Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/7F048B62439F11EB9C0BC24DF8AEA228.roa
File:                     7F048B62439F11EB9C0BC24DF8AEA228.roa (raw, json)
Hash identifier:          06HjzJUfLQnr3VKopWSyRxV1nWNqt+gwC+wb8K/XySs=
Subject key identifier:   D8:85:02:54:66:69:8B:18:9A:B9:62:0A:B1:3A:A3:0B:9B:D0:D8:E4
Certificate issuer:       /CN=F36CAE5AAF/serialNumber=0646A998D6CD5D5BEEB50F4C9291315536F7C5B4
Certificate serial:       02
Authority key identifier: 06:46:A9:98:D6:CD:5D:5B:EE:B5:0F:4C:92:91:31:55:36:F7:C5:B4
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/BkapmNbNXVvutQ9MkpExVTb3xbQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/7F048B62439F11EB9C0BC24DF8AEA228.roa
Signing time:             Mon 21 Dec 2020 15:16:28 +0000
ROA not before:           Mon 21 Dec 2020 15:16:22 +0000
ROA not after:            Fri 31 Jan 2025 15:16:22 +0000
asID:                     328496
IP address blocks:        102.68.70.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/BkapmNbNXVvutQ9MkpExVTb3xbQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/BkapmNbNXVvutQ9MkpExVTb3xbQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/BkapmNbNXVvutQ9MkpExVTb3xbQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36CAE5AAF/serialNumber=0646A998D6CD5D5BEEB50F4C9291315536F7C5B4
        Validity
            Not Before: Dec 21 15:16:22 2020 GMT
            Not After : Jan 31 15:16:22 2025 GMT
        Subject: CN=5fe0bc4c-bcf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b3:c2:c2:09:ff:a2:31:10:2f:0f:83:00:c6:
                    b5:c1:ab:e9:a0:fb:46:a7:7b:29:49:b2:15:10:4b:
                    ad:12:cf:2a:1a:19:04:6d:33:f3:ba:d0:2a:9b:25:
                    80:99:12:e1:1f:4d:eb:66:28:ee:21:ee:02:db:86:
                    5e:06:77:24:f4:bb:45:cc:9e:e2:d9:cc:0e:24:d7:
                    b7:26:cc:5f:36:71:b4:3e:62:b7:d7:b5:c6:a9:fe:
                    76:18:30:96:67:39:ca:51:41:63:cc:10:af:1a:8f:
                    5b:18:7e:95:91:b8:ab:1d:66:3f:d5:53:70:0a:69:
                    07:ac:49:b6:a9:37:ca:e5:5f:e7:74:e2:3d:e9:12:
                    b1:c7:0e:9b:fa:7e:27:83:2c:ce:87:af:be:fb:f1:
                    b5:65:3e:7f:37:4e:d9:ba:9c:a9:ec:aa:89:80:95:
                    9e:91:01:21:5a:c3:63:28:2c:e4:3f:ce:fe:cc:a4:
                    1b:75:78:b5:45:e8:22:44:4b:c4:4a:19:5b:c2:ea:
                    11:7d:70:2e:71:45:e8:a6:b9:af:de:52:93:67:bd:
                    00:7b:d2:9c:32:8c:76:9b:a9:e1:c0:6b:f4:0d:76:
                    28:00:23:db:91:c0:36:72:c0:0e:89:3e:0d:a7:6b:
                    51:d3:10:f7:6d:c8:c3:94:4d:e5:ef:c3:e2:b3:36:
                    d2:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:85:02:54:66:69:8B:18:9A:B9:62:0A:B1:3A:A3:0B:9B:D0:D8:E4
            X509v3 Authority Key Identifier:
                keyid:06:46:A9:98:D6:CD:5D:5B:EE:B5:0F:4C:92:91:31:55:36:F7:C5:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/BkapmNbNXVvutQ9MkpExVTb3xbQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/BkapmNbNXVvutQ9MkpExVTb3xbQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CAE5A/92819FDE439C11EBB864D94AF8AEA228/7F048B62439F11EB9C0BC24DF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.68.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:4a:78:99:7d:3d:16:6e:e0:d7:72:a3:1b:90:4b:16:ef:ab:
         23:42:3a:ba:2e:f0:03:ca:32:ab:8b:a8:58:41:cd:8c:e3:d6:
         f0:7a:45:d0:fc:d1:01:3f:81:fa:71:54:60:da:dc:27:aa:6e:
         40:37:e4:fb:9c:9a:90:35:b6:14:7d:ac:59:e8:19:11:9a:d1:
         b9:16:82:90:aa:e3:fc:4f:5d:e2:c5:c2:13:e0:98:97:6f:f9:
         c1:23:19:45:4c:e6:45:54:c9:53:49:a3:3a:8d:1e:db:02:ab:
         19:0b:0f:5e:d2:f4:9a:92:8a:5f:a0:06:6f:dd:0b:26:c9:54:
         fa:df:9a:90:bb:da:25:5f:0f:b1:5e:db:90:4a:24:ef:a3:d8:
         43:08:4a:bd:43:44:38:0f:e7:6c:09:7d:c6:91:43:a1:8c:a0:
         5d:e9:fa:24:52:da:22:8d:b7:91:69:c1:3c:e0:49:04:b4:1b:
         0a:17:62:90:f7:04:dc:5f:d9:b2:7b:64:39:22:4d:34:53:88:
         43:78:a0:fb:f7:ee:cf:3b:10:65:67:be:52:ce:ae:ef:c2:a0:
         93:7e:c3:db:b9:2d:20:2e:17:ff:75:a0:57:68:a5:ce:16:6f:
         a0:9d:42:17:fc:71:84:bd:8b:6d:cd:d9:cd:8b:7f:70:99:ad:
         83:f9:72:7b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
QUU1QUFGMTEwLwYDVQQFEygwNjQ2QTk5OEQ2Q0Q1RDVCRUVCNTBGNEM5MjkxMzE1
NTM2RjdDNUI0MB4XDTIwMTIyMTE1MTYyMloXDTI1MDEzMTE1MTYyMlowGDEWMBQG
A1UEAxMNNWZlMGJjNGMtYmNmOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGzwsIJ/6IxEC8PgwDGtcGr6aD7Rqd7KUmyFRBLrRLPKhoZBG0z87rQKpsl
gJkS4R9N62Yo7iHuAtuGXgZ3JPS7Rcye4tnMDiTXtybMXzZxtD5it9e1xqn+dhgw
lmc5ylFBY8wQrxqPWxh+lZG4qx1mP9VTcAppB6xJtqk3yuVf53TiPekSsccOm/p+
J4MszoevvvvxtWU+fzdO2bqcqeyqiYCVnpEBIVrDYygs5D/O/sykG3V4tUXoIkRL
xEoZW8LqEX1wLnFF6Ka5r95Sk2e9AHvSnDKMdpup4cBr9A12KAAj25HANnLADok+
DadrUdMQ923Iw5RN5e/D4rM20tsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTYhQJU
ZmmLGJq5YgqxOqMLm9DY5DAfBgNVHSMEGDAWgBQGRqmY1s1dW+61D0ySkTFVNvfF
tDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0FFNUEvOTI4MTlGREU0MzlDMTFFQkI4NjREOTRBRjhBRUEyMjgvQmthcG1O
Yk5YVnZ1dFE5TWtwRXhWVGIzeGJRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQmthcG1OYk5YVnZ1dFE5TWtwRXhWVGIzeGJRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0FFNUEvOTI4MTlGREU0MzlDMTFFQkI4NjREOTRBRjhB
RUEyMjgvN0YwNDhCNjI0MzlGMTFFQjlDMEJDMjRERjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGZERjANBgkqhkiG9w0BAQsF
AAOCAQEApUp4mX09Fm7g13KjG5BLFu+rI0I6ui7wA8oyq4uoWEHNjOPW8HpF0PzR
AT+B+nFUYNrcJ6puQDfk+5yakDW2FH2sWegZEZrRuRaCkKrj/E9d4sXCE+CYl2/5
wSMZRUzmRVTJU0mjOo0e2wKrGQsPXtL0mpKKX6AGb90LJslU+t+akLvaJV8PsV7b
kEok76PYQwhKvUNEOA/nbAl9xpFDoYygXen6JFLaIo23kWnBPOBJBLQbChdikPcE
3F/ZsntkOSJNNFOIQ3ig+/fuzzsQZWe+Us6u78Kgk37D27ktIC4X/3WgV2ilzhZv
oJ1CF/xxhL2Lbc3ZzYt/cJmtg/lyew==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:26 2024 by rpki-client on console-ams.rpki-client.org