Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/A3D4606C430411EFBDC07EAC762E951A.roa
File:                     A3D4606C430411EFBDC07EAC762E951A.roa (raw, json)
Hash identifier:          9IqyIokWNrFYGoJ+obVbpSSLO5C/RYfxUB6UvsHP3GU=
Subject key identifier:   1B:78:37:95:3B:90:5A:9A:E0:91:C8:91:D7:A6:73:45:59:5E:96:E9
Certificate issuer:       /CN=F36C1FBFAF/serialNumber=7DEAB771D66B17B0EE872E91F18D3C5A16C22FB0
Certificate serial:       0D
Authority key identifier: 7D:EA:B7:71:D6:6B:17:B0:EE:87:2E:91:F1:8D:3C:5A:16:C2:2F:B0
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/A3D4606C430411EFBDC07EAC762E951A.roa
Signing time:             Mon 15 Jul 2024 23:47:48 +0000
ROA not before:           Tue 16 Jul 2024 23:47:44 +0000
ROA not after:            Sun 31 Dec 2034 23:47:44 +0000
asID:                     329197
IP address blocks:        102.213.164.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.mft
                          rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13 (0xd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C1FBFAF/serialNumber=7DEAB771D66B17B0EE872E91F18D3C5A16C22FB0
        Validity
            Not Before: Jul 16 23:47:44 2024 GMT
            Not After : Dec 31 23:47:44 2034 GMT
        Subject: CN=6695b524-1bd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:13:c2:7a:34:55:57:79:92:bc:ce:99:d2:60:
                    a7:e1:68:f8:ad:7a:94:bf:2b:7c:22:f2:0c:40:3a:
                    1d:8f:f2:b3:02:7d:57:3f:02:84:59:29:a8:57:6b:
                    8d:ee:64:0f:e3:68:36:b4:0b:6d:b0:a2:ae:77:31:
                    55:e8:da:45:9c:69:8b:cc:29:ef:7a:16:e1:ee:ae:
                    a3:a2:1d:a3:23:f4:f1:09:39:ac:c6:5e:d6:3b:fd:
                    ce:a7:0c:a4:c6:e6:a6:44:ec:ef:f2:97:d0:ac:4d:
                    dc:7c:94:ee:50:41:be:7b:f0:e1:b5:e6:b6:2c:ec:
                    53:90:f1:f6:3a:58:93:1c:26:6e:7b:86:b7:19:80:
                    82:68:38:93:76:e0:c4:b0:d0:67:78:ce:2e:2a:cc:
                    9e:47:96:4a:53:37:ba:6b:74:a0:9b:4f:42:2d:81:
                    88:9a:9d:65:c2:bb:ee:2a:51:75:4b:e4:8c:ce:b4:
                    8c:9d:fb:63:65:92:ca:ab:d8:5d:df:7d:c1:55:b2:
                    ba:a3:dd:be:fd:5e:35:37:f8:2f:3e:ad:d6:0e:db:
                    b8:0c:b2:32:e2:60:2a:ef:ad:00:59:8d:95:19:ac:
                    70:58:81:45:ad:77:91:81:e1:73:72:0a:0c:fe:1d:
                    5d:13:86:56:a5:55:6d:a3:38:29:56:1e:37:f2:1c:
                    dd:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:78:37:95:3B:90:5A:9A:E0:91:C8:91:D7:A6:73:45:59:5E:96:E9
            X509v3 Authority Key Identifier:
                keyid:7D:EA:B7:71:D6:6B:17:B0:EE:87:2E:91:F1:8D:3C:5A:16:C2:2F:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/feq3cdZrF7Duhy6R8Y08WhbCL7A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/feq3cdZrF7Duhy6R8Y08WhbCL7A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C1FBF/156436D23E7B11EF81CBC680762E951A/A3D4606C430411EFBDC07EAC762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.213.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         95:92:e0:72:aa:c8:63:82:bd:1e:b7:f8:13:77:83:85:21:84:
         c5:9a:c4:51:2b:a1:54:66:68:bb:8a:42:69:8d:63:ee:3a:e4:
         ee:72:22:43:29:a7:50:5d:93:6a:d0:2b:8e:a3:c4:32:45:a5:
         f1:c6:81:4c:cb:7a:14:f0:a4:f2:03:79:4c:9d:f7:71:29:65:
         dd:88:1b:e6:ca:d9:04:ca:3e:0f:f6:eb:14:41:1b:ec:06:21:
         89:35:00:ce:cc:05:02:37:80:cd:dd:32:9b:0c:35:89:fa:6b:
         95:c5:0d:75:61:67:a7:b0:61:04:e7:43:93:11:54:44:46:01:
         1d:e6:af:23:2e:1f:25:9f:ef:66:3f:7a:89:8b:3a:db:75:58:
         4a:ba:b2:9b:e1:6f:bc:f0:36:b3:87:ed:8b:25:f8:44:3a:f6:
         be:fd:c7:e2:88:34:ca:db:39:0f:29:88:47:58:02:14:ae:e1:
         cf:ac:2b:5e:b1:25:06:ff:af:93:a2:b1:96:5f:c6:db:f1:ed:
         74:35:4c:b5:14:61:79:97:81:4e:3f:5c:5b:6b:5d:08:14:3d:
         71:70:53:c2:fb:3c:af:e1:9f:9d:9b:6f:19:51:e9:e8:cd:1f:
         89:2f:f4:17:be:56:9c:84:9e:09:86:8c:0a:c8:24:f0:e4:49:
         80:0d:cb:fb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MUZCRkFGMTEwLwYDVQQFEyg3REVBQjc3MUQ2NkIxN0IwRUU4NzJFOTFGMThEM0M1
QTE2QzIyRkIwMB4XDTI0MDcxNjIzNDc0NFoXDTM0MTIzMTIzNDc0NFowGDEWMBQG
A1UEAxMNNjY5NWI1MjQtMWJkNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8Twno0VVd5krzOmdJgp+Fo+K16lL8rfCLyDEA6HY/yswJ9Vz8ChFkpqFdr
je5kD+NoNrQLbbCirncxVejaRZxpi8wp73oW4e6uo6IdoyP08Qk5rMZe1jv9zqcM
pMbmpkTs7/KX0KxN3HyU7lBBvnvw4bXmtizsU5Dx9jpYkxwmbnuGtxmAgmg4k3bg
xLDQZ3jOLirMnkeWSlM3umt0oJtPQi2BiJqdZcK77ipRdUvkjM60jJ37Y2WSyqvY
Xd99wVWyuqPdvv1eNTf4Lz6t1g7buAyyMuJgKu+tAFmNlRmscFiBRa13kYHhc3IK
DP4dXROGVqVVbaM4KVYeN/Ic3ZkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQbeDeV
O5BamuCRyJHXpnNFWV6W6TAfBgNVHSMEGDAWgBR96rdx1msXsO6HLpHxjTxaFsIv
sDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzFGQkYvMTU2NDM2RDIzRTdCMTFFRjgxQ0JDNjgwNzYyRTk1MUEvZmVxM2Nk
WnJGN0R1aHk2UjhZMDhXaGJDTDdBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZmVxM2NkWnJGN0R1aHk2UjhZMDhXaGJDTDdBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzFGQkYvMTU2NDM2RDIzRTdCMTFFRjgxQ0JDNjgwNzYy
RTk1MUEvQTNENDYwNkM0MzA0MTFFRkJEQzA3RUFDNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbVpDANBgkqhkiG9w0BAQsF
AAOCAQEAlZLgcqrIY4K9Hrf4E3eDhSGExZrEUSuhVGZou4pCaY1j7jrk7nIiQymn
UF2TatArjqPEMkWl8caBTMt6FPCk8gN5TJ33cSll3Ygb5srZBMo+D/brFEEb7AYh
iTUAzswFAjeAzd0ymww1ifprlcUNdWFnp7BhBOdDkxFUREYBHeavIy4fJZ/vZj96
iYs623VYSrqym+FvvPA2s4ftiyX4RDr2vv3H4og0yts5DymIR1gCFK7hz6wrXrEl
Bv+vk6Kxll/G2/HtdDVMtRRheZeBTj9cW2tdCBQ9cXBTwvs8r+GfnZtvGVHp6M0f
iS/0F75WnISeCYaMCsgk8ORJgA3L+w==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:47 2024 by rpki-client on console-ams.rpki-client.org