed:10:72:39:50:c2:ff:e3:9b:37:b8:0e:c4:
                    fd:fd:9a:77:a9:ec:04:0a:49:59:ef:60:3c:7d:69:
                    ea:66:41:89:0d:8f:d1:c8:3f:c0:1c:0a:94:af:aa:
                    e7:d9:4c:91:eb:d4:02:02:1a:6d:8c:3f:81:12:e3:
                    1b:6f:6c:8f:59:68:77:16:51:d6:ec:7d:31:94:79:
                    b0:78:69:df:34:07:59:d1:33:df:9c:04:f4:3d:87:
                    d1:86:77:0c:35:1c:4f:78:33:da:90:32:69:e7:30:
                    4a:4e:41:98:62:61:2b:01:a8:07:34:f2:73:f6:90:
                    6c:f3:1f:71:54:ad:87:20:ae:2a:32:f2:e6:17:36:
                    c1:23:19:06:66:6e:6c:8f:94:60:6f:62:67:d2:a8:
                    13:2c:94:59:24:3c:bc:89:f1:df:5b:a3:52:b3:b5:
                    03:e2:57:cb:e1:f6:14:f4:e3:b9:0a:c3:a8:40:17:
                    ca:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:58:77:A9:9C:CF:F7:0A:E2:E0:16:F6:54:83:2F:6E:54:23:28:60
            X509v3 Authority Key Identifier:
                keyid:06:01:53:56:01:32:7F:43:3F:8D:84:27:20:4C:50:94:20:84:AD:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367676C/318C1E901A6111EE83E1D3814AD9E6FC/BgFTVgEyf0M_jYQnIExQlCCErVY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/BgFTVgEyf0M_jYQnIExQlCCErVY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367676C/318C1E901A6111EE83E1D3814AD9E6FC/D7ED7CFCC51511EE85F58D50775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.214.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         49:e7:68:33:1c:a0:a4:e9:55:f7:c2:44:30:32:9f:08:cc:43:
         76:22:81:4b:06:2d:c5:fa:45:75:32:15:d6:51:38:3e:0c:c6:
         0b:e1:9b:fb:e0:52:c5:5a:0d:90:3a:d1:9f:1b:1a:d0:10:48:
         00:da:67:98:96:45:d3:7f:c3:9d:a4:83:fe:c5:b0:ae:cf:6f:
         46:73:00:00:28:34:3e:2c:6c:b9:27:44:01:4f:da:53:89:dc:
         1a:43:e1:4d:fe:64:76:a0:fe:a1:76:f0:a6:b2:20:02:bc:34:
         25:2c:27:50:aa:5b:06:95:b8:ba:82:2e:a7:59:eb:81:ba:1e:
         c4:9d:7a:83:44:53:16:f4:53:17:43:61:29:43:02:a8:3f:09:
         e4:d9:86:b0:ea:1b:0b:37:36:f0:16:de:3d:4d:80:a3:a3:77:
         e0:3c:11:e8:47:1d:c4:5a:e0:d5:f5:47:7d:9f:bb:ac:c1:56:
         b0:7c:ca:d3:f8:0c:16:f0:97:28:1a:95:ff:c9:55:86:dd:ca:
         ed:dd:0b:34:fd:2c:be:35:90:09:7c:25:26:36:16:41:eb:67:
         03:b1:ba:16:b9:2d:e7:fe:bc:f1:d6:a2:45:13:62:f9:02:ee:
         b7:17:51:d4:b7:53:94:2a:21:bb:5a:c3:d9:60:b1:cd:79:9c:
         5b:90:03:11
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAOcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NzY3NkNBRjExMC8GA1UEBRMoMDYwMTUzNTYwMTMyN0Y0MzNGOEQ4NDI3MjA0QzUw
OTQyMDg0QUQ1NjAeFw0yNDAyMDYxNzMzMjdaFw0zMzAyMDYxNzMzMjdaMBgxFjAU
BgNVBAMTDTY1YzI2ZDZhLTA0MWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCv9M+v6mFtAHmFARPORNJyA/pQGiIWyebg6tdc1/azP58H1+7gsN0HyPB2
XJavlN/+Gw6acaGLZj7waAcmTp4/z5GIhoB88MhWH2tv7RByOVDC/+ObN7gOxP39
mnep7AQKSVnvYDx9aepmQYkNj9HIP8AcCpSvqufZTJHr1AICGm2MP4ES4xtvbI9Z
aHcWUdbsfTGUebB4ad80B1nRM9+cBPQ9h9GGdww1HE94M9qQMmnnMEpOQZhiYSsB
qAc08nP2kGzzH3FUrYcgrioy8uYXNsEjGQZmbmyPlGBvYmfSqBMslFkkPLyJ8d9b
o1KztQPiV8vh9hT047kKw6hAF8rjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUf1h3
qZzP9wri4Bb2VIMvblQjKGAwHwYDVR0jBBgwFoAUBgFTVgEyf0M/jYQnIExQlCCE
rVYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc2NzZDLzMxOEMxRTkwMUE2MTExRUU4M0UxRDM4MTRBRDlFNkZDL0JnRlRW
Z0V5ZjBNX2pZUW5JRXhRbENDRXJWWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0JnRlRWZ0V5ZjBNX2pZUW5JRXhRbENDRXJWWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc2NzZDLzMxOEMxRTkwMUE2MTExRUU4M0UxRDM4MTRB
RDlFNkZDL0Q3RUQ3Q0ZDQzUxNTExRUU4NUY1OEQ1MDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1kQwDQYJKoZIhvcNAQEL
BQADggEBAEnnaDMcoKTpVffCRDAynwjMQ3YigUsGLcX6RXUyFdZROD4Mxgvhm/vg
UsVaDZA60Z8bGtAQSADaZ5iWRdN/w52kg/7FsK7Pb0ZzAAAoND4sbLknRAFP2lOJ
3BpD4U3+ZHag/qF28KayIAK8NCUsJ1CqWwaVuLqCLqdZ64G6HsSdeoNEUxb0UxdD
YSlDAqg/CeTZhrDqGws3NvAW3j1NgKOjd+A8EehHHcRa4NX1R32fu6zBVrB8ytP4
DBbwlygalf/JVYbdyu3dCzT9LL41kAl8JSY2FkHrZwOxuha5Lef+vPHWokUTYvkC
7rcXUdS3U5QqIbtaw9lgsc15nFuQAxE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org