Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/F1372870058911EFB8214008017001B1.roa
File:                     F1372870058911EFB8214008017001B1.roa (raw, json)
Hash identifier:          t2P1L8ixLWdSZJ4m2IxwLYayMJ240E8hcnHi+YngPF0=
Subject key identifier:   58:AE:0F:92:42:B6:A1:CE:4C:9C:62:35:96:06:23:87:34:88:84:45
Certificate issuer:       /CN=F3693AE0AF/serialNumber=09B34E133639D3B4EE351613B8A60D6B1902AD63
Certificate serial:       0E
Authority key identifier: 09:B3:4E:13:36:39:D3:B4:EE:35:16:13:B8:A6:0D:6B:19:02:AD:63
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CbNOEzY507TuNRYTuKYNaxkCrWM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/F1372870058911EFB8214008017001B1.roa
Signing time:             Sun 28 Apr 2024 18:05:49 +0000
ROA not before:           Sun 28 Apr 2024 18:05:45 +0000
ROA not after:            Tue 31 Dec 2030 18:05:45 +0000
asID:                     328586
IP address blocks:        102.22.232.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/CbNOEzY507TuNRYTuKYNaxkCrWM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/CbNOEzY507TuNRYTuKYNaxkCrWM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CbNOEzY507TuNRYTuKYNaxkCrWM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14 (0xe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3693AE0AF/serialNumber=09B34E133639D3B4EE351613B8A60D6B1902AD63
        Validity
            Not Before: Apr 28 18:05:45 2024 GMT
            Not After : Dec 31 18:05:45 2030 GMT
        Subject: CN=662e8ffd-3042
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:70:eb:3e:fc:c9:84:3d:3a:b2:ed:8f:ff:d0:
                    de:94:d3:b9:3a:9d:18:33:d0:f4:29:9b:ad:ec:07:
                    c6:a6:e0:29:44:71:5d:fb:09:72:6c:e8:29:3d:4a:
                    30:3f:0b:7b:1d:fd:13:a1:5d:36:8a:b6:6a:65:0f:
                    33:85:cc:11:45:8b:c3:cd:ad:cd:5b:f6:a6:2d:3b:
                    2d:fe:1b:57:02:c8:03:78:02:9f:95:6f:19:2f:f4:
                    eb:c0:f3:71:65:f9:14:36:3e:7a:04:77:68:bf:e0:
                    2e:03:9f:d1:c6:12:04:69:81:e5:91:65:5b:67:84:
                    01:fb:d6:0d:0e:05:0e:0c:c0:a1:f7:80:cc:21:38:
                    2d:41:6e:ef:a2:dc:7d:06:74:82:4c:df:2d:ed:6b:
                    2b:c5:c5:a7:93:89:e2:75:46:7c:47:12:86:26:bc:
                    03:41:e5:4c:e2:6d:13:9c:47:c9:a0:5c:d7:61:6a:
                    bd:14:1a:eb:c2:7d:22:ea:94:96:7e:ee:0a:c2:11:
                    47:6f:5d:bb:39:ef:87:04:d8:89:f1:9e:5a:6c:dc:
                    1b:f0:44:b8:3b:6c:54:4b:b6:48:94:e2:f1:f5:9a:
                    11:17:7e:73:24:07:cc:28:21:e4:53:6f:03:4f:d6:
                    8d:1f:dc:27:16:ed:be:04:88:a3:72:58:7b:40:e7:
                    a8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:AE:0F:92:42:B6:A1:CE:4C:9C:62:35:96:06:23:87:34:88:84:45
            X509v3 Authority Key Identifier:
                keyid:09:B3:4E:13:36:39:D3:B4:EE:35:16:13:B8:A6:0D:6B:19:02:AD:63

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/CbNOEzY507TuNRYTuKYNaxkCrWM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CbNOEzY507TuNRYTuKYNaxkCrWM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3693AE0/BBE52FF200E111EFAF84D607017001B1/F1372870058911EFB8214008017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.22.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:c5:af:eb:cc:7e:9d:1c:6a:43:bf:ff:1a:3f:29:55:b1:eb:
         dd:ff:bf:14:e0:92:d6:bb:9d:27:64:b3:05:55:90:1d:56:75:
         d1:84:bf:f2:57:17:fe:8b:c2:91:a8:f9:22:2f:5b:f4:96:42:
         24:54:1b:21:66:46:65:3a:c0:7f:dc:8b:57:ae:55:0b:f8:99:
         b4:e4:c1:29:de:38:01:37:a7:64:bb:fd:07:a9:7a:72:75:51:
         45:9d:34:ec:54:ba:7c:03:28:9a:01:d2:e4:83:74:bf:a3:14:
         96:ad:4e:b5:73:d2:95:6b:3a:a9:61:d6:93:c0:bd:2c:fe:0e:
         09:d9:99:7c:92:b3:a9:8b:5c:ad:e5:35:4e:6a:4e:b7:86:4c:
         32:16:61:cd:2f:db:b6:34:6b:90:49:d4:26:9d:d7:b6:30:92:
         39:50:16:6d:6b:34:5c:4c:10:de:a3:0c:3c:a4:a7:84:a0:f8:
         1a:ed:43:84:fc:1d:c6:d0:98:d8:23:05:0e:12:fe:42:d5:5c:
         18:1d:4a:fe:13:93:10:b1:a1:01:07:b9:c7:00:b7:be:13:64:
         52:d5:ab:f0:eb:bd:71:7a:aa:19:af:a0:9e:0d:ad:e3:16:85:
         56:3b:a8:d0:28:89:4f:f5:84:f0:f2:96:97:dd:28:b0:4a:82:
         89:f8:ad:1e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
M0FFMEFGMTEwLwYDVQQFEygwOUIzNEUxMzM2MzlEM0I0RUUzNTE2MTNCOEE2MEQ2
QjE5MDJBRDYzMB4XDTI0MDQyODE4MDU0NVoXDTMwMTIzMTE4MDU0NVowGDEWMBQG
A1UEAxMNNjYyZThmZmQtMzA0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRw6z78yYQ9OrLtj//Q3pTTuTqdGDPQ9CmbrewHxqbgKURxXfsJcmzoKT1K
MD8Lex39E6FdNoq2amUPM4XMEUWLw82tzVv2pi07Lf4bVwLIA3gCn5VvGS/068Dz
cWX5FDY+egR3aL/gLgOf0cYSBGmB5ZFlW2eEAfvWDQ4FDgzAofeAzCE4LUFu76Lc
fQZ0gkzfLe1rK8XFp5OJ4nVGfEcShia8A0HlTOJtE5xHyaBc12FqvRQa68J9IuqU
ln7uCsIRR29duznvhwTYifGeWmzcG/BEuDtsVEu2SJTi8fWaERd+cyQHzCgh5FNv
A0/WjR/cJxbtvgSIo3JYe0DnqN0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRYrg+S
QrahzkycYjWWBiOHNIiERTAfBgNVHSMEGDAWgBQJs04TNjnTtO41FhO4pg1rGQKt
YzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTNBRTAvQkJFNTJGRjIwMEUxMTFFRkFGODRENjA3MDE3MDAxQjEvQ2JOT0V6
WTUwN1R1TlJZVHVLWU5heGtDcldNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQ2JOT0V6WTUwN1R1TlJZVHVLWU5heGtDcldNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTNBRTAvQkJFNTJGRjIwMEUxMTFFRkFGODRENjA3MDE3
MDAxQjEvRjEzNzI4NzAwNTg5MTFFRkI4MjE0MDA4MDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGYW6DANBgkqhkiG9w0BAQsF
AAOCAQEAtMWv68x+nRxqQ7//Gj8pVbHr3f+/FOCS1rudJ2SzBVWQHVZ10YS/8lcX
/ovCkaj5Ii9b9JZCJFQbIWZGZTrAf9yLV65VC/iZtOTBKd44ATenZLv9B6l6cnVR
RZ007FS6fAMomgHS5IN0v6MUlq1OtXPSlWs6qWHWk8C9LP4OCdmZfJKzqYtcreU1
TmpOt4ZMMhZhzS/btjRrkEnUJp3XtjCSOVAWbWs0XEwQ3qMMPKSnhKD4Gu1DhPwd
xtCY2CMFDhL+QtVcGB1K/hOTELGhAQe5xwC3vhNkUtWr8Ou9cXqqGa+gng2t4xaF
Vjuo0CiJT/WE8PKWl90osEqCifitHg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:28 2024 by rpki-client on console-fra.rpki-client.org