Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/378CE78AF66411EA8E26EB40F8AEA228.roa
File:                     378CE78AF66411EA8E26EB40F8AEA228.roa (raw, json)
Hash identifier:          xoY5dis4sb6P64FdTIPzWORP204UtHtRbf1EXJseOJw=
Subject key identifier:   00:D5:9D:9B:4D:79:63:0B:2C:2E:E7:30:B6:06:B6:D0:CA:62:A0:5F
Certificate issuer:       /CN=F362B38EAF/serialNumber=AD4004D8518DEB99CED3FFFAB635AA174E700FD7
Certificate serial:       0290
Authority key identifier: AD:40:04:D8:51:8D:EB:99:CE:D3:FF:FA:B6:35:AA:17:4E:70:0F:D7
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/378CE78AF66411EA8E26EB40F8AEA228.roa
Signing time:             Mon 14 Sep 2020 08:28:08 +0000
ROA not before:           Mon 14 Sep 2020 08:28:04 +0000
ROA not after:            Sat 14 Sep 2030 08:28:04 +0000
asID:                     327687
IP address blocks:        196.43.178.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 656 (0x290)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAF/serialNumber=AD4004D8518DEB99CED3FFFAB635AA174E700FD7
        Validity
            Not Before: Sep 14 08:28:04 2020 GMT
            Not After : Sep 14 08:28:04 2030 GMT
        Subject: CN=5f5f2998-4819
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:aa:8c:af:1c:fd:1f:88:7a:3b:07:9b:96:e5:
                    30:4b:8c:21:04:af:ef:aa:52:40:f2:51:a9:d2:ec:
                    ae:07:ef:4d:b9:f4:e2:c1:5e:a3:0c:d4:3a:6c:89:
                    df:fb:03:d1:11:80:3a:1c:63:cf:29:5e:53:9f:1b:
                    ee:dc:e7:47:7c:e8:24:95:49:85:27:1a:f3:e7:04:
                    7f:96:d2:d2:ee:bc:c2:59:3f:2b:3c:a8:ae:a8:f0:
                    81:96:4d:20:89:59:24:2e:6c:08:0d:37:da:24:5b:
                    91:7e:91:3b:fa:ea:98:bf:67:f7:f5:14:0c:46:02:
                    a0:fd:7c:5f:01:a5:f4:1e:27:f8:23:4c:e5:b3:18:
                    59:9e:f8:4f:20:21:b8:65:be:d3:53:c2:0e:07:ba:
                    ee:78:3b:d6:7d:25:04:6f:53:a8:df:ae:77:c3:79:
                    1c:e9:94:bf:6b:bf:73:42:36:51:42:69:f4:1b:41:
                    a2:06:94:4c:f8:be:70:14:c9:fa:fb:3b:10:ad:cc:
                    67:f3:3a:df:7c:2c:dc:26:ab:f8:2a:11:61:0b:02:
                    e8:68:b1:92:58:17:2c:18:a6:f2:fa:a9:2b:da:d4:
                    b1:a1:7d:a8:95:61:0e:99:bd:58:45:52:83:44:b9:
                    c3:f5:d8:5e:7b:21:a3:28:84:3c:47:2b:8f:11:d0:
                    ae:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:D5:9D:9B:4D:79:63:0B:2C:2E:E7:30:B6:06:B6:D0:CA:62:A0:5F
            X509v3 Authority Key Identifier:
                keyid:AD:40:04:D8:51:8D:EB:99:CE:D3:FF:FA:B6:35:AA:17:4E:70:0F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/378CE78AF66411EA8E26EB40F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.43.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:6c:66:5d:7b:3f:d4:b8:9a:96:47:21:85:04:7d:42:7d:92:
         6d:dc:4e:21:3d:21:d9:03:2d:cf:97:52:e5:83:ee:52:bc:b4:
         6f:37:dc:ec:4a:0d:ae:bc:7b:bd:fc:62:ae:09:4a:39:b9:ee:
         c6:c3:9a:da:e9:0b:77:9a:fb:f1:fe:62:3c:24:29:8e:1d:33:
         ea:ae:ae:e3:65:88:ce:aa:a4:17:04:61:bc:e6:b2:10:f3:e8:
         95:63:47:84:06:b1:6c:e1:2c:b0:62:50:a1:cf:61:eb:73:20:
         8f:70:27:69:83:20:2a:56:d0:38:20:25:24:d7:96:4b:a7:3c:
         dd:eb:b7:12:92:a0:31:c8:38:d4:ec:76:4d:26:b8:62:68:3c:
         44:a4:89:22:08:00:31:1c:2e:c9:15:f4:f4:49:0a:f3:38:ee:
         31:41:5f:6f:4f:c6:0d:1f:3e:d5:b3:7e:65:6b:5e:ee:17:15:
         03:2b:2c:4b:51:58:06:94:7a:3e:df:4e:f0:75:3e:d5:47:20:
         b4:ac:a1:67:fe:41:85:73:0f:94:f4:37:fe:97:5c:30:e5:3b:
         ce:b8:b4:1e:7c:4d:d4:dd:44:8e:7b:1c:e8:5b:bd:e0:cb:c3:
         3c:a6:bf:50:11:2a:c0:11:e3:d2:de:d6:31:73:8d:b4:46:7a:
         27:d8:37:f9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICApAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkIzOEVBRjExMC8GA1UEBRMoQUQ0MDA0RDg1MThERUI5OUNFRDNGRkZBQjYzNUFB
MTc0RTcwMEZENzAeFw0yMDA5MTQwODI4MDRaFw0zMDA5MTQwODI4MDRaMBgxFjAU
BgNVBAMTDTVmNWYyOTk4LTQ4MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCWqoyvHP0fiHo7B5uW5TBLjCEEr++qUkDyUanS7K4H70259OLBXqMM1Dps
id/7A9ERgDocY88pXlOfG+7c50d86CSVSYUnGvPnBH+W0tLuvMJZPys8qK6o8IGW
TSCJWSQubAgNN9okW5F+kTv66pi/Z/f1FAxGAqD9fF8BpfQeJ/gjTOWzGFme+E8g
IbhlvtNTwg4Huu54O9Z9JQRvU6jfrnfDeRzplL9rv3NCNlFCafQbQaIGlEz4vnAU
yfr7OxCtzGfzOt98LNwmq/gqEWELAuhosZJYFywYpvL6qSva1LGhfaiVYQ6ZvVhF
UoNEucP12F57IaMohDxHK48R0K7LAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUANWd
m015YwssLucwtga20MpioF8wHwYDVR0jBBgwFoAUrUAE2FGN65nO0//6tjWqF05w
D9cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJCMzhFLzczQzE5M0UyREY2MTExRTlCRTVBMkMzMEY4QUVBMjI4L3JVQUUy
RkdONjVuTzBfXzZ0aldxRjA1d0Q5Yy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JVQUUyRkdONjVuTzBfXzZ0aldxRjA1d0Q5Yy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJCMzhFLzczQzE5M0UyREY2MTExRTlCRTVBMkMzMEY4
QUVBMjI4LzM3OENFNzhBRjY2NDExRUE4RTI2RUI0MEY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEK7IwDQYJKoZIhvcNAQEL
BQADggEBAIdsZl17P9S4mpZHIYUEfUJ9km3cTiE9IdkDLc+XUuWD7lK8tG833OxK
Da68e738Yq4JSjm57sbDmtrpC3ea+/H+YjwkKY4dM+quruNliM6qpBcEYbzmshDz
6JVjR4QGsWzhLLBiUKHPYetzII9wJ2mDICpW0DggJSTXlkunPN3rtxKSoDHIONTs
dk0muGJoPESkiSIIADEcLskV9PRJCvM47jFBX29Pxg0fPtWzfmVrXu4XFQMrLEtR
WAaUej7fTvB1PtVHILSsoWf+QYVzD5T0N/6XXDDlO864tB58TdTdRI57HOhbveDL
wzymv1ARKsAR49Le1jFzjbRGeifYN/k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:51 2024 by rpki-client on console-fra.rpki-client.org