Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/B302C860325311EF8EF04166762E951A.roa
File:                     B302C860325311EF8EF04166762E951A.roa (raw, json)
Hash identifier:          PaTtuEHFKauPFcvBG7F1Vb+HR7eUcOBrKqbBlq0OM3o=
Subject key identifier:   10:E3:46:30:C9:8E:18:E9:E6:F0:79:17:D2:E0:CC:59:29:B9:32:42
Certificate issuer:       /CN=F367BA6AAF/serialNumber=4F48E7EA30C989B15D363937763553A07E16CD8E
Certificate serial:       6F
Authority key identifier: 4F:48:E7:EA:30:C9:89:B1:5D:36:39:37:76:35:53:A0:7E:16:CD:8E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/B302C860325311EF8EF04166762E951A.roa
Signing time:             Mon 24 Jun 2024 18:00:54 +0000
ROA not before:           Mon 24 Jun 2024 18:00:50 +0000
ROA not after:            Tue 20 Jun 2034 18:00:50 +0000
asID:                     328866
IP address blocks:        41.92.184.0/22 maxlen: 30

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 111 (0x6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367BA6AAF/serialNumber=4F48E7EA30C989B15D363937763553A07E16CD8E
        Validity
            Not Before: Jun 24 18:00:50 2024 GMT
            Not After : Jun 20 18:00:50 2034 GMT
        Subject: CN=6679b456-68fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:d1:b8:6d:e0:13:e3:8e:64:1c:e3:b8:a0:1d:
                    ad:c4:71:80:bc:f1:c1:cc:4a:72:bb:72:52:5c:33:
                    40:ff:e7:5a:c6:a5:33:94:e5:a9:5b:6f:46:2b:f6:
                    8e:2e:16:c5:ad:10:69:a2:ef:a2:3d:91:20:d9:8d:
                    ad:11:d0:88:9f:d0:42:1d:ff:c8:53:e7:97:f3:56:
                    aa:a1:fc:ee:ea:fe:4a:57:d3:fa:79:8e:66:b2:ce:
                    ab:22:cc:62:83:cc:59:70:78:83:0f:0f:a0:5a:c5:
                    39:6b:49:9a:11:8d:55:07:9d:90:53:84:5b:34:27:
                    36:f3:00:84:ee:13:10:7c:64:1c:c7:41:dd:e7:5f:
                    da:6a:12:20:f3:00:32:cb:87:eb:d1:67:8b:ce:9d:
                    1a:03:ba:fa:5e:4a:0f:08:12:41:9f:a2:5c:aa:56:
                    64:a8:b3:e4:98:e7:30:7e:50:15:5c:ba:44:92:a3:
                    b6:eb:f4:f3:df:8e:1c:10:85:6d:8d:9f:13:87:ff:
                    38:3c:d8:97:04:c3:fa:d0:9e:58:a9:08:a2:e3:2d:
                    f2:3c:c0:9b:10:63:73:c5:5e:ae:2a:b1:95:8e:26:
                    2f:95:9c:b1:cf:07:97:13:ea:af:fe:31:03:28:db:
                    84:04:39:9a:73:37:82:7f:35:d4:b5:70:19:05:8d:
                    56:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:E3:46:30:C9:8E:18:E9:E6:F0:79:17:D2:E0:CC:59:29:B9:32:42
            X509v3 Authority Key Identifier:
                keyid:4F:48:E7:EA:30:C9:89:B1:5D:36:39:37:76:35:53:A0:7E:16:CD:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/B302C860325311EF8EF04166762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.92.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         00:da:72:66:e5:95:5f:b2:2c:31:22:15:30:ef:a6:c8:83:1f:
         72:8a:50:38:e1:98:74:72:f8:54:6e:8f:ae:01:f5:b8:c0:34:
         52:d7:28:ba:12:43:a6:0e:16:4f:0c:14:78:c3:61:4c:7e:eb:
         c1:b1:5e:ce:04:35:3c:a5:e8:7d:5c:da:be:c6:95:58:3f:51:
         91:09:21:fc:79:85:c0:aa:c6:03:86:37:f3:c8:21:b1:87:e6:
         28:71:64:18:5b:6a:b4:48:2f:cd:91:d9:65:5f:45:ae:dd:f1:
         24:50:b1:3e:20:8f:0a:f6:fb:78:6f:ff:e5:74:2d:e0:c4:65:
         a1:45:9c:8e:2a:46:ed:e0:11:87:3e:51:7d:3d:23:b6:11:17:
         f5:27:43:2c:3f:9a:10:49:45:3d:30:c9:b5:52:8a:2e:ca:83:
         c5:3f:9e:fc:c8:44:5a:ce:f0:a4:94:2d:85:58:d4:42:76:dd:
         c9:1f:0f:07:bc:a2:5e:94:1b:2a:a8:ab:e2:6e:68:38:ac:f6:
         81:5f:2d:51:bb:99:bc:3f:9e:80:07:9b:75:53:dd:32:cc:3c:
         04:96:ee:ba:88:dc:f6:1c:86:98:3d:7a:fb:df:b9:2d:31:91:
         d4:5a:52:63:d6:cc:f0:fa:b7:87:dd:5f:da:65:a1:e0:bd:a7:
         2a:75:a8:ae
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBbzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QkE2QUFGMTEwLwYDVQQFEyg0RjQ4RTdFQTMwQzk4OUIxNUQzNjM5Mzc3NjM1NTNB
MDdFMTZDRDhFMB4XDTI0MDYyNDE4MDA1MFoXDTM0MDYyMDE4MDA1MFowGDEWMBQG
A1UEAxMNNjY3OWI0NTYtNjhmYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAObRuG3gE+OOZBzjuKAdrcRxgLzxwcxKcrtyUlwzQP/nWsalM5TlqVtvRiv2
ji4Wxa0QaaLvoj2RINmNrRHQiJ/QQh3/yFPnl/NWqqH87ur+SlfT+nmOZrLOqyLM
YoPMWXB4gw8PoFrFOWtJmhGNVQedkFOEWzQnNvMAhO4TEHxkHMdB3edf2moSIPMA
MsuH69Fni86dGgO6+l5KDwgSQZ+iXKpWZKiz5JjnMH5QFVy6RJKjtuv089+OHBCF
bY2fE4f/ODzYlwTD+tCeWKkIouMt8jzAmxBjc8VeriqxlY4mL5Wcsc8HlxPqr/4x
AyjbhAQ5mnM3gn811LVwGQWNVoMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQQ40Yw
yY4Y6ebweRfS4MxZKbkyQjAfBgNVHSMEGDAWgBRPSOfqMMmJsV02OTd2NVOgfhbN
jjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0JBNkEvMEY0QTM3RjRFQ0Q5MTFFRTlGNzMyQzY3Nzc1NDEyRTYvVDBqbjZq
REppYkZkTmprM2RqVlRvSDRXelk0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVDBqbjZqREppYkZkTmprM2RqVlRvSDRXelk0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0JBNkEvMEY0QTM3RjRFQ0Q5MTFFRTlGNzMyQzY3Nzc1
NDEyRTYvQjMwMkM4NjAzMjUzMTFFRjhFRjA0MTY2NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAilcuDANBgkqhkiG9w0BAQsF
AAOCAQEAANpyZuWVX7IsMSIVMO+myIMfcopQOOGYdHL4VG6PrgH1uMA0UtcouhJD
pg4WTwwUeMNhTH7rwbFezgQ1PKXofVzavsaVWD9RkQkh/HmFwKrGA4Y388ghsYfm
KHFkGFtqtEgvzZHZZV9Frt3xJFCxPiCPCvb7eG//5XQt4MRloUWcjipG7eARhz5R
fT0jthEX9SdDLD+aEElFPTDJtVKKLsqDxT+e/MhEWs7wpJQthVjUQnbdyR8PB7yi
XpQbKqir4m5oOKz2gV8tUbuZvD+egAebdVPdMsw8BJbuuojc9hyGmD16+9+5LTGR
1FpSY9bM8Pq3h91f2mWh4L2nKnWorg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org