Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/6E72E470BB7711EA81C17268F8AEA228.roa
File:                     6E72E470BB7711EA81C17268F8AEA228.roa (raw, json)
Hash identifier:          COX4w/jxxz6FilKDwda77AXXF6hQ4KkSqj9A8makL9E=
Subject key identifier:   32:1A:64:4F:8A:E2:CA:6B:AE:33:9A:38:01:6A:1B:21:D0:24:2E:BC
Certificate issuer:       /CN=F36A2303AF/serialNumber=5EB88DF4BF9089D7049A1FBE8005E621EAAE862B
Certificate serial:       AB
Authority key identifier: 5E:B8:8D:F4:BF:90:89:D7:04:9A:1F:BE:80:05:E6:21:EA:AE:86:2B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/6E72E470BB7711EA81C17268F8AEA228.roa
Signing time:             Wed 01 Jul 2020 08:47:02 +0000
ROA not before:           Wed 01 Jul 2020 08:46:55 +0000
ROA not after:            Mon 01 Jul 2030 08:46:55 +0000
asID:                     328631
IP address blocks:        102.22.248.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.mft
                          rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 171 (0xab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A2303AF/serialNumber=5EB88DF4BF9089D7049A1FBE8005E621EAAE862B
        Validity
            Not Before: Jul  1 08:46:55 2020 GMT
            Not After : Jul  1 08:46:55 2030 GMT
        Subject: CN=5efc4d86-f232
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:dc:b8:aa:9e:8b:26:36:3c:78:49:fa:99:3a:
                    54:d6:da:38:90:bb:39:eb:93:f8:1e:96:d7:9a:2f:
                    4a:5f:e2:82:97:3c:f1:be:cf:1f:3b:e3:e4:4c:da:
                    6d:48:93:6f:5e:4c:17:0e:2c:94:42:a0:28:01:c3:
                    bd:a2:b7:12:a7:94:3a:71:9b:3d:5a:1d:f6:c9:19:
                    6a:3e:88:47:c4:19:8a:5a:09:f6:f6:e4:2f:a0:bf:
                    93:34:80:f5:9c:c6:89:82:af:3d:6e:7c:78:a8:16:
                    34:46:36:e9:9f:58:f5:e3:e3:73:73:4b:d3:bf:4d:
                    cb:8d:3e:e2:75:a0:43:dc:d9:8f:16:d7:a8:13:ad:
                    22:26:8b:a0:44:f2:ca:1f:86:82:0b:7e:3e:4a:39:
                    27:03:ee:27:83:53:63:b7:2e:08:f3:21:4c:98:42:
                    ab:0d:6a:e6:b8:df:12:68:3f:18:ff:34:6a:ce:63:
                    d6:c7:29:1f:58:af:c6:bc:64:04:32:aa:fd:de:05:
                    80:69:05:70:31:71:e4:41:71:9c:97:58:e7:6d:75:
                    fd:98:d9:32:1b:b9:fc:87:49:ee:14:cc:19:51:c6:
                    e9:5c:c0:9f:48:48:28:54:19:74:22:60:42:7d:a3:
                    98:b9:85:a1:9d:64:ee:08:4c:68:2b:d9:0f:eb:6a:
                    0c:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:1A:64:4F:8A:E2:CA:6B:AE:33:9A:38:01:6A:1B:21:D0:24:2E:BC
            X509v3 Authority Key Identifier:
                keyid:5E:B8:8D:F4:BF:90:89:D7:04:9A:1F:BE:80:05:E6:21:EA:AE:86:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/XriN9L-QidcEmh--gAXmIequhis.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XriN9L-QidcEmh--gAXmIequhis.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2303/65715F78594311EAB30F4261F8AEA228/6E72E470BB7711EA81C17268F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.22.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         96:08:1e:7c:dc:49:ad:b9:2e:d5:e2:0f:cd:8b:72:24:20:21:
         10:b1:0d:d4:56:c6:d8:21:11:b5:24:c1:96:79:3b:a8:c0:9a:
         aa:16:c5:f1:9a:3c:59:0d:6d:0f:c0:3d:89:80:f7:14:da:86:
         ae:c0:be:fc:c7:7e:5d:60:88:3e:38:d8:0d:3d:5d:7d:8b:9d:
         91:7c:f5:29:52:5f:f1:a3:26:0e:26:25:ad:4d:7f:78:82:44:
         65:71:32:1e:90:0b:e9:58:a4:30:84:a8:b1:ba:32:bb:2b:2d:
         39:5e:2b:74:e7:80:4d:fe:31:01:02:d8:34:06:65:df:cc:66:
         62:46:83:81:50:f3:3d:71:bb:db:17:f2:16:fb:32:b8:de:ee:
         3f:cd:d3:a5:68:95:fa:d1:4d:d7:54:24:21:5a:c4:63:f8:08:
         c9:b8:89:fb:72:ef:d2:47:f6:4f:ce:5b:31:f2:e6:c0:87:8d:
         5e:bd:80:e3:d8:4f:fc:25:b2:d3:18:06:79:8e:a9:af:5b:39:
         8b:87:0a:82:00:22:bf:0f:fd:0f:27:45:b0:3e:81:c6:c3:f9:
         8b:a1:ef:d9:d9:fc:2d:8c:c3:1b:ca:76:5a:9f:0d:dd:83:12:
         6c:5e:ed:fc:cb:0c:b3:80:52:c8:07:50:b3:98:ed:eb:e5:2f:
         a5:1b:f0:bf
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAKswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTIzMDNBRjExMC8GA1UEBRMoNUVCODhERjRCRjkwODlENzA0OUExRkJFODAwNUU2
MjFFQUFFODYyQjAeFw0yMDA3MDEwODQ2NTVaFw0zMDA3MDEwODQ2NTVaMBgxFjAU
BgNVBAMTDTVlZmM0ZDg2LWYyMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCu3LiqnosmNjx4SfqZOlTW2jiQuznrk/gelteaL0pf4oKXPPG+zx874+RM
2m1Ik29eTBcOLJRCoCgBw72itxKnlDpxmz1aHfbJGWo+iEfEGYpaCfb25C+gv5M0
gPWcxomCrz1ufHioFjRGNumfWPXj43NzS9O/TcuNPuJ1oEPc2Y8W16gTrSImi6BE
8sofhoILfj5KOScD7ieDU2O3LgjzIUyYQqsNaua43xJoPxj/NGrOY9bHKR9Yr8a8
ZAQyqv3eBYBpBXAxceRBcZyXWOdtdf2Y2TIbufyHSe4UzBlRxulcwJ9ISChUGXQi
YEJ9o5i5haGdZO4ITGgr2Q/ragyHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUMhpk
T4riymuuM5o4AWobIdAkLrwwHwYDVR0jBBgwFoAUXriN9L+QidcEmh++gAXmIequ
hiswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkEyMzAzLzY1NzE1Rjc4NTk0MzExRUFCMzBGNDI2MUY4QUVBMjI4L1hyaU45
TC1RaWRjRW1oLS1nQVhtSWVxdWhpcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1hyaU45TC1RaWRjRW1oLS1nQVhtSWVxdWhpcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkEyMzAzLzY1NzE1Rjc4NTk0MzExRUFCMzBGNDI2MUY4
QUVBMjI4LzZFNzJFNDcwQkI3NzExRUE4MUMxNzI2OEY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANmFvgwDQYJKoZIhvcNAQEL
BQADggEBAJYIHnzcSa25LtXiD82LciQgIRCxDdRWxtghEbUkwZZ5O6jAmqoWxfGa
PFkNbQ/APYmA9xTahq7AvvzHfl1giD442A09XX2LnZF89SlSX/GjJg4mJa1Nf3iC
RGVxMh6QC+lYpDCEqLG6MrsrLTleK3TngE3+MQEC2DQGZd/MZmJGg4FQ8z1xu9sX
8hb7Mrje7j/N06VolfrRTddUJCFaxGP4CMm4ifty79JH9k/OWzHy5sCHjV69gOPY
T/wlstMYBnmOqa9bOYuHCoIAIr8P/Q8nRbA+gcbD+Yuh79nZ/C2MwxvKdlqfDd2D
Emxe7fzLDLOAUsgHULOY7evlL6Ub8L8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:19 2024 by rpki-client on console-ams.rpki-client.org