Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/CBB18C42950F11EABC145265F8AEA228.roa
File:                     CBB18C42950F11EABC145265F8AEA228.roa (raw, json)
Hash identifier:          NS3lQRZZ/q1We+IHBAB6S1hM35Toq9Ye+MJO4+ToHgM=
Subject key identifier:   A1:54:9F:AA:BD:FD:FE:AB:1C:86:29:7D:A7:13:6F:19:71:ED:61:03
Certificate issuer:       /CN=F363AFA1AF/serialNumber=8F8C0979F73CE852DB9A4B81F79511C42F9D1B33
Certificate serial:       08
Authority key identifier: 8F:8C:09:79:F7:3C:E8:52:DB:9A:4B:81:F7:95:11:C4:2F:9D:1B:33
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/j4wJefc86FLbmkuB95URxC-dGzM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/CBB18C42950F11EABC145265F8AEA228.roa
Signing time:             Wed 13 May 2020 11:49:27 +0000
ROA not before:           Wed 13 May 2020 11:49:23 +0000
ROA not after:            Fri 31 May 2030 11:49:23 +0000
asID:                     36996
IP address blocks:        196.44.128.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/j4wJefc86FLbmkuB95URxC-dGzM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/j4wJefc86FLbmkuB95URxC-dGzM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/j4wJefc86FLbmkuB95URxC-dGzM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363AFA1AF/serialNumber=8F8C0979F73CE852DB9A4B81F79511C42F9D1B33
        Validity
            Not Before: May 13 11:49:23 2020 GMT
            Not After : May 31 11:49:23 2030 GMT
        Subject: CN=5ebbdec6-bd82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b2:f7:ee:06:c1:7a:92:92:df:86:5d:cf:80:
                    f3:e6:72:2b:41:6c:95:33:76:b4:ec:b7:3b:3b:3f:
                    cb:14:07:47:1e:27:26:93:04:3e:0b:19:b1:c4:51:
                    04:c7:93:e3:50:96:a3:ae:13:ed:34:22:b0:f1:f4:
                    98:3f:27:6f:e2:ef:66:db:17:71:d6:05:8e:41:32:
                    9b:7e:2d:48:25:b7:d6:06:b6:7f:66:29:0c:6f:ee:
                    96:18:d2:fc:d4:89:62:0d:82:fe:e1:ab:29:f8:ad:
                    fb:d3:65:7a:17:69:1d:1c:69:d4:a6:e8:4d:43:92:
                    b4:eb:80:71:4e:79:41:6b:7f:df:3a:70:fe:00:85:
                    df:8a:ac:25:ec:a0:fe:ad:cd:44:5a:1a:db:5c:97:
                    0f:34:d6:16:1f:72:6c:83:cc:cd:fe:9c:4e:fc:24:
                    ce:02:c4:99:f3:07:58:47:f9:78:6b:75:1b:e4:19:
                    34:1b:7b:70:40:04:be:87:13:d5:27:b7:0b:18:9a:
                    24:d1:44:d2:63:79:a6:89:88:1e:b8:24:96:37:54:
                    82:38:64:cc:ca:ce:d2:93:8e:d8:9d:51:45:55:cd:
                    88:73:38:1a:89:1f:ab:f0:ff:9e:d7:af:68:55:ee:
                    fa:e5:12:9d:af:f2:7f:97:61:e8:b9:82:b7:ef:b9:
                    09:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:54:9F:AA:BD:FD:FE:AB:1C:86:29:7D:A7:13:6F:19:71:ED:61:03
            X509v3 Authority Key Identifier:
                keyid:8F:8C:09:79:F7:3C:E8:52:DB:9A:4B:81:F7:95:11:C4:2F:9D:1B:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/j4wJefc86FLbmkuB95URxC-dGzM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/j4wJefc86FLbmkuB95URxC-dGzM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/CBB18C42950F11EABC145265F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.44.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         55:ca:a4:39:a6:7c:c7:d2:d9:49:37:92:60:00:26:7a:2e:32:
         f3:3e:9d:e7:bc:87:23:77:81:55:41:ba:ae:d4:39:da:2c:51:
         49:0c:9f:15:2d:f8:60:10:57:23:25:39:c5:d6:a8:e4:b0:45:
         50:4d:28:ec:c1:29:7f:42:20:75:dc:1d:1c:a1:a1:1a:e0:0d:
         1d:c3:5f:6b:cb:b0:69:8b:9d:d3:55:4b:0b:5b:75:ab:78:02:
         da:ed:7b:54:73:8e:3a:ad:1a:64:4a:7a:30:3b:38:2c:0a:eb:
         08:ee:a3:a7:84:27:4e:db:f4:97:e3:68:aa:3b:c7:44:a0:ee:
         f4:f7:2a:e1:8a:d7:27:60:61:84:b9:ef:fc:fd:6f:5d:3e:99:
         50:a4:b3:da:ea:dc:51:2e:5b:63:7d:b2:b1:74:7d:ed:c7:d8:
         7b:ba:61:58:b0:3b:17:02:62:85:e7:9e:b7:ad:83:ca:06:bb:
         3f:7e:cf:a7:a5:40:81:61:0d:c0:e1:96:f7:4d:26:4b:08:a8:
         71:0d:b3:e0:80:a7:ee:68:1e:de:c6:1b:2b:83:10:80:ad:eb:
         c9:22:b0:e4:9d:d0:8f:ac:3a:eb:59:44:89:ea:1f:a9:18:c8:
         62:9c:5b:5e:7c:f9:3a:52:d0:b9:df:c8:ed:eb:b1:26:ba:32:
         b6:a4:d4:5d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
QUZBMUFGMTEwLwYDVQQFEyg4RjhDMDk3OUY3M0NFODUyREI5QTRCODFGNzk1MTFD
NDJGOUQxQjMzMB4XDTIwMDUxMzExNDkyM1oXDTMwMDUzMTExNDkyM1owGDEWMBQG
A1UEAxMNNWViYmRlYzYtYmQ4MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCy9+4GwXqSkt+GXc+A8+ZyK0FslTN2tOy3Ozs/yxQHRx4nJpMEPgsZscRR
BMeT41CWo64T7TQisPH0mD8nb+LvZtsXcdYFjkEym34tSCW31ga2f2YpDG/ulhjS
/NSJYg2C/uGrKfit+9NlehdpHRxp1KboTUOStOuAcU55QWt/3zpw/gCF34qsJeyg
/q3NRFoa21yXDzTWFh9ybIPMzf6cTvwkzgLEmfMHWEf5eGt1G+QZNBt7cEAEvocT
1Se3CxiaJNFE0mN5pomIHrgkljdUgjhkzMrO0pOO2J1RRVXNiHM4Gokfq/D/ntev
aFXu+uUSna/yf5dh6LmCt++5CSsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBShVJ+q
vf3+qxyGKX2nE28Zce1hAzAfBgNVHSMEGDAWgBSPjAl59zzoUtuaS4H3lRHEL50b
MzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0FGQTEvOEZEMjg3N0U5NTBDMTFFQTgxODlGQTYxRjhBRUEyMjgvajR3SmVm
Yzg2RkxibWt1Qjk1VVJ4Qy1kR3pNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvajR3SmVmYzg2RkxibWt1Qjk1VVJ4Qy1kR3pNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0FGQTEvOEZEMjg3N0U5NTBDMTFFQTgxODlGQTYxRjhB
RUEyMjgvQ0JCMThDNDI5NTBGMTFFQUJDMTQ1MjY1RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcQsgDANBgkqhkiG9w0BAQsF
AAOCAQEAVcqkOaZ8x9LZSTeSYAAmei4y8z6d57yHI3eBVUG6rtQ52ixRSQyfFS34
YBBXIyU5xdao5LBFUE0o7MEpf0IgddwdHKGhGuANHcNfa8uwaYud01VLC1t1q3gC
2u17VHOOOq0aZEp6MDs4LArrCO6jp4QnTtv0l+NoqjvHRKDu9Pcq4YrXJ2BhhLnv
/P1vXT6ZUKSz2urcUS5bY32ysXR97cfYe7phWLA7FwJiheeet62Dyga7P37Pp6VA
gWENwOGW900mSwiocQ2z4ICn7mge3sYbK4MQgK3rySKw5J3Qj6w661lEieofqRjI
YpxbXnz5OlLQud/I7euxJroytqTUXQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:33 2024 by rpki-client on console-ams.rpki-client.org