Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/E61ECE6CF16711ECAF9FC9C5F1222468.roa
File:                     E61ECE6CF16711ECAF9FC9C5F1222468.roa (raw, json)
Hash identifier:          E5T3u9+Nvv+e6OXP5qapGJd3sqCIYjsS23WS1SQsOII=
Subject key identifier:   89:45:93:CB:30:56:C0:6C:72:F8:B0:BE:8F:38:F1:5F:16:38:D5:3C
Certificate issuer:       /CN=F362F418AF/serialNumber=EDF8D8DAB4B2E668954A40BA56DD21C6452839DC
Certificate serial:       02
Authority key identifier: ED:F8:D8:DA:B4:B2:E6:68:95:4A:40:BA:56:DD:21:C6:45:28:39:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/E61ECE6CF16711ECAF9FC9C5F1222468.roa
Signing time:             Tue 21 Jun 2022 13:41:49 +0000
ROA not before:           Tue 21 Jun 2022 13:41:45 +0000
ROA not after:            Wed 30 Jun 2027 13:41:45 +0000
asID:                     328763
IP address blocks:        102.221.0.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362F418AF/serialNumber=EDF8D8DAB4B2E668954A40BA56DD21C6452839DC
        Validity
            Not Before: Jun 21 13:41:45 2022 GMT
            Not After : Jun 30 13:41:45 2027 GMT
        Subject: CN=62b1ca9d-3d59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:db:85:c9:0e:31:24:40:74:69:e3:20:8a:e6:
                    b0:84:04:a0:f4:78:04:ea:80:c8:36:99:c0:42:21:
                    f5:94:ca:1b:2c:b9:92:3a:3f:3d:ed:33:b9:f7:db:
                    94:99:6b:81:ac:2a:0f:b8:eb:05:25:07:db:76:9b:
                    c8:ba:5e:1a:16:55:4f:c5:ac:48:1f:4e:a9:55:92:
                    92:9b:08:da:7e:64:4c:71:11:c0:6a:06:c5:96:33:
                    b3:90:ac:b5:60:7f:78:2a:97:ea:8b:08:44:cb:6e:
                    01:3a:f2:11:fa:83:3d:8d:36:b6:65:cf:bb:45:07:
                    17:2b:14:b7:26:5c:7f:09:58:78:b8:9e:dc:03:25:
                    0a:ad:e6:ba:5f:9a:0a:f1:9f:88:f3:cb:cf:e9:3a:
                    f7:0d:a8:d4:3b:03:3a:14:0d:64:55:ae:95:89:55:
                    9d:8a:f4:8e:f5:08:82:bd:06:92:af:8f:d8:d4:77:
                    cf:0b:02:37:8a:3d:5d:36:90:f5:b6:11:11:06:c0:
                    2c:e5:0a:d4:44:71:25:6c:84:05:63:14:ad:bf:38:
                    37:f1:40:de:b0:d2:ae:9b:00:a8:c8:6c:e3:34:64:
                    55:af:85:55:c3:b2:d4:22:03:6b:ea:0c:f3:ee:35:
                    81:c2:24:48:d0:08:f8:f7:69:2b:0d:76:ec:1b:56:
                    ca:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:45:93:CB:30:56:C0:6C:72:F8:B0:BE:8F:38:F1:5F:16:38:D5:3C
            X509v3 Authority Key Identifier:
                keyid:ED:F8:D8:DA:B4:B2:E6:68:95:4A:40:BA:56:DD:21:C6:45:28:39:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/E61ECE6CF16711ECAF9FC9C5F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.221.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3e:fa:3e:a6:f7:07:2c:1c:82:4a:4e:35:76:30:60:ce:ee:42:
         68:69:ea:5a:8b:ee:8f:a7:e5:20:8a:5c:8d:78:68:9d:9d:38:
         fb:f6:2f:93:f9:54:83:60:ea:30:bf:86:de:ef:b1:89:d7:36:
         07:3f:fe:6f:a0:d2:75:e6:5e:ae:61:8a:25:96:0a:bb:2a:b0:
         51:d6:72:97:eb:14:c3:4c:45:fb:86:de:d7:3a:49:3e:f5:e1:
         54:8e:23:a9:bb:85:cd:db:26:9d:4f:a1:98:1c:85:3f:ff:29:
         50:e4:a3:65:30:2f:a5:c1:59:1a:03:e4:08:b5:ad:86:33:36:
         74:ca:1c:d9:e8:10:fb:7b:e4:79:03:1d:77:67:f5:00:a9:8d:
         00:5c:a2:fb:26:ac:60:7c:05:22:1d:eb:9a:92:44:f8:29:2d:
         2a:fe:cc:f9:6b:1e:2a:9b:7d:5c:1f:8b:ab:60:ba:24:bc:a3:
         cd:19:39:4f:20:e9:bd:40:16:14:dc:2a:db:07:81:1a:fc:3d:
         04:90:b5:fd:35:86:03:ea:60:ba:d8:a1:6a:b6:d8:00:cd:c8:
         69:e6:ed:b0:b9:e4:d9:18:0b:d8:21:5c:69:2f:2a:62:97:dc:
         da:04:57:f2:b3:a8:5e:1f:e3:e3:51:98:9e:59:36:87:e9:e1:
         e2:75:c6:71
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYy
RjQxOEFGMTEwLwYDVQQFEyhFREY4RDhEQUI0QjJFNjY4OTU0QTQwQkE1NkREMjFD
NjQ1MjgzOURDMB4XDTIyMDYyMTEzNDE0NVoXDTI3MDYzMDEzNDE0NVowGDEWMBQG
A1UEAwwNNjJiMWNhOWQtM2Q1OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/bhckOMSRAdGnjIIrmsIQEoPR4BOqAyDaZwEIh9ZTKGyy5kjo/Pe0zuffb
lJlrgawqD7jrBSUH23abyLpeGhZVT8WsSB9OqVWSkpsI2n5kTHERwGoGxZYzs5Cs
tWB/eCqX6osIRMtuATryEfqDPY02tmXPu0UHFysUtyZcfwlYeLie3AMlCq3mul+a
CvGfiPPLz+k69w2o1DsDOhQNZFWulYlVnYr0jvUIgr0Gkq+P2NR3zwsCN4o9XTaQ
9bYREQbALOUK1ERxJWyEBWMUrb84N/FA3rDSrpsAqMhs4zRkVa+FVcOy1CIDa+oM
8+41gcIkSNAI+PdpKw127BtWyvECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSJRZPL
MFbAbHL4sL6POPFfFjjVPDAfBgNVHSMEGDAWgBTt+NjatLLmaJVKQLpW3SHGRSg5
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkY0MTgvNUIwMTQ2NThGMTY2MTFFQzlGQ0IyMUMxRjEyMjI0NjgvN2ZqWTJy
U3k1bWlWU2tDNlZ0MGh4a1VvT2R3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvN2ZqWTJyU3k1bWlWU2tDNlZ0MGh4a1VvT2R3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MkY0MTgvNUIwMTQ2NThGMTY2MTFFQzlGQ0IyMUMxRjEy
MjI0NjgvRTYxRUNFNkNGMTY3MTFFQ0FGOUZDOUM1RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbdADANBgkqhkiG9w0BAQsF
AAOCAQEAPvo+pvcHLByCSk41djBgzu5CaGnqWovuj6flIIpcjXhonZ04+/Yvk/lU
g2DqML+G3u+xidc2Bz/+b6DSdeZermGKJZYKuyqwUdZyl+sUw0xF+4be1zpJPvXh
VI4jqbuFzdsmnU+hmByFP/8pUOSjZTAvpcFZGgPkCLWthjM2dMoc2egQ+3vkeQMd
d2f1AKmNAFyi+yasYHwFIh3rmpJE+CktKv7M+WseKpt9XB+Lq2C6JLyjzRk5TyDp
vUAWFNwq2weBGvw9BJC1/TWGA+pgutiharbYAM3IaebtsLnk2RgL2CFcaS8qYpfc
2gRX8rOoXh/j41GYnlk2h+nh4nXGcQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org