Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/8CAB7D34F66011EA9505273DF8AEA228.roa
File:                     8CAB7D34F66011EA9505273DF8AEA228.roa (raw, json)
Hash identifier:          wRT6hE8dz5aDgbl8Fhq0OiI6SYYGle9ZSDVsUg3khF8=
Subject key identifier:   7F:E3:32:93:D5:33:BC:BF:C9:5B:89:39:25:02:10:9F:A4:26:4E:B9
Certificate issuer:       /CN=F362B38EAF/serialNumber=AD4004D8518DEB99CED3FFFAB635AA174E700FD7
Certificate serial:       0284
Authority key identifier: AD:40:04:D8:51:8D:EB:99:CE:D3:FF:FA:B6:35:AA:17:4E:70:0F:D7
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/8CAB7D34F66011EA9505273DF8AEA228.roa
Signing time:             Mon 14 Sep 2020 08:01:53 +0000
ROA not before:           Mon 14 Sep 2020 08:01:48 +0000
ROA not after:            Sat 14 Sep 2030 08:01:48 +0000
asID:                     327687
IP address blocks:        196.43.172.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 644 (0x284)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAF/serialNumber=AD4004D8518DEB99CED3FFFAB635AA174E700FD7
        Validity
            Not Before: Sep 14 08:01:48 2020 GMT
            Not After : Sep 14 08:01:48 2030 GMT
        Subject: CN=5f5f2371-6a25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:7d:f6:bf:1c:f0:79:e6:8a:bc:5b:e0:3a:5b:
                    e4:6d:a0:0c:2d:58:6f:81:9e:c9:e3:16:64:be:ae:
                    c3:f3:0b:8c:39:35:ca:a5:06:17:02:56:c8:1f:22:
                    69:a8:63:23:9e:e3:fa:9c:e2:d8:fe:8b:e0:91:35:
                    ef:e1:25:5e:88:fe:7f:b8:49:d2:98:c1:90:f2:6f:
                    d4:9d:1d:b8:e7:a3:98:48:2b:29:4a:49:0e:f1:5c:
                    83:d9:8b:53:22:10:0f:3c:42:ca:a6:e9:c5:22:c0:
                    51:97:97:a7:2d:4a:9f:91:5b:5b:14:92:79:0a:c7:
                    7f:95:90:96:3d:9a:04:a9:8d:a6:30:19:af:d2:20:
                    68:53:dd:30:d8:83:ac:b2:de:3a:76:bb:5b:21:fa:
                    7a:3d:0d:e8:87:62:7b:b0:f7:a7:2a:da:82:ee:22:
                    3c:82:ab:f3:1a:77:29:53:8f:fd:58:86:ea:9a:0b:
                    32:99:cb:79:97:6d:61:e1:bd:e4:78:fd:15:79:06:
                    ea:da:22:9f:ea:04:fc:b7:6e:d1:05:a5:b8:b0:b6:
                    a1:8c:13:1a:ac:72:c2:a9:d7:5e:9e:d6:c4:b2:fe:
                    6a:a0:2a:dc:c3:71:e1:34:aa:d6:f1:f5:56:41:d7:
                    31:cd:8a:4b:79:2c:8c:6b:05:66:cd:df:11:c8:bd:
                    4b:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:E3:32:93:D5:33:BC:BF:C9:5B:89:39:25:02:10:9F:A4:26:4E:B9
            X509v3 Authority Key Identifier:
                keyid:AD:40:04:D8:51:8D:EB:99:CE:D3:FF:FA:B6:35:AA:17:4E:70:0F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/8CAB7D34F66011EA9505273DF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.43.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:d7:d4:16:26:f7:05:73:ca:99:26:74:00:90:0a:d3:9f:bb:
         19:1b:5c:72:a7:ab:94:0c:3b:d1:17:3d:87:cd:30:28:b3:3f:
         79:d0:0b:40:86:4f:6b:38:74:e7:40:0d:b7:09:2c:53:70:74:
         14:b2:f4:62:69:f3:de:4f:17:fe:8d:ec:76:2e:94:18:c3:3d:
         6b:af:f6:0a:f7:91:0b:29:12:4e:37:2d:26:12:c8:7d:dd:d9:
         30:9b:4a:67:13:cf:c1:05:e9:99:a7:fd:c0:5d:a6:08:2a:15:
         bb:42:a5:f4:01:65:1f:9d:74:39:da:dc:e8:bc:83:49:e3:0c:
         70:23:a1:f8:5b:01:8a:91:96:cc:f7:14:c2:3c:e8:07:3b:96:
         9b:f8:55:8f:72:85:40:d8:0b:36:a2:5a:06:f2:41:9d:31:7a:
         ab:02:f4:83:6a:3c:65:5e:7f:77:96:ca:43:5b:4c:4e:5c:d3:
         72:5f:a7:d0:95:62:bf:ae:11:db:1d:9c:6c:25:a1:9d:99:2a:
         92:39:04:a9:42:37:10:ba:d9:1f:3e:62:6e:ec:a5:66:61:0f:
         cb:c1:5a:1d:3d:48:66:2f:4f:db:4e:11:4d:e4:c0:b7:cb:fc:
         84:3a:b9:41:42:ac:0a:14:60:ca:7f:f6:8a:d5:07:41:7b:30:
         e5:e7:e8:8b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAoQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkIzOEVBRjExMC8GA1UEBRMoQUQ0MDA0RDg1MThERUI5OUNFRDNGRkZBQjYzNUFB
MTc0RTcwMEZENzAeFw0yMDA5MTQwODAxNDhaFw0zMDA5MTQwODAxNDhaMBgxFjAU
BgNVBAMTDTVmNWYyMzcxLTZhMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDjffa/HPB55oq8W+A6W+RtoAwtWG+BnsnjFmS+rsPzC4w5NcqlBhcCVsgf
ImmoYyOe4/qc4tj+i+CRNe/hJV6I/n+4SdKYwZDyb9SdHbjno5hIKylKSQ7xXIPZ
i1MiEA88Qsqm6cUiwFGXl6ctSp+RW1sUknkKx3+VkJY9mgSpjaYwGa/SIGhT3TDY
g6yy3jp2u1sh+no9DeiHYnuw96cq2oLuIjyCq/MadylTj/1YhuqaCzKZy3mXbWHh
veR4/RV5BuraIp/qBPy3btEFpbiwtqGMExqscsKp116e1sSy/mqgKtzDceE0qtbx
9VZB1zHNikt5LIxrBWbN3xHIvUu/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUf+My
k9UzvL/JW4k5JQIQn6QmTrkwHwYDVR0jBBgwFoAUrUAE2FGN65nO0//6tjWqF05w
D9cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJCMzhFLzczQzE5M0UyREY2MTExRTlCRTVBMkMzMEY4QUVBMjI4L3JVQUUy
RkdONjVuTzBfXzZ0aldxRjA1d0Q5Yy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JVQUUyRkdONjVuTzBfXzZ0aldxRjA1d0Q5Yy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJCMzhFLzczQzE5M0UyREY2MTExRTlCRTVBMkMzMEY4
QUVBMjI4LzhDQUI3RDM0RjY2MDExRUE5NTA1MjczREY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEK6wwDQYJKoZIhvcNAQEL
BQADggEBACXX1BYm9wVzypkmdACQCtOfuxkbXHKnq5QMO9EXPYfNMCizP3nQC0CG
T2s4dOdADbcJLFNwdBSy9GJp895PF/6N7HYulBjDPWuv9gr3kQspEk43LSYSyH3d
2TCbSmcTz8EF6Zmn/cBdpggqFbtCpfQBZR+ddDna3Oi8g0njDHAjofhbAYqRlsz3
FMI86Ac7lpv4VY9yhUDYCzaiWgbyQZ0xeqsC9INqPGVef3eWykNbTE5c03Jfp9CV
Yr+uEdsdnGwloZ2ZKpI5BKlCNxC62R8+Ym7spWZhD8vBWh09SGYvT9tOEU3kwLfL
/IQ6uUFCrAoUYMp/9orVB0F7MOXn6Is=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:52 2024 by rpki-client on console-fra.rpki-client.org