Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/14DA972C369F11E9A85A3C21F8AEA228.roa
File:                     14DA972C369F11E9A85A3C21F8AEA228.roa (raw, json)
Hash identifier:          rRgU+4tFqjCwv3sj5zK6L+vCSIEp2/0zfXQO2ATh2MM=
Subject key identifier:   9B:BE:E3:32:46:7E:0D:89:02:38:7A:7A:50:EF:D5:59:D0:2C:37:6C
Certificate issuer:       /CN=F3628DDEAF/serialNumber=42B58CEEAA2C12E8F2DC98D644C20CF81CE1CE05
Certificate serial:       04
Authority key identifier: 42:B5:8C:EE:AA:2C:12:E8:F2:DC:98:D6:44:C2:0C:F8:1C:E1:CE:05
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/QrWM7qosEujy3JjWRMIM-BzhzgU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/14DA972C369F11E9A85A3C21F8AEA228.roa
Signing time:             Fri 22 Feb 2019 12:40:49 +0000
ROA not before:           Fri 22 Feb 2019 12:40:45 +0000
ROA not after:            Tue 06 Nov 2029 12:40:45 +0000
asID:                     36924
IP address blocks:        2c0f:ecf0::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/QrWM7qosEujy3JjWRMIM-BzhzgU.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/QrWM7qosEujy3JjWRMIM-BzhzgU.mft
                          rsync://rpki.afrinic.net/repository/afrinic/QrWM7qosEujy3JjWRMIM-BzhzgU.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3628DDEAF/serialNumber=42B58CEEAA2C12E8F2DC98D644C20CF81CE1CE05
        Validity
            Not Before: Feb 22 12:40:45 2019 GMT
            Not After : Nov  6 12:40:45 2029 GMT
        Subject: CN=5c6fedd1-7b66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f2:d9:34:04:c6:a6:09:e2:5a:c3:09:49:98:
                    b1:2f:c4:47:4e:f0:ee:44:52:37:4d:c5:12:82:df:
                    a0:26:c9:b3:18:7b:8a:e3:5b:0b:73:a0:65:7b:0d:
                    ea:8b:9c:6c:ac:34:cd:dd:b8:fb:08:c1:98:98:f8:
                    e6:d5:cf:40:a3:96:c8:53:00:2e:95:50:b2:61:00:
                    12:62:7d:ea:19:88:5d:28:4f:47:17:e0:3a:9b:3b:
                    23:8b:c7:b6:f0:23:f8:d2:c5:66:11:2b:b8:0f:49:
                    f6:16:05:74:d0:75:35:88:64:9a:99:d0:dd:ba:a3:
                    22:38:fc:ea:8b:af:68:d8:3b:62:6c:df:05:4f:e2:
                    fd:cc:cb:92:8f:61:17:36:f2:54:ec:d5:72:ad:a4:
                    76:11:dd:d8:5b:50:2b:d9:4d:0b:23:30:1e:83:98:
                    33:30:75:78:9b:08:23:27:f7:a1:d7:77:0c:f1:5e:
                    b9:94:51:fd:69:ad:a4:8c:68:10:2f:eb:8f:e8:cb:
                    f3:94:ce:45:d5:c1:74:aa:16:39:00:7a:a5:22:77:
                    23:ce:96:92:cc:29:bb:a2:0c:08:8b:26:15:28:c7:
                    6b:f4:a5:cf:01:ab:c9:c9:d7:b8:d1:27:5f:3c:f3:
                    16:50:58:52:72:aa:87:78:4f:32:0f:93:1c:35:a3:
                    ee:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:BE:E3:32:46:7E:0D:89:02:38:7A:7A:50:EF:D5:59:D0:2C:37:6C
            X509v3 Authority Key Identifier:
                keyid:42:B5:8C:EE:AA:2C:12:E8:F2:DC:98:D6:44:C2:0C:F8:1C:E1:CE:05

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/QrWM7qosEujy3JjWRMIM-BzhzgU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QrWM7qosEujy3JjWRMIM-BzhzgU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/14DA972C369F11E9A85A3C21F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:ecf0::/32

    Signature Algorithm: sha256WithRSAEncryption
         82:5a:75:5e:92:c4:c9:50:b4:d7:ac:96:01:0f:ee:75:75:2e:
         ef:7d:40:22:40:29:0b:ed:80:8c:fa:9b:7e:32:58:e1:b9:dc:
         4b:6b:7c:72:ee:a5:93:20:6e:20:6f:d7:0c:b2:28:33:07:86:
         5e:7c:73:2a:9d:0b:b7:85:30:5c:82:e8:64:8f:ff:e9:8f:f5:
         d4:c3:fa:eb:5d:31:28:31:79:42:ec:c4:56:b8:70:d2:71:da:
         a0:e0:22:b3:a3:1f:f9:e0:0d:e9:cf:b6:27:63:6d:54:78:46:
         01:f6:68:b8:53:a7:7e:b9:a9:5a:75:ca:39:4b:90:c3:eb:4c:
         ba:3f:7b:2d:78:35:cc:78:84:66:2c:ff:d0:27:98:15:57:0b:
         15:e1:7e:f7:f1:16:c2:a4:85:38:0b:e3:b9:7a:06:0b:2e:16:
         1a:ed:d6:4c:96:f8:ad:d6:62:74:84:07:27:69:7f:c2:c3:e8:
         56:b1:f2:b4:2a:5d:dc:e8:dc:8a:46:5b:81:9e:60:55:9d:5e:
         8f:6c:f4:f9:be:60:b6:49:46:ab:8c:e5:ca:90:f1:4e:d3:a3:
         ca:10:39:bd:96:50:14:c0:9e:fb:e4:33:df:91:f9:de:ca:c3:
         1a:52:6f:f1:92:e2:58:b9:6b:43:44:66:4a:09:f6:31:66:1f:
         f0:04:3b:ca
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
OERERUFGMTEwLwYDVQQFEyg0MkI1OENFRUFBMkMxMkU4RjJEQzk4RDY0NEMyMENG
ODFDRTFDRTA1MB4XDTE5MDIyMjEyNDA0NVoXDTI5MTEwNjEyNDA0NVowGDEWMBQG
A1UEAxMNNWM2ZmVkZDEtN2I2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjy2TQExqYJ4lrDCUmYsS/ER07w7kRSN03FEoLfoCbJsxh7iuNbC3OgZXsN
6oucbKw0zd24+wjBmJj45tXPQKOWyFMALpVQsmEAEmJ96hmIXShPRxfgOps7I4vH
tvAj+NLFZhEruA9J9hYFdNB1NYhkmpnQ3bqjIjj86ouvaNg7YmzfBU/i/czLko9h
FzbyVOzVcq2kdhHd2FtQK9lNCyMwHoOYMzB1eJsIIyf3odd3DPFeuZRR/WmtpIxo
EC/rj+jL85TORdXBdKoWOQB6pSJ3I86Wkswpu6IMCIsmFSjHa/SlzwGrycnXuNEn
XzzzFlBYUnKqh3hPMg+THDWj7vMCAwEAAaOCAm8wggJrMB0GA1UdDgQWBBSbvuMy
Rn4NiQI4enpQ79VZ0Cw3bDAfBgNVHSMEGDAWgBRCtYzuqiwS6PLcmNZEwgz4HOHO
BTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjhEREUvQkY3ODIzM0EzNjlFMTFFOUE3RDVFMjIwRjhBRUEyMjgvUXJXTTdx
b3NFdWp5M0pqV1JNSU0tQnpoemdVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUXJXTTdxb3NFdWp5M0pqV1JNSU0tQnpoemdVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjhEREUvQkY3ODIzM0EzNjlFMTFFOUE3RDVFMjIwRjhB
RUEyMjgvMTREQTk3MkMzNjlGMTFFOUE4NUEzQzIxRjhBRUEyMjgucm9hMCAGCCsG
AQUFBwEHAQH/BBEwDzANBAIAAjAHAwUALA/s8DANBgkqhkiG9w0BAQsFAAOCAQEA
glp1XpLEyVC016yWAQ/udXUu731AIkApC+2AjPqbfjJY4bncS2t8cu6lkyBuIG/X
DLIoMweGXnxzKp0Lt4UwXILoZI//6Y/11MP6610xKDF5QuzEVrhw0nHaoOAis6Mf
+eAN6c+2J2NtVHhGAfZouFOnfrmpWnXKOUuQw+tMuj97LXg1zHiEZiz/0CeYFVcL
FeF+9/EWwqSFOAvjuXoGCy4WGu3WTJb4rdZidIQHJ2l/wsPoVrHytCpd3OjcikZb
gZ5gVZ1ej2z0+b5gtklGq4zlypDxTtOjyhA5vZZQFMCe++Qz35H53srDGlJv8ZLi
WLlrQ0RmSgn2MWYf8AQ7yg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:31 2024 by rpki-client on console-ams.rpki-client.org