Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/A0FB2C7A702811EBBEEF8C25F8AEA228.roa
File:                     A0FB2C7A702811EBBEEF8C25F8AEA228.roa (raw, json)
Hash identifier:          WRA7vUkmweseystfPnsoSmxUQdjwHDtXfkHr1rmgxF8=
Subject key identifier:   F6:5F:81:1F:BA:3D:B5:4B:8A:F5:BA:5E:39:9A:35:0D:0D:B5:46:BC
Certificate issuer:       /CN=F368A3D1AF/serialNumber=AE51D25716DDB4CCA31B2E985E0A7525F7F4B9C6
Certificate serial:       02
Authority key identifier: AE:51:D2:57:16:DD:B4:CC:A3:1B:2E:98:5E:0A:75:25:F7:F4:B9:C6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/A0FB2C7A702811EBBEEF8C25F8AEA228.roa
Signing time:             Tue 16 Feb 2021 07:28:57 +0000
ROA not before:           Tue 16 Feb 2021 07:28:51 +0000
ROA not after:            Fri 01 Feb 2030 07:28:51 +0000
asID:                     328795
IP address blocks:        102.220.252.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368A3D1AF/serialNumber=AE51D25716DDB4CCA31B2E985E0A7525F7F4B9C6
        Validity
            Not Before: Feb 16 07:28:51 2021 GMT
            Not After : Feb  1 07:28:51 2030 GMT
        Subject: CN=602b7439-fd8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:9a:01:59:77:c0:c4:90:79:fc:ab:1d:14:21:
                    c5:42:8f:36:9a:77:68:c7:3a:f1:b1:ac:43:9d:38:
                    03:3f:f6:d3:e3:a7:49:b9:de:b2:4a:a4:1a:3a:87:
                    b9:7c:39:e1:01:4b:72:58:15:d0:dd:fd:a6:f0:d0:
                    80:ad:c8:ad:39:7b:53:d9:35:d3:b0:48:f5:08:34:
                    f0:fc:f5:b8:16:3a:92:da:58:13:79:ed:78:cd:72:
                    71:33:06:37:71:6b:0a:2c:42:35:49:96:13:d8:0e:
                    2a:6e:44:a9:80:f2:c5:85:7b:93:1e:29:04:8e:27:
                    0a:70:c6:b4:51:2b:9c:8f:b6:52:69:b9:54:bb:3b:
                    86:bd:70:ba:ea:66:22:bc:89:02:44:bd:33:55:55:
                    a7:0d:9a:ec:63:7c:ea:de:98:87:db:12:f1:e3:5b:
                    7c:c9:56:6c:80:69:21:7b:64:cb:70:a6:11:cb:e7:
                    54:b6:88:9b:9b:53:41:a3:e6:67:77:8e:95:43:1e:
                    81:a6:7e:d7:4f:1c:02:27:24:ab:32:d7:5b:89:63:
                    5a:27:f9:23:5d:4e:fe:af:4f:5d:b4:7c:27:16:87:
                    bd:67:72:d4:d0:b5:37:0b:99:8a:2b:c5:4c:4a:7e:
                    a8:45:6f:6d:34:3e:50:11:3c:6d:b8:1d:86:f0:df:
                    8c:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:5F:81:1F:BA:3D:B5:4B:8A:F5:BA:5E:39:9A:35:0D:0D:B5:46:BC
            X509v3 Authority Key Identifier:
                keyid:AE:51:D2:57:16:DD:B4:CC:A3:1B:2E:98:5E:0A:75:25:F7:F4:B9:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/A0FB2C7A702811EBBEEF8C25F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:9a:c9:46:89:0e:bd:c2:40:ce:2c:5f:6a:60:5e:17:ad:84:
         10:92:c4:ce:b3:e7:9a:8e:d8:a3:bc:9e:e7:a6:a5:c0:20:9e:
         4f:ce:6d:3c:4c:4c:85:b0:a8:33:0e:9b:4d:01:7a:b8:cf:a6:
         da:e9:1a:8b:df:cf:d4:f8:78:5c:b6:aa:9d:dd:ee:9f:8f:a3:
         1c:64:33:16:6a:e8:e8:82:4b:0f:3e:ac:17:64:78:0e:d7:07:
         30:78:f0:ab:b2:23:9c:bb:86:d8:b5:d7:e9:0c:cf:47:40:5c:
         38:3d:1e:3d:02:92:6d:24:5c:a3:dd:3c:85:62:95:27:e6:ab:
         c8:78:fa:1c:47:87:42:41:51:fa:4d:72:cc:54:57:df:a2:b3:
         49:fb:bd:ed:2c:3d:1a:9a:71:8c:81:3e:0f:09:2f:ef:86:6a:
         31:8d:64:71:38:9b:af:6a:a2:93:f6:9c:08:d9:1c:e5:94:75:
         62:a4:da:bc:5e:ae:02:6a:3d:93:cb:f2:f5:d1:ba:8c:32:a5:
         aa:f4:fd:f8:05:f4:a2:52:c8:f7:3d:22:f0:6b:a3:d9:9c:0d:
         6f:97:54:28:d3:de:02:c9:2c:4d:89:74:06:69:2a:2a:cc:85:
         47:06:df:56:96:04:ba:b4:06:3f:b4:b2:c2:5b:f1:d9:dd:21:
         25:e1:23:14
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
QTNEMUFGMTEwLwYDVQQFEyhBRTUxRDI1NzE2RERCNENDQTMxQjJFOTg1RTBBNzUy
NUY3RjRCOUM2MB4XDTIxMDIxNjA3Mjg1MVoXDTMwMDIwMTA3Mjg1MVowGDEWMBQG
A1UEAxMNNjAyYjc0MzktZmQ4YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmaAVl3wMSQefyrHRQhxUKPNpp3aMc68bGsQ504Az/20+OnSbneskqkGjqH
uXw54QFLclgV0N39pvDQgK3IrTl7U9k107BI9Qg08Pz1uBY6ktpYE3nteM1ycTMG
N3FrCixCNUmWE9gOKm5EqYDyxYV7kx4pBI4nCnDGtFErnI+2Umm5VLs7hr1wuupm
IryJAkS9M1VVpw2a7GN86t6Yh9sS8eNbfMlWbIBpIXtky3CmEcvnVLaIm5tTQaPm
Z3eOlUMegaZ+108cAickqzLXW4ljWif5I11O/q9PXbR8JxaHvWdy1NC1NwuZiivF
TEp+qEVvbTQ+UBE8bbgdhvDfjC0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT2X4Ef
uj21S4r1ul45mjUNDbVGvDAfBgNVHSMEGDAWgBSuUdJXFt20zKMbLpheCnUl9/S5
xjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OEEzRDEvNzM3MzJFNTY3MDI4MTFFQkIyRjk2ODI1RjhBRUEyMjgvcmxIU1Z4
YmR0TXlqR3k2WVhncDFKZmYwdWNZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcmxIU1Z4YmR0TXlqR3k2WVhncDFKZmYwdWNZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OEEzRDEvNzM3MzJFNTY3MDI4MTFFQkIyRjk2ODI1RjhB
RUEyMjgvQTBGQjJDN0E3MDI4MTFFQkJFRUY4QzI1RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbc/DANBgkqhkiG9w0BAQsF
AAOCAQEAg5rJRokOvcJAzixfamBeF62EEJLEzrPnmo7Yo7ye56alwCCeT85tPExM
hbCoMw6bTQF6uM+m2ukai9/P1Ph4XLaqnd3un4+jHGQzFmro6IJLDz6sF2R4DtcH
MHjwq7IjnLuG2LXX6QzPR0BcOD0ePQKSbSRco908hWKVJ+aryHj6HEeHQkFR+k1y
zFRX36KzSfu97Sw9GppxjIE+Dwkv74ZqMY1kcTibr2qik/acCNkc5ZR1YqTavF6u
Amo9k8vy9dG6jDKlqvT9+AX0olLI9z0i8Guj2ZwNb5dUKNPeAsksTYl0BmkqKsyF
RwbfVpYEurQGP7Sywlvx2d0hJeEjFA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:12:53 2024 by rpki-client on console-fra.rpki-client.org