Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/E650AE52BC6E11EB847FD07BF8AEA228.roa
File:                     E650AE52BC6E11EB847FD07BF8AEA228.roa (raw, json)
Hash identifier:          +eTs78HQO+yiKtBXlE3VIEeGG4NvrxOlCXp0GiPHoR8=
Subject key identifier:   61:83:0A:A9:F3:E4:92:7B:D2:64:95:BC:AD:BB:BC:46:38:62:80:9E
Certificate issuer:       /CN=F3682C09AF/serialNumber=D447431327ABE8B6A66030848FFD0D969C570ABD
Certificate serial:       02
Authority key identifier: D4:47:43:13:27:AB:E8:B6:A6:60:30:84:8F:FD:0D:96:9C:57:0A:BD
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/1EdDEyer6LamYDCEj_0NlpxXCr0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/E650AE52BC6E11EB847FD07BF8AEA228.roa
Signing time:             Mon 24 May 2021 09:03:26 +0000
ROA not before:           Mon 24 May 2021 09:03:22 +0000
ROA not after:            Fri 24 May 2030 09:03:22 +0000
asID:                     328848
IP address blocks:        102.219.228.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/1EdDEyer6LamYDCEj_0NlpxXCr0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/1EdDEyer6LamYDCEj_0NlpxXCr0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/1EdDEyer6LamYDCEj_0NlpxXCr0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682C09AF/serialNumber=D447431327ABE8B6A66030848FFD0D969C570ABD
        Validity
            Not Before: May 24 09:03:22 2021 GMT
            Not After : May 24 09:03:22 2030 GMT
        Subject: CN=60ab6bde-27ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:29:6f:07:56:95:2c:28:e2:a2:a0:04:35:93:
                    16:ee:2f:1e:40:93:0a:f0:47:c4:35:43:58:b8:db:
                    4d:1f:15:6a:b2:31:ee:d7:b5:b3:3e:75:2e:14:3a:
                    55:bf:e0:af:ad:3f:57:9e:fc:ca:86:9e:8c:e1:d2:
                    cf:0d:d7:ea:11:38:fb:06:a7:5d:13:8b:41:3e:0e:
                    7d:52:bf:19:76:09:1e:53:40:56:6a:f6:31:d4:32:
                    eb:bd:7e:09:76:26:0c:ee:ed:e4:3d:f5:c0:c5:7e:
                    5a:d9:0e:c8:50:9d:14:3a:e6:f1:75:60:90:0f:c6:
                    04:09:62:a8:1c:7b:14:0c:c1:e0:b7:89:0b:57:27:
                    3f:2c:21:fa:b3:af:f6:70:05:94:cb:fe:08:23:c1:
                    7c:d5:71:ff:89:0c:4d:c6:19:b5:51:a7:e1:2b:d6:
                    b5:92:7f:91:0f:81:5e:21:f5:b2:cb:b5:33:f7:81:
                    9b:ad:f3:a1:30:fd:d1:dc:85:3e:4a:dd:ec:58:b4:
                    6d:de:2d:08:09:84:e4:fc:b0:74:fa:a4:d8:12:8e:
                    a6:11:3a:f9:83:ad:a2:f7:40:22:42:20:98:24:d2:
                    a0:0f:9a:6b:6e:36:e1:d5:6f:79:30:a1:31:24:7e:
                    25:59:f9:7d:3c:9b:11:72:c6:c7:44:b3:1f:8c:71:
                    b4:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:83:0A:A9:F3:E4:92:7B:D2:64:95:BC:AD:BB:BC:46:38:62:80:9E
            X509v3 Authority Key Identifier:
                keyid:D4:47:43:13:27:AB:E8:B6:A6:60:30:84:8F:FD:0D:96:9C:57:0A:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/1EdDEyer6LamYDCEj_0NlpxXCr0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/1EdDEyer6LamYDCEj_0NlpxXCr0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/E650AE52BC6E11EB847FD07BF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.219.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9d:87:e4:1f:fd:0c:54:c9:58:ab:6f:8a:44:81:21:fb:5e:03:
         67:99:79:33:7f:7d:58:bb:3c:c9:f5:dc:76:b1:3f:7a:2d:b7:
         59:31:b4:a6:45:85:52:26:61:ce:1b:c1:e0:d9:c5:7e:ae:e9:
         16:dc:21:6d:c8:10:a2:82:1c:fc:ec:79:5f:7c:87:13:59:66:
         f1:e2:4f:7a:96:cd:5b:52:92:5f:97:48:28:2d:43:32:07:33:
         5a:71:6a:de:d4:7b:b0:c1:71:0a:5b:cc:aa:70:f4:e0:92:15:
         5a:89:7e:64:80:db:cc:88:b3:a3:c5:9b:17:80:bf:d5:9f:6b:
         17:33:04:8a:06:b4:00:11:78:a4:81:39:9b:29:2e:d5:d6:79:
         0a:cc:79:98:c9:0f:57:26:64:6b:59:c0:3b:1f:71:1b:7f:2d:
         7a:1b:b6:d9:fe:16:45:9f:c1:46:ff:19:e1:e3:7b:8f:37:f2:
         83:a4:04:85:60:d8:4f:16:64:d5:44:c2:aa:95:d4:f0:b2:e7:
         a0:c6:1a:75:4c:4f:ad:22:12:9c:b3:0a:bb:07:ae:17:3f:31:
         f5:c7:4c:36:dc:3e:36:49:a2:b2:8d:b2:45:36:5c:56:a2:d8:
         51:71:84:f8:7a:e3:7c:85:18:cd:7d:59:4f:ef:da:cd:98:18:
         7b:2a:34:8d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
MkMwOUFGMTEwLwYDVQQFEyhENDQ3NDMxMzI3QUJFOEI2QTY2MDMwODQ4RkZEMEQ5
NjlDNTcwQUJEMB4XDTIxMDUyNDA5MDMyMloXDTMwMDUyNDA5MDMyMlowGDEWMBQG
A1UEAxMNNjBhYjZiZGUtMjdlZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPMpbwdWlSwo4qKgBDWTFu4vHkCTCvBHxDVDWLjbTR8VarIx7te1sz51LhQ6
Vb/gr60/V578yoaejOHSzw3X6hE4+wanXROLQT4OfVK/GXYJHlNAVmr2MdQy671+
CXYmDO7t5D31wMV+WtkOyFCdFDrm8XVgkA/GBAliqBx7FAzB4LeJC1cnPywh+rOv
9nAFlMv+CCPBfNVx/4kMTcYZtVGn4SvWtZJ/kQ+BXiH1ssu1M/eBm63zoTD90dyF
Pkrd7Fi0bd4tCAmE5PywdPqk2BKOphE6+YOtovdAIkIgmCTSoA+aa2424dVveTCh
MSR+JVn5fTybEXLGx0SzH4xxtHMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRhgwqp
8+SSe9Jklbytu7xGOGKAnjAfBgNVHSMEGDAWgBTUR0MTJ6votqZgMISP/Q2WnFcK
vTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODJDMDkvQTU0M0YyQUNCQzZFMTFFQkIzNzI3MzdCRjhBRUEyMjgvMUVkREV5
ZXI2TGFtWURDRWpfME5scHhYQ3IwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMUVkREV5ZXI2TGFtWURDRWpfME5scHhYQ3IwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODJDMDkvQTU0M0YyQUNCQzZFMTFFQkIzNzI3MzdCRjhB
RUEyMjgvRTY1MEFFNTJCQzZFMTFFQjg0N0ZEMDdCRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbb5DANBgkqhkiG9w0BAQsF
AAOCAQEAnYfkH/0MVMlYq2+KRIEh+14DZ5l5M399WLs8yfXcdrE/ei23WTG0pkWF
UiZhzhvB4NnFfq7pFtwhbcgQooIc/Ox5X3yHE1lm8eJPepbNW1KSX5dIKC1DMgcz
WnFq3tR7sMFxClvMqnD04JIVWol+ZIDbzIizo8WbF4C/1Z9rFzMEiga0ABF4pIE5
myku1dZ5Csx5mMkPVyZka1nAOx9xG38tehu22f4WRZ/BRv8Z4eN7jzfyg6QEhWDY
TxZk1UTCqpXU8LLnoMYadUxPrSISnLMKuweuFz8x9cdMNtw+Nkmiso2yRTZcVqLY
UXGE+HrjfIUYzX1ZT+/azZgYeyo0jQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org