Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/EC598B4086EA11E9986F9C4FF8AEA228.roa
File:                     EC598B4086EA11E9986F9C4FF8AEA228.roa (raw, json)
Hash identifier:          mAPr21juD7J9FeHc+oUho3fc5+KZRjgQ97QY0cYheRg=
Subject key identifier:   0D:FC:ED:E2:18:8D:D9:C6:BC:CC:AC:B0:40:68:40:8A:AF:73:D0:25
Certificate issuer:       /CN=F361B08DAF/serialNumber=0D24CFE5FF586C3299DDEB79A0EF552EC27AA9A1
Certificate serial:       02
Authority key identifier: 0D:24:CF:E5:FF:58:6C:32:99:DD:EB:79:A0:EF:55:2E:C2:7A:A9:A1
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/EC598B4086EA11E9986F9C4FF8AEA228.roa
Signing time:             Tue 04 Jun 2019 17:05:16 +0000
ROA not before:           Tue 04 Jun 2019 17:05:12 +0000
ROA not after:            Mon 04 Jun 2029 17:05:12 +0000
asID:                     328350
IP address blocks:        102.132.0.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F361B08DAF/serialNumber=0D24CFE5FF586C3299DDEB79A0EF552EC27AA9A1
        Validity
            Not Before: Jun  4 17:05:12 2019 GMT
            Not After : Jun  4 17:05:12 2029 GMT
        Subject: CN=5cf6a4cc-b357
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:cf:16:66:b3:ea:48:c5:37:b1:9a:2e:6d:82:
                    55:21:02:3e:89:d8:f9:6a:a8:07:39:5f:5c:be:75:
                    5e:37:87:e4:2e:6b:51:65:18:98:ca:4b:13:38:cf:
                    7d:85:da:e2:6a:19:50:d9:4d:54:5f:4e:55:e4:53:
                    48:2d:38:ee:2e:99:d4:39:34:84:a6:ab:e9:63:05:
                    ae:d5:85:ab:2b:34:67:43:96:ed:ca:b1:42:85:3a:
                    96:11:e1:e9:7a:93:4b:81:d7:38:72:a5:49:65:2f:
                    11:52:c7:e9:f0:2f:e0:db:b4:4e:79:f0:c5:16:5e:
                    ba:ec:ea:9d:51:12:56:9d:46:22:16:72:2d:1c:5b:
                    60:ef:17:b1:f8:bc:3b:4c:a3:70:26:95:55:af:10:
                    58:ee:ad:68:ee:f0:63:51:ad:9f:92:fa:24:3a:57:
                    7b:98:fd:06:eb:2b:a4:fe:f1:d4:d8:2c:a7:5f:7c:
                    90:64:0b:1b:22:f1:6f:0d:1d:c3:8a:03:7c:34:c6:
                    90:14:d9:88:0d:2a:b3:84:41:05:90:62:04:98:0b:
                    fa:16:47:8c:f6:d6:18:49:cf:1e:27:f6:c1:79:0e:
                    de:82:89:de:49:46:ab:06:34:7c:92:55:b1:4d:f7:
                    c5:6a:3a:e2:e4:cc:d8:18:f4:c5:f0:54:b2:d5:50:
                    f3:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:FC:ED:E2:18:8D:D9:C6:BC:CC:AC:B0:40:68:40:8A:AF:73:D0:25
            X509v3 Authority Key Identifier:
                keyid:0D:24:CF:E5:FF:58:6C:32:99:DD:EB:79:A0:EF:55:2E:C2:7A:A9:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DSTP5f9YbDKZ3et5oO9VLsJ6qaE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361B08D/CBC7D20286E911E99E9CBA4EF8AEA228/EC598B4086EA11E9986F9C4FF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.132.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         40:ca:ec:f0:a8:de:de:c7:5d:d0:47:3b:bf:10:b3:b0:d3:47:
         b4:73:cf:ef:8d:94:74:35:3d:5f:ca:30:8d:c9:2b:ad:6b:d4:
         4d:64:00:1b:2b:99:e3:99:3e:8f:1e:78:67:73:a3:a9:67:38:
         a4:a4:b1:43:7a:b5:11:45:74:d8:e8:28:ad:86:0a:aa:89:5b:
         c8:e9:c7:4a:5d:c1:01:fb:28:76:e3:0c:72:8f:5f:7d:66:63:
         0c:86:c7:29:6f:2d:f3:23:da:3c:40:85:10:2a:3c:e9:12:f4:
         25:42:d8:3b:8a:b5:86:36:60:21:bb:e4:bb:7a:de:76:c1:ec:
         cc:9f:98:84:0f:39:8c:c0:a4:0c:77:05:44:f2:bf:2a:32:31:
         a7:bf:ab:96:f3:6a:3c:e0:30:67:7a:b3:09:4f:1f:b9:86:9b:
         38:bf:c7:54:7d:d1:0d:34:4c:07:13:b2:0d:6d:96:27:70:e1:
         ae:38:a6:ef:d2:6e:93:6f:ed:f0:fd:ba:90:47:8d:b3:8d:f0:
         c7:e3:c1:51:38:e7:4a:34:4e:4d:a3:7f:c9:e8:61:5c:73:d8:
         89:b6:06:0e:16:74:91:e6:c2:3b:a5:d6:d9:45:10:7a:4f:af:
         75:59:39:37:c1:89:04:18:7c:b5:0d:ee:7c:8b:be:66:f9:20:
         22:1a:a9:9e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
QjA4REFGMTEwLwYDVQQFEygwRDI0Q0ZFNUZGNTg2QzMyOTlEREVCNzlBMEVGNTUy
RUMyN0FBOUExMB4XDTE5MDYwNDE3MDUxMloXDTI5MDYwNDE3MDUxMlowGDEWMBQG
A1UEAxMNNWNmNmE0Y2MtYjM1NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbPFmaz6kjFN7GaLm2CVSECPonY+WqoBzlfXL51XjeH5C5rUWUYmMpLEzjP
fYXa4moZUNlNVF9OVeRTSC047i6Z1Dk0hKar6WMFrtWFqys0Z0OW7cqxQoU6lhHh
6XqTS4HXOHKlSWUvEVLH6fAv4Nu0TnnwxRZeuuzqnVESVp1GIhZyLRxbYO8Xsfi8
O0yjcCaVVa8QWO6taO7wY1Gtn5L6JDpXe5j9BusrpP7x1Ngsp198kGQLGyLxbw0d
w4oDfDTGkBTZiA0qs4RBBZBiBJgL+hZHjPbWGEnPHif2wXkO3oKJ3klGqwY0fJJV
sU33xWo64uTM2Bj0xfBUstVQ8z8CAwEAAaOCAm4wggJqMB0GA1UdDgQWBBQN/O3i
GI3ZxrzMrLBAaECKr3PQJTAfBgNVHSMEGDAWgBQNJM/l/1hsMpnd63mg71Uuwnqp
oTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUIwOEQvQ0JDN0QyMDI4NkU5MTFFOTlFOUNCQTRFRjhBRUEyMjgvRFNUUDVm
OVliREtaM2V0NW9POVZMc0o2cWFFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRFNUUDVmOVliREtaM2V0NW9POVZMc0o2cWFFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUIwOEQvQ0JDN0QyMDI4NkU5MTFFOTlFOUNCQTRFRjhB
RUEyMjgvRUM1OThCNDA4NkVBMTFFOTk4NkY5QzRGRjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEZoQAMA0GCSqGSIb3DQEBCwUAA4IBAQBA
yuzwqN7ex13QRzu/ELOw00e0c8/vjZR0NT1fyjCNySuta9RNZAAbK5njmT6PHnhn
c6OpZzikpLFDerURRXTY6CithgqqiVvI6cdKXcEB+yh24wxyj199ZmMMhscpby3z
I9o8QIUQKjzpEvQlQtg7irWGNmAhu+S7et52wezMn5iEDzmMwKQMdwVE8r8qMjGn
v6uW82o84DBnerMJTx+5hps4v8dUfdENNEwHE7INbZYncOGuOKbv0m6Tb+3w/bqQ
R42zjfDH48FROOdKNE5No3/J6GFcc9iJtgYOFnSR5sI7pdbZRRB6T691WTk3wYkE
GHy1De58i75m+SAiGqme
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:51 2024 by rpki-client on console-fra.rpki-client.org