Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/566A83AA430511EF844C1DB1762E951A.roa
File:                     566A83AA430511EF844C1DB1762E951A.roa (raw, json)
Hash identifier:          3CxTm0i68S/FmnD+uRMGW0xz05Dx2wCWoc1Sv8sc/7w=
Subject key identifier:   8D:C6:9F:0F:61:08:E7:86:E2:B1:A8:89:95:D6:4F:69:E9:89:12:ED
Certificate issuer:       /CN=F36C1FBFAF/serialNumber=7DEAB771D66B17B0EE872E91F18D3C5A16C22FB0
Certificate serial:       0F
Authority key identifier: 7D:EA:B7:71:D6:6B:17:B0:EE:87:2E:91:F1:8D:3C:5A:16:C2:2F:B0
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/566A83AA430511EF844C1DB1762E951A.roa
Signing time:             Mon 15 Jul 2024 23:52:48 +0000
ROA not before:           Tue 16 Jul 2024 23:52:44 +0000
ROA not after:            Sun 31 Dec 2034 23:52:44 +0000
asID:                     327693
IP address blocks:        102.213.164.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.mft
                          rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15 (0xf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C1FBFAF/serialNumber=7DEAB771D66B17B0EE872E91F18D3C5A16C22FB0
        Validity
            Not Before: Jul 16 23:52:44 2024 GMT
            Not After : Dec 31 23:52:44 2034 GMT
        Subject: CN=6695b64f-b202
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:6c:bb:5a:2e:b1:4c:22:1f:95:f2:0a:39:4d:
                    49:23:ac:68:bb:1d:34:b1:0c:21:e4:5c:b1:d6:c4:
                    a2:64:74:5f:2d:63:54:3e:1c:c2:99:3e:b5:0b:c8:
                    ab:b7:47:e5:f4:02:91:74:7f:75:cf:a5:ab:35:2c:
                    66:8e:f1:9c:ee:4a:54:47:91:ce:5a:28:71:cb:9d:
                    77:fa:cb:d1:ab:ed:4b:3a:c7:71:e5:6f:2e:f9:75:
                    9b:cc:ea:4d:12:77:3c:d0:c0:f1:35:cc:9c:5b:c2:
                    73:fc:26:dd:a5:68:1a:8e:38:00:ce:40:25:90:64:
                    8d:5e:b0:64:20:6f:f0:fd:9b:5e:d6:30:79:82:a2:
                    ed:f2:00:3a:8d:13:1b:5d:91:cc:1b:39:57:a9:0e:
                    3b:1c:40:8b:12:5f:f5:40:ba:e0:68:ff:eb:76:6d:
                    0f:cc:cf:36:fb:88:36:90:40:b5:5b:3f:0d:d6:78:
                    f3:e3:01:2b:0d:c4:38:a9:a7:85:86:72:d1:97:ba:
                    45:c8:d0:d8:f0:70:c4:b8:9c:76:03:20:f7:7f:55:
                    e8:88:51:1c:15:14:fd:23:22:92:5d:43:e8:b7:a4:
                    f9:16:08:06:cf:40:e2:41:b8:40:b1:01:ec:92:a8:
                    4e:f2:bb:02:71:0a:21:3c:0e:7b:6d:28:ba:0c:7a:
                    ad:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:C6:9F:0F:61:08:E7:86:E2:B1:A8:89:95:D6:4F:69:E9:89:12:ED
            X509v3 Authority Key Identifier:
                keyid:7D:EA:B7:71:D6:6B:17:B0:EE:87:2E:91:F1:8D:3C:5A:16:C2:2F:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/566A83AA430511EF844C1DB1762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.213.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8c:dc:b9:d0:9c:79:98:64:79:e3:76:95:d9:73:fe:c5:90:00:
         99:c5:cf:fd:2f:4f:9e:14:a7:5f:ed:ab:48:2b:e5:d8:ff:43:
         08:da:91:28:69:73:83:47:6a:eb:b5:20:c8:a9:84:5d:cd:07:
         85:9f:90:79:29:ce:79:c2:58:0a:82:f8:16:ae:fa:71:02:89:
         1e:3e:23:c9:f5:55:0b:9c:e3:d0:14:30:f7:96:67:12:da:7e:
         66:bf:e5:bc:35:a3:ac:63:02:a3:cf:61:d6:03:17:63:84:3c:
         ac:d9:5f:8a:34:5d:76:3e:2b:cf:ca:b9:ec:6b:b9:bd:2e:9a:
         ef:da:46:ce:ed:18:9f:26:36:5c:b8:dd:81:77:f0:73:50:1d:
         37:ec:ee:94:28:05:e9:e8:42:37:81:45:dd:de:29:c2:7d:91:
         8c:07:f3:7c:70:ba:ff:99:fb:44:09:c6:40:45:6c:85:67:4a:
         71:be:f6:1c:ca:23:00:75:f2:1a:e9:0f:07:41:a6:78:63:f0:
         96:81:0e:77:1b:26:02:fc:9b:8e:51:39:ed:e7:ed:46:ed:38:
         71:44:a2:55:95:04:98:ab:d2:50:81:d8:89:e1:53:27:5f:9a:
         ea:8d:8b:09:b0:0c:a7:b4:1e:fd:fc:0f:5e:86:cb:c3:50:93:
         2b:44:47:ed
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MUZCRkFGMTEwLwYDVQQFEyg3REVBQjc3MUQ2NkIxN0IwRUU4NzJFOTFGMThEM0M1
QTE2QzIyRkIwMB4XDTI0MDcxNjIzNTI0NFoXDTM0MTIzMTIzNTI0NFowGDEWMBQG
A1UEAxMNNjY5NWI2NGYtYjIwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZsu1ousUwiH5XyCjlNSSOsaLsdNLEMIeRcsdbEomR0Xy1jVD4cwpk+tQvI
q7dH5fQCkXR/dc+lqzUsZo7xnO5KVEeRzlooccudd/rL0avtSzrHceVvLvl1m8zq
TRJ3PNDA8TXMnFvCc/wm3aVoGo44AM5AJZBkjV6wZCBv8P2bXtYweYKi7fIAOo0T
G12RzBs5V6kOOxxAixJf9UC64Gj/63ZtD8zPNvuINpBAtVs/DdZ48+MBKw3EOKmn
hYZy0Ze6RcjQ2PBwxLicdgMg939V6IhRHBUU/SMikl1D6Lek+RYIBs9A4kG4QLEB
7JKoTvK7AnEKITwOe20ougx6rTcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSNxp8P
YQjnhuKxqImV1k9p6YkS7TAfBgNVHSMEGDAWgBR96rdx1msXsO6HLpHxjTxaFsIv
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzFGQkYvMTU2NDM2RDIzRTdCMTFFRjgxQ0JDNjgwNzYyRTk1MUEvZmVxM2Nk
WnJGN0R1aHk2UjhZMDhXaGJDTDdBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZmVxM2NkWnJGN0R1aHk2UjhZMDhXaGJDTDdBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzFGQkYvMTU2NDM2RDIzRTdCMTFFRjgxQ0JDNjgwNzYy
RTk1MUEvNTY2QTgzQUE0MzA1MTFFRjg0NEMxREIxNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbVpDANBgkqhkiG9w0BAQsF
AAOCAQEAjNy50Jx5mGR543aV2XP+xZAAmcXP/S9PnhSnX+2rSCvl2P9DCNqRKGlz
g0dq67UgyKmEXc0HhZ+QeSnOecJYCoL4Fq76cQKJHj4jyfVVC5zj0BQw95ZnEtp+
Zr/lvDWjrGMCo89h1gMXY4Q8rNlfijRddj4rz8q57Gu5vS6a79pGzu0YnyY2XLjd
gXfwc1AdN+zulCgF6ehCN4FF3d4pwn2RjAfzfHC6/5n7RAnGQEVshWdKcb72HMoj
AHXyGukPB0GmeGPwloEOdxsmAvybjlE57eftRu04cUSiVZUEmKvSUIHYieFTJ1+a
6o2LCbAMp7Qe/fwPXobLw1CTK0RH7Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:47 2024 by rpki-client on console-ams.rpki-client.org