Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/66F4D690F51F11EA9D1DE32AF8AEA228.roa
File:                     66F4D690F51F11EA9D1DE32AF8AEA228.roa (raw, json)
Hash identifier:          SrVyftEZaFZINRQHt3OsJ5SCiY9D8GryK+fA+07FTFA=
Subject key identifier:   4A:D7:67:AA:68:4B:04:48:49:C7:9F:56:BD:AC:D0:68:EB:43:0D:39
Certificate issuer:       /CN=F362B38EAF/serialNumber=AD4004D8518DEB99CED3FFFAB635AA174E700FD7
Certificate serial:       027E
Authority key identifier: AD:40:04:D8:51:8D:EB:99:CE:D3:FF:FA:B6:35:AA:17:4E:70:0F:D7
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/66F4D690F51F11EA9D1DE32AF8AEA228.roa
Signing time:             Sat 12 Sep 2020 17:43:02 +0000
ROA not before:           Sat 12 Sep 2020 17:42:51 +0000
ROA not after:            Thu 12 Sep 2030 17:42:51 +0000
asID:                     327687
IP address blocks:        196.43.169.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 638 (0x27e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAF/serialNumber=AD4004D8518DEB99CED3FFFAB635AA174E700FD7
        Validity
            Not Before: Sep 12 17:42:51 2020 GMT
            Not After : Sep 12 17:42:51 2030 GMT
        Subject: CN=5f5d08a6-e535
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a2:0b:49:a1:c9:85:d1:c9:19:df:25:57:a9:
                    95:c9:75:3c:1c:44:db:f2:1e:c1:d2:84:73:2a:bd:
                    f9:21:4e:63:27:d6:74:71:63:69:be:35:51:06:a2:
                    35:48:cc:ef:dd:0b:29:05:2e:71:cc:51:83:8c:ee:
                    60:31:ca:b6:21:d6:7e:64:2e:18:a7:8f:2b:84:c9:
                    4b:29:70:83:5d:d0:a1:35:77:28:c0:70:74:86:00:
                    86:86:f4:24:c7:46:10:a9:2c:35:79:ab:9f:ac:0d:
                    88:4c:a2:8b:74:03:fe:1e:ba:0a:6d:18:31:d7:e6:
                    b3:44:c6:88:30:4c:99:c5:70:55:f3:42:99:90:4b:
                    26:96:2a:4b:b4:a9:7a:16:da:a6:49:87:19:16:dd:
                    d7:88:47:7e:fe:8e:c8:70:90:4e:31:6c:d9:70:2e:
                    d4:36:c1:26:dc:ce:f2:cb:4d:2b:a5:8b:7e:ff:12:
                    34:6c:4f:93:07:7c:8b:0d:40:42:6e:5c:9a:1e:68:
                    28:db:fe:4d:e9:34:2e:ec:5f:b1:f3:84:f2:57:5e:
                    db:da:25:e9:f8:79:7d:dd:8a:fb:8d:6e:38:12:84:
                    fd:ae:ce:ef:cc:45:ce:88:62:44:58:dc:1f:96:3f:
                    2b:fe:cc:6d:ef:71:94:91:21:0d:e4:66:b7:b9:8f:
                    6b:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:D7:67:AA:68:4B:04:48:49:C7:9F:56:BD:AC:D0:68:EB:43:0D:39
            X509v3 Authority Key Identifier:
                keyid:AD:40:04:D8:51:8D:EB:99:CE:D3:FF:FA:B6:35:AA:17:4E:70:0F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/66F4D690F51F11EA9D1DE32AF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.43.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:3a:36:66:41:56:df:f7:8c:9c:7a:b5:b3:06:ef:54:51:70:
         42:1c:09:03:42:1e:0a:45:ec:5e:2a:9b:0e:81:d0:97:c7:86:
         76:bf:d6:3b:00:37:2b:67:92:ca:d1:81:9a:60:6a:0a:bd:05:
         2d:28:87:c8:11:5f:f7:85:c9:3a:7d:c6:a9:a2:08:36:d3:9e:
         e0:ac:4b:15:d0:af:73:ca:7f:d1:a4:f7:18:64:c1:68:46:45:
         28:fd:15:64:e7:68:09:e0:84:c1:8d:78:99:0c:c8:46:5e:2f:
         97:9e:4c:a2:dd:3e:a8:a8:04:7d:bf:bf:2c:a2:d0:83:f5:ba:
         ce:a5:a9:62:e1:72:d4:b4:b1:0e:0b:27:43:17:c3:f8:52:03:
         f5:7a:ce:b7:f6:df:56:89:ef:e9:70:1b:27:bd:60:98:76:92:
         64:38:ea:c6:f6:fe:b6:3c:00:00:c5:17:c0:f6:2f:c5:7e:22:
         36:52:43:5f:17:6c:11:d8:19:06:a9:82:64:65:41:e6:4a:e7:
         a5:b8:40:d5:9f:cb:bd:63:d4:2b:ed:69:bf:6f:5c:47:7b:d7:
         69:f9:a6:ef:88:d2:69:0a:75:ba:54:f9:ea:cb:45:e6:7e:1a:
         f8:1a:e4:7e:f9:bd:d2:cf:16:ef:8f:a2:45:60:dd:1e:d8:54:
         47:7a:db:84
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAn4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkIzOEVBRjExMC8GA1UEBRMoQUQ0MDA0RDg1MThERUI5OUNFRDNGRkZBQjYzNUFB
MTc0RTcwMEZENzAeFw0yMDA5MTIxNzQyNTFaFw0zMDA5MTIxNzQyNTFaMBgxFjAU
BgNVBAMTDTVmNWQwOGE2LWU1MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4ogtJocmF0ckZ3yVXqZXJdTwcRNvyHsHShHMqvfkhTmMn1nRxY2m+NVEG
ojVIzO/dCykFLnHMUYOM7mAxyrYh1n5kLhinjyuEyUspcINd0KE1dyjAcHSGAIaG
9CTHRhCpLDV5q5+sDYhMoot0A/4eugptGDHX5rNExogwTJnFcFXzQpmQSyaWKku0
qXoW2qZJhxkW3deIR37+jshwkE4xbNlwLtQ2wSbczvLLTSuli37/EjRsT5MHfIsN
QEJuXJoeaCjb/k3pNC7sX7HzhPJXXtvaJen4eX3divuNbjgShP2uzu/MRc6IYkRY
3B+WPyv+zG3vcZSRIQ3kZre5j2sRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUStdn
qmhLBEhJx59WvazQaOtDDTkwHwYDVR0jBBgwFoAUrUAE2FGN65nO0//6tjWqF05w
D9cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJCMzhFLzczQzE5M0UyREY2MTExRTlCRTVBMkMzMEY4QUVBMjI4L3JVQUUy
RkdONjVuTzBfXzZ0aldxRjA1d0Q5Yy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JVQUUyRkdONjVuTzBfXzZ0aldxRjA1d0Q5Yy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJCMzhFLzczQzE5M0UyREY2MTExRTlCRTVBMkMzMEY4
QUVBMjI4LzY2RjRENjkwRjUxRjExRUE5RDFERTMyQUY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEK6kwDQYJKoZIhvcNAQEL
BQADggEBAII6NmZBVt/3jJx6tbMG71RRcEIcCQNCHgpF7F4qmw6B0JfHhna/1jsA
NytnksrRgZpgagq9BS0oh8gRX/eFyTp9xqmiCDbTnuCsSxXQr3PKf9Gk9xhkwWhG
RSj9FWTnaAnghMGNeJkMyEZeL5eeTKLdPqioBH2/vyyi0IP1us6lqWLhctS0sQ4L
J0MXw/hSA/V6zrf231aJ7+lwGye9YJh2kmQ46sb2/rY8AADFF8D2L8V+IjZSQ18X
bBHYGQapgmRlQeZK56W4QNWfy71j1Cvtab9vXEd712n5pu+I0mkKdbpU+erLReZ+
Gvga5H75vdLPFu+PokVg3R7YVEd624Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org