Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/5C02D460D03F11EC9A4EAA89F1222468.roa
File:                     5C02D460D03F11EC9A4EAA89F1222468.roa (raw, json)
Hash identifier:          F/9p11nL0wbGpBdREAn2qkEHpPq+G048kxKZo17dwn4=
Subject key identifier:   99:A8:EA:A6:DB:6C:D4:33:9A:86:FF:75:C0:7C:BE:F0:C1:AE:4A:3F
Certificate issuer:       /CN=F363D435AF/serialNumber=1E8E060FC0EA69CBD6FAD4A4BC6ED31D29C8E46A
Certificate serial:       02
Authority key identifier: 1E:8E:06:0F:C0:EA:69:CB:D6:FA:D4:A4:BC:6E:D3:1D:29:C8:E4:6A
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/Ho4GD8DqacvW-tSkvG7THSnI5Go.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/5C02D460D03F11EC9A4EAA89F1222468.roa
Signing time:             Tue 10 May 2022 08:58:29 +0000
ROA not before:           Tue 10 May 2022 08:58:24 +0000
ROA not after:            Mon 11 May 2026 08:58:24 +0000
asID:                     328737
IP address blocks:        102.222.8.0/22 maxlen: 24
                          2c0f:e9d8::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/Ho4GD8DqacvW-tSkvG7THSnI5Go.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/Ho4GD8DqacvW-tSkvG7THSnI5Go.mft
                          rsync://rpki.afrinic.net/repository/afrinic/Ho4GD8DqacvW-tSkvG7THSnI5Go.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363D435AF/serialNumber=1E8E060FC0EA69CBD6FAD4A4BC6ED31D29C8E46A
        Validity
            Not Before: May 10 08:58:24 2022 GMT
            Not After : May 11 08:58:24 2026 GMT
        Subject: CN=627a2935-8a28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b9:16:67:f3:3b:dc:42:53:20:9c:84:1e:b6:
                    35:52:58:0c:c4:0e:38:0a:4a:02:f6:70:52:aa:4f:
                    0a:6b:36:ea:c5:22:50:74:51:85:41:1b:9d:ae:ef:
                    06:f0:51:ec:0d:74:71:1b:14:aa:40:05:0e:55:33:
                    8f:7a:8e:a9:a2:ab:1e:c0:b9:4a:47:bc:d9:f3:67:
                    65:8f:5c:3d:7c:db:a3:16:3c:f6:13:ec:cc:75:cb:
                    0d:7c:e6:bf:21:85:15:3f:56:77:03:20:23:2a:7c:
                    fa:2d:08:83:d4:e5:81:5d:aa:0e:72:2a:0d:83:53:
                    4f:d8:4b:7e:f0:c2:08:46:08:cc:98:88:35:b1:77:
                    b3:f8:8a:1e:56:ec:be:ea:6b:71:73:a6:92:b6:1b:
                    8f:94:77:40:8d:86:c9:87:c8:db:a1:1d:79:c0:6c:
                    0f:ba:b7:fb:77:9c:bb:34:22:0b:7f:ed:ad:72:66:
                    0a:c3:7b:2f:0b:04:94:d6:80:c8:ff:21:61:5c:32:
                    8c:2e:43:18:75:c2:3a:fd:5c:22:b1:24:9a:01:ff:
                    10:95:ea:22:85:5a:29:71:4d:d1:14:59:bf:a3:c3:
                    a8:ed:c3:3c:20:99:24:31:8c:28:19:4e:d2:05:f5:
                    94:fd:2f:58:c8:68:53:4b:fe:c1:c1:a1:6c:1d:4d:
                    7d:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A8:EA:A6:DB:6C:D4:33:9A:86:FF:75:C0:7C:BE:F0:C1:AE:4A:3F
            X509v3 Authority Key Identifier:
                keyid:1E:8E:06:0F:C0:EA:69:CB:D6:FA:D4:A4:BC:6E:D3:1D:29:C8:E4:6A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/Ho4GD8DqacvW-tSkvG7THSnI5Go.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Ho4GD8DqacvW-tSkvG7THSnI5Go.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363D435/B539FEDED03D11ECAF629084F1222468/5C02D460D03F11EC9A4EAA89F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.222.8.0/22
                IPv6:
                  2c0f:e9d8::/32

    Signature Algorithm: sha256WithRSAEncryption
         ae:8d:8f:a8:d8:66:90:57:d7:cc:84:82:d5:3f:9f:ec:8d:45:
         0c:13:63:b9:4f:fa:6a:48:be:e3:16:8f:d4:5e:32:4e:d6:86:
         4d:02:72:48:5e:29:b0:bb:c7:0a:2b:b3:8a:86:a4:bb:30:31:
         85:dd:0d:14:73:3f:96:40:fe:87:2e:4c:52:79:a4:a4:b6:69:
         90:21:7a:0e:f9:a4:3c:85:60:f5:bd:d7:8b:1e:af:a9:ef:4a:
         32:a7:7f:93:ae:c6:76:a6:9a:1c:04:2d:04:3e:a9:2a:10:29:
         ea:bc:ac:0b:57:d5:90:fe:bd:e5:77:b6:26:c8:50:78:78:1f:
         04:a8:de:d5:7b:c5:c3:cb:24:5a:98:1c:ed:8b:bf:84:be:e4:
         6a:bf:89:cc:93:58:d8:f2:41:dc:e6:89:f0:c5:95:46:24:1d:
         e2:ba:89:e2:f6:fe:a0:75:eb:28:19:5d:0b:4d:91:2c:9a:76:
         51:95:e7:de:da:12:30:57:45:ac:13:c6:24:09:01:e9:57:50:
         58:1e:69:48:76:c8:be:21:cc:2f:3e:6c:d6:01:d1:79:56:ef:
         0d:d1:72:4b:f8:8a:96:91:13:3d:96:69:2a:13:63:f7:f5:f1:
         6b:91:cf:9d:c6:e4:29:54:32:66:4b:21:65:a1:b0:4b:c4:76:
         cf:9a:42:1e
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYz
RDQzNUFGMTEwLwYDVQQFEygxRThFMDYwRkMwRUE2OUNCRDZGQUQ0QTRCQzZFRDMx
RDI5QzhFNDZBMB4XDTIyMDUxMDA4NTgyNFoXDTI2MDUxMTA4NTgyNFowGDEWMBQG
A1UEAwwNNjI3YTI5MzUtOGEyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANS5FmfzO9xCUyCchB62NVJYDMQOOApKAvZwUqpPCms26sUiUHRRhUEbna7v
BvBR7A10cRsUqkAFDlUzj3qOqaKrHsC5Ske82fNnZY9cPXzboxY89hPszHXLDXzm
vyGFFT9WdwMgIyp8+i0Ig9TlgV2qDnIqDYNTT9hLfvDCCEYIzJiINbF3s/iKHlbs
vuprcXOmkrYbj5R3QI2GyYfI26EdecBsD7q3+3ecuzQiC3/trXJmCsN7LwsElNaA
yP8hYVwyjC5DGHXCOv1cIrEkmgH/EJXqIoVaKXFN0RRZv6PDqO3DPCCZJDGMKBlO
0gX1lP0vWMhoU0v+wcGhbB1NfUMCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSZqOqm
22zUM5qG/3XAfL7wwa5KPzAfBgNVHSMEGDAWgBQejgYPwOppy9b61KS8btMdKcjk
ajAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0Q0MzUvQjUzOUZFREVEMDNEMTFFQ0FGNjI5MDg0RjEyMjI0NjgvSG80R0Q4
RHFhY3ZXLXRTa3ZHN1RIU25JNUdvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSG80R0Q4RHFhY3ZXLXRTa3ZHN1RIU25JNUdvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0Q0MzUvQjUzOUZFREVEMDNEMTFFQ0FGNjI5MDg0RjEy
MjI0NjgvNUMwMkQ0NjBEMDNGMTFFQzlBNEVBQTg5RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbeCDANBAIAAjAHAwUALA/p
2DANBgkqhkiG9w0BAQsFAAOCAQEAro2PqNhmkFfXzISC1T+f7I1FDBNjuU/6aki+
4xaP1F4yTtaGTQJySF4psLvHCiuzioakuzAxhd0NFHM/lkD+hy5MUnmkpLZpkCF6
DvmkPIVg9b3Xix6vqe9KMqd/k67GdqaaHAQtBD6pKhAp6rysC1fVkP695Xe2JshQ
eHgfBKje1XvFw8skWpgc7Yu/hL7kar+JzJNY2PJB3OaJ8MWVRiQd4rqJ4vb+oHXr
KBldC02RLJp2UZXn3toSMFdFrBPGJAkB6VdQWB5pSHbIviHMLz5s1gHReVbvDdFy
S/iKlpETPZZpKhNj9/Xxa5HPncbkKVQyZkshZaGwS8R2z5pCHg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:33 2024 by rpki-client on console-ams.rpki-client.org