Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/099418A8CA8711EEB3784063775412E6.roa
File:                     099418A8CA8711EEB3784063775412E6.roa (raw, json)
Hash identifier:          36b6WBZS+Uld6MESvxcjCMQmdtKFqH5j0uvmoJeMjbE=
Subject key identifier:   E9:A7:CB:85:E9:85:26:C6:83:FF:65:D4:50:84:21:A4:6F:75:F4:F8
Certificate issuer:       /CN=F3683E8BAF/serialNumber=82FB7E31CDC3C99EE8EC8C6F0118E3BD8B945154
Certificate serial:       05
Authority key identifier: 82:FB:7E:31:CD:C3:C9:9E:E8:EC:8C:6F:01:18:E3:BD:8B:94:51:54
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/099418A8CA8711EEB3784063775412E6.roa
Signing time:             Tue 13 Feb 2024 15:46:23 +0000
ROA not before:           Tue 13 Feb 2024 15:46:19 +0000
ROA not after:            Thu 13 Feb 2025 15:46:19 +0000
asID:                     328825
IP address blocks:        102.220.96.0/22 maxlen: 32
                          2c0f:6200::/32 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3683E8BAF/serialNumber=82FB7E31CDC3C99EE8EC8C6F0118E3BD8B945154
        Validity
            Not Before: Feb 13 15:46:19 2024 GMT
            Not After : Feb 13 15:46:19 2025 GMT
        Subject: CN=65cb8ece-3bd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:91:40:e2:05:af:c7:40:83:ce:a3:c3:72:9f:
                    3c:95:d7:fb:bb:69:f9:51:ae:b8:fd:70:99:d8:c8:
                    e2:11:2a:27:03:f8:27:8e:5f:4e:f8:8a:d5:da:13:
                    13:4c:16:d4:a1:c2:6a:65:b7:99:8e:6c:a6:96:6e:
                    07:b3:5a:4c:8b:c0:d0:b3:50:33:d8:ff:5c:2f:e3:
                    58:6c:b7:06:cd:d7:72:fb:3b:77:ab:9b:52:a7:e7:
                    1f:14:86:5e:c1:71:f9:b8:a6:db:35:c6:aa:3e:7d:
                    2b:24:61:70:63:31:b2:46:8d:b2:88:bb:68:f2:a6:
                    98:65:92:f1:76:c8:a8:e3:f0:b3:30:b4:d9:ef:c2:
                    f3:68:6f:fb:fc:c6:9b:86:b4:8d:72:c2:2a:f2:c9:
                    7c:10:78:3e:56:49:80:27:a1:13:cd:22:b9:c0:fa:
                    8c:8b:38:74:f0:a1:6a:e7:94:1f:bc:42:e7:42:db:
                    2c:7e:eb:4b:6a:cb:f9:a5:1f:7c:b2:08:36:a3:34:
                    b7:3f:39:24:5b:af:d4:ef:bf:e0:e7:b1:54:2f:e8:
                    af:b3:77:f3:28:5c:26:fa:e3:2d:2f:e0:6b:a6:24:
                    c0:8d:ea:48:46:80:a4:49:37:f1:e9:07:6d:da:b1:
                    35:d5:48:0b:2a:f4:96:26:5c:89:00:7b:e9:eb:06:
                    d8:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:A7:CB:85:E9:85:26:C6:83:FF:65:D4:50:84:21:A4:6F:75:F4:F8
            X509v3 Authority Key Identifier:
                keyid:82:FB:7E:31:CD:C3:C9:9E:E8:EC:8C:6F:01:18:E3:BD:8B:94:51:54

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/099418A8CA8711EEB3784063775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.96.0/22
                IPv6:
                  2c0f:6200::/32

    Signature Algorithm: sha256WithRSAEncryption
         33:44:e3:ce:1f:2d:5a:11:e0:e2:27:f2:df:7d:48:58:b7:23:
         2b:58:80:12:ca:b7:af:b2:99:fd:5a:83:8e:d6:91:8e:03:a1:
         3e:da:01:67:35:ba:38:bf:67:7a:21:e9:10:1b:e5:45:56:13:
         8c:fb:a0:62:c9:5a:f4:ff:e0:54:cb:19:4c:de:db:8b:b8:50:
         3e:5f:63:b4:43:d4:53:cd:1f:39:7b:ed:99:d5:3f:9b:17:52:
         09:c0:de:32:4b:16:ed:65:f5:8f:44:b1:41:45:84:6e:e0:a4:
         b6:05:a0:7b:5a:de:71:05:a3:c0:ea:0e:77:d9:2c:83:87:ab:
         dd:80:31:60:b0:0f:c0:4a:da:39:f3:ad:d9:60:88:81:ad:24:
         ec:fd:ea:9b:20:02:1f:bd:ee:36:9d:0c:9c:ee:1e:9c:fb:2a:
         bb:8e:1b:e1:38:1c:33:e8:20:a1:66:31:0e:1f:d6:41:67:0c:
         48:33:f7:ab:5e:38:4a:47:96:72:2f:3c:86:e4:e6:6a:22:d3:
         28:9f:15:ce:fd:64:31:32:73:9c:09:03:07:e8:c4:4a:c9:21:
         f5:a8:12:c8:97:1a:f2:aa:a8:ba:f4:3d:65:89:9f:ab:92:1c:
         2d:6e:95:a8:a1:88:94:d1:59:f8:71:b2:98:50:d9:3b:9c:3b:
         83:ff:c0:97
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
M0U4QkFGMTEwLwYDVQQFEyg4MkZCN0UzMUNEQzNDOTlFRThFQzhDNkYwMTE4RTNC
RDhCOTQ1MTU0MB4XDTI0MDIxMzE1NDYxOVoXDTI1MDIxMzE1NDYxOVowGDEWMBQG
A1UEAxMNNjVjYjhlY2UtM2JkMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWRQOIFr8dAg86jw3KfPJXX+7tp+VGuuP1wmdjI4hEqJwP4J45fTviK1doT
E0wW1KHCamW3mY5sppZuB7NaTIvA0LNQM9j/XC/jWGy3Bs3Xcvs7d6ubUqfnHxSG
XsFx+bim2zXGqj59KyRhcGMxskaNsoi7aPKmmGWS8XbIqOPwszC02e/C82hv+/zG
m4a0jXLCKvLJfBB4PlZJgCehE80iucD6jIs4dPChaueUH7xC50LbLH7rS2rL+aUf
fLIINqM0tz85JFuv1O+/4OexVC/or7N38yhcJvrjLS/ga6YkwI3qSEaApEk38ekH
bdqxNdVICyr0liZciQB76esG2LkCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTpp8uF
6YUmxoP/ZdRQhCGkb3X0+DAfBgNVHSMEGDAWgBSC+34xzcPJnujsjG8BGOO9i5RR
VDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODNFOEIvOUFGM0JGRDZDQTdGMTFFRThBQjMxOTU4Nzc1NDEyRTYvZ3Z0LU1j
M0R5WjdvN0l4dkFSamp2WXVVVVZRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ3Z0LU1jM0R5WjdvN0l4dkFSamp2WXVVVVZRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODNFOEIvOUFGM0JGRDZDQTdGMTFFRThBQjMxOTU4Nzc1
NDEyRTYvMDk5NDE4QThDQTg3MTFFRUIzNzg0MDYzNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbcYDANBAIAAjAHAwUALA9i
ADANBgkqhkiG9w0BAQsFAAOCAQEAM0Tjzh8tWhHg4ify331IWLcjK1iAEsq3r7KZ
/VqDjtaRjgOhPtoBZzW6OL9neiHpEBvlRVYTjPugYsla9P/gVMsZTN7bi7hQPl9j
tEPUU80fOXvtmdU/mxdSCcDeMksW7WX1j0SxQUWEbuCktgWge1recQWjwOoOd9ks
g4er3YAxYLAPwEraOfOt2WCIga0k7P3qmyACH73uNp0MnO4enPsqu44b4TgcM+gg
oWYxDh/WQWcMSDP3q144SkeWci88huTmaiLTKJ8Vzv1kMTJznAkDB+jESskh9agS
yJca8qqouvQ9ZYmfq5IcLW6VqKGIlNFZ+HGymFDZO5w7g//Alw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 03:05:53 2024 by rpki-client on console-fra.rpki-client.org