Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682615/77460900249E11EDA48F0988F1222468/BBA7E63A249F11EDB007DB8BF1222468.roa
File:                     BBA7E63A249F11EDB007DB8BF1222468.roa (raw, json)
Hash identifier:          td7f65Ui6mtbcQXkbOJq+SbVOjFssDdQKpwBSUscfV8=
Subject key identifier:   4C:CE:FC:97:1C:2A:CF:B9:CE:E7:F0:93:09:A6:1B:5A:0D:47:43:2A
Certificate issuer:       /CN=F3682615AF/serialNumber=5D0D636F51594E6367F9CAB2D1438FD3A1C5DDEF
Certificate serial:       02
Authority key identifier: 5D:0D:63:6F:51:59:4E:63:67:F9:CA:B2:D1:43:8F:D3:A1:C5:DD:EF
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/XQ1jb1FZTmNn-cqy0UOP06HF3e8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682615/77460900249E11EDA48F0988F1222468/BBA7E63A249F11EDB007DB8BF1222468.roa
Signing time:             Thu 25 Aug 2022 17:59:58 +0000
ROA not before:           Thu 25 Aug 2022 17:59:53 +0000
ROA not after:            Sun 25 Aug 2024 17:59:53 +0000
asID:                     328835
IP address blocks:        102.220.168.0/22 maxlen: 22
                          102.220.168.0/24 maxlen: 24
                          102.220.169.0/24 maxlen: 24
                          102.220.170.0/24 maxlen: 24
                          102.220.171.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682615/77460900249E11EDA48F0988F1222468/XQ1jb1FZTmNn-cqy0UOP06HF3e8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682615/77460900249E11EDA48F0988F1222468/XQ1jb1FZTmNn-cqy0UOP06HF3e8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/XQ1jb1FZTmNn-cqy0UOP06HF3e8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682615AF/serialNumber=5D0D636F51594E6367F9CAB2D1438FD3A1C5DDEF
        Validity
            Not Before: Aug 25 17:59:53 2022 GMT
            Not After : Aug 25 17:59:53 2024 GMT
        Subject: CN=6307b89e-10c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6c:44:cb:10:e4:7e:48:62:9f:0a:e9:66:56:
                    b8:a0:f7:9f:38:49:57:b0:5f:ca:1a:1c:f1:3e:e6:
                    07:5c:1d:da:82:2d:15:b8:d2:48:26:ce:78:ca:ae:
                    c8:4d:91:59:d4:38:46:38:5e:e0:9c:ec:bb:80:21:
                    05:ea:e6:cd:7a:2a:60:22:ed:a4:04:17:e0:ab:ec:
                    9b:aa:3c:a4:d7:c4:bc:5a:76:b3:8b:77:c4:30:0e:
                    c9:32:11:9b:7f:e8:ea:a0:71:38:4a:9c:9c:1d:fe:
                    3b:d6:08:eb:d3:5a:4a:6f:5f:02:28:07:9e:f0:4a:
                    59:37:b6:d5:fd:fc:cb:8d:f4:40:82:6e:2b:50:c0:
                    43:ef:ef:86:07:32:1c:a9:c2:9e:3c:11:3d:53:03:
                    85:34:01:bd:a1:c7:61:6a:4f:ae:09:13:18:28:5d:
                    5f:e3:e9:74:10:1d:2c:51:e2:b2:a7:2c:bc:3b:e8:
                    44:f4:1e:94:8e:13:7a:19:0f:d8:1a:c1:99:1a:87:
                    93:fe:99:30:07:ea:21:33:1e:8d:97:df:6e:dd:97:
                    74:83:ac:01:43:6a:29:35:78:62:98:4c:83:81:10:
                    48:54:51:a1:36:ee:c2:d1:bd:84:9a:81:50:d6:cf:
                    e7:7a:ba:22:d5:99:79:ad:cd:f4:b8:ba:cf:f8:63:
                    6f:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:CE:FC:97:1C:2A:CF:B9:CE:E7:F0:93:09:A6:1B:5A:0D:47:43:2A
            X509v3 Authority Key Identifier:
                keyid:5D:0D:63:6F:51:59:4E:63:67:F9:CA:B2:D1:43:8F:D3:A1:C5:DD:EF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682615/77460900249E11EDA48F0988F1222468/XQ1jb1FZTmNn-cqy0UOP06HF3e8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XQ1jb1FZTmNn-cqy0UOP06HF3e8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682615/77460900249E11EDA48F0988F1222468/BBA7E63A249F11EDB007DB8BF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:e6:1b:aa:ab:1e:76:89:0a:13:7c:6f:aa:2e:d2:6b:24:85:
         d2:dd:73:2c:d6:3e:92:8c:fd:73:3e:70:64:91:6d:c1:57:28:
         f1:e0:a0:9f:c4:05:48:a4:98:70:51:c5:6d:13:c8:e6:1a:74:
         8c:31:16:1f:fe:a9:d5:fe:a1:ef:87:c0:88:03:f3:f5:b6:55:
         46:ed:59:21:b4:10:71:7c:c2:98:f6:df:08:d2:b3:ce:2c:cf:
         ef:69:15:b9:34:60:14:1b:69:f0:18:e7:fd:4e:3f:eb:26:69:
         01:76:7d:4b:61:41:db:12:ce:a0:b7:ad:65:07:bb:98:47:ff:
         19:f3:60:ab:17:4a:8c:94:3f:72:d3:b2:6a:5d:62:2a:09:dd:
         f1:a2:43:f7:5f:21:c2:e1:bb:be:b1:99:5c:15:e9:14:47:ef:
         3b:85:01:af:d1:4d:43:7f:67:93:e5:1b:8b:c5:78:6a:f9:ad:
         c4:d7:9f:78:de:92:e7:5f:2e:5c:50:ae:9d:e6:5e:27:96:a5:
         d4:67:36:ff:41:ab:d5:42:38:23:27:d8:ce:17:d1:ee:66:9e:
         55:f7:df:4f:a2:c6:32:4c:62:34:1c:47:c9:ca:1a:30:a1:e5:
         23:5b:99:0f:55:5d:c2:5d:34:03:35:3a:ac:4f:58:cb:87:5b:
         8e:b5:ef:b0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
MjYxNUFGMTEwLwYDVQQFEyg1RDBENjM2RjUxNTk0RTYzNjdGOUNBQjJEMTQzOEZE
M0ExQzVEREVGMB4XDTIyMDgyNTE3NTk1M1oXDTI0MDgyNTE3NTk1M1owGDEWMBQG
A1UEAwwNNjMwN2I4OWUtMTBjNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVsRMsQ5H5IYp8K6WZWuKD3nzhJV7Bfyhoc8T7mB1wd2oItFbjSSCbOeMqu
yE2RWdQ4Rjhe4Jzsu4AhBermzXoqYCLtpAQX4Kvsm6o8pNfEvFp2s4t3xDAOyTIR
m3/o6qBxOEqcnB3+O9YI69NaSm9fAigHnvBKWTe21f38y430QIJuK1DAQ+/vhgcy
HKnCnjwRPVMDhTQBvaHHYWpPrgkTGChdX+PpdBAdLFHisqcsvDvoRPQelI4TehkP
2BrBmRqHk/6ZMAfqITMejZffbt2XdIOsAUNqKTV4YphMg4EQSFRRoTbuwtG9hJqB
UNbP53q6ItWZea3N9Li6z/hjb98CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRMzvyX
HCrPuc7n8JMJphtaDUdDKjAfBgNVHSMEGDAWgBRdDWNvUVlOY2f5yrLRQ4/TocXd
7zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODI2MTUvNzc0NjA5MDAyNDlFMTFFREE0OEYwOTg4RjEyMjI0NjgvWFExamIx
RlpUbU5uLWNxeTBVT1AwNkhGM2U4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWFExamIxRlpUbU5uLWNxeTBVT1AwNkhGM2U4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODI2MTUvNzc0NjA5MDAyNDlFMTFFREE0OEYwOTg4RjEy
MjI0NjgvQkJBN0U2M0EyNDlGMTFFREIwMDdEQjhCRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbcqDANBgkqhkiG9w0BAQsF
AAOCAQEAHeYbqqsedokKE3xvqi7SaySF0t1zLNY+koz9cz5wZJFtwVco8eCgn8QF
SKSYcFHFbRPI5hp0jDEWH/6p1f6h74fAiAPz9bZVRu1ZIbQQcXzCmPbfCNKzzizP
72kVuTRgFBtp8Bjn/U4/6yZpAXZ9S2FB2xLOoLetZQe7mEf/GfNgqxdKjJQ/ctOy
al1iKgnd8aJD918hwuG7vrGZXBXpFEfvO4UBr9FNQ39nk+Ubi8V4avmtxNefeN6S
518uXFCuneZeJ5al1Gc2/0Gr1UI4IyfYzhfR7maeVfffT6LGMkxiNBxHycoaMKHl
I1uZD1Vdwl00AzU6rE9Yy4dbjrXvsA==
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:43:36 2024 by rpki-client on console-ams.rpki-client.org