Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/7E2AA4AC953C11ECB825FCA95A40D577.roa
File:                     7E2AA4AC953C11ECB825FCA95A40D577.roa (raw, json)
Hash identifier:          V0xEm03mcnP/23ED2cL/AoR2czYuEnqqGtBl0cqLVJY=
Subject key identifier:   F0:BC:F0:DA:6F:C3:94:D7:FB:45:83:95:C7:12:97:58:7C:3B:45:0A
Certificate issuer:       /CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
Certificate serial:       0422
Authority key identifier: FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/7E2AA4AC953C11ECB825FCA95A40D577.roa
Signing time:             Thu 24 Feb 2022 06:39:19 +0000
ROA not before:           Thu 24 Feb 2022 06:39:15 +0000
ROA not after:            Tue 24 Feb 2032 06:39:15 +0000
asID:                     327733
IP address blocks:        102.216.160.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1058 (0x422)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E373DAF/serialNumber=FD8E045884B1669EBD430AE566721D97404A6CE8
        Validity
            Not Before: Feb 24 06:39:15 2022 GMT
            Not After : Feb 24 06:39:15 2032 GMT
        Subject: CN=62172817-574a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:aa:02:a8:eb:dd:2c:92:65:a7:00:74:86:6c:
                    1b:c1:94:37:98:49:54:5d:b7:c4:7b:00:a7:a8:a6:
                    60:19:6a:56:a3:bf:bc:8b:b8:c3:0c:b4:bd:b9:65:
                    03:ce:d1:c9:eb:7a:b9:4d:a1:d0:f2:11:02:49:93:
                    c7:5c:44:e8:76:81:03:ff:eb:74:c8:84:6e:42:ce:
                    64:fd:d2:57:0d:91:76:d9:74:19:8e:80:17:03:53:
                    d0:f6:80:10:9c:f0:c3:fe:52:6f:2f:55:7d:1e:9f:
                    2b:70:f8:2e:1a:23:f9:9e:1a:aa:bb:c2:90:62:41:
                    c8:6c:ad:46:38:53:02:03:41:03:90:fd:d0:a3:dc:
                    e2:ef:ca:ad:01:1f:b2:6d:b3:a4:33:f1:dd:80:8c:
                    1f:18:98:80:d9:67:01:2b:f0:43:80:81:50:55:cd:
                    c3:2a:9e:26:9e:37:25:2b:01:7e:28:78:9c:08:18:
                    ad:17:46:aa:3e:ba:bc:1a:3e:b8:f1:8e:81:df:90:
                    da:2c:55:3f:50:44:df:96:76:b1:0b:a9:40:03:fa:
                    c0:c9:b3:0e:f1:81:41:1c:8c:34:f1:f9:99:f2:a2:
                    6f:5a:22:9c:4e:e9:6d:57:82:40:1b:99:10:f5:4a:
                    53:e9:92:2c:e5:98:f3:0e:b2:6d:f7:9f:5a:33:64:
                    19:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:BC:F0:DA:6F:C3:94:D7:FB:45:83:95:C7:12:97:58:7C:3B:45:0A
            X509v3 Authority Key Identifier:
                keyid:FD:8E:04:58:84:B1:66:9E:BD:43:0A:E5:66:72:1D:97:40:4A:6C:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/_Y4EWISxZp69QwrlZnIdl0BKbOg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_Y4EWISxZp69QwrlZnIdl0BKbOg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E373D/4D22ACD68B7311E9A49A4368F8AEA228/7E2AA4AC953C11ECB825FCA95A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.216.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:7b:c2:e7:9a:1a:af:4f:bb:49:76:b8:26:79:db:5f:7b:e4:
         04:a5:52:99:f7:2d:90:60:d6:a4:bf:5d:cc:4f:b7:d1:73:42:
         68:a1:69:b3:c4:75:b9:8c:4a:2f:62:99:57:07:de:04:8b:c5:
         90:2e:28:59:33:b8:5f:c7:5c:e7:92:8d:d1:39:1e:ec:9f:c2:
         ab:54:57:b3:af:cd:a4:74:00:64:2c:1e:33:b6:2d:c5:b7:be:
         e6:a0:80:12:52:ce:18:f8:4c:54:be:7a:0c:b1:1e:67:35:6c:
         58:15:4b:ab:0a:bc:75:d2:1d:3f:16:65:0c:14:2f:e6:f6:33:
         4a:71:8e:a6:42:3b:88:a9:f4:0b:f5:a1:d4:72:03:8d:12:60:
         68:f7:58:08:8a:b2:b1:33:05:4c:e0:c4:31:44:70:aa:72:7d:
         2b:0a:1c:92:25:6d:b1:0c:75:75:7f:8e:9f:53:17:c0:b2:04:
         85:5c:7a:23:83:90:a8:21:44:ee:ea:ae:b6:2a:c8:1e:52:98:
         77:bc:0e:b0:0a:1d:aa:95:37:58:dc:45:25:cf:d9:b4:67:5e:
         06:99:4b:a1:3f:e3:f5:00:60:cc:08:05:9d:90:81:76:98:35:
         54:09:6f:d3:c8:b4:69:2a:ac:ca:89:6a:31:dc:ba:96:43:1b:
         70:f4:a7:e7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBCIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RTM3M0RBRjExMC8GA1UEBRMoRkQ4RTA0NTg4NEIxNjY5RUJENDMwQUU1NjY3MjFE
OTc0MDRBNkNFODAeFw0yMjAyMjQwNjM5MTVaFw0zMjAyMjQwNjM5MTVaMBgxFjAU
BgNVBAMMDTYyMTcyODE3LTU3NGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9qgKo690skmWnAHSGbBvBlDeYSVRdt8R7AKeopmAZalajv7yLuMMMtL25
ZQPO0cnrerlNodDyEQJJk8dcROh2gQP/63TIhG5CzmT90lcNkXbZdBmOgBcDU9D2
gBCc8MP+Um8vVX0enytw+C4aI/meGqq7wpBiQchsrUY4UwIDQQOQ/dCj3OLvyq0B
H7Jts6Qz8d2AjB8YmIDZZwEr8EOAgVBVzcMqniaeNyUrAX4oeJwIGK0XRqo+urwa
PrjxjoHfkNosVT9QRN+WdrELqUAD+sDJsw7xgUEcjDTx+Znyom9aIpxO6W1XgkAb
mRD1SlPpkizlmPMOsm33n1ozZBn9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8Lzw
2m/DlNf7RYOVxxKXWHw7RQowHwYDVR0jBBgwFoAU/Y4EWISxZp69QwrlZnIdl0BK
bOgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4QUVBMjI4L19ZNEVX
SVN4WnA2OVF3cmxabklkbDBCS2JPZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL19ZNEVXSVN4WnA2OVF3cmxabklkbDBCS2JPZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzNzNELzREMjJBQ0Q2OEI3MzExRTlBNDlBNDM2OEY4
QUVBMjI4LzdFMkFBNEFDOTUzQzExRUNCODI1RkNBOTVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm2KAwDQYJKoZIhvcNAQEL
BQADggEBAGB7wueaGq9Pu0l2uCZ521975ASlUpn3LZBg1qS/XcxPt9FzQmihabPE
dbmMSi9imVcH3gSLxZAuKFkzuF/HXOeSjdE5HuyfwqtUV7OvzaR0AGQsHjO2LcW3
vuaggBJSzhj4TFS+egyxHmc1bFgVS6sKvHXSHT8WZQwUL+b2M0pxjqZCO4ip9Av1
odRyA40SYGj3WAiKsrEzBUzgxDFEcKpyfSsKHJIlbbEMdXV/jp9TF8CyBIVceiOD
kKghRO7qrrYqyB5SmHe8DrAKHaqVN1jcRSXP2bRnXgaZS6E/4/UAYMwIBZ2QgXaY
NVQJb9PItGkqrMqJajHcupZDG3D0p+c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:19 2024 by rpki-client on console-fra.rpki-client.org