Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/F5F09308F65E11EAB818803BF8AEA228.roa
File:                     F5F09308F65E11EAB818803BF8AEA228.roa (raw, json)
Hash identifier:          tfY0OI+YAWKV2uL/y0m6/Fa58nZDpggdKjsjjic2N9E=
Subject key identifier:   FB:9E:E5:3D:5F:6F:CC:73:48:F4:2B:DC:66:19:78:34:75:5D:CF:8B
Certificate issuer:       /CN=F362B38EAF/serialNumber=AD4004D8518DEB99CED3FFFAB635AA174E700FD7
Certificate serial:       0282
Authority key identifier: AD:40:04:D8:51:8D:EB:99:CE:D3:FF:FA:B6:35:AA:17:4E:70:0F:D7
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/F5F09308F65E11EAB818803BF8AEA228.roa
Signing time:             Mon 14 Sep 2020 07:50:31 +0000
ROA not before:           Mon 14 Sep 2020 07:50:26 +0000
ROA not after:            Sat 14 Sep 2030 07:50:26 +0000
asID:                     327687
IP address blocks:        196.43.171.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 642 (0x282)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAF/serialNumber=AD4004D8518DEB99CED3FFFAB635AA174E700FD7
        Validity
            Not Before: Sep 14 07:50:26 2020 GMT
            Not After : Sep 14 07:50:26 2030 GMT
        Subject: CN=5f5f20c6-958b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d0:bf:2d:dc:97:54:61:50:28:77:b3:14:eb:
                    c2:9a:6f:6a:91:d6:cb:69:b0:ec:79:d7:18:41:78:
                    9a:ad:75:74:55:8a:af:f2:0f:df:33:4c:4a:80:f4:
                    6b:5e:b5:f2:c5:fc:53:a4:b8:79:a6:ee:4c:bd:a7:
                    17:38:b7:c9:31:0e:d9:7a:c7:c8:61:05:d9:34:9b:
                    35:7d:37:55:52:f9:36:58:4b:fc:c2:aa:e8:a1:2f:
                    58:4d:9b:67:11:c6:81:e6:cc:5f:5a:8a:83:7b:9c:
                    d0:79:2b:9f:28:45:bf:fb:19:af:e8:30:10:08:08:
                    a5:07:0a:9d:7f:1a:3b:5a:bb:62:6e:64:a9:ea:b1:
                    d3:f8:e7:bb:0e:fe:6f:16:e6:c2:30:ef:37:a6:4f:
                    58:98:18:bb:c6:8c:44:e6:88:be:e0:86:41:65:15:
                    09:8f:05:11:66:a0:21:4f:a3:39:b8:9c:c2:a2:ea:
                    a9:ca:34:68:f0:a7:08:33:86:22:04:bd:c6:27:0c:
                    56:8e:36:79:4d:d7:ae:d2:7a:ae:4c:e6:02:d2:01:
                    6f:c4:61:ac:7f:2d:ae:68:eb:5c:66:14:42:a8:33:
                    26:2e:f9:e4:90:5d:21:17:06:35:41:94:74:23:92:
                    4f:53:a8:7f:c8:81:5b:57:24:19:67:09:d8:e2:61:
                    24:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:9E:E5:3D:5F:6F:CC:73:48:F4:2B:DC:66:19:78:34:75:5D:CF:8B
            X509v3 Authority Key Identifier:
                keyid:AD:40:04:D8:51:8D:EB:99:CE:D3:FF:FA:B6:35:AA:17:4E:70:0F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/rUAE2FGN65nO0__6tjWqF05wD9c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rUAE2FGN65nO0__6tjWqF05wD9c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/73C193E2DF6111E9BE5A2C30F8AEA228/F5F09308F65E11EAB818803BF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.43.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:af:7e:f9:f5:22:28:69:75:88:5b:e2:e3:98:dd:44:bc:68:
         cb:96:84:3c:75:60:6b:5c:4f:5a:77:27:13:5a:4d:27:75:a1:
         65:1c:b2:8b:33:19:a0:70:db:82:8b:cc:71:3f:96:a4:9a:9c:
         45:0b:9e:ae:9d:f2:76:bb:fd:20:b1:8a:29:19:f3:ab:05:54:
         53:a4:d0:cc:6b:b0:c2:3f:87:59:f7:ae:63:0f:4f:9b:a8:65:
         65:4e:eb:49:37:48:80:49:b7:1c:30:88:ab:f2:22:17:5b:98:
         5e:8e:e7:e6:cb:1e:7b:8b:90:32:14:5f:08:68:9c:16:24:54:
         06:69:29:f7:59:ef:e0:d8:72:d1:46:84:6f:d2:d8:15:2b:3b:
         e1:59:aa:d1:1a:46:9c:6a:b7:42:b6:1d:b7:7a:c9:07:88:b0:
         32:3d:56:ed:95:af:94:d7:78:cf:87:f1:04:81:2d:1d:dd:a3:
         2b:8c:44:c3:76:d6:49:02:ad:3c:61:62:47:46:87:37:ae:27:
         71:b1:50:69:c4:f9:48:aa:79:83:f3:a6:62:ca:6b:3e:0d:00:
         1b:d8:82:5b:52:72:56:69:12:75:a0:21:7b:ca:91:90:a1:15:
         2a:ac:9c:d9:1e:c8:66:0e:f2:0b:c5:06:87:1a:ee:21:19:4c:
         02:2b:c4:68
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAoIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkIzOEVBRjExMC8GA1UEBRMoQUQ0MDA0RDg1MThERUI5OUNFRDNGRkZBQjYzNUFB
MTc0RTcwMEZENzAeFw0yMDA5MTQwNzUwMjZaFw0zMDA5MTQwNzUwMjZaMBgxFjAU
BgNVBAMTDTVmNWYyMGM2LTk1OGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC30L8t3JdUYVAod7MU68Kab2qR1stpsOx51xhBeJqtdXRViq/yD98zTEqA
9GtetfLF/FOkuHmm7ky9pxc4t8kxDtl6x8hhBdk0mzV9N1VS+TZYS/zCquihL1hN
m2cRxoHmzF9aioN7nNB5K58oRb/7Ga/oMBAICKUHCp1/Gjtau2JuZKnqsdP457sO
/m8W5sIw7zemT1iYGLvGjETmiL7ghkFlFQmPBRFmoCFPozm4nMKi6qnKNGjwpwgz
hiIEvcYnDFaONnlN167Seq5M5gLSAW/EYax/La5o61xmFEKoMyYu+eSQXSEXBjVB
lHQjkk9TqH/IgVtXJBlnCdjiYSQHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU+57l
PV9vzHNI9CvcZhl4NHVdz4swHwYDVR0jBBgwFoAUrUAE2FGN65nO0//6tjWqF05w
D9cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJCMzhFLzczQzE5M0UyREY2MTExRTlCRTVBMkMzMEY4QUVBMjI4L3JVQUUy
RkdONjVuTzBfXzZ0aldxRjA1d0Q5Yy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JVQUUyRkdONjVuTzBfXzZ0aldxRjA1d0Q5Yy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJCMzhFLzczQzE5M0UyREY2MTExRTlCRTVBMkMzMEY4
QUVBMjI4L0Y1RjA5MzA4RjY1RTExRUFCODE4ODAzQkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEK6swDQYJKoZIhvcNAQEL
BQADggEBAHavfvn1IihpdYhb4uOY3US8aMuWhDx1YGtcT1p3JxNaTSd1oWUcsosz
GaBw24KLzHE/lqSanEULnq6d8na7/SCxiikZ86sFVFOk0MxrsMI/h1n3rmMPT5uo
ZWVO60k3SIBJtxwwiKvyIhdbmF6O5+bLHnuLkDIUXwhonBYkVAZpKfdZ7+DYctFG
hG/S2BUrO+FZqtEaRpxqt0K2Hbd6yQeIsDI9Vu2Vr5TXeM+H8QSBLR3doyuMRMN2
1kkCrTxhYkdGhzeuJ3GxUGnE+UiqeYPzpmLKaz4NABvYgltSclZpEnWgIXvKkZCh
FSqsnNkeyGYO8gvFBoca7iEZTAIrxGg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org