Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/94A8D362E77811EE9100CFC8775412E6.roa
File:                     94A8D362E77811EE9100CFC8775412E6.roa (raw, json)
Hash identifier:          PQ9VdjuHSh6kOFkT99/RDdKUFZgKf41yYceEmNn3R/s=
Subject key identifier:   96:73:68:6E:3F:B7:C5:B6:3A:4B:15:98:4D:0C:EF:B6:89:6B:87:15
Certificate issuer:       /CN=F3678967AF/serialNumber=5CAA982C03179326332D6B770A58E8795CB8459F
Certificate serial:       05D0
Authority key identifier: 5C:AA:98:2C:03:17:93:26:33:2D:6B:77:0A:58:E8:79:5C:B8:45:9F
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/94A8D362E77811EE9100CFC8775412E6.roa
Signing time:             Thu 21 Mar 2024 11:45:57 +0000
ROA not before:           Thu 21 Mar 2024 11:45:54 +0000
ROA not after:            Mon 20 Mar 2034 11:45:54 +0000
asID:                     328633
IP address blocks:        102.217.184.0/22 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1488 (0x5d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3678967AF/serialNumber=5CAA982C03179326332D6B770A58E8795CB8459F
        Validity
            Not Before: Mar 21 11:45:54 2024 GMT
            Not After : Mar 20 11:45:54 2034 GMT
        Subject: CN=65fc1df5-d451
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:2b:b7:46:16:b4:bc:d0:38:ad:ba:4e:cd:f5:
                    bb:8d:f7:5f:48:bc:06:52:20:1f:f6:0d:b2:88:e7:
                    98:b0:eb:14:1e:89:aa:5f:f8:92:3c:dd:5e:7e:02:
                    4d:0d:e5:b6:c5:6a:1d:3d:66:83:45:b8:9d:78:06:
                    12:31:f1:05:e1:55:20:fa:bc:d3:c2:c7:c1:ec:f2:
                    14:6a:0f:02:30:df:5b:fa:7c:6b:0c:0f:73:4b:f2:
                    50:eb:cb:89:dd:87:6c:65:06:9b:37:f4:4c:3f:41:
                    0c:84:ff:57:c2:02:13:b3:80:6c:fd:46:2c:7a:28:
                    91:ee:da:2a:53:b1:f2:09:7f:61:ec:17:e5:5b:52:
                    1f:3c:0a:83:c1:74:8b:e4:6f:aa:b4:78:0d:45:4d:
                    a8:dc:86:a2:a1:ae:40:03:da:c1:1b:f3:03:05:e7:
                    0a:42:50:d2:ff:d5:72:43:e1:32:01:87:00:1b:a2:
                    46:64:97:6a:ae:b2:a6:d1:e0:a0:4d:d0:82:ff:9d:
                    aa:25:ce:7c:8c:52:ad:d7:cf:48:c6:1c:b5:4d:a7:
                    8a:49:50:e8:9d:fe:59:95:20:74:52:a8:35:a7:37:
                    49:f9:30:f2:04:8c:6c:0a:7e:42:3a:59:4a:80:03:
                    7d:14:85:43:0a:ca:8a:1f:2c:df:43:12:e5:55:a5:
                    91:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:73:68:6E:3F:B7:C5:B6:3A:4B:15:98:4D:0C:EF:B6:89:6B:87:15
            X509v3 Authority Key Identifier:
                keyid:5C:AA:98:2C:03:17:93:26:33:2D:6B:77:0A:58:E8:79:5C:B8:45:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/XKqYLAMXkyYzLWt3CljoeVy4RZ8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XKqYLAMXkyYzLWt3CljoeVy4RZ8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3678967/4AA442F478D911EA9A80955CF8AEA228/94A8D362E77811EE9100CFC8775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a9:3c:b9:99:3f:d5:ed:28:a2:ba:c4:71:e5:1d:48:1f:48:fe:
         dc:ca:bb:d3:42:08:69:2a:4e:fa:8a:22:ad:b9:c9:10:ba:24:
         90:0d:3e:e7:9a:60:ff:2a:aa:78:28:01:dd:64:5c:c7:ff:6f:
         93:12:20:e9:54:7c:b7:2d:a2:4f:b1:b6:a4:89:ef:0b:ff:21:
         b1:17:cc:b3:7d:fe:c5:2e:e6:80:a9:1a:b6:82:98:ed:73:10:
         b8:fd:50:4f:62:18:63:ab:64:92:bc:f6:03:cb:5e:e6:0d:6f:
         63:6d:58:5c:92:fb:aa:94:08:83:35:fd:70:01:2d:19:1a:c4:
         0d:cf:66:7a:46:90:84:55:d8:26:34:48:39:8b:33:1a:f1:28:
         86:91:5e:44:11:3f:3c:1c:70:d2:24:6b:26:75:38:6b:9e:66:
         74:5e:f7:18:b0:69:ea:ab:04:19:c8:72:6e:e9:99:92:d9:fd:
         ef:6c:0a:82:43:a4:f3:d4:9b:2f:41:50:05:9e:d0:ff:43:58:
         65:23:ea:e9:69:11:4e:d8:c7:b2:82:f6:bc:d0:b8:2c:5f:d4:
         2e:36:29:47:32:13:13:66:2a:31:da:27:91:5d:4c:7e:db:9c:
         a6:4d:56:15:86:5a:98:bb:c1:c4:16:59:1e:83:dc:8e:84:ad:
         f4:98:c7:fb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBdAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Nzg5NjdBRjExMC8GA1UEBRMoNUNBQTk4MkMwMzE3OTMyNjMzMkQ2Qjc3MEE1OEU4
Nzk1Q0I4NDU5RjAeFw0yNDAzMjExMTQ1NTRaFw0zNDAzMjAxMTQ1NTRaMBgxFjAU
BgNVBAMTDTY1ZmMxZGY1LWQ0NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDSK7dGFrS80Dituk7N9buN919IvAZSIB/2DbKI55iw6xQeiapf+JI83V5+
Ak0N5bbFah09ZoNFuJ14BhIx8QXhVSD6vNPCx8Hs8hRqDwIw31v6fGsMD3NL8lDr
y4ndh2xlBps39Ew/QQyE/1fCAhOzgGz9Rix6KJHu2ipTsfIJf2HsF+VbUh88CoPB
dIvkb6q0eA1FTajchqKhrkAD2sEb8wMF5wpCUNL/1XJD4TIBhwAbokZkl2qusqbR
4KBN0IL/naolznyMUq3Xz0jGHLVNp4pJUOid/lmVIHRSqDWnN0n5MPIEjGwKfkI6
WUqAA30UhUMKyoofLN9DEuVVpZHhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUlnNo
bj+3xbY6SxWYTQzvtolrhxUwHwYDVR0jBBgwFoAUXKqYLAMXkyYzLWt3CljoeVy4
RZ8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc4OTY3LzRBQTQ0MkY0NzhEOTExRUE5QTgwOTU1Q0Y4QUVBMjI4L1hLcVlM
QU1Ya3lZekxXdDNDbGpvZVZ5NFJaOC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1hLcVlMQU1Ya3lZekxXdDNDbGpvZVZ5NFJaOC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc4OTY3LzRBQTQ0MkY0NzhEOTExRUE5QTgwOTU1Q0Y4
QUVBMjI4Lzk0QThEMzYyRTc3ODExRUU5MTAwQ0ZDODc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm2bgwDQYJKoZIhvcNAQEL
BQADggEBAKk8uZk/1e0oorrEceUdSB9I/tzKu9NCCGkqTvqKIq25yRC6JJANPuea
YP8qqngoAd1kXMf/b5MSIOlUfLctok+xtqSJ7wv/IbEXzLN9/sUu5oCpGraCmO1z
ELj9UE9iGGOrZJK89gPLXuYNb2NtWFyS+6qUCIM1/XABLRkaxA3PZnpGkIRV2CY0
SDmLMxrxKIaRXkQRPzwccNIkayZ1OGueZnRe9xiwaeqrBBnIcm7pmZLZ/e9sCoJD
pPPUmy9BUAWe0P9DWGUj6ulpEU7Yx7KC9rzQuCxf1C42KUcyExNmKjHaJ5FdTH7b
nKZNVhWGWpi7wcQWWR6D3I6ErfSYx/s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org