Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/109E9816058E11EF9F2E082A017001B1.roa
File:                     109E9816058E11EF9F2E082A017001B1.roa (raw, json)
Hash identifier:          awGoqbBSAx/fCGhKKOOxrJpeJJgZ+sWJhXA1UCAvdvs=
Subject key identifier:   3D:F7:A7:AB:79:D3:F2:E2:AA:8B:71:83:C5:69:3B:B8:DF:2B:0B:48
Certificate issuer:       /CN=F3693AE0AF/serialNumber=09B34E133639D3B4EE351613B8A60D6B1902AD63
Certificate serial:       11
Authority key identifier: 09:B3:4E:13:36:39:D3:B4:EE:35:16:13:B8:A6:0D:6B:19:02:AD:63
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CbNOEzY507TuNRYTuKYNaxkCrWM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/109E9816058E11EF9F2E082A017001B1.roa
Signing time:             Sun 28 Apr 2024 18:35:19 +0000
ROA not before:           Sun 28 Apr 2024 18:35:16 +0000
ROA not after:            Tue 31 Dec 2030 18:35:16 +0000
asID:                     328586
IP address blocks:        102.22.234.0/24 maxlen: 24
                          102.22.235.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/CbNOEzY507TuNRYTuKYNaxkCrWM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/CbNOEzY507TuNRYTuKYNaxkCrWM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CbNOEzY507TuNRYTuKYNaxkCrWM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17 (0x11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3693AE0AF/serialNumber=09B34E133639D3B4EE351613B8A60D6B1902AD63
        Validity
            Not Before: Apr 28 18:35:16 2024 GMT
            Not After : Dec 31 18:35:16 2030 GMT
        Subject: CN=662e96e7-bc04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:5c:94:56:65:b3:a9:0e:d5:18:29:ce:20:53:
                    a1:f5:f6:f2:a5:ad:a9:e3:d3:b7:09:d3:9b:ed:6e:
                    bc:0e:e6:86:eb:d6:90:e9:6d:35:ee:68:92:16:36:
                    6b:49:09:d0:d1:49:d6:50:84:c1:d5:3d:50:cf:0e:
                    c4:46:71:55:57:e7:33:b4:58:4e:d6:ee:a7:63:19:
                    4c:a2:c8:74:30:d3:eb:e3:fc:fe:51:15:25:f3:9d:
                    7f:7d:06:d1:96:f1:d8:9d:26:25:67:16:8e:4c:9e:
                    0d:ed:36:d3:cb:e9:d6:ac:2a:07:c1:a5:ec:73:cd:
                    87:72:de:97:91:0b:25:20:f9:9f:c8:9a:fe:2c:01:
                    6d:47:87:19:ec:13:b0:05:96:ae:8b:d3:c1:cb:a5:
                    91:59:1b:79:c9:6b:cb:3a:8e:6a:da:ee:93:4e:ed:
                    ef:94:9c:eb:bc:a2:e7:4b:a4:97:0d:14:2c:4d:12:
                    5a:4a:cd:af:73:08:c9:7e:98:db:60:0e:b9:e5:57:
                    31:2f:46:2c:b9:01:5d:f1:1a:e5:c8:06:98:42:e7:
                    a3:28:e9:1f:a9:54:af:e7:84:4c:0c:33:23:e6:06:
                    db:52:9b:0e:79:f0:27:df:78:06:d8:a6:e9:5a:a3:
                    12:28:fa:6b:c4:b7:67:6b:bd:bc:b5:42:b1:21:bf:
                    a1:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:F7:A7:AB:79:D3:F2:E2:AA:8B:71:83:C5:69:3B:B8:DF:2B:0B:48
            X509v3 Authority Key Identifier:
                keyid:09:B3:4E:13:36:39:D3:B4:EE:35:16:13:B8:A6:0D:6B:19:02:AD:63

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/CbNOEzY507TuNRYTuKYNaxkCrWM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CbNOEzY507TuNRYTuKYNaxkCrWM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/109E9816058E11EF9F2E082A017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.22.234.0/23

    Signature Algorithm: sha256WithRSAEncryption
         63:03:4f:d4:5b:98:ef:a3:d6:3a:54:ed:1e:e9:9b:f5:ad:27:
         09:22:94:ae:0a:4d:b4:fe:e8:2a:14:f6:46:6f:65:a9:fd:c2:
         24:a6:0a:44:d3:0a:6e:77:05:6f:de:bc:74:f7:8b:2a:60:a1:
         ef:55:74:6d:74:bc:4c:94:49:d0:cc:e1:77:ea:5b:90:b7:0c:
         df:b0:7c:0e:1e:3a:20:ab:90:06:1e:30:06:17:f7:22:de:c4:
         f3:60:bc:44:64:3f:51:8c:de:e3:d5:ee:54:69:62:b7:e0:93:
         cb:49:52:a6:fd:4d:63:3b:22:70:19:64:ea:b4:7a:bb:1a:fa:
         15:0b:73:e9:56:6f:f8:a1:34:d6:e8:68:94:c2:d2:83:74:ce:
         e6:fa:40:dd:99:b8:4e:aa:7f:00:50:17:7e:5d:d3:dd:85:81:
         f5:62:84:8d:d4:08:36:a9:08:6c:71:bd:bb:10:ac:1f:94:82:
         4a:0e:33:36:ed:18:2e:c8:4e:10:b0:98:f9:e9:f2:95:3e:ff:
         91:36:ad:c4:bb:8f:e2:87:7a:21:f5:93:65:7c:61:66:61:e4:
         bd:28:9e:99:4e:91:8d:0f:78:5c:e4:22:ae:f4:d1:d3:e4:73:
         00:43:ff:9d:d9:67:29:57:d4:79:64:d4:35:ed:3d:5e:8b:6f:
         c9:37:2e:ec
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
M0FFMEFGMTEwLwYDVQQFEygwOUIzNEUxMzM2MzlEM0I0RUUzNTE2MTNCOEE2MEQ2
QjE5MDJBRDYzMB4XDTI0MDQyODE4MzUxNloXDTMwMTIzMTE4MzUxNlowGDEWMBQG
A1UEAxMNNjYyZTk2ZTctYmMwNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5clFZls6kO1RgpziBTofX28qWtqePTtwnTm+1uvA7mhuvWkOltNe5okhY2
a0kJ0NFJ1lCEwdU9UM8OxEZxVVfnM7RYTtbup2MZTKLIdDDT6+P8/lEVJfOdf30G
0Zbx2J0mJWcWjkyeDe0208vp1qwqB8Gl7HPNh3Lel5ELJSD5n8ia/iwBbUeHGewT
sAWWrovTwculkVkbeclryzqOatruk07t75Sc67yi50uklw0ULE0SWkrNr3MIyX6Y
22AOueVXMS9GLLkBXfEa5cgGmELnoyjpH6lUr+eETAwzI+YG21KbDnnwJ994Btim
6VqjEij6a8S3Z2u9vLVCsSG/oTUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ996er
edPy4qqLcYPFaTu43ysLSDAfBgNVHSMEGDAWgBQJs04TNjnTtO41FhO4pg1rGQKt
YzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTNBRTAvQkJFNTJGRjIwMEUxMTFFRkFGODRENjA3MDE3MDAxQjEvQ2JOT0V6
WTUwN1R1TlJZVHVLWU5heGtDcldNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQ2JOT0V6WTUwN1R1TlJZVHVLWU5heGtDcldNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTNBRTAvQkJFNTJGRjIwMEUxMTFFRkFGODRENjA3MDE3
MDAxQjEvMTA5RTk4MTYwNThFMTFFRjlGMkUwODJBMDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWYW6jANBgkqhkiG9w0BAQsF
AAOCAQEAYwNP1FuY76PWOlTtHumb9a0nCSKUrgpNtP7oKhT2Rm9lqf3CJKYKRNMK
bncFb968dPeLKmCh71V0bXS8TJRJ0Mzhd+pbkLcM37B8Dh46IKuQBh4wBhf3It7E
82C8RGQ/UYze49XuVGlit+CTy0lSpv1NYzsicBlk6rR6uxr6FQtz6VZv+KE01uho
lMLSg3TO5vpA3Zm4Tqp/AFAXfl3T3YWB9WKEjdQINqkIbHG9uxCsH5SCSg4zNu0Y
LshOELCY+enylT7/kTatxLuP4od6IfWTZXxhZmHkvSiemU6RjQ94XOQirvTR0+Rz
AEP/ndlnKVfUeWTUNe09XotvyTcu7A==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:28 2024 by rpki-client on console-fra.rpki-client.org