Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/B33457F859DA11EC856F77BD5A40D577.roa
File:                     B33457F859DA11EC856F77BD5A40D577.roa (raw, json)
Hash identifier:          agjY6LUdCjwnZ2M4yw1LKIU5MO1B5MHNkAfCnRIca5I=
Subject key identifier:   6A:75:59:C8:02:A1:9A:F4:03:A0:03:39:60:29:C8:A4:9F:60:D0:BF
Certificate issuer:       /CN=F3680C14AF/serialNumber=BCDFF0C9D28F1AB45062F493BB3566CAC142646D
Certificate serial:       07C8
Authority key identifier: BC:DF:F0:C9:D2:8F:1A:B4:50:62:F4:93:BB:35:66:CA:C1:42:64:6D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/B33457F859DA11EC856F77BD5A40D577.roa
Signing time:             Fri 10 Dec 2021 17:00:39 +0000
ROA not before:           Fri 10 Dec 2021 17:00:34 +0000
ROA not after:            Fri 31 Dec 2032 17:00:34 +0000
asID:                     327966
IP address blocks:        102.217.160.0/22 maxlen: 24
                          197.159.88.0/21 maxlen: 24
                          2c0f:f588::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1992 (0x7c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3680C14AF/serialNumber=BCDFF0C9D28F1AB45062F493BB3566CAC142646D
        Validity
            Not Before: Dec 10 17:00:34 2021 GMT
            Not After : Dec 31 17:00:34 2032 GMT
        Subject: CN=61b387b7-fec2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:08:48:d9:7b:ba:2b:43:9e:d1:ad:38:65:29:
                    15:85:05:c7:6a:53:f1:0f:50:38:7b:26:8c:61:54:
                    c0:e0:f7:d7:4e:3b:ab:6e:9e:56:34:69:99:a6:9a:
                    2c:e0:97:cc:80:c7:04:85:22:2b:63:0a:e1:e4:57:
                    dd:86:9a:a4:62:cf:07:ae:3a:ab:c3:19:5b:94:91:
                    8a:6e:c1:fe:c6:44:96:97:46:61:e7:21:0e:aa:ba:
                    f3:e2:65:32:2d:f5:da:94:e7:7c:99:09:d0:47:5f:
                    26:33:86:b5:7f:14:e7:16:2c:7f:c2:67:ca:db:32:
                    c6:52:8f:0a:9d:e8:4f:ae:64:8e:1d:29:34:c6:e0:
                    c0:49:c3:55:33:92:df:1d:2a:b0:78:b2:b9:6c:f5:
                    63:ff:ac:c4:dc:2d:f1:56:a6:bd:cc:c8:ad:b2:f7:
                    cb:72:83:c9:f9:18:b1:25:b2:34:89:eb:3a:06:7e:
                    b5:9a:c9:3c:03:6d:55:09:55:7b:af:9f:dd:28:41:
                    14:38:b0:f5:0d:45:c6:a8:46:81:2d:f7:08:fa:e5:
                    77:11:32:b1:42:15:a1:70:94:35:47:6b:a4:bf:64:
                    4d:a4:35:25:00:6f:6e:11:6b:5a:ce:d1:9f:b9:6b:
                    3e:f9:1c:1c:94:de:14:97:4d:8e:95:68:e8:c0:50:
                    fd:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:75:59:C8:02:A1:9A:F4:03:A0:03:39:60:29:C8:A4:9F:60:D0:BF
            X509v3 Authority Key Identifier:
                keyid:BC:DF:F0:C9:D2:8F:1A:B4:50:62:F4:93:BB:35:66:CA:C1:42:64:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/vN_wydKPGrRQYvSTuzVmysFCZG0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vN_wydKPGrRQYvSTuzVmysFCZG0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3680C14/64AB2F2A5AE011E69FCD5032F8AEA228/B33457F859DA11EC856F77BD5A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.160.0/22
                  197.159.88.0/21
                IPv6:
                  2c0f:f588::/32

    Signature Algorithm: sha256WithRSAEncryption
         60:af:89:99:55:b1:c7:68:73:13:eb:a7:b0:2f:fd:a4:4e:06:
         db:dd:b7:2e:3e:a3:32:a7:05:d2:a9:32:84:1b:05:bb:db:bf:
         da:d0:e9:44:b6:bb:c3:d8:da:f1:79:9f:0d:23:ed:85:b1:47:
         5a:cc:6e:19:65:81:fe:c7:d8:a6:bd:39:37:00:7c:c6:ce:d1:
         e4:bf:77:52:c8:99:bd:6c:63:14:26:09:15:86:d4:7f:ad:44:
         3f:a7:d0:2f:f7:4b:53:7d:87:bb:2b:4e:80:c7:a3:20:c7:4a:
         31:1c:e8:e9:46:93:07:91:53:97:4d:8e:6c:b2:65:2d:32:ee:
         22:2b:cd:d2:5a:dc:34:66:2c:51:66:cd:b3:a9:fc:f8:86:df:
         c5:9f:bb:d0:66:9f:49:33:a4:ec:d9:b1:db:91:2b:6d:3f:96:
         8f:76:71:40:91:0b:e6:97:36:b1:d2:5a:8a:74:f5:d1:92:c3:
         d6:2f:be:c4:e8:c7:ee:2d:20:e9:10:8f:4a:5f:b4:3e:df:13:
         ef:cb:b5:ae:fb:40:b0:01:bb:21:c7:fe:49:b6:ed:b6:20:c5:
         29:6b:25:d6:b1:34:4e:2e:59:dc:6b:23:a6:36:c3:9b:95:7c:
         94:ac:b9:68:a6:47:fd:33:f0:a8:fa:0b:28:3d:ee:ec:e4:cf:
         d6:19:c7:bd
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICB8gwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODBDMTRBRjExMC8GA1UEBRMoQkNERkYwQzlEMjhGMUFCNDUwNjJGNDkzQkIzNTY2
Q0FDMTQyNjQ2RDAeFw0yMTEyMTAxNzAwMzRaFw0zMjEyMzExNzAwMzRaMBgxFjAU
BgNVBAMMDTYxYjM4N2I3LWZlYzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4CEjZe7orQ57RrThlKRWFBcdqU/EPUDh7JoxhVMDg99dOO6tunlY0aZmm
mizgl8yAxwSFIitjCuHkV92GmqRizweuOqvDGVuUkYpuwf7GRJaXRmHnIQ6quvPi
ZTIt9dqU53yZCdBHXyYzhrV/FOcWLH/CZ8rbMsZSjwqd6E+uZI4dKTTG4MBJw1Uz
kt8dKrB4srls9WP/rMTcLfFWpr3MyK2y98tyg8n5GLElsjSJ6zoGfrWayTwDbVUJ
VXuvn90oQRQ4sPUNRcaoRoEt9wj65XcRMrFCFaFwlDVHa6S/ZE2kNSUAb24Ra1rO
0Z+5az75HByU3hSXTY6VaOjAUP1LAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUanVZ
yAKhmvQDoAM5YCnIpJ9g0L8wHwYDVR0jBBgwFoAUvN/wydKPGrRQYvSTuzVmysFC
ZG0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgwQzE0LzY0QUIyRjJBNUFFMDExRTY5RkNENTAzMkY4QUVBMjI4L3ZOX3d5
ZEtQR3JSUVl2U1R1elZteXNGQ1pHMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3ZOX3d5ZEtQR3JSUVl2U1R1elZteXNGQ1pHMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgwQzE0LzY0QUIyRjJBNUFFMDExRTY5RkNENTAzMkY4
QUVBMjI4L0IzMzQ1N0Y4NTlEQTExRUM4NTZGNzdCRDVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJm2aADBAPFn1gwDQQCAAIw
BwMFACwP9YgwDQYJKoZIhvcNAQELBQADggEBAGCviZlVscdocxPrp7Av/aROBtvd
ty4+ozKnBdKpMoQbBbvbv9rQ6US2u8PY2vF5nw0j7YWxR1rMbhllgf7H2Ka9OTcA
fMbO0eS/d1LImb1sYxQmCRWG1H+tRD+n0C/3S1N9h7srToDHoyDHSjEc6OlGkweR
U5dNjmyyZS0y7iIrzdJa3DRmLFFmzbOp/PiG38Wfu9Bmn0kzpOzZsduRK20/lo92
cUCRC+aXNrHSWop09dGSw9YvvsTox+4tIOkQj0pftD7fE+/Lta77QLABuyHH/km2
7bYgxSlrJdaxNE4uWdxrI6Y2w5uVfJSsuWimR/0z8Kj6Cyg97uzkz9YZx70=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org