Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/C54E19D822A311EC90664B16D8A014CE.roa
File:                     C54E19D822A311EC90664B16D8A014CE.roa (raw, json)
Hash identifier:          S4ZF6FWOA8WU+IlkBebTTGuItZqjsyF/6HiGxB7bOuM=
Subject key identifier:   80:F0:FE:BB:E9:DD:5A:03:73:69:88:E9:46:B0:3C:B4:E6:08:DC:D3
Certificate issuer:       /CN=F36FAF9BAF/serialNumber=627533ECBAB7D89BD9570B20054666053669A759
Certificate serial:       7A
Authority key identifier: 62:75:33:EC:BA:B7:D8:9B:D9:57:0B:20:05:46:66:05:36:69:A7:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/C54E19D822A311EC90664B16D8A014CE.roa
Signing time:             Fri 01 Oct 2021 10:38:53 +0000
ROA not before:           Fri 01 Oct 2021 10:38:45 +0000
ROA not after:            Thu 01 Oct 2026 10:38:45 +0000
asID:                     328861
IP address blocks:        102.219.223.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.mft
                          rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122 (0x7a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FAF9BAF/serialNumber=627533ECBAB7D89BD9570B20054666053669A759
        Validity
            Not Before: Oct  1 10:38:45 2021 GMT
            Not After : Oct  1 10:38:45 2026 GMT
        Subject: CN=6156e53d-be70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:36:d3:a5:8c:4d:c0:8e:d2:a1:2f:bf:66:ea:
                    fc:91:4f:70:0a:62:21:cd:0a:39:1b:ce:82:32:c7:
                    8e:f3:7a:95:35:ef:79:ba:61:78:94:39:5c:40:3e:
                    0b:37:72:80:2a:96:29:68:1a:66:73:f7:6f:4e:2f:
                    e7:77:04:ce:10:0f:fa:65:aa:bc:f7:29:57:cd:fe:
                    35:b1:5a:8f:ba:2a:a8:5b:64:a1:97:27:bb:b0:39:
                    3e:35:a0:09:dc:85:5a:98:69:3e:a8:1d:48:64:49:
                    c2:b6:a9:ba:d3:13:ed:b2:ff:49:82:04:c3:90:fd:
                    39:43:d6:74:10:ea:77:8d:d4:51:c0:94:7a:99:8a:
                    81:b4:c5:6b:ec:82:43:64:6e:c3:1d:39:5b:71:82:
                    94:bd:e4:6e:69:ec:66:0a:ad:5c:67:55:69:f0:57:
                    f3:fe:37:ef:c3:e7:7a:d2:91:9c:d0:85:89:af:aa:
                    13:8b:43:6d:1b:d0:d6:68:da:7e:21:76:f6:20:cf:
                    ac:a2:e3:fc:c6:7f:3d:34:10:c0:9c:91:a5:59:b6:
                    1b:78:6a:23:74:2d:ee:b2:ea:75:d5:2c:93:88:63:
                    cf:0e:8e:f4:17:34:fd:ad:b1:95:a6:08:e8:c8:c0:
                    57:db:d2:32:ce:bc:f9:c7:ad:3f:d5:5c:28:c9:19:
                    f7:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:F0:FE:BB:E9:DD:5A:03:73:69:88:E9:46:B0:3C:B4:E6:08:DC:D3
            X509v3 Authority Key Identifier:
                keyid:62:75:33:EC:BA:B7:D8:9B:D9:57:0B:20:05:46:66:05:36:69:A7:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/YnUz7Lq32JvZVwsgBUZmBTZpp1k.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YnUz7Lq32JvZVwsgBUZmBTZpp1k.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FAF9B/5E26B79CCC2711EBA4EA1627F8AEA228/C54E19D822A311EC90664B16D8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.219.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:11:76:6c:cb:c9:f5:6b:57:58:e1:16:6d:42:08:49:48:34:
         4a:fe:ae:fc:0f:e5:3b:c1:b6:a8:33:fb:50:c5:37:94:84:9f:
         68:fa:6d:c8:ed:b6:6f:f9:ac:0a:4d:27:d7:7f:0e:39:19:fa:
         bf:39:0c:5f:e1:1a:a7:20:ac:31:eb:20:cc:94:b1:17:ad:4d:
         ee:41:04:25:ee:29:b5:9d:45:5a:6d:fe:09:98:a9:b7:9b:6a:
         6d:fd:7b:4f:35:3e:7e:cd:6e:d7:bc:d2:bf:19:8a:33:55:6b:
         4e:d3:dd:3d:39:07:1a:60:90:2a:d5:0d:0d:36:e8:c9:3f:ca:
         42:6f:c9:b4:6c:d2:4d:35:73:c7:73:3d:c2:3d:0a:3b:de:62:
         6c:17:55:87:4d:20:a9:bc:39:69:5a:c8:1a:af:19:43:8c:d4:
         ee:fe:c3:32:85:18:06:ea:24:ec:80:e4:a0:e6:b7:52:bd:bb:
         7f:f3:f3:43:fd:6d:58:e4:35:f7:35:c6:aa:c4:44:51:de:72:
         ce:ea:2e:57:91:d6:ca:4a:a1:6e:70:8c:96:0d:0b:61:05:a9:
         f7:8a:30:8a:c8:38:2d:17:0c:72:31:ba:07:05:bf:e0:1d:23:
         1f:3a:75:16:06:80:58:26:c6:97:e8:31:aa:ef:c9:1a:78:af:
         2f:5e:0a:c8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBejANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QUY5QkFGMTEwLwYDVQQFEyg2Mjc1MzNFQ0JBQjdEODlCRDk1NzBCMjAwNTQ2NjYw
NTM2NjlBNzU5MB4XDTIxMTAwMTEwMzg0NVoXDTI2MTAwMTEwMzg0NVowGDEWMBQG
A1UEAwwNNjE1NmU1M2QtYmU3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMo206WMTcCO0qEvv2bq/JFPcApiIc0KORvOgjLHjvN6lTXvebpheJQ5XEA+
CzdygCqWKWgaZnP3b04v53cEzhAP+mWqvPcpV83+NbFaj7oqqFtkoZcnu7A5PjWg
CdyFWphpPqgdSGRJwraputMT7bL/SYIEw5D9OUPWdBDqd43UUcCUepmKgbTFa+yC
Q2Ruwx05W3GClL3kbmnsZgqtXGdVafBX8/4378PnetKRnNCFia+qE4tDbRvQ1mja
fiF29iDPrKLj/MZ/PTQQwJyRpVm2G3hqI3Qt7rLqddUsk4hjzw6O9Bc0/a2xlaYI
6MjAV9vSMs68+cetP9VcKMkZ90MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSA8P67
6d1aA3NpiOlGsDy05gjc0zAfBgNVHSMEGDAWgBRidTPsurfYm9lXCyAFRmYFNmmn
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkFGOUIvNUUyNkI3OUNDQzI3MTFFQkE0RUExNjI3RjhBRUEyMjgvWW5VejdM
cTMySnZaVndzZ0JVWm1CVFpwcDFrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWW5VejdMcTMySnZaVndzZ0JVWm1CVFpwcDFrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkFGOUIvNUUyNkI3OUNDQzI3MTFFQkE0RUExNjI3RjhB
RUEyMjgvQzU0RTE5RDgyMkEzMTFFQzkwNjY0QjE2RDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbb3zANBgkqhkiG9w0BAQsF
AAOCAQEAqhF2bMvJ9WtXWOEWbUIISUg0Sv6u/A/lO8G2qDP7UMU3lISfaPptyO22
b/msCk0n138OORn6vzkMX+EapyCsMesgzJSxF61N7kEEJe4ptZ1FWm3+CZipt5tq
bf17TzU+fs1u17zSvxmKM1VrTtPdPTkHGmCQKtUNDTboyT/KQm/JtGzSTTVzx3M9
wj0KO95ibBdVh00gqbw5aVrIGq8ZQ4zU7v7DMoUYBuok7IDkoOa3Ur27f/PzQ/1t
WOQ19zXGqsREUd5yzuouV5HWykqhbnCMlg0LYQWp94owisg4LRcMcjG6BwW/4B0j
Hzp1FgaAWCbGl+gxqu/JGnivL14KyA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:13:37 2024 by rpki-client on console-fra.rpki-client.org