Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F6E4A/9D594F7241A611EA88863E28F8AEA228/ABC28380BBA411EABEF8E416F8AEA228.roa
File:                     ABC28380BBA411EABEF8E416F8AEA228.roa (raw, json)
Hash identifier:          bUSiHgFHCW1ysfD+WE5bk+6r0WqRJf6EdD8KdOEeUus=
Subject key identifier:   3B:87:37:8A:E8:02:87:59:13:17:CB:0B:40:3F:99:84:A7:6C:34:DD
Certificate issuer:       /CN=F36F6E4AAF/serialNumber=4FEE129D09AB850DA039E7F5BB24B6699A0F8179
Certificate serial:       B2
Authority key identifier: 4F:EE:12:9D:09:AB:85:0D:A0:39:E7:F5:BB:24:B6:69:9A:0F:81:79
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/T-4SnQmrhQ2gOef1uyS2aZoPgXk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F6E4A/9D594F7241A611EA88863E28F8AEA228/ABC28380BBA411EABEF8E416F8AEA228.roa
Signing time:             Wed 01 Jul 2020 14:10:52 +0000
ROA not before:           Wed 01 Jul 2020 14:10:49 +0000
ROA not after:            Sun 01 Jul 2040 14:10:49 +0000
asID:                     0
IP address blocks:        196.50.128.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F6E4A/9D594F7241A611EA88863E28F8AEA228/T-4SnQmrhQ2gOef1uyS2aZoPgXk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F6E4A/9D594F7241A611EA88863E28F8AEA228/T-4SnQmrhQ2gOef1uyS2aZoPgXk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/T-4SnQmrhQ2gOef1uyS2aZoPgXk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 178 (0xb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F6E4AAF/serialNumber=4FEE129D09AB850DA039E7F5BB24B6699A0F8179
        Validity
            Not Before: Jul  1 14:10:49 2020 GMT
            Not After : Jul  1 14:10:49 2040 GMT
        Subject: CN=5efc996c-0d50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:03:2d:ef:ef:ad:a4:14:08:ca:98:bc:11:9e:
                    d7:cb:e2:9a:e5:5b:3f:42:1b:e4:c6:bf:20:18:31:
                    8d:0e:a2:2a:d6:18:34:37:42:4a:43:ff:f3:5c:34:
                    7e:99:32:65:d6:f2:a4:80:12:50:3f:b8:43:c9:09:
                    91:f9:85:15:49:1a:c5:2b:25:7c:d8:ee:1d:72:49:
                    20:f9:4c:27:2a:bb:e8:54:cf:16:2a:9f:6e:0a:81:
                    02:85:53:54:63:f7:20:27:cd:bc:5e:cd:95:d7:6c:
                    d8:e6:f9:66:a2:62:55:a0:1b:1d:9d:90:75:07:ec:
                    1d:ee:24:e2:e2:2b:61:1b:32:a5:82:b2:9f:92:0c:
                    aa:80:f0:d8:8c:af:58:cb:05:0f:4c:da:c9:a4:a6:
                    c2:b9:67:04:0b:95:9d:de:3b:3e:58:2f:65:9f:d6:
                    7b:32:b7:82:63:30:88:11:ad:20:0f:4a:03:db:e6:
                    00:55:11:c2:ea:6e:97:a1:83:38:c3:eb:d6:8a:b4:
                    ed:da:56:ab:e3:da:d8:be:71:b8:18:d8:ba:40:f2:
                    87:30:00:9f:15:b0:b4:06:95:79:ec:ab:bc:0c:29:
                    e3:23:f3:e7:bc:1b:0a:fd:9d:67:99:66:5b:6f:98:
                    fe:66:d0:86:07:73:c8:c7:d1:3c:ca:4a:38:41:94:
                    99:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:87:37:8A:E8:02:87:59:13:17:CB:0B:40:3F:99:84:A7:6C:34:DD
            X509v3 Authority Key Identifier:
                keyid:4F:EE:12:9D:09:AB:85:0D:A0:39:E7:F5:BB:24:B6:69:9A:0F:81:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F6E4A/9D594F7241A611EA88863E28F8AEA228/T-4SnQmrhQ2gOef1uyS2aZoPgXk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/T-4SnQmrhQ2gOef1uyS2aZoPgXk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F6E4A/9D594F7241A611EA88863E28F8AEA228/ABC28380BBA411EABEF8E416F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.50.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         74:36:8a:9e:54:78:92:a9:06:2f:47:64:34:ea:85:a8:26:a4:
         0b:4f:15:ee:04:93:19:74:f7:cc:f4:11:35:e4:59:29:d3:5c:
         49:aa:22:33:5c:53:25:c9:47:5c:6d:92:d3:bb:6e:a5:2b:dd:
         4d:5e:4f:28:bd:f3:f5:1b:23:f1:ba:31:d5:31:74:3b:93:96:
         f6:f9:dd:fc:f1:f0:f7:09:2f:9a:9f:b6:ee:8c:90:9c:74:b2:
         f2:75:cf:ce:59:18:4e:1e:60:62:16:05:1d:f0:af:63:ea:0d:
         83:af:e2:4b:8f:85:44:fb:2f:6a:36:81:ae:ff:95:f4:21:68:
         43:2b:97:06:75:81:36:a2:ad:32:2b:57:1d:4c:6d:29:da:90:
         f4:44:40:ce:1f:7a:f1:ff:42:59:c3:bb:b6:c5:32:58:5f:4f:
         7c:56:77:81:2b:34:ca:54:fe:60:e3:9f:b0:94:85:54:b1:a3:
         59:ed:5b:06:f3:fd:16:51:ae:0b:14:ad:f7:e6:fa:f7:4b:5d:
         6a:18:e7:d6:63:ac:5f:80:18:da:57:07:ee:f4:e9:8a:5c:80:
         8c:d0:e0:19:9c:c1:e2:08:30:67:ac:6d:d3:0f:85:b2:ab:98:
         d6:1b:a9:5f:41:ae:4d:f7:b8:54:fa:06:95:71:7b:21:6e:87:
         50:5a:b6:1c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICALIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjZFNEFBRjExMC8GA1UEBRMoNEZFRTEyOUQwOUFCODUwREEwMzlFN0Y1QkIyNEI2
Njk5QTBGODE3OTAeFw0yMDA3MDExNDEwNDlaFw00MDA3MDExNDEwNDlaMBgxFjAU
BgNVBAMTDTVlZmM5OTZjLTBkNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCxAy3v762kFAjKmLwRntfL4prlWz9CG+TGvyAYMY0OoirWGDQ3QkpD//Nc
NH6ZMmXW8qSAElA/uEPJCZH5hRVJGsUrJXzY7h1ySSD5TCcqu+hUzxYqn24KgQKF
U1Rj9yAnzbxezZXXbNjm+WaiYlWgGx2dkHUH7B3uJOLiK2EbMqWCsp+SDKqA8NiM
r1jLBQ9M2smkpsK5ZwQLlZ3eOz5YL2Wf1nsyt4JjMIgRrSAPSgPb5gBVEcLqbpeh
gzjD69aKtO3aVqvj2ti+cbgY2LpA8ocwAJ8VsLQGlXnsq7wMKeMj8+e8Gwr9nWeZ
ZltvmP5m0IYHc8jH0TzKSjhBlJkVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUO4c3
iugCh1kTF8sLQD+ZhKdsNN0wHwYDVR0jBBgwFoAUT+4SnQmrhQ2gOef1uyS2aZoP
gXkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY2RTRBLzlENTk0RjcyNDFBNjExRUE4ODg2M0UyOEY4QUVBMjI4L1QtNFNu
UW1yaFEyZ09lZjF1eVMyYVpvUGdYay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1QtNFNuUW1yaFEyZ09lZjF1eVMyYVpvUGdYay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY2RTRBLzlENTk0RjcyNDFBNjExRUE4ODg2M0UyOEY4
QUVBMjI4L0FCQzI4MzgwQkJBNDExRUFCRUY4RTQxNkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbEMoAwDQYJKoZIhvcNAQEL
BQADggEBAHQ2ip5UeJKpBi9HZDTqhagmpAtPFe4Ekxl098z0ETXkWSnTXEmqIjNc
UyXJR1xtktO7bqUr3U1eTyi98/UbI/G6MdUxdDuTlvb53fzx8PcJL5qftu6MkJx0
svJ1z85ZGE4eYGIWBR3wr2PqDYOv4kuPhUT7L2o2ga7/lfQhaEMrlwZ1gTairTIr
Vx1MbSnakPREQM4fevH/QlnDu7bFMlhfT3xWd4ErNMpU/mDjn7CUhVSxo1ntWwbz
/RZRrgsUrffm+vdLXWoY59ZjrF+AGNpXB+706YpcgIzQ4BmcweIIMGesbdMPhbKr
mNYbqV9Brk33uFT6BpVxeyFuh1Bathw=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:43 2024 by rpki-client on console-ams.rpki-client.org