Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364E67C/71DA5480291611E9A079C765F8AEA228/2452626C789C11EA9D48381FF8AEA228.roa
File:                     2452626C789C11EA9D48381FF8AEA228.roa (raw, json)
Hash identifier:          /wUzpd2kuZQOUTL91oaudRKtKLX8YfadU+XPL/wLyTw=
Subject key identifier:   0D:94:65:F4:C9:C3:4A:38:87:16:6A:C1:E5:61:41:40:88:2D:10:D4
Certificate issuer:       /CN=F364E67CAF/serialNumber=37089F7C72F0E7C5782D7F2B3BD68F5D8CEC5396
Certificate serial:       01BD
Authority key identifier: 37:08:9F:7C:72:F0:E7:C5:78:2D:7F:2B:3B:D6:8F:5D:8C:EC:53:96
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/NwiffHLw58V4LX8rO9aPXYzsU5Y.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F364E67C/71DA5480291611E9A079C765F8AEA228/2452626C789C11EA9D48381FF8AEA228.roa
Signing time:             Tue 07 Apr 2020 06:51:01 +0000
ROA not before:           Tue 07 Apr 2020 06:50:57 +0000
ROA not after:            Tue 30 Apr 2030 06:50:57 +0000
asID:                     37002
IP address blocks:        102.35.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F364E67C/71DA5480291611E9A079C765F8AEA228/NwiffHLw58V4LX8rO9aPXYzsU5Y.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F364E67C/71DA5480291611E9A079C765F8AEA228/NwiffHLw58V4LX8rO9aPXYzsU5Y.mft
                          rsync://rpki.afrinic.net/repository/afrinic/NwiffHLw58V4LX8rO9aPXYzsU5Y.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 445 (0x1bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F364E67CAF/serialNumber=37089F7C72F0E7C5782D7F2B3BD68F5D8CEC5396
        Validity
            Not Before: Apr  7 06:50:57 2020 GMT
            Not After : Apr 30 06:50:57 2030 GMT
        Subject: CN=5e8c22d5-2515
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:11:fb:f9:66:9e:64:96:6c:85:9b:ed:1a:4e:
                    2e:da:4f:61:6f:da:00:90:0c:2e:19:09:ff:b2:fa:
                    fa:0b:c9:45:a0:90:77:13:12:28:f7:25:7b:02:73:
                    86:99:fd:d3:42:e1:28:da:d2:37:e5:d2:35:96:48:
                    b6:1a:29:26:03:8a:00:1d:03:d6:9e:1c:f5:e3:c1:
                    00:6f:ab:1e:8a:a0:1d:ad:bb:36:65:c4:a1:04:df:
                    c8:22:a8:1e:77:5e:24:ed:ca:dd:ab:72:e6:a7:1b:
                    24:10:c9:9d:9b:ea:14:2b:db:b4:7e:7f:c6:ec:1f:
                    81:da:be:d2:6c:87:69:c5:24:e3:c1:13:76:45:df:
                    bb:32:d0:39:ce:08:50:42:e4:22:3e:48:7a:43:6c:
                    13:05:42:fb:05:76:2a:c7:0c:45:c8:cf:f8:af:19:
                    90:20:d3:06:ab:2d:77:aa:9e:32:cd:7e:5c:c3:10:
                    d4:fc:65:30:ad:61:7d:8b:95:97:5f:55:da:c1:6d:
                    a8:0f:a4:f9:bc:f4:f6:48:ae:dd:c3:50:dd:37:8b:
                    51:a7:02:98:c9:a8:7b:c9:ca:d6:59:71:9e:5e:19:
                    76:cf:ea:6d:dd:01:27:a8:3b:9e:94:92:45:85:29:
                    ee:0e:ee:55:e0:07:ca:d8:2a:b5:ce:2b:4c:c3:ad:
                    45:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:94:65:F4:C9:C3:4A:38:87:16:6A:C1:E5:61:41:40:88:2D:10:D4
            X509v3 Authority Key Identifier:
                keyid:37:08:9F:7C:72:F0:E7:C5:78:2D:7F:2B:3B:D6:8F:5D:8C:EC:53:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F364E67C/71DA5480291611E9A079C765F8AEA228/NwiffHLw58V4LX8rO9aPXYzsU5Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NwiffHLw58V4LX8rO9aPXYzsU5Y.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364E67C/71DA5480291611E9A079C765F8AEA228/2452626C789C11EA9D48381FF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.35.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9d:12:08:56:31:ae:d4:05:22:2f:2a:49:0b:4c:e0:5e:7b:8c:
         e8:49:0c:c9:a2:13:0e:5a:d6:a4:de:00:b4:a5:68:1b:ca:95:
         ce:a5:1e:c6:f0:75:23:d1:97:56:0a:a4:2e:60:45:3d:39:26:
         5c:5b:08:46:0b:0d:f2:0e:14:6e:08:34:45:16:bc:8d:03:6e:
         ad:1e:c9:be:23:f4:e0:0a:41:2e:a4:0d:09:ef:1d:eb:f7:53:
         a8:c4:84:32:b6:e5:d0:59:f6:bc:b2:92:c6:88:92:1f:a7:47:
         32:b1:40:0a:91:98:39:d4:e1:6c:82:3e:d4:ea:8d:57:be:dc:
         3f:89:fb:d6:9e:36:91:2b:e4:c8:13:f2:b8:17:61:1c:31:d7:
         7c:67:dc:83:96:04:af:18:74:b9:92:b9:08:b9:16:aa:78:49:
         d9:c1:9f:32:c4:3c:17:9a:07:6d:6e:5f:e0:28:73:f4:13:98:
         66:d3:12:97:c7:c3:57:45:b4:f4:3b:c2:50:ef:02:10:ee:37:
         3c:10:c6:24:06:11:4b:0c:14:35:39:d9:42:63:d3:f8:70:6b:
         ba:72:62:e4:3f:25:3c:37:bb:e9:77:30:72:f6:ba:12:3a:f9:
         5c:36:c7:e8:ae:f5:fa:04:b1:50:15:c1:29:45:c9:5e:fa:38:
         1e:26:d1:ff
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAb0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NEU2N0NBRjExMC8GA1UEBRMoMzcwODlGN0M3MkYwRTdDNTc4MkQ3RjJCM0JENjhG
NUQ4Q0VDNTM5NjAeFw0yMDA0MDcwNjUwNTdaFw0zMDA0MzAwNjUwNTdaMBgxFjAU
BgNVBAMTDTVlOGMyMmQ1LTI1MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCqEfv5Zp5klmyFm+0aTi7aT2Fv2gCQDC4ZCf+y+voLyUWgkHcTEij3JXsC
c4aZ/dNC4Sja0jfl0jWWSLYaKSYDigAdA9aeHPXjwQBvqx6KoB2tuzZlxKEE38gi
qB53XiTtyt2rcuanGyQQyZ2b6hQr27R+f8bsH4HavtJsh2nFJOPBE3ZF37sy0DnO
CFBC5CI+SHpDbBMFQvsFdirHDEXIz/ivGZAg0warLXeqnjLNflzDENT8ZTCtYX2L
lZdfVdrBbagPpPm89PZIrt3DUN03i1GnApjJqHvJytZZcZ5eGXbP6m3dASeoO56U
kkWFKe4O7lXgB8rYKrXOK0zDrUVNAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUDZRl
9MnDSjiHFmrB5WFBQIgtENQwHwYDVR0jBBgwFoAUNwiffHLw58V4LX8rO9aPXYzs
U5YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjRFNjdDLzcxREE1NDgwMjkxNjExRTlBMDc5Qzc2NUY4QUVBMjI4L053aWZm
SEx3NThWNExYOHJPOWFQWFl6c1U1WS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL053aWZmSEx3NThWNExYOHJPOWFQWFl6c1U1WS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjRFNjdDLzcxREE1NDgwMjkxNjExRTlBMDc5Qzc2NUY4
QUVBMjI4LzI0NTI2MjZDNzg5QzExRUE5RDQ4MzgxRkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwBmIzANBgkqhkiG9w0BAQsF
AAOCAQEAnRIIVjGu1AUiLypJC0zgXnuM6EkMyaITDlrWpN4AtKVoG8qVzqUexvB1
I9GXVgqkLmBFPTkmXFsIRgsN8g4Ubgg0RRa8jQNurR7JviP04ApBLqQNCe8d6/dT
qMSEMrbl0Fn2vLKSxoiSH6dHMrFACpGYOdThbII+1OqNV77cP4n71p42kSvkyBPy
uBdhHDHXfGfcg5YErxh0uZK5CLkWqnhJ2cGfMsQ8F5oHbW5f4Chz9BOYZtMSl8fD
V0W09DvCUO8CEO43PBDGJAYRSwwUNTnZQmPT+HBrunJi5D8lPDe76Xcwcva6Ejr5
XDbH6K71+gSxUBXBKUXJXvo4HibR/w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org