Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/5561B7F8DAED11ECA54A8396F1222468.roa
File:                     5561B7F8DAED11ECA54A8396F1222468.roa (raw, json)
Hash identifier:          vLjSdhCmLer54968GqLaX3fP0+rzPHJ4Ex+Bjc7yIXY=
Subject key identifier:   39:C1:90:EF:37:65:8A:43:CC:68:71:9F:D3:59:4C:4A:A8:DE:2A:E3
Certificate issuer:       /CN=F36FAF9BAF/serialNumber=627533ECBAB7D89BD9570B20054666053669A759
Certificate serial:       016C
Authority key identifier: 62:75:33:EC:BA:B7:D8:9B:D9:57:0B:20:05:46:66:05:36:69:A7:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/5561B7F8DAED11ECA54A8396F1222468.roa
Signing time:             Mon 23 May 2022 23:09:02 +0000
ROA not before:           Tue 24 May 2022 23:08:58 +0000
ROA not after:            Sun 23 May 2027 23:08:58 +0000
asID:                     328861
IP address blocks:        102.219.222.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.mft
                          rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 364 (0x16c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FAF9BAF/serialNumber=627533ECBAB7D89BD9570B20054666053669A759
        Validity
            Not Before: May 24 23:08:58 2022 GMT
            Not After : May 23 23:08:58 2027 GMT
        Subject: CN=628c140e-be24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:86:f7:41:0a:74:4a:26:c5:2a:b0:bc:19:5f:
                    02:11:36:d2:7c:3b:3d:ea:2a:6d:4d:12:5d:53:6e:
                    80:24:b3:2d:08:81:fb:9a:14:7f:ad:73:b2:0f:46:
                    7e:40:c6:4a:d3:cb:06:c7:9f:3f:9a:09:ce:83:50:
                    ca:f7:24:7e:ea:2b:1b:c0:61:39:3f:3e:9a:e1:11:
                    b0:66:04:ba:c5:ed:5b:34:42:08:32:8e:de:bd:78:
                    5e:ac:03:0f:d3:1e:89:fa:68:12:43:16:cf:87:e3:
                    b5:b5:89:b2:25:a2:29:46:b4:48:6e:75:d2:31:eb:
                    9f:9d:c6:c2:21:fe:61:1e:76:77:59:13:f5:19:eb:
                    cb:86:33:08:76:44:b1:13:ca:1c:6d:87:68:a0:c8:
                    6e:28:d6:f8:ab:fa:4a:9e:05:96:1c:34:94:aa:c3:
                    7e:1d:cb:b0:ba:52:bc:9a:bd:d1:47:0f:a4:fd:9d:
                    b2:8d:ee:c2:57:53:2c:2c:b3:71:1c:1f:ac:c8:0f:
                    c3:21:1d:7a:8e:3d:41:32:67:97:69:20:4b:e1:fa:
                    2f:4b:97:7b:6e:98:ec:12:c1:e3:c2:33:e0:72:b0:
                    db:8b:73:57:76:f8:2b:91:20:74:e6:8f:e1:9b:e3:
                    73:6c:13:52:5c:14:09:22:55:10:4c:80:f8:38:17:
                    34:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:C1:90:EF:37:65:8A:43:CC:68:71:9F:D3:59:4C:4A:A8:DE:2A:E3
            X509v3 Authority Key Identifier:
                keyid:62:75:33:EC:BA:B7:D8:9B:D9:57:0B:20:05:46:66:05:36:69:A7:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/5561B7F8DAED11ECA54A8396F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.219.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:a7:d1:5d:12:d1:5b:0e:d0:c4:af:98:3a:3f:19:65:fa:16:
         62:fb:1a:eb:71:8f:04:11:5d:b1:48:32:d0:fe:72:50:50:26:
         31:66:ce:e8:eb:b6:66:72:b3:3a:d4:e9:7d:36:f2:9d:6b:99:
         a6:8c:b4:af:55:69:4d:54:9b:4a:df:9b:d8:51:65:36:98:f8:
         39:88:d0:f2:17:28:fa:c9:24:16:e0:f4:44:dc:c1:51:3d:65:
         69:26:0d:35:76:cf:a9:21:ef:89:e8:5c:fe:53:3b:21:f2:99:
         82:7c:28:5d:51:f7:5f:c0:d8:fc:97:14:11:7a:b2:80:3c:8f:
         e5:ca:5a:12:58:7f:38:61:f5:fd:3a:ee:79:ec:2e:68:3f:fc:
         67:b4:50:d5:50:21:01:f6:a4:fc:60:f0:ca:6d:81:ee:91:c5:
         65:7d:2a:bb:6f:6c:33:2d:4c:7b:c8:82:35:cb:44:72:06:42:
         02:7b:ff:25:43:76:0d:90:a3:bc:a1:53:43:01:03:1b:b2:a4:
         f3:ee:fb:92:1c:68:99:d2:30:3c:f0:45:72:5d:ff:e9:ea:55:
         bc:b6:07:51:ea:f8:ff:a1:40:33:d6:45:93:32:2a:00:59:5b:
         ca:2f:b0:19:2d:a3:67:cf:87:43:34:6c:dc:2a:af:56:50:40:
         e3:04:e6:31
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAWwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkFGOUJBRjExMC8GA1UEBRMoNjI3NTMzRUNCQUI3RDg5QkQ5NTcwQjIwMDU0NjY2
MDUzNjY5QTc1OTAeFw0yMjA1MjQyMzA4NThaFw0yNzA1MjMyMzA4NThaMBgxFjAU
BgNVBAMMDTYyOGMxNDBlLWJlMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+hvdBCnRKJsUqsLwZXwIRNtJ8Oz3qKm1NEl1TboAksy0IgfuaFH+tc7IP
Rn5AxkrTywbHnz+aCc6DUMr3JH7qKxvAYTk/PprhEbBmBLrF7Vs0Qggyjt69eF6s
Aw/THon6aBJDFs+H47W1ibIloilGtEhuddIx65+dxsIh/mEedndZE/UZ68uGMwh2
RLETyhxth2igyG4o1vir+kqeBZYcNJSqw34dy7C6UryavdFHD6T9nbKN7sJXUyws
s3EcH6zID8MhHXqOPUEyZ5dpIEvh+i9Ll3tumOwSwePCM+BysNuLc1d2+CuRIHTm
j+Gb43NsE1JcFAkiVRBMgPg4FzTXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUOcGQ
7zdlikPMaHGf01lMSqjeKuMwHwYDVR0jBBgwFoAUYnUz7Lq32JvZVwsgBUZmBTZp
p1kwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBRjlCLzVFMjZCNzlDQ0MyNzExRUJBNEVBMTYyN0Y4QUVBMjI4L1luVXo3
THEzMkp2WlZ3c2dCVVptQlRacHAxay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1luVXo3THEzMkp2WlZ3c2dCVVptQlRacHAxay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZBRjlCLzVFMjZCNzlDQ0MyNzExRUJBNEVBMTYyN0Y4
QUVBMjI4LzU1NjFCN0Y4REFFRDExRUNBNTRBODM5NkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm294wDQYJKoZIhvcNAQEL
BQADggEBACOn0V0S0VsO0MSvmDo/GWX6FmL7GutxjwQRXbFIMtD+clBQJjFmzujr
tmZyszrU6X028p1rmaaMtK9VaU1Um0rfm9hRZTaY+DmI0PIXKPrJJBbg9ETcwVE9
ZWkmDTV2z6kh74noXP5TOyHymYJ8KF1R91/A2PyXFBF6soA8j+XKWhJYfzhh9f06
7nnsLmg//Ge0UNVQIQH2pPxg8Mptge6RxWV9KrtvbDMtTHvIgjXLRHIGQgJ7/yVD
dg2Qo7yhU0MBAxuypPPu+5IcaJnSMDzwRXJd/+nqVby2B1Hq+P+hQDPWRZMyKgBZ
W8ovsBkto2fPh0M0bNwqr1ZQQOME5jE=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:19:18 2024 by rpki-client on console-ams.rpki-client.org