Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367E4D9/B9860BFCC4D011EE85F73263775412E6/B8E765D0C4D311EEBA5AF067775412E6.roa
File:                     B8E765D0C4D311EEBA5AF067775412E6.roa (raw, json)
Hash identifier:          b0IzaXHkBIGfBIdqoNnOyRPJUQsYRBOGUhp6wp/+Nvw=
Subject key identifier:   23:43:A5:07:0D:71:1E:A0:A3:D4:58:96:04:80:03:4D:E6:25:B3:F7
Certificate issuer:       /CN=F367E4D9AF/serialNumber=AAC55D1234D3B7F6EA7638184092117239917262
Certificate serial:       02
Authority key identifier: AA:C5:5D:12:34:D3:B7:F6:EA:76:38:18:40:92:11:72:39:91:72:62
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/qsVdEjTTt_bqdjgYQJIRcjmRcmI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367E4D9/B9860BFCC4D011EE85F73263775412E6/B8E765D0C4D311EEBA5AF067775412E6.roa
Signing time:             Tue 06 Feb 2024 09:40:12 +0000
ROA not before:           Tue 06 Feb 2024 09:40:08 +0000
ROA not after:            Wed 06 Feb 2030 09:40:08 +0000
asID:                     328918
IP address blocks:        102.218.200.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367E4D9/B9860BFCC4D011EE85F73263775412E6/qsVdEjTTt_bqdjgYQJIRcjmRcmI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367E4D9/B9860BFCC4D011EE85F73263775412E6/qsVdEjTTt_bqdjgYQJIRcjmRcmI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/qsVdEjTTt_bqdjgYQJIRcjmRcmI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367E4D9AF/serialNumber=AAC55D1234D3B7F6EA7638184092117239917262
        Validity
            Not Before: Feb  6 09:40:08 2024 GMT
            Not After : Feb  6 09:40:08 2030 GMT
        Subject: CN=65c1fe7b-cee6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:c1:8a:64:b1:b9:9f:45:e3:b2:c6:04:7b:7a:
                    21:78:8c:95:ac:be:bf:a6:37:bf:5a:47:7c:06:8d:
                    92:49:6b:72:6e:28:c4:49:a5:ee:30:a5:55:19:fe:
                    53:52:24:cd:af:89:73:be:40:5c:f4:86:06:ee:48:
                    5a:c9:fb:51:26:92:0f:8d:9f:40:c7:2a:3c:3c:2f:
                    c1:26:6b:23:54:61:62:53:03:49:9d:a3:51:e3:6d:
                    3c:a0:af:90:57:be:bc:23:24:fe:00:2f:cc:dc:a2:
                    aa:27:ff:a3:fd:3e:25:b4:1e:df:43:66:22:ba:cd:
                    a7:f4:06:db:43:a4:12:8e:4b:d8:3c:68:cf:43:c3:
                    6b:00:ad:d1:55:27:73:f2:01:ff:02:3a:d2:a8:b4:
                    8e:f6:7f:3a:fb:45:4e:e4:5a:6b:73:63:33:1f:b1:
                    f1:fa:69:f6:c3:b0:cd:b8:52:3c:22:65:0d:83:73:
                    79:7f:0d:91:90:27:5c:c7:5d:91:3f:fd:8f:b7:ce:
                    ff:b6:23:2b:68:f1:74:63:96:5f:dc:91:45:ff:02:
                    ad:5d:d1:62:ec:70:67:f2:33:7d:99:14:5e:7d:c1:
                    4d:42:10:b7:15:0f:62:0f:ca:d7:d2:3c:cf:21:d8:
                    ac:a7:89:d6:bf:2e:b9:91:cf:da:70:ad:c9:bc:21:
                    87:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:43:A5:07:0D:71:1E:A0:A3:D4:58:96:04:80:03:4D:E6:25:B3:F7
            X509v3 Authority Key Identifier:
                keyid:AA:C5:5D:12:34:D3:B7:F6:EA:76:38:18:40:92:11:72:39:91:72:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367E4D9/B9860BFCC4D011EE85F73263775412E6/qsVdEjTTt_bqdjgYQJIRcjmRcmI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qsVdEjTTt_bqdjgYQJIRcjmRcmI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367E4D9/B9860BFCC4D011EE85F73263775412E6/B8E765D0C4D311EEBA5AF067775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.218.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         06:b0:42:8f:c7:18:20:1c:d7:d2:95:74:6d:95:dd:71:1b:11:
         1d:c2:7a:80:d1:53:69:6f:21:2d:40:45:99:8e:00:aa:82:6f:
         99:2a:0f:43:69:6c:b5:b3:ff:21:5b:ba:35:4d:5c:c2:cc:3d:
         6f:96:9d:03:35:69:6c:ab:49:55:5d:04:1a:54:3c:f1:f1:98:
         a7:85:83:d1:2c:13:3b:cb:62:5e:46:e8:4b:e7:e5:f7:4f:d3:
         0d:43:86:27:0f:8f:de:1c:fc:c3:a9:ba:d7:32:1e:ff:fe:03:
         fe:64:48:7e:bd:ec:11:31:0f:cf:8b:91:1c:34:f1:84:46:3f:
         cb:a0:36:c7:76:26:19:d8:af:cc:e3:61:fd:b1:62:f0:aa:c1:
         4d:a2:10:7f:59:35:7a:5b:b9:90:63:bc:f7:c2:8c:35:2b:15:
         76:90:13:95:91:92:d0:58:2e:0a:b0:84:66:9b:3a:02:a9:9d:
         64:2f:8a:65:b0:6d:9a:b2:72:aa:25:b9:91:05:8a:84:c0:26:
         1b:4f:a0:ee:32:6f:de:4d:20:95:05:6d:51:72:ca:bb:10:95:
         62:72:27:4b:8b:d8:7a:e0:01:17:81:7a:cc:8f:97:31:b8:aa:
         e0:db:4f:b1:e7:51:24:3c:23:8d:06:a4:25:8b:b3:2a:ad:ac:
         5a:57:98:f1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
RTREOUFGMTEwLwYDVQQFEyhBQUM1NUQxMjM0RDNCN0Y2RUE3NjM4MTg0MDkyMTE3
MjM5OTE3MjYyMB4XDTI0MDIwNjA5NDAwOFoXDTMwMDIwNjA5NDAwOFowGDEWMBQG
A1UEAxMNNjVjMWZlN2ItY2VlNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/BimSxuZ9F47LGBHt6IXiMlay+v6Y3v1pHfAaNkklrcm4oxEml7jClVRn+
U1Ikza+Jc75AXPSGBu5IWsn7USaSD42fQMcqPDwvwSZrI1RhYlMDSZ2jUeNtPKCv
kFe+vCMk/gAvzNyiqif/o/0+JbQe30NmIrrNp/QG20OkEo5L2Dxoz0PDawCt0VUn
c/IB/wI60qi0jvZ/OvtFTuRaa3NjMx+x8fpp9sOwzbhSPCJlDYNzeX8NkZAnXMdd
kT/9j7fO/7YjK2jxdGOWX9yRRf8CrV3RYuxwZ/IzfZkUXn3BTUIQtxUPYg/K19I8
zyHYrKeJ1r8uuZHP2nCtybwhh9UCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQjQ6UH
DXEeoKPUWJYEgANN5iWz9zAfBgNVHSMEGDAWgBSqxV0SNNO39up2OBhAkhFyOZFy
YjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0U0RDkvQjk4NjBCRkNDNEQwMTFFRTg1RjczMjYzNzc1NDEyRTYvcXNWZEVq
VFR0X2JxZGpnWVFKSVJjam1SY21JLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcXNWZEVqVFR0X2JxZGpnWVFKSVJjam1SY21JLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0U0RDkvQjk4NjBCRkNDNEQwMTFFRTg1RjczMjYzNzc1
NDEyRTYvQjhFNzY1RDBDNEQzMTFFRUJBNUFGMDY3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbayDANBgkqhkiG9w0BAQsF
AAOCAQEABrBCj8cYIBzX0pV0bZXdcRsRHcJ6gNFTaW8hLUBFmY4AqoJvmSoPQ2ls
tbP/IVu6NU1cwsw9b5adAzVpbKtJVV0EGlQ88fGYp4WD0SwTO8tiXkboS+fl90/T
DUOGJw+P3hz8w6m61zIe//4D/mRIfr3sETEPz4uRHDTxhEY/y6A2x3YmGdivzONh
/bFi8KrBTaIQf1k1elu5kGO898KMNSsVdpATlZGS0FguCrCEZps6AqmdZC+KZbBt
mrJyqiW5kQWKhMAmG0+g7jJv3k0glQVtUXLKuxCVYnInS4vYeuABF4F6zI+XMbiq
4NtPsedRJDwjjQakJYuzKq2sWleY8Q==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:28 2024 by rpki-client on console-fra.rpki-client.org