Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3614C03/0053EC7406B311EA9DC20648F8AEA228/53913FE406B411EAA1EA0549F8AEA228.roa
File:                     53913FE406B411EAA1EA0549F8AEA228.roa (raw, json)
Hash identifier:          XJEJSGpw335NcuwS3+6oYV5fIuyzKIEqyyHHkBG3bgI=
Subject key identifier:   25:7B:41:B0:C9:D8:2D:F1:AF:6B:AA:24:CE:39:77:C3:24:BB:BC:28
Certificate issuer:       /CN=F3614C03AF/serialNumber=ECB3CFFB40A29AFA17F07E5D4B3C42634136BA40
Certificate serial:       02
Authority key identifier: EC:B3:CF:FB:40:A2:9A:FA:17:F0:7E:5D:4B:3C:42:63:41:36:BA:40
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/7LPP-0CimvoX8H5dSzxCY0E2ukA.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3614C03/0053EC7406B311EA9DC20648F8AEA228/53913FE406B411EAA1EA0549F8AEA228.roa
Signing time:             Thu 14 Nov 2019 07:56:56 +0000
ROA not before:           Thu 14 Nov 2019 07:56:51 +0000
ROA not after:            Wed 14 Nov 2029 07:56:51 +0000
asID:                     21739
IP address blocks:        196.202.248.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3614C03/0053EC7406B311EA9DC20648F8AEA228/7LPP-0CimvoX8H5dSzxCY0E2ukA.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3614C03/0053EC7406B311EA9DC20648F8AEA228/7LPP-0CimvoX8H5dSzxCY0E2ukA.mft
                          rsync://rpki.afrinic.net/repository/afrinic/7LPP-0CimvoX8H5dSzxCY0E2ukA.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3614C03AF/serialNumber=ECB3CFFB40A29AFA17F07E5D4B3C42634136BA40
        Validity
            Not Before: Nov 14 07:56:51 2019 GMT
            Not After : Nov 14 07:56:51 2029 GMT
        Subject: CN=5dcd08c8-e77e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3a:06:0d:9a:80:bb:b8:9d:73:4a:80:d9:8b:
                    75:18:ac:ae:bf:2d:0b:86:71:1f:8f:9a:15:29:ee:
                    63:cd:a7:2d:34:70:0f:20:31:54:c0:0e:cb:f9:6b:
                    c3:b4:30:02:b9:88:a2:9d:08:49:44:2f:38:5d:83:
                    2a:0c:7b:ff:41:27:f0:f2:74:8c:6c:10:6b:6c:50:
                    55:da:72:46:0d:24:fd:ad:1b:e8:69:f7:35:30:6e:
                    e3:bb:4b:ff:e4:b1:2d:a2:c7:d5:b4:fd:3e:80:a7:
                    9e:fb:b6:60:ed:8c:9f:6f:38:97:7b:54:27:2c:75:
                    2f:30:bf:74:5a:51:20:fa:8f:cd:23:e8:5a:9c:81:
                    f7:26:cc:2a:48:06:85:89:d5:64:d7:7b:87:76:be:
                    37:40:25:2b:2d:e3:0e:ff:fb:ae:fc:0b:e2:6a:66:
                    12:2b:c0:b9:cb:60:3b:4b:2b:fb:74:bd:b7:68:39:
                    af:45:c5:7a:90:33:55:d1:7d:fa:f9:8f:e7:d8:08:
                    e0:da:94:d6:e3:da:79:b4:27:20:39:82:5f:bf:87:
                    3b:b7:7f:2d:42:f2:f5:bf:da:56:b8:77:18:68:5b:
                    2a:ed:46:39:30:e9:dd:0a:24:f3:22:41:47:e7:cf:
                    49:43:65:3e:c7:5d:8a:79:f7:a0:70:4c:04:d6:af:
                    de:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:7B:41:B0:C9:D8:2D:F1:AF:6B:AA:24:CE:39:77:C3:24:BB:BC:28
            X509v3 Authority Key Identifier:
                keyid:EC:B3:CF:FB:40:A2:9A:FA:17:F0:7E:5D:4B:3C:42:63:41:36:BA:40

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3614C03/0053EC7406B311EA9DC20648F8AEA228/7LPP-0CimvoX8H5dSzxCY0E2ukA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/7LPP-0CimvoX8H5dSzxCY0E2ukA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3614C03/0053EC7406B311EA9DC20648F8AEA228/53913FE406B411EAA1EA0549F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.202.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a1:8b:96:11:4c:55:13:36:de:07:0d:ea:97:94:12:fc:70:66:
         45:52:f1:b3:d1:4e:1b:84:8c:27:03:43:61:5d:38:8b:63:75:
         f9:29:58:53:9f:aa:0a:cf:be:c8:c7:9a:03:54:c8:62:5f:55:
         9f:e9:cf:e7:9c:a6:e6:cd:4f:a2:7c:a6:45:9b:65:31:b9:2a:
         c1:ce:c9:b3:a6:d1:0e:2e:cb:be:80:aa:51:1e:c8:68:4f:ce:
         ad:11:fa:75:d4:d9:d4:9e:61:47:c6:2e:98:b9:53:63:79:b4:
         d8:6b:50:a6:56:67:c5:83:43:7d:d2:ac:71:03:8a:fd:7f:6c:
         d2:4a:0e:12:ba:c4:8c:3a:ee:54:45:5e:75:dd:01:0f:f7:a9:
         2d:8e:84:d7:a1:12:06:c5:b1:57:d1:f8:6d:ba:64:36:6d:38:
         88:5f:24:8b:49:43:9b:6b:a2:14:e0:84:a8:d0:e2:5a:b9:a1:
         20:8b:dd:e6:54:5c:b6:8e:0b:ad:45:53:68:cb:5a:94:53:84:
         cd:b6:91:34:76:a8:32:30:07:d3:e6:d8:3c:65:ff:00:90:20:
         be:5e:64:86:c2:91:3a:58:f3:c6:1e:a9:a5:28:80:f4:0b:ae:
         e5:e4:ee:e8:e4:b5:8d:bf:25:2d:ea:cd:1f:76:04:9e:23:e4:
         18:42:3d:87
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
NEMwM0FGMTEwLwYDVQQFEyhFQ0IzQ0ZGQjQwQTI5QUZBMTdGMDdFNUQ0QjNDNDI2
MzQxMzZCQTQwMB4XDTE5MTExNDA3NTY1MVoXDTI5MTExNDA3NTY1MVowGDEWMBQG
A1UEAxMNNWRjZDA4YzgtZTc3ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMc6Bg2agLu4nXNKgNmLdRisrr8tC4ZxH4+aFSnuY82nLTRwDyAxVMAOy/lr
w7QwArmIop0ISUQvOF2DKgx7/0En8PJ0jGwQa2xQVdpyRg0k/a0b6Gn3NTBu47tL
/+SxLaLH1bT9PoCnnvu2YO2Mn284l3tUJyx1LzC/dFpRIPqPzSPoWpyB9ybMKkgG
hYnVZNd7h3a+N0AlKy3jDv/7rvwL4mpmEivAuctgO0sr+3S9t2g5r0XFepAzVdF9
+vmP59gI4NqU1uPaebQnIDmCX7+HO7d/LULy9b/aVrh3GGhbKu1GOTDp3Qok8yJB
R+fPSUNlPsddinn3oHBMBNav3lUCAwEAAaOCAm4wggJqMB0GA1UdDgQWBBQle0Gw
ydgt8a9rqiTOOXfDJLu8KDAfBgNVHSMEGDAWgBTss8/7QKKa+hfwfl1LPEJjQTa6
QDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTRDMDMvMDA1M0VDNzQwNkIzMTFFQTlEQzIwNjQ4RjhBRUEyMjgvN0xQUC0w
Q2ltdm9YOEg1ZFN6eENZMEUydWtBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvN0xQUC0wQ2ltdm9YOEg1ZFN6eENZMEUydWtBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTRDMDMvMDA1M0VDNzQwNkIzMTFFQTlEQzIwNjQ4RjhB
RUEyMjgvNTM5MTNGRTQwNkI0MTFFQUExRUEwNTQ5RjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCxMr4MA0GCSqGSIb3DQEBCwUAA4IBAQCh
i5YRTFUTNt4HDeqXlBL8cGZFUvGz0U4bhIwnA0NhXTiLY3X5KVhTn6oKz77Ix5oD
VMhiX1Wf6c/nnKbmzU+ifKZFm2UxuSrBzsmzptEOLsu+gKpRHshoT86tEfp11NnU
nmFHxi6YuVNjebTYa1CmVmfFg0N90qxxA4r9f2zSSg4SusSMOu5URV513QEP96kt
joTXoRIGxbFX0fhtumQ2bTiIXySLSUOba6IU4ISo0OJauaEgi93mVFy2jgutRVNo
y1qUU4TNtpE0dqgyMAfT5tg8Zf8AkCC+XmSGwpE6WPPGHqmlKID0C67l5O7o5LWN
vyUt6s0fdgSeI+QYQj2H
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:30 2024 by rpki-client on console-ams.rpki-client.org