Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D289C/FB7081DCA87411E9AC77AB45F8AEA228/A0E9DAA4546F11EA84947680F8AEA228.roa
File:                     A0E9DAA4546F11EA84947680F8AEA228.roa (raw, json)
Hash identifier:          VSbJ5+e36scNfsENUglAmdTcegGZMGRFkut8nkfKCzU=
Subject key identifier:   29:C0:29:29:2E:E4:AF:E3:33:6F:2C:BE:F8:97:0C:AC:0B:F8:3B:78
Certificate issuer:       /CN=F36D289CAF/serialNumber=15480AC3E7637CF2A7B6887AFD51A53F03E6AD47
Certificate serial:       E3
Authority key identifier: 15:48:0A:C3:E7:63:7C:F2:A7:B6:88:7A:FD:51:A5:3F:03:E6:AD:47
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/FUgKw-djfPKntoh6_VGlPwPmrUc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D289C/FB7081DCA87411E9AC77AB45F8AEA228/A0E9DAA4546F11EA84947680F8AEA228.roa
Signing time:             Fri 21 Feb 2020 06:01:41 +0000
ROA not before:           Fri 21 Feb 2020 06:01:26 +0000
ROA not after:            Fri 28 Feb 2025 06:01:26 +0000
asID:                     327754
IP address blocks:        102.223.240.0/23 maxlen: 24
                          154.73.208.0/21 maxlen: 24
                          2c0f:f508::/32 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D289C/FB7081DCA87411E9AC77AB45F8AEA228/FUgKw-djfPKntoh6_VGlPwPmrUc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D289C/FB7081DCA87411E9AC77AB45F8AEA228/FUgKw-djfPKntoh6_VGlPwPmrUc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/FUgKw-djfPKntoh6_VGlPwPmrUc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 227 (0xe3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D289CAF/serialNumber=15480AC3E7637CF2A7B6887AFD51A53F03E6AD47
        Validity
            Not Before: Feb 21 06:01:26 2020 GMT
            Not After : Feb 28 06:01:26 2025 GMT
        Subject: CN=5e4f7245-1d40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b4:5a:73:30:61:16:d6:d5:9e:7b:1e:44:cb:
                    3a:0b:15:50:41:0c:9f:32:ca:78:bd:ab:dc:8f:1a:
                    29:e9:e4:df:16:5b:61:69:3a:ca:28:4b:90:ac:17:
                    49:d1:91:a9:24:0a:e0:3f:28:b7:db:48:36:a9:3f:
                    17:c8:f5:21:06:cd:a2:8e:5e:97:b8:bc:f0:d0:0a:
                    42:56:32:a9:fc:5c:45:53:53:1a:f6:5a:09:1d:a2:
                    13:7f:c0:07:1a:a1:33:fa:0f:66:6a:af:04:cb:dc:
                    19:5d:c7:d6:f6:4a:7e:6f:8f:24:0b:a7:c4:45:6b:
                    5b:24:d1:c3:56:0c:40:a5:b8:17:9a:31:05:64:d7:
                    84:98:fc:52:0d:46:26:af:2b:7e:fa:9e:2a:54:2e:
                    01:a6:7a:75:cd:b6:96:ba:4d:8c:57:19:f4:14:60:
                    5f:ff:df:41:47:1b:6d:1d:b2:31:8c:f8:48:a8:50:
                    28:9a:a9:76:24:d5:b5:d4:6a:17:f0:57:e3:ff:e3:
                    b5:09:7b:a5:f3:ee:93:e3:0b:99:58:60:d9:5e:a1:
                    1a:a9:c8:84:0c:66:65:f5:7d:d5:9c:ab:79:b9:be:
                    35:f0:23:88:49:87:6a:fd:10:08:91:b3:d7:40:28:
                    5c:0b:07:90:95:90:ac:8f:ad:56:4f:96:26:3e:0c:
                    84:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:C0:29:29:2E:E4:AF:E3:33:6F:2C:BE:F8:97:0C:AC:0B:F8:3B:78
            X509v3 Authority Key Identifier:
                keyid:15:48:0A:C3:E7:63:7C:F2:A7:B6:88:7A:FD:51:A5:3F:03:E6:AD:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D289C/FB7081DCA87411E9AC77AB45F8AEA228/FUgKw-djfPKntoh6_VGlPwPmrUc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/FUgKw-djfPKntoh6_VGlPwPmrUc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D289C/FB7081DCA87411E9AC77AB45F8AEA228/A0E9DAA4546F11EA84947680F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.223.240.0/23
                  154.73.208.0/21
                IPv6:
                  2c0f:f508::/32

    Signature Algorithm: sha256WithRSAEncryption
         00:cb:60:43:e3:ab:eb:23:0a:2f:ac:62:32:51:5e:23:d4:ab:
         75:a1:eb:be:c7:82:e8:48:d4:00:70:19:d3:a0:94:9c:24:7b:
         e6:d8:c6:60:e1:5d:c0:68:be:49:7a:3d:11:c2:e7:d6:be:23:
         f5:c1:b2:15:ab:fc:ab:a2:38:60:47:3e:39:da:19:df:91:83:
         64:c9:59:32:54:1f:49:f0:df:ee:8b:81:a1:a2:42:60:0a:e0:
         9e:97:a4:74:b3:86:60:88:e7:a6:b6:3a:ca:27:4c:34:61:62:
         de:0f:90:00:e6:d2:39:12:cc:ac:27:9e:14:67:9f:b1:01:06:
         9f:3f:87:3b:7c:b9:72:0e:68:ab:ea:e3:35:5f:fe:6d:0f:1c:
         dd:89:f6:b2:69:66:03:51:95:4d:e1:62:ff:ab:37:fb:95:9c:
         2d:8c:02:c7:7b:13:f6:ff:15:fa:f5:b8:b5:ae:7b:87:8e:73:
         1e:4d:01:50:f7:55:ce:78:d8:ed:fe:bf:da:c9:bc:f7:99:48:
         0f:e3:1b:d6:cd:d9:98:f6:19:8a:34:c5:84:b8:20:64:0f:b1:
         08:f7:67:a2:cb:8e:82:05:76:fd:a2:7a:2c:2c:04:91:d8:54:
         50:e4:60:52:f4:3c:ce:ee:9d:6a:79:e4:4f:c1:c4:47:db:c7:
         18:0c:6f:47
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgICAOMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDI4OUNBRjExMC8GA1UEBRMoMTU0ODBBQzNFNzYzN0NGMkE3QjY4ODdBRkQ1MUE1
M0YwM0U2QUQ0NzAeFw0yMDAyMjEwNjAxMjZaFw0yNTAyMjgwNjAxMjZaMBgxFjAU
BgNVBAMTDTVlNGY3MjQ1LTFkNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCstFpzMGEW1tWeex5EyzoLFVBBDJ8yyni9q9yPGinp5N8WW2FpOsooS5Cs
F0nRkakkCuA/KLfbSDapPxfI9SEGzaKOXpe4vPDQCkJWMqn8XEVTUxr2WgkdohN/
wAcaoTP6D2ZqrwTL3Bldx9b2Sn5vjyQLp8RFa1sk0cNWDECluBeaMQVk14SY/FIN
RiavK376nipULgGmenXNtpa6TYxXGfQUYF//30FHG20dsjGM+EioUCiaqXYk1bXU
ahfwV+P/47UJe6Xz7pPjC5lYYNleoRqpyIQMZmX1fdWcq3m5vjXwI4hJh2r9EAiR
s9dAKFwLB5CVkKyPrVZPliY+DIRvAgMBAAGjggKDMIICfzAdBgNVHQ4EFgQUKcAp
KS7kr+Mzbyy++JcMrAv4O3gwHwYDVR0jBBgwFoAUFUgKw+djfPKntoh6/VGlPwPm
rUcwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQyODlDL0ZCNzA4MURDQTg3NDExRTlBQzc3QUI0NUY4QUVBMjI4L0ZVZ0t3
LWRqZlBLbnRvaDZfVkdsUHdQbXJVYy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0ZVZ0t3LWRqZlBLbnRvaDZfVkdsUHdQbXJVYy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQyODlDL0ZCNzA4MURDQTg3NDExRTlBQzc3QUI0NUY4
QUVBMjI4L0EwRTlEQUE0NTQ2RjExRUE4NDk0NzY4MEY4QUVBMjI4LnJvYTA0Bggr
BgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAWbf8AMEA5pJ0DANBAIAAjAHAwUALA/1
CDANBgkqhkiG9w0BAQsFAAOCAQEAAMtgQ+Or6yMKL6xiMlFeI9SrdaHrvseC6EjU
AHAZ06CUnCR75tjGYOFdwGi+SXo9EcLn1r4j9cGyFav8q6I4YEc+OdoZ35GDZMlZ
MlQfSfDf7ouBoaJCYArgnpekdLOGYIjnprY6yidMNGFi3g+QAObSORLMrCeeFGef
sQEGnz+HO3y5cg5oq+rjNV/+bQ8c3Yn2smlmA1GVTeFi/6s3+5WcLYwCx3sT9v8V
+vW4ta57h45zHk0BUPdVznjY7f6/2sm895lID+Mb1s3ZmPYZijTFhLggZA+xCPdn
osuOggV2/aJ6LCwEkdhUUORgUvQ8zu6dannkT8HER9vHGAxvRw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:18 2024 by rpki-client on console-fra.rpki-client.org