Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/432A21D6F66211EA82BEF23EF8AEA228.roa
File:                     432A21D6F66211EA82BEF23EF8AEA228.roa (raw, json)
Hash identifier:          mHNY5DR7N20xrjY+paspmzOeas6kO6ZhHagyNaTo1CU=
Subject key identifier:   A8:D5:CC:9E:4C:10:94:8D:0A:10:20:3A:24:C5:1C:C0:82:53:A1:E8
Certificate issuer:       /CN=F362B38EAF/serialNumber=AD4004D8518DEB99CED3FFFAB635AA174E700FD7
Certificate serial:       0288
Authority key identifier: AD:40:04:D8:51:8D:EB:99:CE:D3:FF:FA:B6:35:AA:17:4E:70:0F:D7
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/432A21D6F66211EA82BEF23EF8AEA228.roa
Signing time:             Mon 14 Sep 2020 08:14:09 +0000
ROA not before:           Mon 14 Sep 2020 08:14:04 +0000
ROA not after:            Sat 14 Sep 2030 08:14:04 +0000
asID:                     327687
IP address blocks:        196.43.174.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 648 (0x288)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAF/serialNumber=AD4004D8518DEB99CED3FFFAB635AA174E700FD7
        Validity
            Not Before: Sep 14 08:14:04 2020 GMT
            Not After : Sep 14 08:14:04 2030 GMT
        Subject: CN=5f5f2650-d60a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:af:bf:e9:bb:2f:05:d5:70:3b:b5:4d:57:a1:
                    99:79:ca:32:26:8d:1b:d6:19:56:68:3d:fb:52:75:
                    92:89:ff:fb:d8:ba:25:8f:96:fb:ab:74:3d:9b:8e:
                    c9:f1:85:8a:98:34:7a:c3:0e:d1:2c:6d:43:1a:e7:
                    65:af:b8:92:42:01:5e:7f:2e:c7:bd:a8:77:2e:83:
                    f5:d7:03:42:59:cc:2d:52:f6:0a:1f:87:be:cd:8a:
                    d8:d2:1f:ba:e6:c9:4c:0a:95:32:b3:fb:08:9e:ff:
                    6f:e1:b1:b9:ca:16:f6:ad:b9:4f:23:a0:66:3c:d4:
                    6a:0a:c6:c5:39:d7:73:cb:5d:7c:81:f1:ae:fa:09:
                    e0:c0:fd:06:aa:8f:06:8b:c2:a0:59:03:8b:c1:72:
                    57:63:68:84:cd:4e:91:65:c2:9f:e2:54:14:47:d9:
                    bf:3d:52:61:d8:1a:0f:ed:c6:5b:e1:cc:28:1d:53:
                    08:60:fa:3f:c6:05:48:f5:32:e6:f9:c2:87:dc:9c:
                    ea:11:0a:ac:a3:1e:40:e8:1c:16:98:f6:6b:f6:3b:
                    ea:b7:f1:2a:b6:1b:03:76:2d:7d:d5:57:9f:97:04:
                    d2:aa:85:b8:d4:d7:25:ba:90:17:69:49:b4:cd:8f:
                    81:6d:94:cc:bf:ee:aa:64:72:71:d3:b1:1c:ab:b1:
                    21:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:D5:CC:9E:4C:10:94:8D:0A:10:20:3A:24:C5:1C:C0:82:53:A1:E8
            X509v3 Authority Key Identifier:
                keyid:AD:40:04:D8:51:8D:EB:99:CE:D3:FF:FA:B6:35:AA:17:4E:70:0F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/432A21D6F66211EA82BEF23EF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.43.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:bb:41:70:7c:43:01:1e:3c:c1:6a:bb:37:95:a2:24:4a:e7:
         13:03:e4:73:45:a8:c8:76:25:2c:ed:bc:86:36:84:8c:c7:44:
         bc:b4:13:d6:0e:d4:37:a9:55:2f:5b:07:33:6c:aa:5c:8b:e6:
         87:c1:f0:b6:ae:bc:13:e7:4d:77:93:75:21:54:19:d2:4c:e1:
         d4:9d:d1:6c:d8:04:30:2d:51:5b:d2:61:81:a3:b5:93:65:a1:
         d7:a8:56:03:3d:b4:d4:ad:d6:9a:a4:11:30:b7:48:7c:60:b4:
         87:68:c6:21:91:c5:df:e6:fb:02:c1:16:01:98:e3:e1:20:e0:
         74:bc:4b:ba:58:da:29:eb:7d:6d:6b:7d:69:35:b1:02:c2:2e:
         c0:ec:f6:29:22:d2:42:bf:22:07:47:64:03:2e:8c:ce:13:86:
         8f:40:6b:16:70:4d:55:18:05:2b:96:25:80:21:43:72:ad:6b:
         11:a1:dc:83:bd:37:d2:e4:40:32:3e:0b:e8:45:ba:d3:b6:ba:
         ff:de:82:68:de:54:45:d6:b7:13:17:48:8a:e3:42:31:07:de:
         b3:ee:6c:18:2a:e2:67:4c:22:ce:2a:54:57:a5:17:d6:d0:56:
         8f:a2:05:10:6d:7f:a2:38:60:eb:02:6e:2a:ed:ad:81:91:d9:
         ba:e1:28:1d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAogwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkIzOEVBRjExMC8GA1UEBRMoQUQ0MDA0RDg1MThERUI5OUNFRDNGRkZBQjYzNUFB
MTc0RTcwMEZENzAeFw0yMDA5MTQwODE0MDRaFw0zMDA5MTQwODE0MDRaMBgxFjAU
BgNVBAMTDTVmNWYyNjUwLWQ2MGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4r7/puy8F1XA7tU1XoZl5yjImjRvWGVZoPftSdZKJ//vYuiWPlvurdD2b
jsnxhYqYNHrDDtEsbUMa52WvuJJCAV5/Lse9qHcug/XXA0JZzC1S9gofh77NitjS
H7rmyUwKlTKz+wie/2/hsbnKFvatuU8joGY81GoKxsU513PLXXyB8a76CeDA/Qaq
jwaLwqBZA4vBcldjaITNTpFlwp/iVBRH2b89UmHYGg/txlvhzCgdUwhg+j/GBUj1
Mub5wofcnOoRCqyjHkDoHBaY9mv2O+q38Sq2GwN2LX3VV5+XBNKqhbjU1yW6kBdp
SbTNj4FtlMy/7qpkcnHTsRyrsSGDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUqNXM
nkwQlI0KECA6JMUcwIJToegwHwYDVR0jBBgwFoAUrUAE2FGN65nO0//6tjWqF05w
D9cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJCMzhFLzczQzE5M0UyREY2MTExRTlCRTVBMkMzMEY4QUVBMjI4L3JVQUUy
RkdONjVuTzBfXzZ0aldxRjA1d0Q5Yy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JVQUUyRkdONjVuTzBfXzZ0aldxRjA1d0Q5Yy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJCMzhFLzczQzE5M0UyREY2MTExRTlCRTVBMkMzMEY4
QUVBMjI4LzQzMkEyMUQ2RjY2MjExRUE4MkJFRjIzRUY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEK64wDQYJKoZIhvcNAQEL
BQADggEBALu7QXB8QwEePMFquzeVoiRK5xMD5HNFqMh2JSztvIY2hIzHRLy0E9YO
1DepVS9bBzNsqlyL5ofB8LauvBPnTXeTdSFUGdJM4dSd0WzYBDAtUVvSYYGjtZNl
odeoVgM9tNSt1pqkETC3SHxgtIdoxiGRxd/m+wLBFgGY4+Eg4HS8S7pY2inrfW1r
fWk1sQLCLsDs9iki0kK/IgdHZAMujM4Tho9AaxZwTVUYBSuWJYAhQ3KtaxGh3IO9
N9LkQDI+C+hFutO2uv/egmjeVEXWtxMXSIrjQjEH3rPubBgq4mdMIs4qVFelF9bQ
Vo+iBRBtf6I4YOsCbirtrYGR2brhKB0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org