Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/29A04204950F11EA9A188864F8AEA228.roa
File:                     29A04204950F11EA9A188864F8AEA228.roa (raw, json)
Hash identifier:          ATvTE1NmkvGY3ukA763zN8Nw+MkGODpI7C3fXm1SBUM=
Subject key identifier:   01:AC:F5:66:74:A8:94:F6:4B:DE:BB:71:93:B0:43:4A:70:00:34:C7
Certificate issuer:       /CN=F363AFA1AF/serialNumber=8F8C0979F73CE852DB9A4B81F79511C42F9D1B33
Certificate serial:       02
Authority key identifier: 8F:8C:09:79:F7:3C:E8:52:DB:9A:4B:81:F7:95:11:C4:2F:9D:1B:33
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/j4wJefc86FLbmkuB95URxC-dGzM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/29A04204950F11EA9A188864F8AEA228.roa
Signing time:             Wed 13 May 2020 11:44:55 +0000
ROA not before:           Wed 13 May 2020 11:44:49 +0000
ROA not after:            Fri 31 May 2030 11:44:49 +0000
asID:                     36996
IP address blocks:        41.182.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/j4wJefc86FLbmkuB95URxC-dGzM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/j4wJefc86FLbmkuB95URxC-dGzM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/j4wJefc86FLbmkuB95URxC-dGzM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363AFA1AF/serialNumber=8F8C0979F73CE852DB9A4B81F79511C42F9D1B33
        Validity
            Not Before: May 13 11:44:49 2020 GMT
            Not After : May 31 11:44:49 2030 GMT
        Subject: CN=5ebbddb6-f6fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:47:f9:13:bf:17:1c:08:ca:91:f9:03:a3:c3:
                    f9:09:33:cf:f1:9d:88:ae:c8:c8:d2:c5:49:29:a8:
                    4f:7a:a3:e9:8a:72:ca:51:57:5b:73:d5:cd:36:aa:
                    a2:32:74:18:bf:62:f4:4c:58:eb:3b:7c:71:f8:99:
                    19:21:06:7a:44:85:ad:72:ef:77:7f:5d:95:89:64:
                    76:97:cb:a2:fd:33:ca:90:dc:62:e6:70:96:75:25:
                    0b:ce:49:f1:b4:4d:85:3d:6c:9e:d2:fa:f0:36:42:
                    a6:cd:bd:61:32:16:dd:c1:0f:c1:24:d2:e6:85:da:
                    bf:c7:73:02:bb:3d:e0:1b:78:db:14:40:5d:e5:d2:
                    15:40:b4:d8:70:40:fc:34:1e:ad:f1:a9:14:58:b1:
                    f0:d9:63:35:1b:31:ba:55:bc:f8:ab:2e:28:5f:a6:
                    99:87:a2:01:aa:b2:32:58:70:a8:76:c1:f3:e7:1c:
                    08:70:94:15:5b:0f:28:c2:76:b6:71:d5:05:19:f4:
                    9d:cd:be:4c:35:eb:02:56:3c:9b:5f:20:2f:8d:43:
                    3d:e8:9a:d5:77:a3:9c:ec:cb:bf:9c:5e:72:68:38:
                    be:2e:9e:d4:3b:b1:7c:60:9e:05:5f:66:e3:fc:df:
                    13:f3:f7:d5:b8:62:ff:9b:2f:a1:8f:50:58:4d:41:
                    0d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:AC:F5:66:74:A8:94:F6:4B:DE:BB:71:93:B0:43:4A:70:00:34:C7
            X509v3 Authority Key Identifier:
                keyid:8F:8C:09:79:F7:3C:E8:52:DB:9A:4B:81:F7:95:11:C4:2F:9D:1B:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/j4wJefc86FLbmkuB95URxC-dGzM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/j4wJefc86FLbmkuB95URxC-dGzM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/29A04204950F11EA9A188864F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.182.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6b:ae:20:66:55:cc:e0:ca:32:40:12:d4:f7:70:97:6a:a1:b1:
         ca:08:06:4a:a0:14:e8:e6:34:6d:f9:0b:9d:5d:4e:78:ae:4c:
         b1:e7:0e:8e:44:8a:84:25:4c:e9:65:2b:3b:f7:a9:0a:e0:eb:
         01:f9:7a:a4:dd:20:8f:7c:2d:48:4d:f8:d5:46:63:6f:ae:55:
         66:1b:ed:97:7e:b5:f5:4f:ae:66:9d:0b:96:bc:a0:f5:b9:cb:
         c2:ef:47:db:bb:f3:13:82:f4:2a:a8:e3:53:72:5f:a6:39:42:
         e0:38:4a:99:d7:7d:85:d0:40:3a:44:04:93:1d:61:3c:66:76:
         3b:95:3e:1d:88:11:4a:c5:ed:ae:ce:39:f8:71:e2:4a:08:00:
         d3:43:82:e0:fb:20:1e:3a:c7:eb:05:19:a7:23:a7:d6:61:8a:
         a8:6f:e8:c2:99:1a:dc:e3:c5:e2:59:46:f4:c2:50:30:24:8e:
         aa:12:dd:d6:00:f6:0f:a1:0b:5f:89:f2:38:24:df:79:6c:2b:
         59:03:1a:71:51:e9:36:65:12:b4:9a:e7:91:1b:e1:7e:67:22:
         1d:7e:06:8c:54:64:02:13:f2:12:be:a3:9d:a4:eb:aa:51:62:
         fd:18:41:8a:fe:b1:a3:87:00:cd:d3:ef:08:49:e6:68:2d:ee:
         7b:31:ae:73
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
QUZBMUFGMTEwLwYDVQQFEyg4RjhDMDk3OUY3M0NFODUyREI5QTRCODFGNzk1MTFD
NDJGOUQxQjMzMB4XDTIwMDUxMzExNDQ0OVoXDTMwMDUzMTExNDQ0OVowGDEWMBQG
A1UEAxMNNWViYmRkYjYtZjZmYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxH+RO/FxwIypH5A6PD+Qkzz/GdiK7IyNLFSSmoT3qj6YpyylFXW3PVzTaq
ojJ0GL9i9ExY6zt8cfiZGSEGekSFrXLvd39dlYlkdpfLov0zypDcYuZwlnUlC85J
8bRNhT1sntL68DZCps29YTIW3cEPwSTS5oXav8dzArs94Bt42xRAXeXSFUC02HBA
/DQerfGpFFix8NljNRsxulW8+KsuKF+mmYeiAaqyMlhwqHbB8+ccCHCUFVsPKMJ2
tnHVBRn0nc2+TDXrAlY8m18gL41DPeia1XejnOzLv5xecmg4vi6e1DuxfGCeBV9m
4/zfE/P31bhi/5svoY9QWE1BDbkCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBQBrPVm
dKiU9kveu3GTsENKcAA0xzAfBgNVHSMEGDAWgBSPjAl59zzoUtuaS4H3lRHEL50b
MzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0FGQTEvOEZEMjg3N0U5NTBDMTFFQTgxODlGQTYxRjhBRUEyMjgvajR3SmVm
Yzg2RkxibWt1Qjk1VVJ4Qy1kR3pNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvajR3SmVmYzg2RkxibWt1Qjk1VVJ4Qy1kR3pNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0FGQTEvOEZEMjg3N0U5NTBDMTFFQTgxODlGQTYxRjhB
RUEyMjgvMjlBMDQyMDQ5NTBGMTFFQTlBMTg4ODY0RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDACm2MA0GCSqGSIb3DQEBCwUA
A4IBAQBrriBmVczgyjJAEtT3cJdqobHKCAZKoBTo5jRt+QudXU54rkyx5w6ORIqE
JUzpZSs796kK4OsB+Xqk3SCPfC1ITfjVRmNvrlVmG+2XfrX1T65mnQuWvKD1ucvC
70fbu/MTgvQqqONTcl+mOULgOEqZ132F0EA6RASTHWE8ZnY7lT4diBFKxe2uzjn4
ceJKCADTQ4Lg+yAeOsfrBRmnI6fWYYqob+jCmRrc48XiWUb0wlAwJI6qEt3WAPYP
oQtfifI4JN95bCtZAxpxUek2ZRK0mueRG+F+ZyIdfgaMVGQCE/ISvqOdpOuqUWL9
GEGK/rGjhwDN0+8ISeZoLe57Ma5z
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:33 2024 by rpki-client on console-ams.rpki-client.org