Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367E135/F6E812582FAA11EE8D6095614AD9E6FC/F31846983A8111EE9706FF3B4AD9E6FC.roa
File:                     F31846983A8111EE9706FF3B4AD9E6FC.roa (raw, json)
Hash identifier:          mPrWONBGBaUvUBb/b7GHTIJknu4XYbHkEHVp7viyvrs=
Subject key identifier:   8F:5C:66:A2:C0:8C:3E:D7:A9:22:C6:70:A4:86:FA:4A:8F:82:75:9D
Certificate issuer:       /CN=F367E135AF/serialNumber=34E837F9C42B4E64D0274E86B7DA0C928931630F
Certificate serial:       17
Authority key identifier: 34:E8:37:F9:C4:2B:4E:64:D0:27:4E:86:B7:DA:0C:92:89:31:63:0F
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/NOg3-cQrTmTQJ06Gt9oMkokxYw8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367E135/F6E812582FAA11EE8D6095614AD9E6FC/F31846983A8111EE9706FF3B4AD9E6FC.roa
Signing time:             Mon 14 Aug 2023 09:07:10 +0000
ROA not before:           Mon 14 Aug 2023 09:07:06 +0000
ROA not after:            Wed 31 Aug 2033 09:07:06 +0000
asID:                     37645
IP address blocks:        102.212.216.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367E135/F6E812582FAA11EE8D6095614AD9E6FC/NOg3-cQrTmTQJ06Gt9oMkokxYw8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367E135/F6E812582FAA11EE8D6095614AD9E6FC/NOg3-cQrTmTQJ06Gt9oMkokxYw8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/NOg3-cQrTmTQJ06Gt9oMkokxYw8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23 (0x17)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367E135AF/serialNumber=34E837F9C42B4E64D0274E86B7DA0C928931630F
        Validity
            Not Before: Aug 14 09:07:06 2023 GMT
            Not After : Aug 31 09:07:06 2033 GMT
        Subject: CN=64d9eebe-f5b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:41:1c:a3:54:2c:a5:e2:fb:8b:08:df:cd:d9:
                    8e:45:c8:9a:3b:9c:79:ea:b6:22:f8:9a:69:21:4b:
                    9e:70:64:19:e2:1d:1e:4a:84:a8:b4:d4:20:b0:d5:
                    b9:91:d8:5e:0f:e7:09:84:bd:5c:12:f3:95:7b:dc:
                    25:08:ac:e5:cc:a1:54:a8:ee:42:ea:44:49:4b:26:
                    37:c1:44:d2:53:63:ba:a1:fc:77:6a:d2:a9:3b:23:
                    81:77:89:9a:7e:51:28:74:e6:ab:f2:4f:23:59:2c:
                    19:6a:5b:38:ea:76:04:b3:2e:90:bd:fd:68:a9:28:
                    3d:8c:d1:ff:fb:bf:b0:af:a7:2b:17:14:43:09:be:
                    9c:bb:44:ed:3f:af:72:26:69:5e:f4:19:a2:71:b1:
                    dc:b9:33:2d:5f:17:87:0b:a4:c2:86:02:be:a2:8c:
                    54:84:09:61:eb:18:21:5d:9d:8e:c7:03:4a:35:ca:
                    1c:5b:4f:0b:85:cf:79:6d:db:60:e2:5d:82:8a:23:
                    3b:b3:a6:bd:09:6a:58:01:d0:aa:f5:85:5e:e7:c2:
                    e8:ce:5b:ba:5c:38:2a:85:4b:0f:19:6c:0b:5c:64:
                    41:cf:21:f0:b7:c5:d5:6a:3f:5a:5b:71:da:01:77:
                    ba:69:9d:51:16:0c:04:8e:b6:44:c1:bb:57:dc:09:
                    81:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:5C:66:A2:C0:8C:3E:D7:A9:22:C6:70:A4:86:FA:4A:8F:82:75:9D
            X509v3 Authority Key Identifier:
                keyid:34:E8:37:F9:C4:2B:4E:64:D0:27:4E:86:B7:DA:0C:92:89:31:63:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367E135/F6E812582FAA11EE8D6095614AD9E6FC/NOg3-cQrTmTQJ06Gt9oMkokxYw8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NOg3-cQrTmTQJ06Gt9oMkokxYw8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367E135/F6E812582FAA11EE8D6095614AD9E6FC/F31846983A8111EE9706FF3B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.212.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         23:e7:9b:44:5f:5f:fa:90:b7:69:72:73:10:26:91:5a:ec:f4:
         07:d3:fc:ce:01:83:4e:a8:a3:8a:45:59:27:67:6c:4d:d7:a0:
         d0:d6:76:8b:a0:ba:f5:6a:ea:25:56:ef:dd:c6:a7:36:0a:33:
         a3:04:22:a3:b6:0b:1c:e8:bb:ae:cb:87:f3:37:bb:51:b1:8f:
         e1:46:e2:29:0c:27:0d:df:4d:5f:e0:cb:04:41:a5:57:f8:c4:
         73:92:d2:14:91:0c:a0:7d:2b:f4:dd:f5:2b:da:b7:41:6b:fb:
         87:6e:37:38:e0:3c:49:c9:6f:7a:f4:ce:82:29:42:ce:30:00:
         be:eb:b9:9f:78:da:7a:08:5d:6e:10:a6:c7:d6:93:4d:8f:c1:
         5a:bc:89:6a:a4:dc:50:9b:63:9d:5b:ed:1d:c8:6f:3b:45:77:
         52:50:49:90:51:a5:f9:3b:2f:d4:b4:5f:89:0e:75:a1:da:bf:
         68:c5:a3:65:1f:ae:4d:22:dd:b4:a7:e3:27:45:8d:53:aa:eb:
         db:76:12:29:24:ba:0d:1d:6d:5c:c9:2a:79:1a:04:75:63:56:
         5d:19:f7:46:1b:48:11:2d:52:66:db:23:8c:1f:e2:ef:32:30:
         08:0e:9d:c7:e6:2f:94:ee:71:fd:7d:39:c6:17:ce:3c:10:6e:
         be:bc:c0:a1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
RTEzNUFGMTEwLwYDVQQFEygzNEU4MzdGOUM0MkI0RTY0RDAyNzRFODZCN0RBMEM5
Mjg5MzE2MzBGMB4XDTIzMDgxNDA5MDcwNloXDTMzMDgzMTA5MDcwNlowGDEWMBQG
A1UEAxMNNjRkOWVlYmUtZjViOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1BHKNULKXi+4sI383ZjkXImjuceeq2IviaaSFLnnBkGeIdHkqEqLTUILDV
uZHYXg/nCYS9XBLzlXvcJQis5cyhVKjuQupESUsmN8FE0lNjuqH8d2rSqTsjgXeJ
mn5RKHTmq/JPI1ksGWpbOOp2BLMukL39aKkoPYzR//u/sK+nKxcUQwm+nLtE7T+v
ciZpXvQZonGx3LkzLV8XhwukwoYCvqKMVIQJYesYIV2djscDSjXKHFtPC4XPeW3b
YOJdgoojO7OmvQlqWAHQqvWFXufC6M5bulw4KoVLDxlsC1xkQc8h8LfF1Wo/Wltx
2gF3ummdURYMBI62RMG7V9wJgRsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSPXGai
wIw+16kixnCkhvpKj4J1nTAfBgNVHSMEGDAWgBQ06Df5xCtOZNAnToa32gySiTFj
DzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0UxMzUvRjZFODEyNTgyRkFBMTFFRThENjA5NTYxNEFEOUU2RkMvTk9nMy1j
UXJUbVRRSjA2R3Q5b01rb2t4WXc4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTk9nMy1jUXJUbVRRSjA2R3Q5b01rb2t4WXc4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0UxMzUvRjZFODEyNTgyRkFBMTFFRThENjA5NTYxNEFE
OUU2RkMvRjMxODQ2OTgzQTgxMTFFRTk3MDZGRjNCNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbU2DANBgkqhkiG9w0BAQsF
AAOCAQEAI+ebRF9f+pC3aXJzECaRWuz0B9P8zgGDTqijikVZJ2dsTdeg0NZ2i6C6
9WrqJVbv3canNgozowQio7YLHOi7rsuH8ze7UbGP4UbiKQwnDd9NX+DLBEGlV/jE
c5LSFJEMoH0r9N31K9q3QWv7h243OOA8SclvevTOgilCzjAAvuu5n3jaeghdbhCm
x9aTTY/BWryJaqTcUJtjnVvtHchvO0V3UlBJkFGl+Tsv1LRfiQ51odq/aMWjZR+u
TSLdtKfjJ0WNU6rr23YSKSS6DR1tXMkqeRoEdWNWXRn3RhtIES1SZtsjjB/i7zIw
CA6dx+YvlO5x/X05xhfOPBBuvrzAoQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:05 2024 by rpki-client on console-ams.rpki-client.org