Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361C3A1/47DF6D66E0D011E8A546211CF8AEA228/E1CD81C8280F11EBB63DE871F8AEA228.roa
File:                     E1CD81C8280F11EBB63DE871F8AEA228.roa (raw, json)
Hash identifier:          /3VNsnr60M58thhrmrm6ZI5zKetsZe2Nwr0JCmxLZg4=
Subject key identifier:   38:22:6E:DA:CB:2E:94:2C:4C:1D:39:84:19:F3:12:43:D1:66:A9:03
Certificate issuer:       /CN=F361C3A1RI/serialNumber=ECBACB719ABA5D32BD990EF3685B5AA36B08CA04
Certificate serial:       02FA
Authority key identifier: EC:BA:CB:71:9A:BA:5D:32:BD:99:0E:F3:68:5B:5A:A3:6B:08:CA:04
Authority info access:    rsync://rpki.afrinic.net/repository/ripe/7LrLcZq6XTK9mQ7zaFtao2sIygQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F361C3A1/47DF6D66E0D011E8A546211CF8AEA228/E1CD81C8280F11EBB63DE871F8AEA228.roa
Signing time:             Mon 16 Nov 2020 13:30:25 +0000
ROA not before:           Mon 16 Nov 2020 13:30:19 +0000
ROA not after:            Fri 28 Nov 2025 13:30:19 +0000
asID:                     36915
IP address blocks:        194.9.82.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F361C3A1/47DF6D66E0D011E8A546211CF8AEA228/7LrLcZq6XTK9mQ7zaFtao2sIygQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F361C3A1/47DF6D66E0D011E8A546211CF8AEA228/7LrLcZq6XTK9mQ7zaFtao2sIygQ.mft
                          rsync://rpki.afrinic.net/repository/ripe/7LrLcZq6XTK9mQ7zaFtao2sIygQ.cer
                          rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.crl
                          rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/ripe-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:25:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 762 (0x2fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F361C3A1RI/serialNumber=ECBACB719ABA5D32BD990EF3685B5AA36B08CA04
        Validity
            Not Before: Nov 16 13:30:19 2020 GMT
            Not After : Nov 28 13:30:19 2025 GMT
        Subject: CN=5fb27ef1-6b65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:fe:e6:43:e7:20:a4:29:b0:be:7a:3a:ee:d0:
                    12:58:51:03:ca:38:db:9f:e2:e3:d0:5a:84:bd:3e:
                    bb:14:56:fc:a6:11:f6:02:81:1d:c8:bf:97:6f:d2:
                    f0:cc:2f:b3:f1:6d:2f:a5:28:c1:ac:9a:98:16:66:
                    98:bb:31:fc:5c:26:86:d9:a9:a6:0d:c2:fc:ca:ec:
                    d5:fd:f0:2e:5e:79:5b:c6:4b:c9:b7:49:5b:de:28:
                    6c:4f:37:48:a6:13:a0:c8:7b:46:41:5f:18:9a:36:
                    a1:76:24:ee:31:1b:a5:15:fc:4e:1f:31:59:ee:6e:
                    9e:ae:a1:18:7c:b0:2b:3b:eb:df:ed:76:ec:c5:3a:
                    73:24:99:10:7a:8b:9a:9e:cc:ee:8b:33:04:2a:9f:
                    45:ff:a3:75:36:ac:81:83:7f:c9:3a:4e:77:ad:d4:
                    06:ef:0a:2f:f7:fd:59:72:29:55:d8:d5:10:47:21:
                    c4:ff:c2:8c:93:c0:5f:b5:cb:88:1f:22:98:bb:fc:
                    4a:25:52:35:12:a7:82:84:8f:03:6b:08:f6:f4:47:
                    e0:99:a4:dc:38:3e:b7:f2:bd:c5:f7:07:4c:1b:c1:
                    5f:ff:cd:f7:fb:37:8a:ec:f1:79:b2:f9:65:28:4a:
                    1c:44:0f:0f:ee:a8:7e:c6:67:5e:e7:ab:ba:28:89:
                    a9:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:22:6E:DA:CB:2E:94:2C:4C:1D:39:84:19:F3:12:43:D1:66:A9:03
            X509v3 Authority Key Identifier:
                keyid:EC:BA:CB:71:9A:BA:5D:32:BD:99:0E:F3:68:5B:5A:A3:6B:08:CA:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F361C3A1/47DF6D66E0D011E8A546211CF8AEA228/7LrLcZq6XTK9mQ7zaFtao2sIygQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/ripe/7LrLcZq6XTK9mQ7zaFtao2sIygQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361C3A1/47DF6D66E0D011E8A546211CF8AEA228/E1CD81C8280F11EBB63DE871F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.9.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:69:98:c5:40:f2:c4:d0:b9:0f:1d:be:79:2e:81:64:aa:c6:
         50:31:82:25:1e:3a:a8:a9:75:9e:e9:82:3d:5f:8f:56:fb:44:
         f0:4b:66:14:8a:d7:ff:10:76:c6:76:c4:3f:b9:3c:51:cc:a5:
         5c:c2:0e:1b:85:f6:a3:e8:86:a1:46:dd:eb:4f:7c:0d:01:cc:
         f1:0a:c3:97:24:00:f1:f2:ff:8d:c3:7b:0f:5b:4c:e0:6d:46:
         ce:97:37:f4:7d:4f:3d:5f:59:a7:1c:96:8d:96:3b:a0:08:80:
         5e:24:91:1a:6b:dd:43:95:ae:4b:17:18:89:d8:f6:09:b4:25:
         14:a7:c9:60:e5:31:92:72:b3:3f:18:49:6b:9b:a3:e7:5c:b7:
         1a:94:83:6f:d8:43:a4:ac:bc:55:0f:b0:d4:ef:2d:04:7d:92:
         83:4c:96:4a:d8:17:f6:8d:fb:24:dd:ad:34:4d:74:f2:db:34:
         5f:57:22:f9:8c:75:51:7e:8e:ae:5b:84:c2:6c:b0:85:43:96:
         57:d6:cd:ab:12:c5:58:bc:1b:84:97:75:d0:fa:b2:04:3a:45:
         99:71:d2:27:7d:b5:02:6c:64:88:c6:c1:47:75:74:7d:ed:17:
         3b:d0:33:35:11:06:90:07:8a:7b:dd:1a:06:42:9d:57:88:21:
         df:6d:02:27
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAvowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MUMzQTFSSTExMC8GA1UEBRMoRUNCQUNCNzE5QUJBNUQzMkJEOTkwRUYzNjg1QjVB
QTM2QjA4Q0EwNDAeFw0yMDExMTYxMzMwMTlaFw0yNTExMjgxMzMwMTlaMBgxFjAU
BgNVBAMTDTVmYjI3ZWYxLTZiNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDB/uZD5yCkKbC+ejru0BJYUQPKONuf4uPQWoS9PrsUVvymEfYCgR3Iv5dv
0vDML7PxbS+lKMGsmpgWZpi7MfxcJobZqaYNwvzK7NX98C5eeVvGS8m3SVveKGxP
N0imE6DIe0ZBXxiaNqF2JO4xG6UV/E4fMVnubp6uoRh8sCs769/tduzFOnMkmRB6
i5qezO6LMwQqn0X/o3U2rIGDf8k6Tnet1AbvCi/3/VlyKVXY1RBHIcT/woyTwF+1
y4gfIpi7/EolUjUSp4KEjwNrCPb0R+CZpNw4PrfyvcX3B0wbwV//zff7N4rs8Xmy
+WUoShxEDw/uqH7GZ17nq7ooialZAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUOCJu
2ssulCxMHTmEGfMSQ9FmqQMwHwYDVR0jBBgwFoAU7LrLcZq6XTK9mQ7zaFtao2sI
ygQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjFDM0ExLzQ3REY2RDY2RTBEMDExRThBNTQ2MjExQ0Y4QUVBMjI4LzdMckxj
WnE2WFRLOW1RN3phRnRhbzJzSXlnUS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9yaXBl
LzdMckxjWnE2WFRLOW1RN3phRnRhbzJzSXlnUS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjFDM0ExLzQ3REY2RDY2RTBEMDExRThBNTQ2MjExQ0Y4QUVB
MjI4L0UxQ0Q4MUM4MjgwRjExRUJCNjNERTg3MUY4QUVBMjI4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHCCVIwDQYJKoZIhvcNAQELBQAD
ggEBAKlpmMVA8sTQuQ8dvnkugWSqxlAxgiUeOqipdZ7pgj1fj1b7RPBLZhSK1/8Q
dsZ2xD+5PFHMpVzCDhuF9qPohqFG3etPfA0BzPEKw5ckAPHy/43Dew9bTOBtRs6X
N/R9Tz1fWacclo2WO6AIgF4kkRpr3UOVrksXGInY9gm0JRSnyWDlMZJysz8YSWub
o+dctxqUg2/YQ6SsvFUPsNTvLQR9koNMlkrYF/aN+yTdrTRNdPLbNF9XIvmMdVF+
jq5bhMJssIVDllfWzasSxVi8G4SXddD6sgQ6RZlx0id9tQJsZIjGwUd1dH3tFzvQ
MzURBpAHinvdGgZCnVeIId9tAic=
-----END CERTIFICATE-----
Generated at Mon Jun 17 01:44:38 2024 by rpki-client on console-fra.rpki-client.org