Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/9D82CD40CDB011ED812241C6F1222468.roa
File:                     9D82CD40CDB011ED812241C6F1222468.roa (raw, json)
Hash identifier:          qsqlB1DyQeEjQRpQD9Kt6opY0oeDRgR3OAxfv/Yfba8=
Subject key identifier:   60:66:05:14:98:18:9E:BE:04:D6:2B:9B:90:8E:6A:BA:1B:C6:D8:FA
Certificate issuer:       /CN=F368A3D1AF/serialNumber=AE51D25716DDB4CCA31B2E985E0A7525F7F4B9C6
Certificate serial:       031D
Authority key identifier: AE:51:D2:57:16:DD:B4:CC:A3:1B:2E:98:5E:0A:75:25:F7:F4:B9:C6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/9D82CD40CDB011ED812241C6F1222468.roa
Signing time:             Tue 28 Mar 2023 21:36:36 +0000
ROA not before:           Tue 28 Mar 2023 21:36:31 +0000
ROA not after:            Sun 30 Sep 2029 21:36:31 +0000
asID:                     328795
IP address blocks:        102.220.253.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 797 (0x31d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368A3D1AF/serialNumber=AE51D25716DDB4CCA31B2E985E0A7525F7F4B9C6
        Validity
            Not Before: Mar 28 21:36:31 2023 GMT
            Not After : Sep 30 21:36:31 2029 GMT
        Subject: CN=64235de4-63ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:07:59:4e:89:3c:ef:9b:6c:7d:ed:f8:30:ef:
                    14:d6:b3:79:78:b2:4e:da:5a:31:78:db:a4:79:a6:
                    cf:ca:de:27:66:31:0e:d3:37:9d:22:fb:95:19:69:
                    02:44:aa:31:bd:77:fb:13:af:49:f4:3c:41:0c:d9:
                    50:1c:c0:d9:00:54:9b:0e:16:2f:d3:a3:d6:bd:8d:
                    02:14:28:04:71:11:0a:fa:f9:30:67:4b:ed:ce:d1:
                    11:7f:fe:ac:4c:ea:5c:49:45:9a:43:e2:d9:8d:35:
                    ed:0b:f4:f3:e9:76:be:dc:d9:bf:c0:58:0b:e0:6c:
                    bb:d2:dd:95:55:db:6c:f2:ad:f9:eb:1e:a0:ff:86:
                    ae:a5:22:90:04:9d:8c:35:74:ef:17:57:0f:2d:c7:
                    22:8a:80:83:28:5d:27:54:2f:51:a8:0d:50:2d:f7:
                    50:9f:e2:0e:84:00:b0:c9:31:c7:f6:57:bf:ac:b5:
                    57:af:89:6b:9b:41:41:7a:dd:91:11:fb:e7:3b:63:
                    9b:1d:28:d9:72:00:90:d6:bc:fd:92:ec:8c:50:d6:
                    94:4f:9f:f8:05:b0:47:41:10:97:f6:25:8a:00:9c:
                    d5:19:b7:50:8e:e0:5a:e9:91:ad:fa:23:31:7f:e6:
                    a3:79:1f:e1:82:f2:66:4d:60:5e:44:9c:21:97:ec:
                    1c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:66:05:14:98:18:9E:BE:04:D6:2B:9B:90:8E:6A:BA:1B:C6:D8:FA
            X509v3 Authority Key Identifier:
                keyid:AE:51:D2:57:16:DD:B4:CC:A3:1B:2E:98:5E:0A:75:25:F7:F4:B9:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/9D82CD40CDB011ED812241C6F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:72:c2:4b:2f:e1:b6:61:e2:60:c9:0c:69:fa:eb:e9:31:5f:
         22:c8:fb:3e:2a:a6:30:dd:c2:ec:12:65:9c:4b:dd:a2:4e:dc:
         e8:fa:a1:b3:50:ab:21:01:b6:93:1d:c6:86:3c:84:a6:c1:19:
         3b:27:f2:f4:d4:27:3b:ba:f9:c0:ad:9d:1a:c2:9d:e1:fc:aa:
         57:c5:50:f7:7d:c7:6d:2a:11:bd:c3:29:60:a7:d0:6a:11:7b:
         be:d6:d4:cd:85:98:a6:7c:d8:a0:28:65:1c:56:4e:b3:c6:3b:
         cb:05:d2:ef:f7:bd:a9:40:0b:c7:87:86:10:6e:4c:5d:5d:e4:
         61:b5:80:7a:bb:94:48:56:49:f2:49:89:d4:e0:01:24:29:1b:
         66:7a:f5:db:53:9b:27:f0:91:dc:c5:4d:5f:72:77:6e:31:7b:
         0b:5f:eb:02:42:eb:2a:80:76:37:43:4a:9c:16:1f:ab:95:ca:
         0e:20:07:ae:ed:da:1c:29:62:d0:9d:1f:51:23:0a:04:01:fd:
         e3:9f:ea:a1:86:e3:b0:ed:f7:e2:c3:57:6f:86:10:43:5a:e7:
         9e:54:a8:38:59:de:3d:a3:2d:b8:cc:9d:c5:76:4b:d6:da:51:
         d5:7f:27:4d:39:00:33:6b:e0:1c:66:41:2a:80:92:f2:ad:d8:
         c7:b8:59:b3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAx0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEEzRDFBRjExMC8GA1UEBRMoQUU1MUQyNTcxNkREQjRDQ0EzMUIyRTk4NUUwQTc1
MjVGN0Y0QjlDNjAeFw0yMzAzMjgyMTM2MzFaFw0yOTA5MzAyMTM2MzFaMBgxFjAU
BgNVBAMMDTY0MjM1ZGU0LTYzZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCxB1lOiTzvm2x97fgw7xTWs3l4sk7aWjF426R5ps/K3idmMQ7TN50i+5UZ
aQJEqjG9d/sTr0n0PEEM2VAcwNkAVJsOFi/To9a9jQIUKARxEQr6+TBnS+3O0RF/
/qxM6lxJRZpD4tmNNe0L9PPpdr7c2b/AWAvgbLvS3ZVV22zyrfnrHqD/hq6lIpAE
nYw1dO8XVw8txyKKgIMoXSdUL1GoDVAt91Cf4g6EALDJMcf2V7+stVeviWubQUF6
3ZER++c7Y5sdKNlyAJDWvP2S7IxQ1pRPn/gFsEdBEJf2JYoAnNUZt1CO4Frpka36
IzF/5qN5H+GC8mZNYF5EnCGX7BwbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYGYF
FJgYnr4E1iubkI5quhvG2PowHwYDVR0jBBgwFoAUrlHSVxbdtMyjGy6YXgp1Jff0
ucYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhBM0QxLzczNzMyRTU2NzAyODExRUJCMkY5NjgyNUY4QUVBMjI4L3JsSFNW
eGJkdE15akd5NllYZ3AxSmZmMHVjWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JsSFNWeGJkdE15akd5NllYZ3AxSmZmMHVjWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhBM0QxLzczNzMyRTU2NzAyODExRUJCMkY5NjgyNUY4
QUVBMjI4LzlEODJDRDQwQ0RCMDExRUQ4MTIyNDFDNkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm3P0wDQYJKoZIhvcNAQEL
BQADggEBAHBywksv4bZh4mDJDGn66+kxXyLI+z4qpjDdwuwSZZxL3aJO3Oj6obNQ
qyEBtpMdxoY8hKbBGTsn8vTUJzu6+cCtnRrCneH8qlfFUPd9x20qEb3DKWCn0GoR
e77W1M2FmKZ82KAoZRxWTrPGO8sF0u/3valAC8eHhhBuTF1d5GG1gHq7lEhWSfJJ
idTgASQpG2Z69dtTmyfwkdzFTV9yd24xewtf6wJC6yqAdjdDSpwWH6uVyg4gB67t
2hwpYtCdH1EjCgQB/eOf6qGG47Dt9+LDV2+GEENa555UqDhZ3j2jLbjMncV2S9ba
UdV/J005ADNr4BxmQSqAkvKt2Me4WbM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org