Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/F539AC2ADFD211EBB0D1FD36F8AEA228.roa
File:                     F539AC2ADFD211EBB0D1FD36F8AEA228.roa (raw, json)
Hash identifier:          eXFh4emIQs516bgW52azXjxVc2VVoIN8dsu/3Z+Sdok=
Subject key identifier:   93:83:A3:D9:5C:A3:1A:93:C6:EE:EC:1D:72:DB:A4:A7:65:B7:81:79
Certificate issuer:       /CN=F3628DDEAF/serialNumber=42B58CEEAA2C12E8F2DC98D644C20CF81CE1CE05
Certificate serial:       037E
Authority key identifier: 42:B5:8C:EE:AA:2C:12:E8:F2:DC:98:D6:44:C2:0C:F8:1C:E1:CE:05
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/QrWM7qosEujy3JjWRMIM-BzhzgU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/F539AC2ADFD211EBB0D1FD36F8AEA228.roa
Signing time:             Thu 08 Jul 2021 09:57:52 +0000
ROA not before:           Thu 08 Jul 2021 09:57:46 +0000
ROA not after:            Tue 17 Jun 2031 09:57:46 +0000
asID:                     36924
IP address blocks:        196.250.64.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/QrWM7qosEujy3JjWRMIM-BzhzgU.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/QrWM7qosEujy3JjWRMIM-BzhzgU.mft
                          rsync://rpki.afrinic.net/repository/afrinic/QrWM7qosEujy3JjWRMIM-BzhzgU.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 894 (0x37e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3628DDEAF/serialNumber=42B58CEEAA2C12E8F2DC98D644C20CF81CE1CE05
        Validity
            Not Before: Jul  8 09:57:46 2021 GMT
            Not After : Jun 17 09:57:46 2031 GMT
        Subject: CN=60e6cc20-4ded
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:c3:07:cf:dc:a4:1c:a3:5f:a3:3f:ae:1c:e8:
                    1e:7a:ef:d6:ad:97:ca:de:15:10:32:a9:ef:f4:fd:
                    bd:eb:f2:0a:a5:1f:2e:f8:7a:a2:47:4b:97:57:1e:
                    2f:ae:70:4f:ff:df:ec:fc:f2:3f:67:62:f5:7e:60:
                    05:9a:7b:31:2a:12:52:62:16:8e:15:0c:15:66:f1:
                    26:0a:eb:5c:92:6e:36:d6:fd:12:bc:77:e1:fd:b4:
                    55:99:7f:e5:58:d1:97:43:10:fb:44:df:80:9f:74:
                    cc:7c:65:2c:fb:59:17:00:62:3a:ff:a8:bd:cd:ce:
                    c9:39:7d:79:fb:98:4e:4a:3a:50:f6:03:a5:b4:02:
                    92:b9:f0:4b:e2:fc:a8:22:a5:21:01:55:e6:6c:8c:
                    61:0e:e6:8f:c5:e5:84:1a:5f:7c:38:72:29:73:1a:
                    16:92:32:1a:2a:dc:92:e9:4e:3f:b2:59:75:2d:3e:
                    6d:f7:07:dc:c5:7b:96:19:99:9f:9d:f2:1f:df:a8:
                    e8:6d:39:cd:0c:9e:e9:91:d6:c2:63:a0:af:d3:ea:
                    b4:01:b9:03:17:91:df:9a:bd:18:48:4f:8e:77:b4:
                    b4:b6:1d:3b:79:40:fe:71:2a:c3:24:99:54:b5:59:
                    0d:1c:4e:aa:cc:b7:82:91:53:86:77:15:35:14:cb:
                    b8:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:83:A3:D9:5C:A3:1A:93:C6:EE:EC:1D:72:DB:A4:A7:65:B7:81:79
            X509v3 Authority Key Identifier:
                keyid:42:B5:8C:EE:AA:2C:12:E8:F2:DC:98:D6:44:C2:0C:F8:1C:E1:CE:05

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/QrWM7qosEujy3JjWRMIM-BzhzgU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QrWM7qosEujy3JjWRMIM-BzhzgU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3628DDE/BF78233A369E11E9A7D5E220F8AEA228/F539AC2ADFD211EBB0D1FD36F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.250.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         1b:f2:c5:ea:dd:6b:27:f1:1b:47:6c:4f:c6:c4:c9:51:fd:de:
         03:c9:25:f6:bb:71:4c:94:b9:84:34:74:c1:d7:b0:97:c4:30:
         5c:f0:4e:cd:ed:5b:ff:b8:73:c1:04:4b:dc:e1:6a:91:2c:a0:
         11:35:8d:0b:90:d1:bb:fd:90:bc:44:23:e2:ed:fe:bd:bb:14:
         e2:60:1f:57:c0:c4:39:11:21:f1:44:4a:45:32:9f:dc:83:b2:
         2b:85:35:9d:07:9d:af:bd:eb:92:79:fe:b4:3d:b3:87:5e:d8:
         03:20:c6:71:ae:26:d3:f6:f2:d5:70:00:e7:75:66:35:ef:a4:
         d4:c8:3c:09:86:11:9d:df:d3:b5:a3:3a:0f:3a:29:fc:82:52:
         73:ac:e7:b8:61:11:cf:2f:4c:21:bd:22:19:1d:6e:ef:2b:2f:
         d3:5e:8c:14:b9:dd:03:02:20:16:38:e8:c6:0a:53:f3:b7:a3:
         94:9d:28:04:4c:5b:f7:d0:e7:5a:00:be:0c:eb:0d:4b:79:8a:
         30:d8:ff:59:7a:b7:40:e6:e2:e8:26:9f:70:fc:2a:72:84:c5:
         65:e2:3c:10:93:b9:b1:8b:c3:15:2c:a6:45:8b:0c:59:c9:93:
         33:bf:b2:72:30:48:2c:b5:10:6d:53:26:17:23:11:7d:8e:e1:
         c8:54:20:6c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA34wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MjhEREVBRjExMC8GA1UEBRMoNDJCNThDRUVBQTJDMTJFOEYyREM5OEQ2NDRDMjBD
RjgxQ0UxQ0UwNTAeFw0yMTA3MDgwOTU3NDZaFw0zMTA2MTcwOTU3NDZaMBgxFjAU
BgNVBAMTDTYwZTZjYzIwLTRkZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+wwfP3KQco1+jP64c6B5679atl8reFRAyqe/0/b3r8gqlHy74eqJHS5dX
Hi+ucE//3+z88j9nYvV+YAWaezEqElJiFo4VDBVm8SYK61ySbjbW/RK8d+H9tFWZ
f+VY0ZdDEPtE34CfdMx8ZSz7WRcAYjr/qL3Nzsk5fXn7mE5KOlD2A6W0ApK58Evi
/KgipSEBVeZsjGEO5o/F5YQaX3w4cilzGhaSMhoq3JLpTj+yWXUtPm33B9zFe5YZ
mZ+d8h/fqOhtOc0MnumR1sJjoK/T6rQBuQMXkd+avRhIT453tLS2HTt5QP5xKsMk
mVS1WQ0cTqrMt4KRU4Z3FTUUy7gHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUk4Oj
2VyjGpPG7uwdctukp2W3gXkwHwYDVR0jBBgwFoAUQrWM7qosEujy3JjWRMIM+Bzh
zgUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI4RERFL0JGNzgyMzNBMzY5RTExRTlBN0Q1RTIyMEY4QUVBMjI4L1FyV003
cW9zRXVqeTNKaldSTUlNLUJ6aHpnVS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1FyV003cW9zRXVqeTNKaldSTUlNLUJ6aHpnVS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjI4RERFL0JGNzgyMzNBMzY5RTExRTlBN0Q1RTIyMEY4
QUVBMjI4L0Y1MzlBQzJBREZEMjExRUJCMEQxRkQzNkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbE+kAwDQYJKoZIhvcNAQEL
BQADggEBABvyxerdayfxG0dsT8bEyVH93gPJJfa7cUyUuYQ0dMHXsJfEMFzwTs3t
W/+4c8EES9zhapEsoBE1jQuQ0bv9kLxEI+Lt/r27FOJgH1fAxDkRIfFESkUyn9yD
siuFNZ0Hna+965J5/rQ9s4de2AMgxnGuJtP28tVwAOd1ZjXvpNTIPAmGEZ3f07Wj
Og86KfyCUnOs57hhEc8vTCG9Ihkdbu8rL9NejBS53QMCIBY46MYKU/O3o5SdKARM
W/fQ51oAvgzrDUt5ijDY/1l6t0Dm4ugmn3D8KnKExWXiPBCTubGLwxUspkWLDFnJ
kzO/snIwSCy1EG1TJhcjEX2O4chUIGw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:51 2024 by rpki-client on console-fra.rpki-client.org