Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/3E87BB4E5A6711EA9C48384CF8AEA228.roa
File:                     3E87BB4E5A6711EA9C48384CF8AEA228.roa (raw, json)
Hash identifier:          nvSN5JRFyEeP9hkBJ/sGlztv5rQhKrD7IbfV6O2PjxE=
Subject key identifier:   E7:48:26:0F:A9:E0:49:8C:74:55:E2:F3:80:40:5A:B0:2A:E8:27:0E
Certificate issuer:       /CN=F36B70EFAF/serialNumber=D0BE67D045B33F05A5871510399E709C98F6D77D
Certificate serial:       08
Authority key identifier: D0:BE:67:D0:45:B3:3F:05:A5:87:15:10:39:9E:70:9C:98:F6:D7:7D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/0L5n0EWzPwWlhxUQOZ5wnJj2130.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/3E87BB4E5A6711EA9C48384CF8AEA228.roa
Signing time:             Fri 28 Feb 2020 20:16:47 +0000
ROA not before:           Fri 28 Feb 2020 20:16:42 +0000
ROA not after:            Thu 28 Feb 2030 20:16:42 +0000
asID:                     328337
IP address blocks:        102.134.68.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/0L5n0EWzPwWlhxUQOZ5wnJj2130.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/0L5n0EWzPwWlhxUQOZ5wnJj2130.mft
                          rsync://rpki.afrinic.net/repository/afrinic/0L5n0EWzPwWlhxUQOZ5wnJj2130.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B70EFAF/serialNumber=D0BE67D045B33F05A5871510399E709C98F6D77D
        Validity
            Not Before: Feb 28 20:16:42 2020 GMT
            Not After : Feb 28 20:16:42 2030 GMT
        Subject: CN=5e59752f-aefe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:89:65:26:8d:43:09:26:ea:2f:65:21:06:00:
                    ee:c5:fd:9f:e9:6f:b9:54:f1:5f:39:8f:cd:49:c8:
                    f2:57:57:98:0c:c0:f8:65:04:76:b7:6b:01:ba:bb:
                    cf:2a:8e:d2:f5:05:22:64:d9:e2:06:a2:60:08:e0:
                    ba:ae:cd:06:dd:73:53:6e:00:0b:dc:4f:85:23:0e:
                    1c:83:91:66:c4:87:d6:33:cc:9a:09:2e:89:1b:e8:
                    f1:54:01:62:f2:63:be:03:03:70:fa:a4:e1:57:84:
                    56:1b:ff:99:0e:ae:cc:09:90:e7:ab:f2:29:e7:9f:
                    68:31:fe:c2:f2:56:61:32:32:5c:c5:df:70:a7:64:
                    1e:0b:f8:f5:31:09:b3:20:47:ac:ea:d8:b9:37:ed:
                    21:a3:56:fa:1a:7d:c6:a2:73:29:d5:ef:1e:d3:9f:
                    2f:52:f1:73:4e:82:5c:85:ed:37:cf:ff:1a:95:95:
                    37:c6:15:e6:24:cb:a0:22:09:f8:c1:06:52:b5:c0:
                    26:ac:40:23:48:34:1b:82:9b:91:9c:b8:b2:a7:66:
                    3a:a3:bc:8c:b3:c5:1a:90:c1:bd:af:ef:3e:33:19:
                    57:33:c5:5a:4e:4f:9f:a6:be:b5:5a:f8:24:98:18:
                    33:63:c1:85:45:9a:16:a2:bf:2e:1d:36:41:d5:c4:
                    44:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:48:26:0F:A9:E0:49:8C:74:55:E2:F3:80:40:5A:B0:2A:E8:27:0E
            X509v3 Authority Key Identifier:
                keyid:D0:BE:67:D0:45:B3:3F:05:A5:87:15:10:39:9E:70:9C:98:F6:D7:7D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/0L5n0EWzPwWlhxUQOZ5wnJj2130.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0L5n0EWzPwWlhxUQOZ5wnJj2130.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/3E87BB4E5A6711EA9C48384CF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.134.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         33:92:46:9e:ce:c9:d0:91:aa:28:4a:73:be:0d:41:01:45:60:
         30:f3:b7:c0:57:40:4c:f6:51:ab:13:c1:28:18:70:5c:e5:2b:
         b7:8d:01:97:2c:53:04:f5:29:67:c5:39:07:b9:5c:35:67:bf:
         b7:c6:52:88:fb:28:74:88:07:12:40:9d:b4:52:e5:69:97:3c:
         0e:6b:35:53:db:66:e6:4c:c3:7b:91:96:0a:ed:e7:34:a1:17:
         42:de:84:a6:6f:4e:23:b5:d1:eb:5a:cc:9a:4b:b2:0d:31:aa:
         9b:41:ae:d3:5b:9f:8e:47:6a:c4:d9:24:40:17:88:1a:2b:5b:
         f2:2a:93:2d:df:cb:7e:d1:59:3e:3e:d5:6f:9d:4c:a1:75:76:
         7c:7e:ac:64:5d:39:63:39:75:60:e4:12:33:da:32:69:0b:22:
         e4:9f:d7:59:57:7a:0e:2a:eb:69:31:aa:8b:25:c0:6e:db:ee:
         7c:6d:24:52:91:eb:f8:b8:89:c9:ce:f2:df:3c:8d:81:3a:d2:
         93:a2:45:27:44:5b:9e:3f:fa:62:e5:74:31:37:2a:93:cd:d7:
         a1:8c:94:54:bf:5c:dc:00:4d:e5:5e:00:d4:fd:a9:b8:fc:fe:
         d0:88:f4:f8:72:c3:6d:8c:a9:fd:6d:c4:16:0c:8e:09:a2:b5:
         a5:a7:b9:16
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
NzBFRkFGMTEwLwYDVQQFEyhEMEJFNjdEMDQ1QjMzRjA1QTU4NzE1MTAzOTlFNzA5
Qzk4RjZENzdEMB4XDTIwMDIyODIwMTY0MloXDTMwMDIyODIwMTY0MlowGDEWMBQG
A1UEAxMNNWU1OTc1MmYtYWVmZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyJZSaNQwkm6i9lIQYA7sX9n+lvuVTxXzmPzUnI8ldXmAzA+GUEdrdrAbq7
zyqO0vUFImTZ4gaiYAjguq7NBt1zU24AC9xPhSMOHIORZsSH1jPMmgkuiRvo8VQB
YvJjvgMDcPqk4VeEVhv/mQ6uzAmQ56vyKeefaDH+wvJWYTIyXMXfcKdkHgv49TEJ
syBHrOrYuTftIaNW+hp9xqJzKdXvHtOfL1Lxc06CXIXtN8//GpWVN8YV5iTLoCIJ
+MEGUrXAJqxAI0g0G4KbkZy4sqdmOqO8jLPFGpDBva/vPjMZVzPFWk5Pn6a+tVr4
JJgYM2PBhUWaFqK/Lh02QdXERIUCAwEAAaOCAm4wggJqMB0GA1UdDgQWBBTnSCYP
qeBJjHRV4vOAQFqwKugnDjAfBgNVHSMEGDAWgBTQvmfQRbM/BaWHFRA5nnCcmPbX
fTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjcwRUYvOEY3OThCMzI1QTY2MTFFQUJCMjE2RjRCRjhBRUEyMjgvMEw1bjBF
V3pQd1dsaHhVUU9aNXduSmoyMTMwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMEw1bjBFV3pQd1dsaHhVUU9aNXduSmoyMTMwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjcwRUYvOEY3OThCMzI1QTY2MTFFQUJCMjE2RjRCRjhB
RUEyMjgvM0U4N0JCNEU1QTY3MTFFQTlDNDgzODRDRjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZoZEMA0GCSqGSIb3DQEBCwUAA4IBAQAz
kkaezsnQkaooSnO+DUEBRWAw87fAV0BM9lGrE8EoGHBc5Su3jQGXLFME9SlnxTkH
uVw1Z7+3xlKI+yh0iAcSQJ20UuVplzwOazVT22bmTMN7kZYK7ec0oRdC3oSmb04j
tdHrWsyaS7INMaqbQa7TW5+OR2rE2SRAF4gaK1vyKpMt38t+0Vk+PtVvnUyhdXZ8
fqxkXTljOXVg5BIz2jJpCyLkn9dZV3oOKutpMaqLJcBu2+58bSRSkev4uInJzvLf
PI2BOtKTokUnRFueP/pi5XQxNyqTzdehjJRUv1zcAE3lXgDU/am4/P7QiPT4csNt
jKn9bcQWDI4JorWlp7kW
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:14 2024 by rpki-client on console-fra.rpki-client.org