Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/2D2708F6CC2A11EB97CFD22AF8AEA228.roa
File:                     2D2708F6CC2A11EB97CFD22AF8AEA228.roa (raw, json)
Hash identifier:          XeVu0P9Nd9zY+QntGG6Z2ZTJviS6Sz4HHhq7O1QS9sw=
Subject key identifier:   45:4E:5B:3B:C3:C7:6D:1A:7C:9B:3B:38:D3:56:95:B5:67:79:C9:72
Certificate issuer:       /CN=F36FAF9BAF/serialNumber=627533ECBAB7D89BD9570B20054666053669A759
Certificate serial:       02
Authority key identifier: 62:75:33:EC:BA:B7:D8:9B:D9:57:0B:20:05:46:66:05:36:69:A7:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/2D2708F6CC2A11EB97CFD22AF8AEA228.roa
Signing time:             Sun 13 Jun 2021 09:31:48 +0000
ROA not before:           Sun 13 Jun 2021 09:31:44 +0000
ROA not after:            Fri 12 Jun 2026 09:31:44 +0000
asID:                     328861
IP address blocks:        102.219.220.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.mft
                          rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FAF9BAF/serialNumber=627533ECBAB7D89BD9570B20054666053669A759
        Validity
            Not Before: Jun 13 09:31:44 2021 GMT
            Not After : Jun 12 09:31:44 2026 GMT
        Subject: CN=60c5d084-3f1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:66:0d:9c:7c:f4:04:29:83:59:88:9d:f7:3f:
                    ab:2f:7f:3f:73:7c:7a:25:2d:80:49:87:21:78:0f:
                    9b:2d:44:20:82:14:2c:ff:90:df:55:aa:28:49:22:
                    72:25:8b:29:79:19:de:cd:1c:e5:72:fa:ef:50:58:
                    8e:80:ae:b1:55:ca:4f:54:89:b8:b0:66:c3:50:6f:
                    84:b4:a0:d3:5b:21:29:b4:56:8c:55:58:00:33:30:
                    61:5b:12:41:91:93:eb:23:14:15:e8:53:3d:72:6d:
                    40:eb:54:67:ee:e7:25:b7:61:fd:9b:ef:35:f5:86:
                    31:9f:5c:1b:84:e5:7a:15:cd:5e:ca:85:4b:17:7b:
                    92:79:5a:f6:28:ef:47:63:96:cb:2d:3e:68:3a:05:
                    a2:9c:9d:cc:e9:7d:c1:3a:b2:87:ea:ef:a0:1e:4c:
                    0c:f2:1f:9c:06:5b:c0:42:63:7d:61:f2:3b:13:04:
                    6a:3a:a0:b5:50:38:33:37:74:9e:c3:d9:d8:60:e1:
                    d4:7c:30:3d:24:af:3f:bf:16:05:10:0a:fc:10:5a:
                    b0:56:f7:8b:05:57:22:d1:78:bd:c5:9b:7e:0b:1e:
                    a9:5c:22:1f:b0:9f:25:52:85:ed:0b:96:67:91:50:
                    9f:e7:af:71:dc:ce:16:98:93:ed:e7:ca:1f:d8:84:
                    17:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:4E:5B:3B:C3:C7:6D:1A:7C:9B:3B:38:D3:56:95:B5:67:79:C9:72
            X509v3 Authority Key Identifier:
                keyid:62:75:33:EC:BA:B7:D8:9B:D9:57:0B:20:05:46:66:05:36:69:A7:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/2D2708F6CC2A11EB97CFD22AF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.219.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8b:40:9d:05:8b:17:4f:4b:60:15:3e:21:b2:34:ee:a7:50:89:
         e7:f3:53:94:5d:74:db:21:00:02:15:41:60:62:6f:6a:f4:10:
         92:fa:95:b6:c6:fc:08:2f:e5:a2:2d:3c:a5:0b:3b:67:43:86:
         14:e4:80:35:37:29:ef:c7:14:09:c2:5d:a3:c3:1c:03:d9:af:
         59:ff:b9:b8:66:f8:07:5c:d0:ee:fb:86:c2:44:13:d3:11:b2:
         40:08:0e:e4:5b:5e:01:21:7a:aa:4f:c7:a9:3c:63:3f:d6:1b:
         88:23:47:75:19:1f:67:7e:14:1e:3d:46:45:d8:43:70:ba:ad:
         a2:2c:29:fd:c4:9d:83:4a:38:e9:05:54:2d:7d:8d:e4:6a:e1:
         cf:07:e4:74:91:d8:4d:89:42:e9:61:64:01:de:c9:02:8e:0b:
         4b:cc:4a:20:14:f6:49:9c:59:09:12:3d:bc:92:3b:a7:14:5b:
         7f:4a:2e:ff:55:e4:a9:da:55:03:82:a5:a3:bd:32:a9:95:d3:
         f1:44:14:a3:7e:0b:7a:63:fe:0d:e1:dc:75:25:bc:68:14:3e:
         68:64:ba:69:4b:75:3c:82:8b:87:38:38:15:b7:40:75:0e:af:
         13:30:24:cb:57:b0:96:e0:0e:16:4a:9d:7d:90:62:64:1d:39:
         3f:97:7a:4b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QUY5QkFGMTEwLwYDVQQFEyg2Mjc1MzNFQ0JBQjdEODlCRDk1NzBCMjAwNTQ2NjYw
NTM2NjlBNzU5MB4XDTIxMDYxMzA5MzE0NFoXDTI2MDYxMjA5MzE0NFowGDEWMBQG
A1UEAxMNNjBjNWQwODQtM2YxZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZmDZx89AQpg1mInfc/qy9/P3N8eiUtgEmHIXgPmy1EIIIULP+Q31WqKEki
ciWLKXkZ3s0c5XL671BYjoCusVXKT1SJuLBmw1BvhLSg01shKbRWjFVYADMwYVsS
QZGT6yMUFehTPXJtQOtUZ+7nJbdh/ZvvNfWGMZ9cG4TlehXNXsqFSxd7knla9ijv
R2OWyy0+aDoFopydzOl9wTqyh+rvoB5MDPIfnAZbwEJjfWHyOxMEajqgtVA4Mzd0
nsPZ2GDh1HwwPSSvP78WBRAK/BBasFb3iwVXItF4vcWbfgseqVwiH7CfJVKF7QuW
Z5FQn+evcdzOFpiT7efKH9iEF3UCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRFTls7
w8dtGnybOzjTVpW1Z3nJcjAfBgNVHSMEGDAWgBRidTPsurfYm9lXCyAFRmYFNmmn
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkFGOUIvNUUyNkI3OUNDQzI3MTFFQkE0RUExNjI3RjhBRUEyMjgvWW5VejdM
cTMySnZaVndzZ0JVWm1CVFpwcDFrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWW5VejdMcTMySnZaVndzZ0JVWm1CVFpwcDFrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkFGOUIvNUUyNkI3OUNDQzI3MTFFQkE0RUExNjI3RjhB
RUEyMjgvMkQyNzA4RjZDQzJBMTFFQjk3Q0ZEMjJBRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbb3DANBgkqhkiG9w0BAQsF
AAOCAQEAi0CdBYsXT0tgFT4hsjTup1CJ5/NTlF102yEAAhVBYGJvavQQkvqVtsb8
CC/loi08pQs7Z0OGFOSANTcp78cUCcJdo8McA9mvWf+5uGb4B1zQ7vuGwkQT0xGy
QAgO5FteASF6qk/HqTxjP9YbiCNHdRkfZ34UHj1GRdhDcLqtoiwp/cSdg0o46QVU
LX2N5GrhzwfkdJHYTYlC6WFkAd7JAo4LS8xKIBT2SZxZCRI9vJI7pxRbf0ou/1Xk
qdpVA4Klo70yqZXT8UQUo34LemP+DeHcdSW8aBQ+aGS6aUt1PIKLhzg4FbdAdQ6v
EzAky1ewluAOFkqdfZBiZB05P5d6Sw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:39:24 2024 by rpki-client on console-fra.rpki-client.org