Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/8331CC34376911EEAA8EFF424AD9E6FC.roa
File:                     8331CC34376911EEAA8EFF424AD9E6FC.roa (raw, json)
Hash identifier:          0/Dh/phm1Ej6zfuxxZR9ocsLV8tECuhD2Hfk/8sF7Vo=
Subject key identifier:   10:27:F4:69:0A:55:52:18:91:02:A5:71:3B:50:83:1E:C8:66:53:53
Certificate issuer:       /CN=F3697B99AF/serialNumber=B4109BEDC4778727E24E9A377CC617BC07C0A735
Certificate serial:       0D
Authority key identifier: B4:10:9B:ED:C4:77:87:27:E2:4E:9A:37:7C:C6:17:BC:07:C0:A7:35
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/tBCb7cR3hyfiTpo3fMYXvAfApzU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/8331CC34376911EEAA8EFF424AD9E6FC.roa
Signing time:             Thu 10 Aug 2023 10:34:41 +0000
ROA not before:           Thu 10 Aug 2023 10:34:37 +0000
ROA not after:            Wed 10 Aug 2033 10:34:37 +0000
asID:                     328792
IP address blocks:        102.221.52.0/22 maxlen: 22
                          2c0f:5600::/32 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/tBCb7cR3hyfiTpo3fMYXvAfApzU.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/tBCb7cR3hyfiTpo3fMYXvAfApzU.mft
                          rsync://rpki.afrinic.net/repository/afrinic/tBCb7cR3hyfiTpo3fMYXvAfApzU.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13 (0xd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3697B99AF/serialNumber=B4109BEDC4778727E24E9A377CC617BC07C0A735
        Validity
            Not Before: Aug 10 10:34:37 2023 GMT
            Not After : Aug 10 10:34:37 2033 GMT
        Subject: CN=64d4bd41-2151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:48:7d:d5:ca:6e:1d:41:c4:ac:4b:0f:10:fb:
                    6c:7a:e0:17:38:a6:4a:9c:1c:fb:3a:99:a8:59:13:
                    af:d9:01:15:18:5e:64:da:c8:6c:a4:c6:b1:99:2c:
                    d3:b3:83:94:99:af:97:1f:74:55:bb:33:dd:41:16:
                    68:79:1d:e5:40:28:e4:00:06:b6:c8:53:fb:a4:12:
                    3d:19:de:0d:bf:24:6e:51:24:e2:5b:aa:2a:4d:8b:
                    6a:2a:a6:b2:c0:0e:47:8d:4d:80:c8:fa:91:7c:bb:
                    fa:7e:7f:b1:34:45:d8:ee:6b:51:27:d4:f3:ab:84:
                    18:fd:f0:fe:e8:f5:e9:15:f7:d2:e9:23:af:ca:dd:
                    0d:00:a9:10:63:3e:71:b4:48:e2:dc:de:86:39:e4:
                    55:a3:7a:ea:53:4f:b8:2f:1f:aa:aa:b3:1b:7b:9b:
                    87:bf:61:66:80:36:6c:24:e8:d9:65:3c:70:7e:ee:
                    ad:4a:16:81:78:4c:d1:c3:16:18:bc:07:d3:4a:2f:
                    bd:72:f4:91:32:65:52:dc:00:35:8a:51:b1:dc:5d:
                    99:bc:c9:4b:4f:ba:33:14:55:b5:bd:64:e7:3a:9c:
                    aa:25:fe:8c:26:1c:21:a8:b7:c8:83:08:95:39:de:
                    11:8b:c2:c0:dc:eb:33:4e:4d:9f:71:c4:48:8b:b3:
                    df:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:27:F4:69:0A:55:52:18:91:02:A5:71:3B:50:83:1E:C8:66:53:53
            X509v3 Authority Key Identifier:
                keyid:B4:10:9B:ED:C4:77:87:27:E2:4E:9A:37:7C:C6:17:BC:07:C0:A7:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/tBCb7cR3hyfiTpo3fMYXvAfApzU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/tBCb7cR3hyfiTpo3fMYXvAfApzU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3697B99/11FE3600376011EEA28A212C4AD9E6FC/8331CC34376911EEAA8EFF424AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.221.52.0/22
                IPv6:
                  2c0f:5600::/32

    Signature Algorithm: sha256WithRSAEncryption
         04:48:cd:a6:06:ed:ff:b3:9d:32:37:ed:2c:ca:5e:ba:72:3c:
         8e:38:95:3b:c0:6c:d9:16:5a:ec:30:24:30:41:27:cd:ab:ec:
         f3:78:af:e8:4b:25:16:78:55:09:26:7a:4a:83:4b:23:07:cf:
         8a:87:b0:52:bf:d6:98:7d:11:56:a6:8e:f1:d7:41:86:ca:70:
         19:ba:1d:9d:e0:17:6f:55:8e:de:65:47:13:4e:56:3d:89:51:
         51:a0:2f:15:47:74:17:71:6d:3e:0e:7c:fb:27:5d:9a:76:2c:
         d3:82:2a:ac:8f:6b:cf:e6:4c:15:77:f7:3d:1f:1a:a9:7e:0a:
         d2:f9:0d:50:35:96:df:d9:42:e1:39:4a:b4:88:60:c4:6c:a7:
         dc:e0:05:cd:b4:45:47:fc:62:d1:21:96:80:8d:49:f8:aa:2c:
         55:74:f7:d5:af:5c:33:ee:74:e7:d7:e8:e3:b2:f4:5a:69:36:
         f6:a3:67:89:ee:c0:d6:a0:80:82:e6:2f:e4:55:65:a0:71:ed:
         13:43:f4:cc:fd:d1:85:8a:3b:7c:e1:b1:e9:72:ff:a0:4d:f8:
         f8:97:c3:4d:1a:40:a9:2d:78:b1:1f:82:32:66:35:ca:4f:ff:
         20:31:4b:fe:e6:89:f6:90:9e:7f:37:da:75:c6:a9:4a:57:04:
         f2:2f:45:17
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBDTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
N0I5OUFGMTEwLwYDVQQFEyhCNDEwOUJFREM0Nzc4NzI3RTI0RTlBMzc3Q0M2MTdC
QzA3QzBBNzM1MB4XDTIzMDgxMDEwMzQzN1oXDTMzMDgxMDEwMzQzN1owGDEWMBQG
A1UEAxMNNjRkNGJkNDEtMjE1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpIfdXKbh1BxKxLDxD7bHrgFzimSpwc+zqZqFkTr9kBFRheZNrIbKTGsZks
07ODlJmvlx90Vbsz3UEWaHkd5UAo5AAGtshT+6QSPRneDb8kblEk4luqKk2Laiqm
ssAOR41NgMj6kXy7+n5/sTRF2O5rUSfU86uEGP3w/uj16RX30ukjr8rdDQCpEGM+
cbRI4tzehjnkVaN66lNPuC8fqqqzG3ubh79hZoA2bCTo2WU8cH7urUoWgXhM0cMW
GLwH00ovvXL0kTJlUtwANYpRsdxdmbzJS0+6MxRVtb1k5zqcqiX+jCYcIai3yIMI
lTneEYvCwNzrM05Nn3HESIuz308CAwEAAaOCArQwggKwMB0GA1UdDgQWBBQQJ/Rp
ClVSGJECpXE7UIMeyGZTUzAfBgNVHSMEGDAWgBS0EJvtxHeHJ+JOmjd8xhe8B8Cn
NTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTdCOTkvMTFGRTM2MDAzNzYwMTFFRUEyOEEyMTJDNEFEOUU2RkMvdEJDYjdj
UjNoeWZpVHBvM2ZNWVh2QWZBcHpVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdEJDYjdjUjNoeWZpVHBvM2ZNWVh2QWZBcHpVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTdCOTkvMTFGRTM2MDAzNzYwMTFFRUEyOEEyMTJDNEFE
OUU2RkMvODMzMUNDMzQzNzY5MTFFRUFBOEVGRjQyNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbdNDANBAIAAjAHAwUALA9W
ADANBgkqhkiG9w0BAQsFAAOCAQEABEjNpgbt/7OdMjftLMpeunI8jjiVO8Bs2RZa
7DAkMEEnzavs83iv6EslFnhVCSZ6SoNLIwfPioewUr/WmH0RVqaO8ddBhspwGbod
neAXb1WO3mVHE05WPYlRUaAvFUd0F3FtPg58+yddmnYs04IqrI9rz+ZMFXf3PR8a
qX4K0vkNUDWW39lC4TlKtIhgxGyn3OAFzbRFR/xi0SGWgI1J+KosVXT31a9cM+50
59fo47L0Wmk29qNnie7A1qCAguYv5FVloHHtE0P0zP3RhYo7fOGx6XL/oE34+JfD
TRpAqS14sR+CMmY1yk//IDFL/uaJ9pCefzfadcapSlcE8i9FFw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:15 2024 by rpki-client on console-ams.rpki-client.org