Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/A584C0ACCAEE11E98C9F3777F8AEA228.roa
File:                     A584C0ACCAEE11E98C9F3777F8AEA228.roa (raw, json)
Hash identifier:          COm4IJeTkrJL34O4UJLzMLGNyExGXZ/i492sB/CX0wc=
Subject key identifier:   61:88:A3:65:2A:F1:27:7F:8A:66:84:97:08:4B:C9:93:75:B8:75:BD
Certificate issuer:       /CN=F36472E5AF/serialNumber=86FED2ED19C2067A482221B645D60C45A4D56A9D
Certificate serial:       05D7
Authority key identifier: 86:FE:D2:ED:19:C2:06:7A:48:22:21:B6:45:D6:0C:45:A4:D5:6A:9D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hv7S7RnCBnpIIiG2RdYMRaTVap0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/A584C0ACCAEE11E98C9F3777F8AEA228.roa
Signing time:             Fri 30 Aug 2019 06:23:14 +0000
ROA not before:           Fri 30 Aug 2019 06:23:09 +0000
ROA not after:            Fri 29 Aug 2025 06:23:09 +0000
asID:                     36874
IP address blocks:        196.22.248.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/hv7S7RnCBnpIIiG2RdYMRaTVap0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/hv7S7RnCBnpIIiG2RdYMRaTVap0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hv7S7RnCBnpIIiG2RdYMRaTVap0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1495 (0x5d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36472E5AF/serialNumber=86FED2ED19C2067A482221B645D60C45A4D56A9D
        Validity
            Not Before: Aug 30 06:23:09 2019 GMT
            Not After : Aug 29 06:23:09 2025 GMT
        Subject: CN=5d68c0d2-c144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c7:40:f7:20:05:76:32:7c:63:1d:78:2a:66:
                    1d:fa:d8:8e:56:ad:77:fc:32:de:2e:5b:c2:22:5f:
                    b3:48:8b:b0:ff:df:b0:19:0b:54:3c:b2:08:e4:1f:
                    94:ee:0a:0e:40:a8:6a:3b:d3:4c:88:c8:c0:c3:61:
                    bc:10:3c:e4:f4:42:60:2d:a8:6d:10:23:99:ee:c3:
                    e1:c4:3d:d7:0a:da:6b:89:2a:3b:fc:b1:f2:e8:fd:
                    d5:b9:77:2e:fd:3a:4d:73:58:b0:33:55:e7:af:01:
                    3a:b5:a4:4c:c3:46:52:92:6a:69:3f:34:43:bf:25:
                    7d:97:e9:7b:50:d3:c4:0d:29:34:a2:0e:79:06:0d:
                    57:aa:7e:a9:30:29:55:9f:7d:3e:2c:f6:0b:0a:17:
                    1c:9f:f8:c7:d5:f5:62:c9:ab:4d:62:bc:2e:17:14:
                    00:bb:39:7f:a7:52:14:b3:47:ae:eb:10:da:e6:3e:
                    e9:75:13:d7:14:92:9f:6e:11:2e:95:cf:15:95:59:
                    b1:f6:fb:56:f7:4f:0e:c8:36:5b:28:fb:13:79:ca:
                    68:38:2d:d8:ee:09:bb:19:09:a9:cd:b0:54:81:39:
                    37:25:15:ae:47:53:b9:b5:fd:db:e3:18:a2:f6:72:
                    71:21:f2:6b:9f:fb:b7:d2:35:d8:3d:9f:06:10:b3:
                    12:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:88:A3:65:2A:F1:27:7F:8A:66:84:97:08:4B:C9:93:75:B8:75:BD
            X509v3 Authority Key Identifier:
                keyid:86:FE:D2:ED:19:C2:06:7A:48:22:21:B6:45:D6:0C:45:A4:D5:6A:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/hv7S7RnCBnpIIiG2RdYMRaTVap0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hv7S7RnCBnpIIiG2RdYMRaTVap0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/A584C0ACCAEE11E98C9F3777F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.22.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         20:cf:4f:1b:79:1a:58:95:ed:e5:18:d7:37:60:de:8e:58:a7:
         d0:04:3c:b1:75:90:a0:57:44:f8:80:7b:78:f0:bd:e8:25:73:
         c0:ce:32:38:d7:c1:10:7e:a6:85:fd:16:0b:68:3a:17:f9:d2:
         ac:6c:18:b8:b0:af:dd:b2:ba:bd:9f:60:63:a7:63:de:08:8b:
         9a:5b:d0:f2:e7:1e:dd:b1:b2:b3:8a:32:92:da:f9:3a:c3:f3:
         9c:27:af:40:d9:82:a3:28:95:fa:88:54:6d:30:48:de:5f:01:
         31:00:54:85:9d:a4:a0:83:1a:7f:8c:76:10:0b:5b:1f:01:58:
         9a:84:b8:1e:09:01:b7:7d:aa:1c:36:ca:11:78:ff:d1:cf:4d:
         07:ca:1e:81:1e:6a:a7:82:bf:5c:72:ef:44:5d:20:8b:43:78:
         8d:89:d2:62:95:72:ce:2b:19:7d:0c:92:91:d1:7d:70:e7:b8:
         11:0b:02:f1:94:37:04:81:c6:5c:fa:c1:5a:37:0d:78:48:b4:
         a7:5c:05:1c:4f:3a:1e:cd:46:50:17:2a:65:90:b4:0b:ad:0b:
         cf:68:86:09:95:a8:66:8a:25:25:c5:fb:2b:27:b3:f3:53:d1:
         39:40:f4:2e:f8:2d:8d:f4:77:0d:c5:51:e0:96:de:82:ba:b2:
         a4:11:cb:82
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgICBdcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDcyRTVBRjExMC8GA1UEBRMoODZGRUQyRUQxOUMyMDY3QTQ4MjIyMUI2NDVENjBD
NDVBNEQ1NkE5RDAeFw0xOTA4MzAwNjIzMDlaFw0yNTA4MjkwNjIzMDlaMBgxFjAU
BgNVBAMTDTVkNjhjMGQyLWMxNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCyx0D3IAV2MnxjHXgqZh362I5WrXf8Mt4uW8IiX7NIi7D/37AZC1Q8sgjk
H5TuCg5AqGo700yIyMDDYbwQPOT0QmAtqG0QI5nuw+HEPdcK2muJKjv8sfLo/dW5
dy79Ok1zWLAzVeevATq1pEzDRlKSamk/NEO/JX2X6XtQ08QNKTSiDnkGDVeqfqkw
KVWffT4s9gsKFxyf+MfV9WLJq01ivC4XFAC7OX+nUhSzR67rENrmPul1E9cUkp9u
ES6VzxWVWbH2+1b3Tw7INlso+xN5ymg4LdjuCbsZCanNsFSBOTclFa5HU7m1/dvj
GKL2cnEh8muf+7fSNdg9nwYQsxIdAgMBAAGjggJuMIICajAdBgNVHQ4EFgQUYYij
ZSrxJ3+KZoSXCEvJk3W4db0wHwYDVR0jBBgwFoAUhv7S7RnCBnpIIiG2RdYMRaTV
ap0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ3MkU1LzhEQjY1NDdBNTZENzExRTU4NTM1NkQ2MEY4QUVBMjI4L2h2N1M3
Um5DQm5wSUlpRzJSZFlNUmFUVmFwMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2h2N1M3Um5DQm5wSUlpRzJSZFlNUmFUVmFwMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ3MkU1LzhEQjY1NDdBNTZENzExRTU4NTM1NkQ2MEY4
QUVBMjI4L0E1ODRDMEFDQ0FFRTExRTk4QzlGMzc3N0Y4QUVBMjI4LnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8QW+DANBgkqhkiG9w0BAQsFAAOCAQEA
IM9PG3kaWJXt5RjXN2Dejlin0AQ8sXWQoFdE+IB7ePC96CVzwM4yONfBEH6mhf0W
C2g6F/nSrGwYuLCv3bK6vZ9gY6dj3giLmlvQ8uce3bGys4oyktr5OsPznCevQNmC
oyiV+ohUbTBI3l8BMQBUhZ2koIMaf4x2EAtbHwFYmoS4HgkBt32qHDbKEXj/0c9N
B8oegR5qp4K/XHLvRF0gi0N4jYnSYpVyzisZfQySkdF9cOe4EQsC8ZQ3BIHGXPrB
WjcNeEi0p1wFHE86Hs1GUBcqZZC0C60Lz2iGCZWoZoolJcX7Kyez81PROUD0Lvgt
jfR3DcVR4JbegrqypBHLgg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:00 2024 by rpki-client on console-ams.rpki-client.org