Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/61A57F42B6A811EA8F77A82FF8AEA228.roa
File:                     61A57F42B6A811EA8F77A82FF8AEA228.roa (raw, json)
Hash identifier:          Vv24BsCUqeaHub4gOsUG210bOUJYooPQGDyZsC9Xk6w=
Subject key identifier:   4E:D0:CF:CF:9A:76:49:AA:CD:0E:B5:1F:B7:7D:DC:31:C4:FF:94:57
Certificate issuer:       /CN=F36A2303AF/serialNumber=5EB88DF4BF9089D7049A1FBE8005E621EAAE862B
Certificate serial:       A1
Authority key identifier: 5E:B8:8D:F4:BF:90:89:D7:04:9A:1F:BE:80:05:E6:21:EA:AE:86:2B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/61A57F42B6A811EA8F77A82FF8AEA228.roa
Signing time:             Thu 25 Jun 2020 05:54:50 +0000
ROA not before:           Thu 25 Jun 2020 05:54:44 +0000
ROA not after:            Sat 01 Jun 2030 05:54:44 +0000
asID:                     328631
IP address blocks:        102.22.253.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.mft
                          rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 161 (0xa1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A2303AF/serialNumber=5EB88DF4BF9089D7049A1FBE8005E621EAAE862B
        Validity
            Not Before: Jun 25 05:54:44 2020 GMT
            Not After : Jun  1 05:54:44 2030 GMT
        Subject: CN=5ef43c2a-2e6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ed:22:7e:4f:32:5e:e2:6e:67:ef:22:d5:bc:
                    87:fc:a9:21:30:5d:db:be:ff:76:63:aa:8b:f2:86:
                    5f:3e:61:1f:34:e3:76:59:95:1f:39:c8:bd:39:2f:
                    4d:32:5f:05:c0:a4:32:76:65:09:19:56:94:d3:f6:
                    04:69:56:5e:7f:b7:d0:19:a7:5e:f7:05:f1:f5:d2:
                    50:a3:e8:c8:54:3f:e7:ff:b8:fc:19:74:df:74:88:
                    cb:bb:d1:02:07:db:7c:52:01:72:06:a0:b0:50:f4:
                    17:4a:23:b1:e3:21:36:a1:63:31:32:30:c6:23:d2:
                    53:16:78:0d:60:14:e6:01:96:8a:c1:1b:be:31:f4:
                    bf:55:2c:ad:44:34:e6:46:bd:38:77:e8:e6:12:99:
                    61:71:01:bf:4a:d4:5a:aa:24:55:73:bc:b5:ce:9e:
                    bc:f1:75:85:7b:38:f9:86:ce:15:44:58:57:67:12:
                    07:4f:f6:00:b9:b4:b0:0e:be:5a:8d:54:96:d6:2e:
                    74:30:14:09:95:40:cd:ec:48:4f:c3:f4:d1:d6:d2:
                    0c:14:55:c0:50:c5:49:13:05:f0:5d:4f:6f:38:4a:
                    dd:81:e0:8c:ab:a2:4c:20:1f:43:72:cf:ff:60:78:
                    0d:84:c0:72:2f:c5:95:66:90:90:ef:57:64:15:fc:
                    79:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:D0:CF:CF:9A:76:49:AA:CD:0E:B5:1F:B7:7D:DC:31:C4:FF:94:57
            X509v3 Authority Key Identifier:
                keyid:5E:B8:8D:F4:BF:90:89:D7:04:9A:1F:BE:80:05:E6:21:EA:AE:86:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/61A57F42B6A811EA8F77A82FF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.22.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:6c:0a:57:fa:bd:b1:fe:6c:29:69:fa:e9:13:19:e8:97:f0:
         c5:39:12:6c:06:3f:65:b9:c1:8e:5b:23:d1:16:6d:5d:06:21:
         df:52:09:ee:6a:a9:82:6f:3e:f9:49:55:78:3a:3f:a9:4c:e0:
         d2:17:4e:53:e4:54:b9:ba:4a:11:1e:5c:cd:0b:2a:06:51:b4:
         05:29:d7:ac:fa:84:17:18:f2:d3:39:c1:7f:79:ad:9f:c8:78:
         fb:53:12:30:78:69:5c:ea:31:f5:43:c7:4a:09:16:b0:40:88:
         dc:fe:fd:2d:2a:01:ce:67:69:e7:66:ef:1d:6d:5d:e3:b6:32:
         d3:53:68:e5:10:c7:70:1e:00:5f:61:9f:3d:b7:10:81:38:d2:
         05:ff:00:5e:03:f4:fa:42:0d:bb:0f:11:50:88:aa:0a:a8:13:
         8e:e5:29:7e:72:2f:c1:77:e3:83:af:3f:25:07:6c:4e:09:a9:
         b3:f2:80:6c:bd:a4:85:40:7d:45:c2:da:05:04:1f:a4:e8:2a:
         64:2d:d7:d3:58:c7:4f:64:7c:86:ab:3a:34:ed:fc:a8:fc:5b:
         80:e1:dc:42:25:87:62:ca:6a:52:78:14:12:77:c1:9e:47:70:
         c9:cb:14:51:9d:3e:4a:09:59:1f:91:09:99:3a:67:6c:6a:4c:
         16:74:e9:67
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAKEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTIzMDNBRjExMC8GA1UEBRMoNUVCODhERjRCRjkwODlENzA0OUExRkJFODAwNUU2
MjFFQUFFODYyQjAeFw0yMDA2MjUwNTU0NDRaFw0zMDA2MDEwNTU0NDRaMBgxFjAU
BgNVBAMTDTVlZjQzYzJhLTJlNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDU7SJ+TzJe4m5n7yLVvIf8qSEwXdu+/3Zjqovyhl8+YR8043ZZlR85yL05
L00yXwXApDJ2ZQkZVpTT9gRpVl5/t9AZp173BfH10lCj6MhUP+f/uPwZdN90iMu7
0QIH23xSAXIGoLBQ9BdKI7HjITahYzEyMMYj0lMWeA1gFOYBlorBG74x9L9VLK1E
NOZGvTh36OYSmWFxAb9K1FqqJFVzvLXOnrzxdYV7OPmGzhVEWFdnEgdP9gC5tLAO
vlqNVJbWLnQwFAmVQM3sSE/D9NHW0gwUVcBQxUkTBfBdT284St2B4IyrokwgH0Ny
z/9geA2EwHIvxZVmkJDvV2QV/HlXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUTtDP
z5p2SarNDrUft33cMcT/lFcwHwYDVR0jBBgwFoAUXriN9L+QidcEmh++gAXmIequ
hiswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkEyMzAzLzY1NzE1Rjc4NTk0MzExRUFCMzBGNDI2MUY4QUVBMjI4L1hyaU45
TC1RaWRjRW1oLS1nQVhtSWVxdWhpcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1hyaU45TC1RaWRjRW1oLS1nQVhtSWVxdWhpcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkEyMzAzLzY1NzE1Rjc4NTk0MzExRUFCMzBGNDI2MUY4
QUVBMjI4LzYxQTU3RjQyQjZBODExRUE4Rjc3QTgyRkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmFv0wDQYJKoZIhvcNAQEL
BQADggEBAI5sClf6vbH+bClp+ukTGeiX8MU5EmwGP2W5wY5bI9EWbV0GId9SCe5q
qYJvPvlJVXg6P6lM4NIXTlPkVLm6ShEeXM0LKgZRtAUp16z6hBcY8tM5wX95rZ/I
ePtTEjB4aVzqMfVDx0oJFrBAiNz+/S0qAc5naedm7x1tXeO2MtNTaOUQx3AeAF9h
nz23EIE40gX/AF4D9PpCDbsPEVCIqgqoE47lKX5yL8F344OvPyUHbE4JqbPygGy9
pIVAfUXC2gUEH6ToKmQt19NYx09kfIarOjTt/Kj8W4Dh3EIlh2LKalJ4FBJ3wZ5H
cMnLFFGdPkoJWR+RCZk6Z2xqTBZ06Wc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:14 2024 by rpki-client on console-fra.rpki-client.org