Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3690793/A252AAC8A42411EBA135D26EF8AEA228/FC927018A42411EBA5AA3F6FF8AEA228.roa
File:                     FC927018A42411EBA5AA3F6FF8AEA228.roa (download)
Hash identifier:          K9w3koPW8uQ2K5qiBRTKzlFpnAUzH+XPYIPOtTYh530=
Subject key identifier:   92:C1:12:7F:5C:A1:D9:19:C8:B4:0E:15:17:D3:44:DA:B9:2A:C2:D7
Certificate issuer:       /CN=F3690793AF/serialNumber=5FE33172A6082C54ABC911F19F579D49FD809814
Certificate serial:       02
Authority key identifier: 5F:E3:31:72:A6:08:2C:54:AB:C9:11:F1:9F:57:9D:49:FD:80:98:14
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/X-MxcqYILFSryRHxn1edSf2AmBQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3690793/A252AAC8A42411EBA135D26EF8AEA228/FC927018A42411EBA5AA3F6FF8AEA228.roa
ROA valid until:          Apr 30 11:13:47 2030 GMT
asID:                     328839
IP address blocks:
    1: 102.220.68.0/22 maxlen: 22

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3690793AF/serialNumber=5FE33172A6082C54ABC911F19F579D49FD809814
        Validity
            Not Before: Apr 23 11:13:47 2021 GMT
            Not After : Apr 30 11:13:47 2030 GMT
        Subject: CN=6082abf1-36c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e0:36:a5:53:73:d6:b4:4b:28:c6:7f:4a:fe:
                    1d:71:1e:12:f1:34:57:39:cc:29:e7:db:30:3a:bd:
                    78:0b:1d:ac:29:0a:83:68:b6:2f:2b:e5:4b:d8:e6:
                    4f:1b:f8:c4:3d:b7:54:82:cd:70:a3:e7:07:ca:6c:
                    11:66:23:3b:d9:42:3b:a6:20:2a:3c:ab:cb:ad:7c:
                    f6:b1:eb:6d:4c:4c:2c:1d:90:9a:d5:01:a6:38:07:
                    98:a0:8b:8f:14:cc:7e:f7:2d:cc:e8:f5:44:a4:c6:
                    f5:4c:2f:86:00:b3:29:ab:d7:dc:63:4b:0e:b3:92:
                    1a:b9:35:c4:19:f1:3e:5e:5b:01:59:3c:18:b0:e7:
                    f1:d9:bf:86:88:19:00:57:3f:68:7b:7f:7a:a0:55:
                    66:ca:28:77:31:c3:fd:e1:7a:15:46:fd:e0:f5:cc:
                    bc:18:e0:89:52:f9:97:0d:4d:81:4b:12:c4:24:66:
                    75:8d:10:4f:ea:cb:10:1d:b8:b6:67:ed:f5:49:3f:
                    73:99:fe:d1:cd:ae:26:8f:31:7c:8e:48:26:f5:25:
                    05:59:0c:de:e4:9f:e1:87:63:95:a5:38:d8:62:cb:
                    62:51:88:39:b9:a5:5c:60:6d:35:87:fa:50:12:89:
                    54:2f:77:71:3a:e6:20:5d:c7:be:9b:61:1d:23:92:
                    96:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                92:C1:12:7F:5C:A1:D9:19:C8:B4:0E:15:17:D3:44:DA:B9:2A:C2:D7
            X509v3 Authority Key Identifier: 
                keyid:5F:E3:31:72:A6:08:2C:54:AB:C9:11:F1:9F:57:9D:49:FD:80:98:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3690793/A252AAC8A42411EBA135D26EF8AEA228/X-MxcqYILFSryRHxn1edSf2AmBQ.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/X-MxcqYILFSryRHxn1edSf2AmBQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3690793/A252AAC8A42411EBA135D26EF8AEA228/FC927018A42411EBA5AA3F6FF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8f:f2:b0:9c:f7:46:83:c6:39:04:86:98:05:97:19:14:70:59:
         38:71:de:7e:34:0c:9f:14:15:56:eb:36:e7:26:e4:1f:2b:69:
         f9:63:12:05:b4:8f:60:b4:3e:5c:23:65:dc:52:24:94:43:ec:
         1d:23:e5:32:97:15:c3:6b:26:4e:72:70:53:4e:58:fd:05:59:
         9e:4b:40:88:df:ee:8c:1c:b6:16:4c:de:17:cf:be:31:b3:99:
         d5:b0:0a:46:d2:46:83:ed:47:ae:08:76:d6:0f:c1:7a:5d:54:
         fd:fd:bd:ce:1f:cd:10:00:f1:f5:69:47:56:e4:7a:2a:2a:4d:
         57:ae:ac:40:5a:f0:87:ac:21:d3:74:56:ec:00:9b:30:5d:36:
         3d:e6:6e:24:c1:c2:ef:7b:2f:3b:2a:e8:0e:2e:5e:b2:eb:23:
         af:29:e0:c4:75:e8:6d:a7:e8:69:92:c6:8c:91:86:1c:05:77:
         33:0a:b1:9b:af:60:f4:dc:48:00:fa:34:6d:9f:65:14:68:80:
         f2:b4:92:bc:9b:a0:8c:0f:0a:b8:e4:3a:db:e3:fd:15:db:46:
         fc:16:dc:58:4d:ad:42:e5:5b:43:e3:13:9e:68:b2:25:0d:de:
         df:b5:b3:31:35:fb:93:27:b9:c9:4c:4c:26:a8:8b:59:1c:c9:
         55:08:c2:03
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
MDc5M0FGMTEwLwYDVQQFEyg1RkUzMzE3MkE2MDgyQzU0QUJDOTExRjE5RjU3OUQ0
OUZEODA5ODE0MB4XDTIxMDQyMzExMTM0N1oXDTMwMDQzMDExMTM0N1owGDEWMBQG
A1UEAxMNNjA4MmFiZjEtMzZjOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbgNqVTc9a0SyjGf0r+HXEeEvE0VznMKefbMDq9eAsdrCkKg2i2LyvlS9jm
Txv4xD23VILNcKPnB8psEWYjO9lCO6YgKjyry6189rHrbUxMLB2QmtUBpjgHmKCL
jxTMfvctzOj1RKTG9UwvhgCzKavX3GNLDrOSGrk1xBnxPl5bAVk8GLDn8dm/hogZ
AFc/aHt/eqBVZsoodzHD/eF6FUb94PXMvBjgiVL5lw1NgUsSxCRmdY0QT+rLEB24
tmft9Uk/c5n+0c2uJo8xfI5IJvUlBVkM3uSf4YdjlaU42GLLYlGIObmlXGBtNYf6
UBKJVC93cTrmIF3HvpthHSOSltECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSSwRJ/
XKHZGci0DhUX00TauSrC1zAfBgNVHSMEGDAWgBRf4zFypggsVKvJEfGfV51J/YCY
FDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTA3OTMvQTI1MkFBQzhBNDI0MTFFQkExMzVEMjZFRjhBRUEyMjgvWC1NeGNx
WUlMRlNyeVJIeG4xZWRTZjJBbUJRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWC1NeGNxWUlMRlNyeVJIeG4xZWRTZjJBbUJRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTA3OTMvQTI1MkFBQzhBNDI0MTFFQkExMzVEMjZFRjhB
RUEyMjgvRkM5MjcwMThBNDI0MTFFQkE1QUEzRjZGRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbcRDANBgkqhkiG9w0BAQsF
AAOCAQEAj/KwnPdGg8Y5BIaYBZcZFHBZOHHefjQMnxQVVus25ybkHytp+WMSBbSP
YLQ+XCNl3FIklEPsHSPlMpcVw2smTnJwU05Y/QVZnktAiN/ujBy2FkzeF8++MbOZ
1bAKRtJGg+1Hrgh21g/Bel1U/f29zh/NEADx9WlHVuR6KipNV66sQFrwh6wh03RW
7ACbMF02PeZuJMHC73svOyroDi5esusjryngxHXobafoaZLGjJGGHAV3Mwqxm69g
9NxIAPo0bZ9lFGiA8rSSvJugjA8KuOQ62+P9FdtG/BbcWE2tQuVbQ+MTnmiyJQ3e
37WzMTX7kye5yUxMJqiLWRzJVQjCAw==
-----END CERTIFICATE-----
Generated at Thu Dec 8 07:15:40 2022 by rpki-client.