Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/BB347E28DAEB11EC81FC9691F1222468.roa
File:                     BB347E28DAEB11EC81FC9691F1222468.roa (raw, json)
Hash identifier:          6gsgx7DxEzqoXkYw7Xs1C83YWv7zKqmZvViXYneFQZg=
Subject key identifier:   91:07:09:50:EB:35:D2:50:F1:17:04:C9:64:99:E7:4D:79:EB:B8:46
Certificate issuer:       /CN=F36FAF9BAF/serialNumber=627533ECBAB7D89BD9570B20054666053669A759
Certificate serial:       016A
Authority key identifier: 62:75:33:EC:BA:B7:D8:9B:D9:57:0B:20:05:46:66:05:36:69:A7:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/BB347E28DAEB11EC81FC9691F1222468.roa
Signing time:             Mon 23 May 2022 22:57:34 +0000
ROA not before:           Mon 23 May 2022 22:57:29 +0000
ROA not after:            Sun 23 May 2027 22:57:29 +0000
asID:                     328861
IP address blocks:        102.219.221.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.mft
                          rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 362 (0x16a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FAF9BAF/serialNumber=627533ECBAB7D89BD9570B20054666053669A759
        Validity
            Not Before: May 23 22:57:29 2022 GMT
            Not After : May 23 22:57:29 2027 GMT
        Subject: CN=628c115d-61a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ad:5b:af:95:7d:f6:8c:57:af:23:ab:43:6c:
                    99:ae:15:d1:89:51:90:d4:49:d5:35:28:45:6a:0d:
                    fa:f9:45:5d:74:82:fe:02:1f:84:e9:16:58:95:d7:
                    a9:26:87:ad:17:6d:97:33:7c:58:71:7a:a1:3d:7a:
                    a7:82:af:72:bb:e5:10:79:21:b0:cb:69:dd:b6:c7:
                    d7:05:08:05:01:9d:13:85:ac:4d:8f:4c:63:d3:cb:
                    0d:0f:b3:4c:46:1e:6e:7e:aa:94:9d:3b:f7:7d:7d:
                    4f:23:f6:ab:db:9f:25:6a:6a:20:52:66:ea:eb:8f:
                    28:e5:d6:96:43:c7:4a:8d:29:ad:36:da:fe:87:6e:
                    4f:78:07:1e:79:87:2e:87:f7:95:18:22:79:9e:1e:
                    48:8e:2a:d6:91:47:03:82:ac:9c:2c:c3:0d:a5:63:
                    8f:a7:cb:08:8f:6f:7a:e4:70:31:10:6a:a5:07:90:
                    2f:d7:30:c6:d7:4e:31:74:9b:85:32:52:ce:a2:38:
                    49:b3:5e:ff:df:a1:63:c2:21:96:83:f2:b5:83:96:
                    4c:2e:ac:ca:ab:86:41:83:5b:f4:5b:c0:fa:b0:ca:
                    9b:ac:a4:07:73:c7:ba:ee:12:3c:82:7d:7f:05:16:
                    73:c1:d8:f7:81:4d:9b:4e:99:a9:42:ae:85:ef:21:
                    89:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:07:09:50:EB:35:D2:50:F1:17:04:C9:64:99:E7:4D:79:EB:B8:46
            X509v3 Authority Key Identifier:
                keyid:62:75:33:EC:BA:B7:D8:9B:D9:57:0B:20:05:46:66:05:36:69:A7:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/BB347E28DAEB11EC81FC9691F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.219.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:fd:36:71:ae:ba:a6:04:07:74:6a:2f:0a:a7:05:23:29:96:
         b1:99:31:2c:2f:e4:cb:9b:a4:7d:1e:fd:43:71:65:f2:4f:7a:
         72:29:57:1c:c1:3f:18:fb:fc:72:fe:3b:43:fe:71:22:4d:ee:
         f6:db:6e:e7:c1:28:73:99:01:44:b0:6a:5b:8a:62:3c:e3:6a:
         de:49:c0:61:26:43:1d:2f:06:84:bf:58:af:b2:81:81:2a:71:
         dc:a6:cd:ab:34:1a:8d:c5:56:05:89:eb:f5:00:82:aa:6c:c4:
         c0:63:13:38:f5:08:ca:61:5a:91:ee:c6:9b:82:70:c7:be:78:
         dc:b4:9f:5f:9c:91:d3:12:70:60:35:31:f9:c0:6a:d3:6d:56:
         bd:ec:22:31:18:41:50:93:f7:a3:47:4a:83:7f:28:0d:cd:d1:
         38:06:3a:7c:cf:47:97:8e:af:4f:fa:71:86:c7:b2:1a:28:df:
         ab:09:97:f8:92:ef:ab:5b:ea:15:1b:23:44:77:fe:8d:00:63:
         9e:be:aa:1a:97:44:8d:00:54:ca:6a:52:d3:2a:aa:04:86:da:
         8e:79:5a:49:3d:f1:96:81:88:bc:a5:78:eb:33:99:f4:79:8d:
         06:4a:19:b3:87:5c:5d:53:fa:87:04:72:2e:87:cd:06:2d:40:
         ae:23:e4:26
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAWowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkFGOUJBRjExMC8GA1UEBRMoNjI3NTMzRUNCQUI3RDg5QkQ5NTcwQjIwMDU0NjY2
MDUzNjY5QTc1OTAeFw0yMjA1MjMyMjU3MjlaFw0yNzA1MjMyMjU3MjlaMBgxFjAU
BgNVBAMMDTYyOGMxMTVkLTYxYTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDjrVuvlX32jFevI6tDbJmuFdGJUZDUSdU1KEVqDfr5RV10gv4CH4TpFliV
16kmh60XbZczfFhxeqE9eqeCr3K75RB5IbDLad22x9cFCAUBnROFrE2PTGPTyw0P
s0xGHm5+qpSdO/d9fU8j9qvbnyVqaiBSZurrjyjl1pZDx0qNKa022v6Hbk94Bx55
hy6H95UYInmeHkiOKtaRRwOCrJwsww2lY4+nywiPb3rkcDEQaqUHkC/XMMbXTjF0
m4UyUs6iOEmzXv/foWPCIZaD8rWDlkwurMqrhkGDW/RbwPqwypuspAdzx7ruEjyC
fX8FFnPB2PeBTZtOmalCroXvIYnFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUkQcJ
UOs10lDxFwTJZJnnTXnruEYwHwYDVR0jBBgwFoAUYnUz7Lq32JvZVwsgBUZmBTZp
p1kwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBRjlCLzVFMjZCNzlDQ0MyNzExRUJBNEVBMTYyN0Y4QUVBMjI4L1luVXo3
THEzMkp2WlZ3c2dCVVptQlRacHAxay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1luVXo3THEzMkp2WlZ3c2dCVVptQlRacHAxay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZBRjlCLzVFMjZCNzlDQ0MyNzExRUJBNEVBMTYyN0Y4
QUVBMjI4L0JCMzQ3RTI4REFFQjExRUM4MUZDOTY5MUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm290wDQYJKoZIhvcNAQEL
BQADggEBABv9NnGuuqYEB3RqLwqnBSMplrGZMSwv5MubpH0e/UNxZfJPenIpVxzB
Pxj7/HL+O0P+cSJN7vbbbufBKHOZAUSwaluKYjzjat5JwGEmQx0vBoS/WK+ygYEq
cdymzas0Go3FVgWJ6/UAgqpsxMBjEzj1CMphWpHuxpuCcMe+eNy0n1+ckdMScGA1
MfnAatNtVr3sIjEYQVCT96NHSoN/KA3N0TgGOnzPR5eOr0/6cYbHshoo36sJl/iS
76tb6hUbI0R3/o0AY56+qhqXRI0AVMpqUtMqqgSG2o55Wkk98ZaBiLyleOszmfR5
jQZKGbOHXF1T+ocEci6HzQYtQK4j5CY=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:19:18 2024 by rpki-client on console-ams.rpki-client.org