Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/7053DDBA207711ECA57B2A27D8A014CE.roa
File:                     7053DDBA207711ECA57B2A27D8A014CE.roa (raw, json)
Hash identifier:          8FwYiwQNn3Nk7JGlhTjNINHWw5iUKIWhAuMhk3sKQys=
Subject key identifier:   04:03:FF:27:DC:8A:96:39:06:A1:42:4B:0A:A6:F2:0E:29:1E:DF:15
Certificate issuer:       /CN=F3684027AF/serialNumber=A8F3FFCCF2BD6F173E578DCE8625E01C5397F735
Certificate serial:       02
Authority key identifier: A8:F3:FF:CC:F2:BD:6F:17:3E:57:8D:CE:86:25:E0:1C:53:97:F7:35
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/qPP_zPK9bxc-V43OhiXgHFOX9zU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/7053DDBA207711ECA57B2A27D8A014CE.roa
Signing time:             Tue 28 Sep 2021 16:16:30 +0000
ROA not before:           Tue 28 Sep 2021 16:16:26 +0000
ROA not after:            Sun 28 Sep 2031 16:16:26 +0000
asID:                     328317
IP address blocks:        102.218.220.0/22 maxlen: 24
                          2c0f:6500::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/qPP_zPK9bxc-V43OhiXgHFOX9zU.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/qPP_zPK9bxc-V43OhiXgHFOX9zU.mft
                          rsync://rpki.afrinic.net/repository/afrinic/qPP_zPK9bxc-V43OhiXgHFOX9zU.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3684027AF/serialNumber=A8F3FFCCF2BD6F173E578DCE8625E01C5397F735
        Validity
            Not Before: Sep 28 16:16:26 2021 GMT
            Not After : Sep 28 16:16:26 2031 GMT
        Subject: CN=61533fde-0240
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ad:09:c9:d2:b6:fe:15:9d:36:9f:a0:b2:2f:
                    d0:06:e6:d9:69:17:87:81:8a:6e:78:e7:45:69:60:
                    f9:8f:bf:c0:ba:c1:53:55:23:42:cd:08:00:34:cf:
                    8c:06:06:bc:92:fc:ea:cd:31:75:69:5c:3c:b7:e4:
                    07:19:ba:55:47:c2:6f:e8:eb:b9:c9:88:36:d7:49:
                    5e:b4:98:d0:20:9d:42:d4:6d:47:ab:bc:21:84:51:
                    02:98:80:d9:00:ad:a8:15:14:f7:1a:a9:2f:74:2e:
                    0f:0e:92:ce:d5:2d:7f:bc:00:85:65:b5:63:a8:4a:
                    f3:02:09:28:d2:61:8b:c5:fa:92:3b:ac:9b:86:fe:
                    62:2e:d0:d6:48:a8:a5:37:9b:43:0d:4e:ae:61:ce:
                    1b:68:35:33:5e:58:3b:73:b9:31:2e:0f:94:32:56:
                    d0:3f:8b:40:85:35:bc:74:4b:40:50:65:f1:68:61:
                    61:1f:e4:a6:d5:25:38:6b:ae:6c:af:70:a6:52:8e:
                    54:6f:47:3d:99:aa:9d:ee:47:1d:2c:43:2a:0a:2a:
                    45:7f:19:7c:3c:55:43:ea:12:78:56:83:27:ad:93:
                    48:62:8a:2c:c1:7b:e2:1c:54:4a:15:c6:49:65:cf:
                    9d:2d:2c:fd:d3:0e:86:c3:ce:49:db:3d:df:e4:3d:
                    b3:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:03:FF:27:DC:8A:96:39:06:A1:42:4B:0A:A6:F2:0E:29:1E:DF:15
            X509v3 Authority Key Identifier:
                keyid:A8:F3:FF:CC:F2:BD:6F:17:3E:57:8D:CE:86:25:E0:1C:53:97:F7:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/qPP_zPK9bxc-V43OhiXgHFOX9zU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qPP_zPK9bxc-V43OhiXgHFOX9zU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/7053DDBA207711ECA57B2A27D8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.218.220.0/22
                IPv6:
                  2c0f:6500::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:c3:92:9e:dc:1e:25:90:2d:ca:77:65:ef:88:e0:65:96:a6:
         1a:43:c2:e7:d9:bf:cf:b0:4d:66:99:fe:29:f1:f7:46:1c:7f:
         27:d2:34:11:67:38:a8:7e:13:11:22:cc:37:d7:c7:91:bd:16:
         c3:61:6a:6b:ae:00:08:71:24:fe:a8:55:9e:53:55:88:20:40:
         89:e6:b5:09:61:39:05:8b:b9:3b:0e:5c:c7:34:7a:7a:8a:6e:
         aa:72:24:cc:e6:77:6c:6a:14:cc:03:f2:57:4c:72:18:9b:f1:
         41:61:47:e8:93:0c:57:78:c5:37:d5:96:dd:80:72:ae:dd:76:
         93:c8:b1:67:3e:90:ef:d3:46:cc:63:5a:55:a3:00:9a:d1:fb:
         4f:38:a4:c1:e0:14:c2:ac:d4:e9:23:db:cc:d6:4d:84:11:d8:
         53:6b:2b:bd:a3:4a:50:83:b2:06:a0:7c:99:47:27:7a:d2:36:
         96:f6:31:08:fc:2a:76:62:2d:9e:9c:f0:68:c1:f5:61:11:9b:
         45:89:28:0b:82:65:94:8d:6e:25:bb:70:7b:d2:8d:24:e5:92:
         47:0a:0c:69:c2:52:94:f0:35:e9:18:de:45:08:a3:86:f8:3d:
         fe:e6:b7:b9:fd:8f:45:6e:cf:68:08:a4:f4:83:ab:81:dc:29:
         c6:32:9f:49
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
NDAyN0FGMTEwLwYDVQQFEyhBOEYzRkZDQ0YyQkQ2RjE3M0U1NzhEQ0U4NjI1RTAx
QzUzOTdGNzM1MB4XDTIxMDkyODE2MTYyNloXDTMxMDkyODE2MTYyNlowGDEWMBQG
A1UEAwwNNjE1MzNmZGUtMDI0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqtCcnStv4VnTafoLIv0Abm2WkXh4GKbnjnRWlg+Y+/wLrBU1UjQs0IADTP
jAYGvJL86s0xdWlcPLfkBxm6VUfCb+jrucmINtdJXrSY0CCdQtRtR6u8IYRRApiA
2QCtqBUU9xqpL3QuDw6SztUtf7wAhWW1Y6hK8wIJKNJhi8X6kjusm4b+Yi7Q1kio
pTebQw1OrmHOG2g1M15YO3O5MS4PlDJW0D+LQIU1vHRLQFBl8WhhYR/kptUlOGuu
bK9wplKOVG9HPZmqne5HHSxDKgoqRX8ZfDxVQ+oSeFaDJ62TSGKKLMF74hxUShXG
SWXPnS0s/dMOhsPOSds93+Q9s3sCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQEA/8n
3IqWOQahQksKpvIOKR7fFTAfBgNVHSMEGDAWgBSo8//M8r1vFz5Xjc6GJeAcU5f3
NTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODQwMjcvNDNEQzBGREMyMDc3MTFFQ0IyM0ZFMjI2RDhBMDE0Q0UvcVBQX3pQ
SzlieGMtVjQzT2hpWGdIRk9YOXpVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcVBQX3pQSzlieGMtVjQzT2hpWGdIRk9YOXpVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODQwMjcvNDNEQzBGREMyMDc3MTFFQ0IyM0ZFMjI2RDhB
MDE0Q0UvNzA1M0REQkEyMDc3MTFFQ0E1N0IyQTI3RDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmba3DANBAIAAjAHAwUALA9l
ADANBgkqhkiG9w0BAQsFAAOCAQEAOsOSntweJZAtyndl74jgZZamGkPC59m/z7BN
Zpn+KfH3Rhx/J9I0EWc4qH4TESLMN9fHkb0Ww2Fqa64ACHEk/qhVnlNViCBAiea1
CWE5BYu5Ow5cxzR6eopuqnIkzOZ3bGoUzAPyV0xyGJvxQWFH6JMMV3jFN9WW3YBy
rt12k8ixZz6Q79NGzGNaVaMAmtH7TzikweAUwqzU6SPbzNZNhBHYU2srvaNKUIOy
BqB8mUcnetI2lvYxCPwqdmItnpzwaMH1YRGbRYkoC4JllI1uJbtwe9KNJOWSRwoM
acJSlPA16RjeRQijhvg9/ua3uf2PRW7PaAik9IOrgdwpxjKfSQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org