Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369442E/5C97DC7425FD11EBA75F8D0DF8AEA228/CA4847F0260111EBACE81C12F8AEA228.roa
File:                     CA4847F0260111EBACE81C12F8AEA228.roa (raw, json)
Hash identifier:          wvHb/Kw9w+IZBIpt5st+Xz0N4A4tUwQJ6TE8L7LFn7U=
Subject key identifier:   5E:78:AB:0E:29:AA:9D:3F:9D:94:9D:00:4A:04:C3:15:68:86:FA:C3
Certificate issuer:       /CN=F369442EAF/serialNumber=8BF2D4C9C6AC0A18328DD3EB6CB590441737CEE8
Certificate serial:       03
Authority key identifier: 8B:F2:D4:C9:C6:AC:0A:18:32:8D:D3:EB:6C:B5:90:44:17:37:CE:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/i_LUycasChgyjdPrbLWQRBc3zug.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369442E/5C97DC7425FD11EBA75F8D0DF8AEA228/CA4847F0260111EBACE81C12F8AEA228.roa
Signing time:             Fri 13 Nov 2020 22:44:30 +0000
ROA not before:           Sat 14 Nov 2020 22:44:26 +0000
ROA not after:            Fri 01 Nov 2030 22:44:26 +0000
asID:                     328753
IP address blocks:        102.222.4.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369442E/5C97DC7425FD11EBA75F8D0DF8AEA228/i_LUycasChgyjdPrbLWQRBc3zug.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369442E/5C97DC7425FD11EBA75F8D0DF8AEA228/i_LUycasChgyjdPrbLWQRBc3zug.mft
                          rsync://rpki.afrinic.net/repository/afrinic/i_LUycasChgyjdPrbLWQRBc3zug.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369442EAF/serialNumber=8BF2D4C9C6AC0A18328DD3EB6CB590441737CEE8
        Validity
            Not Before: Nov 14 22:44:26 2020 GMT
            Not After : Nov  1 22:44:26 2030 GMT
        Subject: CN=5faf0c4e-3bb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:79:fe:7a:5a:bd:c1:bd:8f:67:38:ab:94:15:
                    50:c4:6a:49:00:11:6f:d9:34:84:18:62:a6:91:02:
                    6f:34:04:bf:fd:49:db:9b:22:7c:e5:17:c4:45:d7:
                    29:56:eb:b5:1c:84:f9:31:68:79:76:e2:51:b1:42:
                    33:44:fc:a3:81:f3:2d:75:76:be:f2:45:61:f8:38:
                    81:2e:e0:98:5b:51:29:cf:b5:31:f5:49:b1:6f:b6:
                    9c:93:7c:85:c8:53:71:c7:12:ed:f2:98:51:8a:eb:
                    3d:f1:32:60:e1:36:ce:e9:da:3d:71:1d:37:5b:d5:
                    54:a3:c0:ed:01:52:55:54:dc:1e:d1:a3:4a:41:9f:
                    47:88:86:59:b5:f4:fb:8c:51:b1:3d:6e:bb:c0:71:
                    b5:13:4d:06:ec:17:48:ef:c2:4b:ff:b1:59:56:09:
                    9b:c5:f0:91:05:40:17:fe:61:c0:16:0b:c5:cd:dd:
                    01:7f:3f:13:1e:dd:cb:91:4f:f0:b7:14:7e:f8:f1:
                    45:b1:a4:98:f8:af:82:cd:9e:60:0f:0f:ec:bc:aa:
                    1e:a4:75:0b:b4:74:d5:de:5e:cd:59:e0:ef:1f:3c:
                    e2:84:5c:a0:02:13:70:ed:d3:80:9b:06:14:4e:b3:
                    a6:79:9b:f0:04:14:9b:bb:10:c3:4d:de:42:b0:61:
                    22:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:78:AB:0E:29:AA:9D:3F:9D:94:9D:00:4A:04:C3:15:68:86:FA:C3
            X509v3 Authority Key Identifier:
                keyid:8B:F2:D4:C9:C6:AC:0A:18:32:8D:D3:EB:6C:B5:90:44:17:37:CE:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369442E/5C97DC7425FD11EBA75F8D0DF8AEA228/i_LUycasChgyjdPrbLWQRBc3zug.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/i_LUycasChgyjdPrbLWQRBc3zug.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369442E/5C97DC7425FD11EBA75F8D0DF8AEA228/CA4847F0260111EBACE81C12F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.222.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:59:82:00:b0:f6:cf:17:65:ee:bb:02:ea:f8:4b:1b:b3:48:
         f0:eb:9e:e8:1b:43:12:77:c0:44:0d:74:db:92:f9:7e:3c:90:
         32:7f:0c:5c:50:28:3c:cb:57:0b:ac:79:1a:cd:f8:f2:52:68:
         72:78:f4:f4:1f:b9:f4:ea:68:9f:4c:19:94:a8:e5:60:f6:97:
         3f:3b:bd:50:89:72:85:5f:a8:f4:e5:d0:d7:4e:e4:d6:c7:ee:
         5e:b9:2c:90:50:f4:58:0b:0f:86:80:3c:f4:5d:6b:b3:7b:d6:
         11:7c:eb:93:66:7a:d4:d8:69:5d:a6:83:c0:fd:b5:e1:82:8e:
         8e:35:86:1c:c8:73:ba:71:a2:1b:14:91:18:c8:e1:06:52:4a:
         41:0c:6b:e3:41:b8:a6:28:c4:15:88:56:82:14:dc:ee:f0:2e:
         85:2a:7c:62:ea:a4:df:a2:59:97:aa:2f:08:72:42:b1:95:78:
         0b:de:f9:2c:18:86:2a:eb:4f:ed:84:c6:56:92:45:8f:ff:cd:
         53:c2:b5:48:e7:58:82:73:c5:de:2d:05:d8:1c:01:eb:e5:15:
         8c:cc:24:6c:ab:22:1a:39:c1:d3:a8:85:27:49:b2:8f:41:05:
         b9:d2:10:e2:da:65:c9:42:b1:4a:d4:42:fe:5b:31:91:47:db:
         59:fc:d0:30
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
NDQyRUFGMTEwLwYDVQQFEyg4QkYyRDRDOUM2QUMwQTE4MzI4REQzRUI2Q0I1OTA0
NDE3MzdDRUU4MB4XDTIwMTExNDIyNDQyNloXDTMwMTEwMTIyNDQyNlowGDEWMBQG
A1UEAxMNNWZhZjBjNGUtM2JiODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJ5/npavcG9j2c4q5QVUMRqSQARb9k0hBhippECbzQEv/1J25sifOUXxEXX
KVbrtRyE+TFoeXbiUbFCM0T8o4HzLXV2vvJFYfg4gS7gmFtRKc+1MfVJsW+2nJN8
hchTcccS7fKYUYrrPfEyYOE2zunaPXEdN1vVVKPA7QFSVVTcHtGjSkGfR4iGWbX0
+4xRsT1uu8BxtRNNBuwXSO/CS/+xWVYJm8XwkQVAF/5hwBYLxc3dAX8/Ex7dy5FP
8LcUfvjxRbGkmPivgs2eYA8P7LyqHqR1C7R01d5ezVng7x884oRcoAITcO3TgJsG
FE6zpnmb8AQUm7sQw03eQrBhIl8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBReeKsO
KaqdP52UnQBKBMMVaIb6wzAfBgNVHSMEGDAWgBSL8tTJxqwKGDKN0+tstZBEFzfO
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTQ0MkUvNUM5N0RDNzQyNUZEMTFFQkE3NUY4RDBERjhBRUEyMjgvaV9MVXlj
YXNDaGd5amRQcmJMV1FSQmMzenVnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaV9MVXljYXNDaGd5amRQcmJMV1FSQmMzenVnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTQ0MkUvNUM5N0RDNzQyNUZEMTFFQkE3NUY4RDBERjhB
RUEyMjgvQ0E0ODQ3RjAyNjAxMTFFQkFDRTgxQzEyRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbeBDANBgkqhkiG9w0BAQsF
AAOCAQEAWlmCALD2zxdl7rsC6vhLG7NI8Oue6BtDEnfARA1025L5fjyQMn8MXFAo
PMtXC6x5Gs348lJocnj09B+59Opon0wZlKjlYPaXPzu9UIlyhV+o9OXQ107k1sfu
XrkskFD0WAsPhoA89F1rs3vWEXzrk2Z61NhpXaaDwP214YKOjjWGHMhzunGiGxSR
GMjhBlJKQQxr40G4pijEFYhWghTc7vAuhSp8Yuqk36JZl6ovCHJCsZV4C975LBiG
KutP7YTGVpJFj//NU8K1SOdYgnPF3i0F2BwB6+UVjMwkbKsiGjnB06iFJ0myj0EF
udIQ4tplyUKxStRC/lsxkUfbWfzQMA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:14 2024 by rpki-client on console-ams.rpki-client.org