Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/DBFE937C426511EEBE348D774AD9E6FC.roa
File:                     DBFE937C426511EEBE348D774AD9E6FC.roa (raw, json)
Hash identifier:          QIaZqhKkN8RZ2TMX3IFJAuphOSd06o9Ok298FA+iNs4=
Subject key identifier:   9F:83:41:F8:9E:31:41:47:3A:04:D7:49:6B:6B:5E:61:9F:A4:76:90
Certificate issuer:       /CN=F36960E7AF/serialNumber=1F4DB9AC6B63108A19BDCDBEECFF449842C8D6A0
Certificate serial:       0330
Authority key identifier: 1F:4D:B9:AC:6B:63:10:8A:19:BD:CD:BE:EC:FF:44:98:42:C8:D6:A0
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/DBFE937C426511EEBE348D774AD9E6FC.roa
Signing time:             Thu 24 Aug 2023 10:06:15 +0000
ROA not before:           Thu 24 Aug 2023 10:06:11 +0000
ROA not after:            Tue 01 Sep 2026 10:06:11 +0000
asID:                     328840
IP address blocks:        102.220.18.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.mft
                          rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 816 (0x330)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36960E7AF/serialNumber=1F4DB9AC6B63108A19BDCDBEECFF449842C8D6A0
        Validity
            Not Before: Aug 24 10:06:11 2023 GMT
            Not After : Sep  1 10:06:11 2026 GMT
        Subject: CN=64e72b96-6116
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ba:f2:90:51:1b:37:c0:1b:94:26:b7:bb:02:
                    99:25:40:db:d2:72:2e:1e:2d:7a:d0:b6:15:2f:69:
                    32:c7:fa:00:04:cc:2c:84:9f:93:9a:33:50:ea:f2:
                    35:ba:04:a4:30:6d:d6:81:a6:ab:71:b3:f8:ab:e0:
                    fb:c0:56:f2:3f:2a:a5:1e:a6:7b:da:8e:1e:e6:d2:
                    5a:48:34:2a:90:d5:95:f8:54:85:2f:25:3e:20:ca:
                    dd:00:42:b8:e7:60:b6:73:04:f0:bb:58:58:d7:63:
                    cf:66:79:03:f0:3b:f7:0e:1c:0f:81:18:46:c8:ef:
                    7c:0a:04:36:b2:2d:12:f9:bd:a4:69:50:0d:95:b6:
                    63:78:80:28:86:83:c7:8f:a0:07:6d:a8:be:5a:74:
                    eb:c2:da:a8:a7:aa:26:d1:da:b4:7c:a4:39:01:ed:
                    c0:e4:57:d2:f6:0d:c7:ca:cc:8f:c9:6b:3d:26:a8:
                    84:74:6f:7f:22:38:3c:ac:20:35:31:9c:d1:8a:2c:
                    cb:23:70:fb:7e:32:94:d3:9c:61:9c:3b:af:f9:32:
                    93:88:89:e4:36:ef:ca:24:16:58:02:12:51:a4:09:
                    63:a7:d6:77:e9:72:46:a2:e1:78:91:9d:9e:9a:a6:
                    26:7c:46:b1:86:12:90:7c:d5:e3:a4:9d:9f:17:ff:
                    67:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:83:41:F8:9E:31:41:47:3A:04:D7:49:6B:6B:5E:61:9F:A4:76:90
            X509v3 Authority Key Identifier:
                keyid:1F:4D:B9:AC:6B:63:10:8A:19:BD:CD:BE:EC:FF:44:98:42:C8:D6:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/H025rGtjEIoZvc2-7P9EmELI1qA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/H025rGtjEIoZvc2-7P9EmELI1qA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36960E7/1C0AE63EEB7711EB80DE7C1ED8A014CE/DBFE937C426511EEBE348D774AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:e9:4c:24:35:53:e9:46:9b:59:2c:e5:00:d9:68:b9:6f:9d:
         90:11:0f:b0:f5:4a:25:81:45:d7:7f:e1:b6:08:69:b4:00:6c:
         64:dd:8f:63:56:27:32:61:93:eb:bf:04:e2:3f:9f:89:29:99:
         da:78:d8:9e:10:14:b8:78:e9:a6:cf:64:d8:d3:15:a4:84:4e:
         fe:2e:39:f9:e5:5e:bb:b5:cd:a1:ba:d4:44:b0:43:ef:28:8f:
         83:95:9d:68:aa:81:7e:0a:22:a1:76:8d:42:0a:57:58:02:4e:
         21:dd:b6:0b:b1:ec:5a:f6:be:90:9d:2f:02:9b:61:89:73:05:
         0c:fd:fe:f4:57:ca:fa:54:9b:cd:0f:33:c9:4f:b1:20:08:e2:
         a3:0e:45:ce:4d:e8:1c:e9:d6:93:4a:b2:27:b2:6f:83:99:a6:
         38:47:9d:0c:fb:cb:b3:a4:b4:a8:5f:6e:ea:e3:e5:4c:dc:fa:
         8c:7e:d6:54:0a:d5:77:aa:b7:a2:55:b9:0a:8c:15:b9:fb:20:
         37:d8:b1:f7:b1:46:51:78:4d:2d:17:8b:c4:b0:53:2d:e7:ca:
         e7:8d:6e:75:55:aa:e7:38:77:00:c2:6c:74:ad:a0:58:db:a1:
         45:9d:3c:1c:6c:37:e4:17:5e:cc:d4:a5:cf:4c:30:1b:d6:b2:
         b0:5a:03:0a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAzAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTYwRTdBRjExMC8GA1UEBRMoMUY0REI5QUM2QjYzMTA4QTE5QkRDREJFRUNGRjQ0
OTg0MkM4RDZBMDAeFw0yMzA4MjQxMDA2MTFaFw0yNjA5MDExMDA2MTFaMBgxFjAU
BgNVBAMTDTY0ZTcyYjk2LTYxMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDuvKQURs3wBuUJre7ApklQNvSci4eLXrQthUvaTLH+gAEzCyEn5OaM1Dq
8jW6BKQwbdaBpqtxs/ir4PvAVvI/KqUepnvajh7m0lpINCqQ1ZX4VIUvJT4gyt0A
QrjnYLZzBPC7WFjXY89meQPwO/cOHA+BGEbI73wKBDayLRL5vaRpUA2VtmN4gCiG
g8ePoAdtqL5adOvC2qinqibR2rR8pDkB7cDkV9L2DcfKzI/Jaz0mqIR0b38iODys
IDUxnNGKLMsjcPt+MpTTnGGcO6/5MpOIieQ278okFlgCElGkCWOn1nfpckai4XiR
nZ6apiZ8RrGGEpB81eOknZ8X/2exAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUn4NB
+J4xQUc6BNdJa2teYZ+kdpAwHwYDVR0jBBgwFoAUH025rGtjEIoZvc2+7P9EmELI
1qAwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2MEU3LzFDMEFFNjNFRUI3NzExRUI4MERFN0MxRUQ4QTAxNENFL0gwMjVy
R3RqRUlvWnZjMi03UDlFbUVMSTFxQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0gwMjVyR3RqRUlvWnZjMi03UDlFbUVMSTFxQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2MEU3LzFDMEFFNjNFRUI3NzExRUI4MERFN0MxRUQ4
QTAxNENFL0RCRkU5MzdDNDI2NTExRUVCRTM0OEQ3NzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm3BIwDQYJKoZIhvcNAQEL
BQADggEBAJTpTCQ1U+lGm1ks5QDZaLlvnZARD7D1SiWBRdd/4bYIabQAbGTdj2NW
JzJhk+u/BOI/n4kpmdp42J4QFLh46abPZNjTFaSETv4uOfnlXru1zaG61ESwQ+8o
j4OVnWiqgX4KIqF2jUIKV1gCTiHdtgux7Fr2vpCdLwKbYYlzBQz9/vRXyvpUm80P
M8lPsSAI4qMORc5N6Bzp1pNKsieyb4OZpjhHnQz7y7OktKhfburj5Uzc+ox+1lQK
1Xeqt6JVuQqMFbn7IDfYsfexRlF4TS0Xi8SwUy3nyueNbnVVquc4dwDCbHStoFjb
oUWdPBxsN+QXXszUpc9MMBvWsrBaAwo=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:00:08 2024 by rpki-client on console-fra.rpki-client.org