Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366DC11/8A879878967811EAA493725AF8AEA228/702127F4B0D611EC841272BD5A40D577.roa
File:                     702127F4B0D611EC841272BD5A40D577.roa (raw, json)
Hash identifier:          8m2zuDrVE0Lfnq4OPDgJVmXbsrD17+G9IaMEu8D/BAs=
Subject key identifier:   4B:FA:13:92:8B:A9:97:A1:54:07:61:25:B1:81:A5:BE:F0:DC:9C:E1
Certificate issuer:       /CN=F366DC11AF/serialNumber=EC2A86368822A47F1397D8DCE5734C530272C965
Certificate serial:       02C3
Authority key identifier: EC:2A:86:36:88:22:A4:7F:13:97:D8:DC:E5:73:4C:53:02:72:C9:65
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/7CqGNogipH8Tl9jc5XNMUwJyyWU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366DC11/8A879878967811EAA493725AF8AEA228/702127F4B0D611EC841272BD5A40D577.roa
Signing time:             Thu 31 Mar 2022 09:39:19 +0000
ROA not before:           Fri 01 Apr 2022 09:39:14 +0000
ROA not after:            Wed 31 Mar 2032 09:39:14 +0000
asID:                     328638
IP address blocks:        102.141.64.0/19 maxlen: 24
                          102.216.104.0/22 maxlen: 24
                          102.221.220.0/22 maxlen: 24
                          154.65.112.0/20 maxlen: 24
                          196.6.112.0/21 maxlen: 24
                          2c0f:f0a0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366DC11/8A879878967811EAA493725AF8AEA228/7CqGNogipH8Tl9jc5XNMUwJyyWU.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366DC11/8A879878967811EAA493725AF8AEA228/7CqGNogipH8Tl9jc5XNMUwJyyWU.mft
                          rsync://rpki.afrinic.net/repository/afrinic/7CqGNogipH8Tl9jc5XNMUwJyyWU.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 707 (0x2c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366DC11AF/serialNumber=EC2A86368822A47F1397D8DCE5734C530272C965
        Validity
            Not Before: Apr  1 09:39:14 2022 GMT
            Not After : Mar 31 09:39:14 2032 GMT
        Subject: CN=624576c7-7c51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d3:bd:79:51:4d:98:86:a5:f9:a0:1b:3b:82:
                    f6:98:90:ce:4c:9f:04:c6:d7:e1:f0:21:d7:f0:10:
                    53:c7:8b:ad:99:5c:78:9e:53:6c:40:63:59:d7:40:
                    2f:6f:57:30:27:e9:5b:fc:62:39:d8:7d:c9:5b:6e:
                    fc:ea:07:ca:af:0c:56:00:71:3c:bd:8a:54:11:37:
                    26:11:44:85:7b:ce:4b:51:3d:69:ca:c9:48:65:c9:
                    46:2d:fc:8e:99:0d:83:26:94:6f:2f:b1:a6:46:e3:
                    4c:3b:4a:90:a3:5c:6e:86:84:05:03:69:fd:3b:40:
                    10:ad:66:7b:9f:a1:0c:09:58:5f:b4:e3:07:78:73:
                    d1:19:00:66:3d:b6:6c:2e:d1:47:34:38:14:fd:27:
                    de:84:c1:74:44:10:c5:2e:93:fa:a5:22:20:b0:0a:
                    1c:e1:1b:0f:1b:db:78:7e:82:43:8c:a3:69:bc:c0:
                    6a:e2:85:76:ae:a5:68:ff:af:e0:d4:52:c2:56:0f:
                    da:48:14:4a:ce:23:b8:80:8e:b5:f6:7a:54:37:4e:
                    41:6f:00:0d:e6:37:8b:e0:a1:5e:db:d1:13:f4:0a:
                    54:ec:ba:97:06:c5:dd:cc:9a:f6:a5:18:45:d7:f4:
                    22:93:bb:1a:66:88:4d:19:e6:3c:db:eb:9b:31:73:
                    ae:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:FA:13:92:8B:A9:97:A1:54:07:61:25:B1:81:A5:BE:F0:DC:9C:E1
            X509v3 Authority Key Identifier:
                keyid:EC:2A:86:36:88:22:A4:7F:13:97:D8:DC:E5:73:4C:53:02:72:C9:65

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366DC11/8A879878967811EAA493725AF8AEA228/7CqGNogipH8Tl9jc5XNMUwJyyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/7CqGNogipH8Tl9jc5XNMUwJyyWU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366DC11/8A879878967811EAA493725AF8AEA228/702127F4B0D611EC841272BD5A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.141.64.0/19
                  102.216.104.0/22
                  102.221.220.0/22
                  154.65.112.0/20
                  196.6.112.0/21
                IPv6:
                  2c0f:f0a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         16:e2:62:92:3f:f1:49:e0:78:9a:8c:39:72:8b:df:41:ff:8e:
         4d:8f:b2:b1:c7:2b:b2:83:cb:83:06:79:72:71:ec:8c:00:58:
         bf:f7:c2:7a:39:ba:83:06:ef:77:af:85:53:80:cc:10:14:76:
         24:4b:95:80:50:0b:31:64:29:29:b2:5c:88:03:9a:cf:68:ee:
         88:33:4d:a8:a0:f9:ca:78:ef:f3:eb:2c:83:1d:2f:4a:82:d0:
         23:0b:46:fc:7d:eb:60:98:11:c1:4b:95:f2:d7:d1:56:8d:f9:
         83:9a:d1:9f:76:48:b1:6c:f6:c7:31:3e:14:0c:a6:ee:c5:ca:
         2a:77:94:21:b2:cd:d6:d6:3c:6b:d6:41:0e:28:92:27:cb:18:
         42:c5:89:0a:a9:a2:3a:35:22:08:b0:98:71:cc:22:dd:c8:35:
         b4:c9:49:80:78:71:50:7c:a8:3f:9e:b5:cf:fb:6b:f7:92:ed:
         5d:64:6f:04:b0:fb:01:67:60:a3:ea:8a:26:4c:4f:46:38:4e:
         6f:6c:cf:d0:cf:bb:30:cb:53:8e:9b:e7:35:c2:25:6c:9c:87:
         05:89:90:a3:7a:d6:9f:85:84:93:3e:85:33:13:61:05:de:c3:
         58:12:60:a8:0d:c0:83:ee:07:f7:9b:47:41:85:9d:82:fa:8f:
         2c:20:a5:ed
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICAsMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NkRDMTFBRjExMC8GA1UEBRMoRUMyQTg2MzY4ODIyQTQ3RjEzOTdEOERDRTU3MzRD
NTMwMjcyQzk2NTAeFw0yMjA0MDEwOTM5MTRaFw0zMjAzMzEwOTM5MTRaMBgxFjAU
BgNVBAMMDTYyNDU3NmM3LTdjNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDC0715UU2YhqX5oBs7gvaYkM5MnwTG1+HwIdfwEFPHi62ZXHieU2xAY1nX
QC9vVzAn6Vv8YjnYfclbbvzqB8qvDFYAcTy9ilQRNyYRRIV7zktRPWnKyUhlyUYt
/I6ZDYMmlG8vsaZG40w7SpCjXG6GhAUDaf07QBCtZnufoQwJWF+04wd4c9EZAGY9
tmwu0Uc0OBT9J96EwXREEMUuk/qlIiCwChzhGw8b23h+gkOMo2m8wGrihXaupWj/
r+DUUsJWD9pIFErOI7iAjrX2elQ3TkFvAA3mN4vgoV7b0RP0ClTsupcGxd3Mmval
GEXX9CKTuxpmiE0Z5jzb65sxc649AgMBAAGjggLMMIICyDAdBgNVHQ4EFgQUS/oT
koupl6FUB2ElsYGlvvDcnOEwHwYDVR0jBBgwFoAU7CqGNogipH8Tl9jc5XNMUwJy
yWUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjZEQzExLzhBODc5ODc4OTY3ODExRUFBNDkzNzI1QUY4QUVBMjI4LzdDcUdO
b2dpcEg4VGw5amM1WE5NVXdKeXlXVS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzdDcUdOb2dpcEg4VGw5amM1WE5NVXdKeXlXVS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjZEQzExLzhBODc5ODc4OTY3ODExRUFBNDkzNzI1QUY4
QUVBMjI4LzcwMjEyN0Y0QjBENjExRUM4NDEyNzJCRDVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAVmjUADBAJm2GgDBAJm3dwD
BASaQXADBAPEBnAwDQQCAAIwBwMFACwP8KAwDQYJKoZIhvcNAQELBQADggEBABbi
YpI/8UngeJqMOXKL30H/jk2PsrHHK7KDy4MGeXJx7IwAWL/3wno5uoMG73evhVOA
zBAUdiRLlYBQCzFkKSmyXIgDms9o7ogzTaig+cp47/PrLIMdL0qC0CMLRvx962CY
EcFLlfLX0VaN+YOa0Z92SLFs9scxPhQMpu7Fyip3lCGyzdbWPGvWQQ4okifLGELF
iQqpojo1IgiwmHHMIt3INbTJSYB4cVB8qD+etc/7a/eS7V1kbwSw+wFnYKPqiiZM
T0Y4Tm9sz9DPuzDLU46b5zXCJWychwWJkKN61p+FhJM+hTMTYQXew1gSYKgNwIPu
B/ebR0GFnYL6jywgpe0=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:52 2024 by rpki-client on console-fra.rpki-client.org