Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/4240206CB6A811EAB1BB832FF8AEA228.roa
File:                     4240206CB6A811EAB1BB832FF8AEA228.roa (raw, json)
Hash identifier:          iCq6/gFL3W7WK6Z6bjLnYmu6Mw0Dp25G63lqs3EndEM=
Subject key identifier:   8E:B6:2B:9F:78:39:80:89:22:EF:9C:FE:71:D2:D4:47:F6:DE:73:D8
Certificate issuer:       /CN=F36A2303AF/serialNumber=5EB88DF4BF9089D7049A1FBE8005E621EAAE862B
Certificate serial:       9F
Authority key identifier: 5E:B8:8D:F4:BF:90:89:D7:04:9A:1F:BE:80:05:E6:21:EA:AE:86:2B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/4240206CB6A811EAB1BB832FF8AEA228.roa
Signing time:             Thu 25 Jun 2020 05:53:57 +0000
ROA not before:           Thu 25 Jun 2020 05:53:52 +0000
ROA not after:            Sat 01 Jun 2030 05:53:52 +0000
asID:                     328631
IP address blocks:        102.22.252.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.mft
                          rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 159 (0x9f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A2303AF/serialNumber=5EB88DF4BF9089D7049A1FBE8005E621EAAE862B
        Validity
            Not Before: Jun 25 05:53:52 2020 GMT
            Not After : Jun  1 05:53:52 2030 GMT
        Subject: CN=5ef43bf5-1165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:22:d7:b7:79:11:43:b2:b7:42:aa:dc:d6:b2:
                    b9:84:69:65:82:71:4e:68:05:ec:fd:75:7d:1f:0b:
                    58:6a:35:da:0c:c8:9c:f6:2c:df:da:4a:93:45:0e:
                    01:9c:8e:df:bf:77:4c:88:6c:2d:4d:83:2c:ce:30:
                    3f:f5:a2:94:9c:32:07:15:98:51:5b:29:97:a5:7e:
                    06:66:93:da:0a:cb:28:17:7c:af:99:63:c6:a1:38:
                    74:7d:6d:f8:25:b1:e0:e9:5d:e3:99:6e:70:90:c9:
                    26:de:33:bf:f9:a6:af:72:b3:d9:b6:7c:70:d6:f1:
                    76:d8:ed:a6:d2:bc:8c:6e:06:27:33:6f:84:78:16:
                    ea:05:86:de:a7:38:ae:0a:df:ed:39:3b:fc:79:fe:
                    e7:a4:42:e4:7d:ec:15:0e:02:ea:1d:c1:de:d9:4e:
                    33:50:52:ff:9c:86:09:cb:23:67:a0:50:fc:14:44:
                    6f:7d:b5:d4:40:ca:1b:15:a6:36:cd:a0:ac:53:22:
                    78:45:e0:6c:a0:74:d9:91:39:e1:fd:3d:22:e8:fb:
                    be:6d:af:f5:58:42:09:66:44:d6:28:b0:76:06:e7:
                    74:e9:d2:5b:3c:c5:60:19:cc:45:1e:7d:07:0e:c7:
                    77:ca:e5:4a:36:d5:5d:ac:fd:ba:00:91:58:df:84:
                    9e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:B6:2B:9F:78:39:80:89:22:EF:9C:FE:71:D2:D4:47:F6:DE:73:D8
            X509v3 Authority Key Identifier:
                keyid:5E:B8:8D:F4:BF:90:89:D7:04:9A:1F:BE:80:05:E6:21:EA:AE:86:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/4240206CB6A811EAB1BB832FF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.22.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:6b:ce:a1:9e:79:b9:60:c6:29:3d:f9:52:49:23:01:ef:d8:
         32:9f:d9:7a:ef:f9:5d:b5:0e:18:7e:0a:6c:6d:f6:b0:d3:a7:
         85:8e:a6:f7:d6:19:61:53:c5:b1:b7:be:57:b5:d5:16:07:67:
         fe:b7:9b:78:9f:75:f3:de:94:85:37:e8:a0:a5:d4:4a:7d:38:
         79:3e:b2:34:81:89:31:30:de:34:1b:0c:8e:72:c7:2d:44:bb:
         77:2c:a9:cc:56:10:2f:d0:5d:c2:6a:94:42:ef:28:2e:f2:13:
         00:f0:8d:e1:5c:bf:2a:2f:e7:81:49:18:03:4e:63:ef:5b:be:
         e3:0b:71:a5:2f:66:f7:e0:82:aa:bd:a1:55:f5:98:a3:e5:9f:
         b1:ad:bd:d2:e4:62:73:ea:01:82:1d:40:fb:2c:97:76:d4:6d:
         06:f3:87:9d:97:41:4a:6c:54:1d:9a:c9:09:78:7c:ef:0f:4a:
         35:ea:2b:c9:a9:03:36:d1:ca:6e:a7:3f:da:ce:2c:e9:18:fc:
         e4:86:e6:ba:9e:d6:44:2c:ad:00:69:c5:55:20:4b:6b:07:dd:
         32:b6:b6:5e:6c:b4:61:be:82:32:7f:f2:ce:96:8a:87:4e:5a:
         d4:c3:78:45:fd:fe:2f:58:d4:f8:6a:49:f4:99:4e:58:0d:ba:
         72:b8:58:03
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAJ8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTIzMDNBRjExMC8GA1UEBRMoNUVCODhERjRCRjkwODlENzA0OUExRkJFODAwNUU2
MjFFQUFFODYyQjAeFw0yMDA2MjUwNTUzNTJaFw0zMDA2MDEwNTUzNTJaMBgxFjAU
BgNVBAMTDTVlZjQzYmY1LTExNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+Ite3eRFDsrdCqtzWsrmEaWWCcU5oBez9dX0fC1hqNdoMyJz2LN/aSpNF
DgGcjt+/d0yIbC1NgyzOMD/1opScMgcVmFFbKZelfgZmk9oKyygXfK+ZY8ahOHR9
bfglseDpXeOZbnCQySbeM7/5pq9ys9m2fHDW8XbY7abSvIxuBiczb4R4FuoFht6n
OK4K3+05O/x5/uekQuR97BUOAuodwd7ZTjNQUv+chgnLI2egUPwURG99tdRAyhsV
pjbNoKxTInhF4GygdNmROeH9PSLo+75tr/VYQglmRNYosHYG53Tp0ls8xWAZzEUe
fQcOx3fK5Uo21V2s/boAkVjfhJ4PAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUjrYr
n3g5gIki75z+cdLUR/bec9gwHwYDVR0jBBgwFoAUXriN9L+QidcEmh++gAXmIequ
hiswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkEyMzAzLzY1NzE1Rjc4NTk0MzExRUFCMzBGNDI2MUY4QUVBMjI4L1hyaU45
TC1RaWRjRW1oLS1nQVhtSWVxdWhpcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1hyaU45TC1RaWRjRW1oLS1nQVhtSWVxdWhpcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkEyMzAzLzY1NzE1Rjc4NTk0MzExRUFCMzBGNDI2MUY4
QUVBMjI4LzQyNDAyMDZDQjZBODExRUFCMUJCODMyRkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmFvwwDQYJKoZIhvcNAQEL
BQADggEBAItrzqGeeblgxik9+VJJIwHv2DKf2Xrv+V21Dhh+Cmxt9rDTp4WOpvfW
GWFTxbG3vle11RYHZ/63m3ifdfPelIU36KCl1Ep9OHk+sjSBiTEw3jQbDI5yxy1E
u3csqcxWEC/QXcJqlELvKC7yEwDwjeFcvyov54FJGANOY+9bvuMLcaUvZvfggqq9
oVX1mKPln7GtvdLkYnPqAYIdQPssl3bUbQbzh52XQUpsVB2ayQl4fO8PSjXqK8mp
AzbRym6nP9rOLOkY/OSG5rqe1kQsrQBpxVUgS2sH3TK2tl5stGG+gjJ/8s6WiodO
WtTDeEX9/i9Y1PhqSfSZTlgNunK4WAM=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:40 2024 by rpki-client on console-ams.rpki-client.org