Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3693944/16AA8A44207611ECB3060925D8A014CE/7F3D996AEE3411ED84E7435C4AD9E6FC.roa
File:                     7F3D996AEE3411ED84E7435C4AD9E6FC.roa (raw, json)
Hash identifier:          HFYeFndb2JxxOdKSqCujEOpY8n28a0y4vmxd4LvSXs4=
Subject key identifier:   F1:C1:68:AB:D8:C7:82:8B:AA:94:40:A0:01:4B:AB:DD:DD:9F:96:F1
Certificate issuer:       /CN=F3693944AF/serialNumber=D181E91ED173F64D7BF82D8E0BEF994D5986DF52
Certificate serial:       0263
Authority key identifier: D1:81:E9:1E:D1:73:F6:4D:7B:F8:2D:8E:0B:EF:99:4D:59:86:DF:52
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/0YHpHtFz9k17-C2OC--ZTVmG31I.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3693944/16AA8A44207611ECB3060925D8A014CE/7F3D996AEE3411ED84E7435C4AD9E6FC.roa
Signing time:             Tue 09 May 2023 06:41:16 +0000
ROA not before:           Tue 09 May 2023 06:41:12 +0000
ROA not after:            Sun 31 May 2026 06:41:12 +0000
asID:                     329181
IP address blocks:        102.217.136.0/22 maxlen: 24
                          2c0f:1900::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3693944/16AA8A44207611ECB3060925D8A014CE/0YHpHtFz9k17-C2OC--ZTVmG31I.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3693944/16AA8A44207611ECB3060925D8A014CE/0YHpHtFz9k17-C2OC--ZTVmG31I.mft
                          rsync://rpki.afrinic.net/repository/afrinic/0YHpHtFz9k17-C2OC--ZTVmG31I.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 611 (0x263)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3693944AF/serialNumber=D181E91ED173F64D7BF82D8E0BEF994D5986DF52
        Validity
            Not Before: May  9 06:41:12 2023 GMT
            Not After : May 31 06:41:12 2026 GMT
        Subject: CN=6459eb0c-7804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:a5:06:e1:ff:36:3f:e6:dc:44:a0:c0:5b:43:
                    3a:ba:bd:4b:ae:12:50:57:ac:17:9c:bf:bc:12:8c:
                    a0:8f:0b:66:19:a8:dc:8d:16:6c:54:04:76:e6:0e:
                    19:fb:d0:bc:d3:9a:b0:ad:db:10:8b:d1:5a:55:bf:
                    64:bb:d6:fb:10:a4:6e:ab:0b:4d:e3:41:73:78:e3:
                    16:50:9d:db:c0:8b:56:51:0a:5b:b8:90:52:cf:86:
                    f9:78:b8:44:22:ea:7f:a6:88:b6:46:4d:70:b5:86:
                    fc:b8:de:56:45:5a:92:94:fc:e6:80:46:1b:00:ba:
                    18:1c:58:50:fe:1f:b9:fe:63:b6:54:b9:6b:98:23:
                    78:6d:3e:e7:2b:43:8a:ee:10:bd:07:75:96:51:b7:
                    b1:01:07:46:1e:fb:18:4b:e8:2a:76:82:58:90:79:
                    2a:43:8f:49:ab:dc:11:49:02:88:31:43:6a:02:92:
                    0b:a0:21:5a:62:e3:87:42:a0:72:76:d5:f8:bb:cf:
                    49:a3:b6:6e:57:36:c3:41:14:d1:b6:55:ab:2b:e0:
                    7a:43:a8:2d:e8:66:a3:31:19:4f:f7:cb:e7:4a:fc:
                    b7:80:d9:4c:09:c1:52:8e:38:1d:0b:61:a1:d2:a5:
                    6b:ee:83:07:7b:e8:71:38:37:11:2e:bd:5c:9c:d2:
                    88:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:C1:68:AB:D8:C7:82:8B:AA:94:40:A0:01:4B:AB:DD:DD:9F:96:F1
            X509v3 Authority Key Identifier:
                keyid:D1:81:E9:1E:D1:73:F6:4D:7B:F8:2D:8E:0B:EF:99:4D:59:86:DF:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3693944/16AA8A44207611ECB3060925D8A014CE/0YHpHtFz9k17-C2OC--ZTVmG31I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0YHpHtFz9k17-C2OC--ZTVmG31I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3693944/16AA8A44207611ECB3060925D8A014CE/7F3D996AEE3411ED84E7435C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.136.0/22
                IPv6:
                  2c0f:1900::/32

    Signature Algorithm: sha256WithRSAEncryption
         31:b7:b4:86:63:f9:21:ac:2b:b4:ae:7d:a0:46:4d:9f:d6:f0:
         b8:03:6d:54:d3:f2:11:b8:e4:a4:63:e4:4b:19:b3:ba:3c:a0:
         6e:4b:df:71:78:44:e0:7f:b5:c6:c2:4a:3c:bb:be:38:7a:36:
         51:9e:cf:52:61:b8:9f:00:b8:09:4e:1e:f1:32:36:11:40:23:
         16:47:1d:8a:f9:38:7c:e4:76:7d:05:7f:06:c2:b6:de:7d:e2:
         e2:00:85:be:c1:ac:22:b2:0a:bf:d4:cf:65:c0:59:26:da:f6:
         99:df:ad:62:3f:96:e0:2b:5b:59:9f:44:01:90:88:c1:7e:a0:
         52:4c:1b:44:90:fa:4e:59:b5:96:c0:0c:c8:24:e6:5f:0d:ea:
         86:29:7f:c5:f1:9b:01:54:99:85:d5:88:53:ce:87:07:6b:6e:
         c9:a6:49:48:c9:16:4b:6e:f7:e2:70:f8:f5:9e:e0:33:24:02:
         83:c1:77:b1:cd:2c:79:cc:27:2b:41:ea:76:b1:1c:b9:58:c9:
         02:ee:8d:bc:3c:fe:6a:ce:c0:9c:71:06:53:dc:38:5f:37:f5:
         89:8a:cf:49:33:b4:de:1c:a9:df:43:6c:a2:54:1c:7c:46:b5:
         7c:c9:cc:d9:04:57:4d:3d:57:2a:82:f4:7a:e9:a2:e9:cb:9f:
         25:c0:39:c7
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAmMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTM5NDRBRjExMC8GA1UEBRMoRDE4MUU5MUVEMTczRjY0RDdCRjgyRDhFMEJFRjk5
NEQ1OTg2REY1MjAeFw0yMzA1MDkwNjQxMTJaFw0yNjA1MzEwNjQxMTJaMBgxFjAU
BgNVBAMTDTY0NTllYjBjLTc4MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDspQbh/zY/5txEoMBbQzq6vUuuElBXrBecv7wSjKCPC2YZqNyNFmxUBHbm
Dhn70LzTmrCt2xCL0VpVv2S71vsQpG6rC03jQXN44xZQndvAi1ZRClu4kFLPhvl4
uEQi6n+miLZGTXC1hvy43lZFWpKU/OaARhsAuhgcWFD+H7n+Y7ZUuWuYI3htPucr
Q4ruEL0HdZZRt7EBB0Ye+xhL6Cp2gliQeSpDj0mr3BFJAogxQ2oCkgugIVpi44dC
oHJ21fi7z0mjtm5XNsNBFNG2Vasr4HpDqC3oZqMxGU/3y+dK/LeA2UwJwVKOOB0L
YaHSpWvugwd76HE4NxEuvVyc0oh7AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQU8cFo
q9jHgouqlECgAUur3d2flvEwHwYDVR0jBBgwFoAU0YHpHtFz9k17+C2OC++ZTVmG
31IwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjkzOTQ0LzE2QUE4QTQ0MjA3NjExRUNCMzA2MDkyNUQ4QTAxNENFLzBZSHBI
dEZ6OWsxNy1DMk9DLS1aVFZtRzMxSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzBZSHBIdEZ6OWsxNy1DMk9DLS1aVFZtRzMxSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjkzOTQ0LzE2QUE4QTQ0MjA3NjExRUNCMzA2MDkyNUQ4
QTAxNENFLzdGM0Q5OTZBRUUzNDExRUQ4NEU3NDM1QzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm2YgwDQQCAAIwBwMFACwP
GQAwDQYJKoZIhvcNAQELBQADggEBADG3tIZj+SGsK7SufaBGTZ/W8LgDbVTT8hG4
5KRj5EsZs7o8oG5L33F4ROB/tcbCSjy7vjh6NlGez1JhuJ8AuAlOHvEyNhFAIxZH
HYr5OHzkdn0FfwbCtt594uIAhb7BrCKyCr/Uz2XAWSba9pnfrWI/luArW1mfRAGQ
iMF+oFJMG0SQ+k5ZtZbADMgk5l8N6oYpf8XxmwFUmYXViFPOhwdrbsmmSUjJFktu
9+Jw+PWe4DMkAoPBd7HNLHnMJytB6naxHLlYyQLujbw8/mrOwJxxBlPcOF839YmK
z0kztN4cqd9DbKJUHHxGtXzJzNkEV009VyqC9HrpounLnyXAOcc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org