Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/FEA9B700DBF911EBAAD9253CF8AEA228.roa
File:                     FEA9B700DBF911EBAAD9253CF8AEA228.roa (raw, json)
Hash identifier:          YcikH7sHjs6Dj5WLAe7ElJKddnCEcceTgSGCI8LqVeY=
Subject key identifier:   3A:71:63:9D:B8:38:F9:09:C5:17:1C:2B:D4:1B:B6:40:D4:D2:55:0C
Certificate issuer:       /CN=F3634E70AF/serialNumber=BF5DD9BD41321CDABBF1D6A8A0E6647E6FEFD2E3
Certificate serial:       0203
Authority key identifier: BF:5D:D9:BD:41:32:1C:DA:BB:F1:D6:A8:A0:E6:64:7E:6F:EF:D2:E3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/v13ZvUEyHNq78daooOZkfm_v0uM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/FEA9B700DBF911EBAAD9253CF8AEA228.roa
Signing time:             Sat 03 Jul 2021 12:27:13 +0000
ROA not before:           Sat 03 Jul 2021 12:27:08 +0000
ROA not after:            Tue 01 Jul 2025 12:27:08 +0000
asID:                     37016
IP address blocks:        41.222.214.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/v13ZvUEyHNq78daooOZkfm_v0uM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/v13ZvUEyHNq78daooOZkfm_v0uM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/v13ZvUEyHNq78daooOZkfm_v0uM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 515 (0x203)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3634E70AF/serialNumber=BF5DD9BD41321CDABBF1D6A8A0E6647E6FEFD2E3
        Validity
            Not Before: Jul  3 12:27:08 2021 GMT
            Not After : Jul  1 12:27:08 2025 GMT
        Subject: CN=60e057a1-6a73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:56:a8:06:e5:b4:69:f3:63:d0:6d:67:d2:79:
                    30:11:e8:de:f6:ef:fe:a7:72:76:b7:bc:8c:91:36:
                    51:b7:c0:5d:a8:84:c1:29:99:51:36:75:6d:19:3b:
                    9a:fd:8b:9e:b9:03:56:96:3d:b6:c0:7e:39:82:bd:
                    be:33:33:fc:b1:d0:5d:79:f7:42:d2:69:05:c0:c8:
                    f1:6d:0c:c7:35:a3:d8:92:f9:3f:26:8a:84:2f:7a:
                    a7:d0:23:35:9d:4e:94:a0:19:35:69:e6:55:d6:de:
                    b7:0a:dd:b8:5d:8d:10:d7:fa:c1:19:c1:0b:4f:b5:
                    33:50:87:b0:91:fc:e7:56:b5:9d:29:ca:d0:cc:85:
                    8a:3e:a1:8a:3d:f7:7b:09:78:de:61:79:b9:ff:07:
                    2c:b6:81:1d:16:a1:84:54:b9:90:a6:49:c6:37:6f:
                    f0:3c:bb:11:f2:47:a6:8e:e7:9a:21:b9:61:00:4a:
                    d0:58:b0:88:21:d7:fa:46:87:be:61:46:40:6a:e0:
                    87:7e:f2:75:4b:ca:73:fc:45:25:f6:cf:2c:38:ad:
                    12:63:29:88:39:1a:e6:61:bc:d9:d5:30:ee:5e:16:
                    30:2e:05:22:66:2d:58:9c:66:c3:71:20:d7:9b:b5:
                    1f:d8:85:1e:28:bc:8e:2f:eb:dd:71:3b:19:be:e2:
                    e6:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:71:63:9D:B8:38:F9:09:C5:17:1C:2B:D4:1B:B6:40:D4:D2:55:0C
            X509v3 Authority Key Identifier:
                keyid:BF:5D:D9:BD:41:32:1C:DA:BB:F1:D6:A8:A0:E6:64:7E:6F:EF:D2:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/v13ZvUEyHNq78daooOZkfm_v0uM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/v13ZvUEyHNq78daooOZkfm_v0uM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/FEA9B700DBF911EBAAD9253CF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.222.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:9b:18:4e:43:9d:c2:4e:8d:c8:00:f1:f2:0f:e6:5c:f4:cd:
         be:38:e6:e9:9c:23:61:66:e8:0f:0b:8d:12:17:f7:41:ee:4e:
         f8:1f:ed:23:f3:ff:2d:cc:29:a7:10:74:85:c7:3c:f0:1e:dc:
         d3:33:5a:3f:b0:7c:70:2b:fb:8b:4c:39:a6:1f:b4:4c:a7:63:
         f8:76:18:22:32:d1:70:e5:99:28:e8:17:93:ee:2e:29:05:c7:
         ea:1d:31:0e:22:1c:1b:5c:0a:25:8e:ef:0b:79:46:9e:4d:2f:
         2c:5e:a5:10:56:75:3f:fd:bf:88:da:94:fb:c5:1f:3d:1c:c2:
         e3:69:81:2b:03:2a:61:dd:d6:14:04:77:f1:fd:bf:0e:ba:34:
         e3:a5:35:9a:f6:6a:9f:8b:a3:48:e4:03:5c:ea:37:1c:74:6f:
         9a:ac:22:7c:d3:85:ba:49:ec:0b:75:15:1d:86:f8:c8:51:81:
         60:da:d3:a4:8f:06:ee:e5:05:2f:06:9e:00:77:e8:80:3d:c6:
         85:f6:8e:f5:02:25:8a:c7:67:b3:7c:84:42:b1:75:13:c3:2e:
         47:ce:14:ad:2a:1c:ab:2d:72:ab:8a:84:6f:e2:05:e4:be:9c:
         38:53:33:38:e7:12:cc:1b:1d:c3:3b:c8:88:fb:9b:55:10:6e:
         3c:80:5c:be
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAgMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzRFNzBBRjExMC8GA1UEBRMoQkY1REQ5QkQ0MTMyMUNEQUJCRjFENkE4QTBFNjY0
N0U2RkVGRDJFMzAeFw0yMTA3MDMxMjI3MDhaFw0yNTA3MDExMjI3MDhaMBgxFjAU
BgNVBAMTDTYwZTA1N2ExLTZhNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkVqgG5bRp82PQbWfSeTAR6N727/6ncna3vIyRNlG3wF2ohMEpmVE2dW0Z
O5r9i565A1aWPbbAfjmCvb4zM/yx0F1590LSaQXAyPFtDMc1o9iS+T8mioQveqfQ
IzWdTpSgGTVp5lXW3rcK3bhdjRDX+sEZwQtPtTNQh7CR/OdWtZ0pytDMhYo+oYo9
93sJeN5hebn/Byy2gR0WoYRUuZCmScY3b/A8uxHyR6aO55ohuWEAStBYsIgh1/pG
h75hRkBq4Id+8nVLynP8RSX2zyw4rRJjKYg5GuZhvNnVMO5eFjAuBSJmLVicZsNx
INebtR/YhR4ovI4v691xOxm+4ub7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUOnFj
nbg4+QnFFxwr1Bu2QNTSVQwwHwYDVR0jBBgwFoAUv13ZvUEyHNq78daooOZkfm/v
0uMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RTcwL0UxNDYxQjUyNTk0MzExRUE4OUFDRDg2MUY4QUVBMjI4L3YxM1p2
VUV5SE5xNzhkYW9vT1prZm1fdjB1TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3YxM1p2VUV5SE5xNzhkYW9vT1prZm1fdjB1TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RTcwL0UxNDYxQjUyNTk0MzExRUE4OUFDRDg2MUY4
QUVBMjI4L0ZFQTlCNzAwREJGOTExRUJBQUQ5MjUzQ0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp3tYwDQYJKoZIhvcNAQEL
BQADggEBAB2bGE5DncJOjcgA8fIP5lz0zb445umcI2Fm6A8LjRIX90HuTvgf7SPz
/y3MKacQdIXHPPAe3NMzWj+wfHAr+4tMOaYftEynY/h2GCIy0XDlmSjoF5PuLikF
x+odMQ4iHBtcCiWO7wt5Rp5NLyxepRBWdT/9v4jalPvFHz0cwuNpgSsDKmHd1hQE
d/H9vw66NOOlNZr2ap+Lo0jkA1zqNxx0b5qsInzThbpJ7At1FR2G+MhRgWDa06SP
Bu7lBS8GngB36IA9xoX2jvUCJYrHZ7N8hEKxdRPDLkfOFK0qHKstcquKhG/iBeS+
nDhTMzjnEswbHcM7yIj7m1UQbjyAXL4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org