Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/4BC60282563811ED9EF1C284F1222468.roa
File:                     4BC60282563811ED9EF1C284F1222468.roa (raw, json)
Hash identifier:          NvKZJdaH3Sxug7NJzmQ6XjmgQrcY9ZIaoRd4i6mNa08=
Subject key identifier:   22:24:52:DC:D8:D4:78:EC:1D:1C:05:1D:88:67:E9:C2:D5:10:A8:30
Certificate issuer:       /CN=F36455FBAF/serialNumber=4462A2E3D1536684A6AD23280CFDA18585BA46E8
Certificate serial:       0A
Authority key identifier: 44:62:A2:E3:D1:53:66:84:A6:AD:23:28:0C:FD:A1:85:85:BA:46:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/RGKi49FTZoSmrSMoDP2hhYW6Rug.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/4BC60282563811ED9EF1C284F1222468.roa
Signing time:             Thu 27 Oct 2022 20:45:31 +0000
ROA not before:           Thu 27 Oct 2022 20:45:27 +0000
ROA not after:            Sun 26 Oct 2025 20:45:27 +0000
asID:                     328785
IP address blocks:        102.221.100.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/RGKi49FTZoSmrSMoDP2hhYW6Rug.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/RGKi49FTZoSmrSMoDP2hhYW6Rug.mft
                          rsync://rpki.afrinic.net/repository/afrinic/RGKi49FTZoSmrSMoDP2hhYW6Rug.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 31 May 2024 00:04:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10 (0xa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36455FBAF/serialNumber=4462A2E3D1536684A6AD23280CFDA18585BA46E8
        Validity
            Not Before: Oct 27 20:45:27 2022 GMT
            Not After : Oct 26 20:45:27 2025 GMT
        Subject: CN=635aedeb-c1ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f1:a7:42:9b:70:c9:55:06:44:9d:8b:85:b0:
                    84:f6:45:e9:25:5e:7b:e4:5d:31:98:3b:ac:c7:74:
                    a0:f7:67:05:28:7b:28:bb:a5:9c:53:70:0d:37:d5:
                    1a:49:d2:a0:df:20:f0:38:35:1f:e9:73:19:32:3c:
                    d1:68:42:a5:3a:69:81:f5:52:43:9a:b0:37:ce:fc:
                    58:bf:1b:6e:d9:60:4f:35:4d:bc:ae:2d:14:cc:89:
                    9e:f6:4e:af:a5:b5:c1:5d:34:7d:e3:a6:56:aa:d0:
                    57:26:95:ee:47:95:95:e6:7d:36:81:f1:2d:8b:3f:
                    c8:f6:c7:7d:63:29:83:09:80:46:82:79:2d:77:3f:
                    fb:e2:23:14:1b:34:6a:0f:54:93:17:1f:56:92:0b:
                    b4:5a:8e:77:9d:16:be:f0:16:3f:86:d4:cf:d3:71:
                    03:15:21:1a:fa:0a:40:65:70:33:eb:f9:fd:13:62:
                    78:5e:51:65:f6:95:19:bd:db:7e:6a:5c:86:9a:c5:
                    14:9c:7c:86:0d:1d:22:ba:1e:f5:5f:85:5a:0d:f1:
                    2f:43:d4:1f:2c:70:84:71:5d:54:a7:ff:1b:e7:c7:
                    6e:1a:a9:e9:22:15:79:39:37:1d:84:33:1b:0a:9d:
                    1d:47:77:f8:f0:f6:c2:61:54:4d:d5:48:4a:85:77:
                    83:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:24:52:DC:D8:D4:78:EC:1D:1C:05:1D:88:67:E9:C2:D5:10:A8:30
            X509v3 Authority Key Identifier:
                keyid:44:62:A2:E3:D1:53:66:84:A6:AD:23:28:0C:FD:A1:85:85:BA:46:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/RGKi49FTZoSmrSMoDP2hhYW6Rug.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RGKi49FTZoSmrSMoDP2hhYW6Rug.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/4BC60282563811ED9EF1C284F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.221.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:eb:22:3d:17:fc:e5:79:a4:da:58:02:7d:75:ad:13:8a:33:
         f2:3d:73:3f:5b:fc:ec:20:a1:bd:93:75:46:5f:77:b3:07:70:
         71:16:50:3c:76:06:b9:a8:57:9f:75:f3:66:22:b1:aa:e0:fa:
         52:fb:ae:cb:00:dc:26:e7:9b:4b:17:63:72:99:9c:ce:0e:9b:
         86:52:69:06:fb:5f:7f:fc:b2:a8:34:df:39:e3:af:39:b1:7d:
         c0:74:f7:43:4b:3f:33:a4:ac:63:bd:27:ef:56:77:26:e4:aa:
         13:76:b4:ce:f6:cd:41:d9:e4:3f:e1:f0:f2:9c:50:d9:5f:a6:
         fc:33:3d:5d:b1:c8:02:67:54:45:ed:d7:e7:61:44:a2:47:5b:
         50:21:c5:b4:9f:3f:20:ac:63:75:ed:d6:45:e6:ff:c3:2b:48:
         08:76:fd:d3:3a:5c:e8:7b:32:36:d5:72:e0:08:fa:16:56:1d:
         1a:96:43:63:52:12:c0:b2:c3:89:2f:a1:63:8b:ff:45:05:05:
         65:cb:06:0f:54:e1:48:2f:96:a7:30:f9:45:c4:b2:c0:a0:9b:
         54:d6:29:71:49:27:c6:9a:c1:33:f4:c3:40:7f:c8:d7:68:24:
         19:48:1c:fe:bf:7d:d9:a4:61:8f:7d:93:27:01:e5:78:69:19:
         f4:0a:0a:c6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
NTVGQkFGMTEwLwYDVQQFEyg0NDYyQTJFM0QxNTM2Njg0QTZBRDIzMjgwQ0ZEQTE4
NTg1QkE0NkU4MB4XDTIyMTAyNzIwNDUyN1oXDTI1MTAyNjIwNDUyN1owGDEWMBQG
A1UEAwwNNjM1YWVkZWItYzFhZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTxp0KbcMlVBkSdi4WwhPZF6SVee+RdMZg7rMd0oPdnBSh7KLulnFNwDTfV
GknSoN8g8Dg1H+lzGTI80WhCpTppgfVSQ5qwN878WL8bbtlgTzVNvK4tFMyJnvZO
r6W1wV00feOmVqrQVyaV7keVleZ9NoHxLYs/yPbHfWMpgwmARoJ5LXc/++IjFBs0
ag9UkxcfVpILtFqOd50WvvAWP4bUz9NxAxUhGvoKQGVwM+v5/RNieF5RZfaVGb3b
fmpchprFFJx8hg0dIroe9V+FWg3xL0PUHyxwhHFdVKf/G+fHbhqp6SIVeTk3HYQz
GwqdHUd3+PD2wmFUTdVISoV3gz0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQiJFLc
2NR47B0cBR2IZ+nC1RCoMDAfBgNVHSMEGDAWgBREYqLj0VNmhKatIygM/aGFhbpG
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDU1RkIvMTU3RDU0RjQ1NUNCMTFFRDk3REY5NjkxRjEyMjI0NjgvUkdLaTQ5
RlRab1NtclNNb0RQMmhoWVc2UnVnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUkdLaTQ5RlRab1NtclNNb0RQMmhoWVc2UnVnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDU1RkIvMTU3RDU0RjQ1NUNCMTFFRDk3REY5NjkxRjEy
MjI0NjgvNEJDNjAyODI1NjM4MTFFRDlFRjFDMjg0RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbdZDANBgkqhkiG9w0BAQsF
AAOCAQEAY+siPRf85Xmk2lgCfXWtE4oz8j1zP1v87CChvZN1Rl93swdwcRZQPHYG
uahXn3XzZiKxquD6UvuuywDcJuebSxdjcpmczg6bhlJpBvtff/yyqDTfOeOvObF9
wHT3Q0s/M6SsY70n71Z3JuSqE3a0zvbNQdnkP+Hw8pxQ2V+m/DM9XbHIAmdURe3X
52FEokdbUCHFtJ8/IKxjde3WReb/wytICHb90zpc6HsyNtVy4Aj6FlYdGpZDY1IS
wLLDiS+hY4v/RQUFZcsGD1ThSC+WpzD5RcSywKCbVNYpcUknxprBM/TDQH/I12gk
GUgc/r992aRhj32TJwHleGkZ9AoKxg==
-----END CERTIFICATE-----