Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/64579188F36311EF961F435D762E951A.roa
File:                     64579188F36311EF961F435D762E951A.roa (raw, json)
Hash identifier:          ZkAad2oBHy70JS26s+e7DktMHSKgL2XdJzU4c7fdddc=
Subject key identifier:   B1:8E:CB:98:AF:81:CB:83:50:98:FD:EC:BB:B2:C8:95:1B:4B:F6:56
Certificate issuer:       /CN=F367CD72AF/serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Certificate serial:       77
Authority key identifier: 77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/64579188F36311EF961F435D762E951A.roa
Signing time:             Tue 25 Feb 2025 10:29:28 +0000
ROA not before:           Tue 25 Feb 2025 10:29:24 +0000
ROA not after:            Sun 31 Dec 2028 10:29:24 +0000
asID:                     30985
IP address blocks:        102.217.24.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 30 Apr 2025 00:06:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119 (0x77)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367CD72AF, serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
        Validity
            Not Before: Feb 25 10:29:24 2025 GMT
            Not After : Dec 31 10:29:24 2028 GMT
        Subject: CN=67bd9b88-f6f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:c0:55:be:93:c5:a7:31:3a:b1:61:b9:a9:c1:
                    72:20:e3:10:d3:db:57:ef:77:c1:a7:8c:8d:8c:71:
                    39:b8:07:f5:a4:77:e1:fd:9b:16:57:a3:08:7e:78:
                    4a:81:84:de:96:a2:90:fb:f7:fc:7f:10:32:a0:4e:
                    23:72:e4:09:08:01:14:de:14:1e:d2:8b:0b:08:5b:
                    42:f7:84:ae:af:e2:f9:db:fc:83:4d:72:38:28:93:
                    d5:f3:31:7f:52:76:c9:b2:f1:d4:63:3b:42:59:4f:
                    1b:65:0b:1c:c5:05:c5:72:15:c6:e0:a2:0b:23:e4:
                    f9:25:a5:72:8c:ad:65:be:b2:b5:ab:51:0c:f2:fe:
                    b0:d2:ed:28:30:4d:d3:83:c7:2c:08:44:ab:bf:e0:
                    34:ce:d5:0d:ea:f5:f0:f5:26:75:8c:be:f8:c4:d6:
                    c7:44:80:9f:38:ff:09:ef:5d:59:d0:b9:a4:9c:e4:
                    1b:68:25:68:2c:42:22:c5:66:9d:4a:48:70:38:a2:
                    44:a1:8d:c6:de:ae:de:c3:a6:18:91:fe:ef:fb:f8:
                    d1:32:e3:4e:60:f2:51:48:c4:09:a5:e2:41:8a:d7:
                    7a:8f:38:99:fd:a3:5c:c2:00:a6:de:ad:ec:83:13:
                    67:55:f8:e7:93:2b:bf:9e:a9:dd:9e:69:a1:da:c1:
                    7b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:8E:CB:98:AF:81:CB:83:50:98:FD:EC:BB:B2:C8:95:1B:4B:F6:56
            X509v3 Authority Key Identifier:
                keyid:77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/64579188F36311EF961F435D762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6f:ca:48:ce:93:87:f5:2e:48:32:6c:55:cd:a2:d9:40:25:da:
         e6:47:ab:61:e6:e0:01:0c:39:8d:e9:f8:b0:f7:53:9b:c4:e1:
         4c:75:d2:98:d2:16:c7:a5:f7:40:eb:39:6e:fe:c3:01:92:0b:
         50:d2:bd:62:49:30:65:b0:5e:d4:15:4d:18:4f:83:9c:18:01:
         8b:67:37:34:fa:29:49:ff:1a:36:8e:4e:59:03:b6:c0:77:23:
         a8:81:52:76:a2:6a:d9:50:90:71:77:fc:b7:a3:96:aa:6a:b5:
         0a:79:06:41:b7:44:c7:10:fd:51:54:49:0a:3f:2c:e2:e3:77:
         8b:c0:8a:17:b4:9d:32:e1:a3:1c:04:54:a2:d8:b0:2f:8d:78:
         96:77:07:1f:46:f5:d5:2a:ad:7b:fa:09:ac:b9:77:d2:81:07:
         b4:b6:cb:58:7e:38:90:b8:b0:e5:90:e0:a0:5d:7d:04:4d:06:
         be:46:2b:5d:19:f5:ee:72:41:18:f4:3f:34:51:1b:f6:d9:98:
         49:01:37:46:e6:b5:bb:ef:0e:2f:a7:b6:15:f8:67:07:88:fc:
         78:e6:3c:49:ac:a9:82:51:f6:43:fe:0a:9b:1d:5d:0e:c5:2a:
         1d:1a:c1:58:5d:eb:b5:de:f9:45:3e:d4:f6:20:ef:d5:7e:ce:
         80:9c:a6:95
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBdzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
Q0Q3MkFGMTEwLwYDVQQFEyg3NzA4RTY2RjFDMDdDMUQ3NjcwQUVCREJBRTE4NkRB
NDJCQ0IzMEM3MB4XDTI1MDIyNTEwMjkyNFoXDTI4MTIzMTEwMjkyNFowGDEWMBQG
A1UEAxMNNjdiZDliODgtZjZmOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOXAVb6TxacxOrFhuanBciDjENPbV+93waeMjYxxObgH9aR34f2bFlejCH54
SoGE3paikPv3/H8QMqBOI3LkCQgBFN4UHtKLCwhbQveErq/i+dv8g01yOCiT1fMx
f1J2ybLx1GM7QllPG2ULHMUFxXIVxuCiCyPk+SWlcoytZb6ytatRDPL+sNLtKDBN
04PHLAhEq7/gNM7VDer18PUmdYy++MTWx0SAnzj/Ce9dWdC5pJzkG2glaCxCIsVm
nUpIcDiiRKGNxt6u3sOmGJH+7/v40TLjTmDyUUjECaXiQYrXeo84mf2jXMIApt6t
7IMTZ1X455Mrv56p3Z5podrBe88CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSxjsuY
r4HLg1CY/ey7ssiVG0v2VjAfBgNVHSMEGDAWgBR3COZvHAfB12cK69uuGG2kK8sw
xzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYyRTk1MUEvZHdqbWJ4
d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZHdqbWJ4d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYy
RTk1MUEvNjQ1NzkxODhGMzYzMTFFRjk2MUY0MzVENzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbZGDANBgkqhkiG9w0BAQsF
AAOCAQEAb8pIzpOH9S5IMmxVzaLZQCXa5kerYebgAQw5jen4sPdTm8ThTHXSmNIW
x6X3QOs5bv7DAZILUNK9YkkwZbBe1BVNGE+DnBgBi2c3NPopSf8aNo5OWQO2wHcj
qIFSdqJq2VCQcXf8t6OWqmq1CnkGQbdExxD9UVRJCj8s4uN3i8CKF7SdMuGjHARU
otiwL414lncHH0b11Sqte/oJrLl30oEHtLbLWH44kLiw5ZDgoF19BE0GvkYrXRn1
7nJBGPQ/NFEb9tmYSQE3Rua1u+8OL6e2FfhnB4j8eOY8SaypglH2Q/4Kmx1dDsUq
HRrBWF3rtd75RT7U9iDv1X7OgJymlQ==
-----END CERTIFICATE-----