Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668231/3AA8BA206B8E11E793C1C565F8AEA228/355AD4A683AE11E98A55D62AF8AEA228.roa
File:                     355AD4A683AE11E98A55D62AF8AEA228.roa (raw, json)
Hash identifier:          yQuqYo4PP7qzl5R5FLB1AGc649ab7ChkeEyvocc2AL0=
Subject key identifier:   1E:52:85:46:88:AF:35:D8:30:2A:D7:BA:13:2F:B6:08:21:A6:4A:55
Certificate issuer:       /CN=F3668231AF/serialNumber=181EF71A34F92CF62DCD11D79007C5854839C1AB
Certificate serial:       02B7
Authority key identifier: 18:1E:F7:1A:34:F9:2C:F6:2D:CD:11:D7:90:07:C5:85:48:39:C1:AB
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/GB73GjT5LPYtzRHXkAfFhUg5was.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3668231/3AA8BA206B8E11E793C1C565F8AEA228/355AD4A683AE11E98A55D62AF8AEA228.roa
Signing time:             Fri 31 May 2019 14:13:06 +0000
ROA not before:           Fri 31 May 2019 14:13:01 +0000
ROA not after:            Wed 30 May 2029 14:13:01 +0000
asID:                     36924
IP address blocks:        102.64.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3668231/3AA8BA206B8E11E793C1C565F8AEA228/GB73GjT5LPYtzRHXkAfFhUg5was.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3668231/3AA8BA206B8E11E793C1C565F8AEA228/GB73GjT5LPYtzRHXkAfFhUg5was.mft
                          rsync://rpki.afrinic.net/repository/afrinic/GB73GjT5LPYtzRHXkAfFhUg5was.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 695 (0x2b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3668231AF/serialNumber=181EF71A34F92CF62DCD11D79007C5854839C1AB
        Validity
            Not Before: May 31 14:13:01 2019 GMT
            Not After : May 30 14:13:01 2029 GMT
        Subject: CN=5cf13672-53c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2a:3b:dc:af:7f:90:2e:54:e6:6c:e4:93:0f:
                    12:10:47:36:85:0c:bb:f4:15:8d:d8:4f:f1:49:0e:
                    0c:bf:e1:4d:18:9b:ca:3b:a8:05:b6:5a:61:eb:8b:
                    c9:4c:a7:36:03:cc:d9:66:a2:b2:d3:49:f0:e9:cc:
                    38:bc:bd:a5:dd:9f:52:2a:18:d5:aa:7a:ff:6d:fe:
                    37:50:2b:de:37:78:53:7c:78:d9:1c:27:6e:85:71:
                    05:32:41:0d:2e:09:ef:8a:88:35:e9:55:02:4a:e0:
                    6e:9a:05:e6:58:93:78:ec:d1:9d:69:af:c5:d4:fc:
                    87:05:f1:19:00:75:73:94:c7:a7:15:d4:3e:6a:2e:
                    ef:ee:35:2d:03:43:53:b0:c4:bd:d4:72:fd:49:a0:
                    37:fa:3b:31:18:ce:2b:3b:6d:ab:57:5e:c4:71:79:
                    1b:4a:62:a8:80:1f:bc:46:bb:2f:49:55:34:43:66:
                    36:f1:28:13:74:43:aa:ca:35:19:9c:55:65:c2:96:
                    f5:18:fd:2b:d5:b0:8b:b9:bb:ea:d9:5f:7f:77:f6:
                    8c:c8:88:77:d7:2d:27:0d:19:38:da:77:a7:a3:d6:
                    5a:f4:70:70:b4:b8:ff:2f:7b:dc:82:29:fe:be:d5:
                    bd:79:bb:4b:85:8f:47:14:c9:81:3c:b0:a2:fd:e3:
                    77:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:52:85:46:88:AF:35:D8:30:2A:D7:BA:13:2F:B6:08:21:A6:4A:55
            X509v3 Authority Key Identifier:
                keyid:18:1E:F7:1A:34:F9:2C:F6:2D:CD:11:D7:90:07:C5:85:48:39:C1:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3668231/3AA8BA206B8E11E793C1C565F8AEA228/GB73GjT5LPYtzRHXkAfFhUg5was.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GB73GjT5LPYtzRHXkAfFhUg5was.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668231/3AA8BA206B8E11E793C1C565F8AEA228/355AD4A683AE11E98A55D62AF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.64.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         2f:71:a2:4c:1f:07:19:77:45:dc:f5:f0:1c:eb:dd:8b:c8:6f:
         94:1d:93:b5:a5:18:aa:c2:a9:64:8d:6e:89:39:fd:27:b5:a4:
         48:cd:3c:9e:68:28:5b:28:aa:57:12:78:62:97:b2:40:4a:f2:
         d1:56:33:1d:fa:48:cd:88:c5:51:fb:45:29:b4:46:22:92:d2:
         0f:c6:40:b3:35:e5:d5:1a:bc:18:00:19:ac:9d:53:87:cc:12:
         26:99:9d:bd:b9:b1:92:10:98:b8:31:3a:15:37:b0:cf:78:15:
         45:be:73:4d:9c:4f:0f:9f:2c:b1:7f:85:9f:c2:36:9a:d5:fd:
         d0:af:7e:e6:7a:16:03:35:72:70:ba:bc:cd:da:49:20:5a:40:
         37:bc:74:42:97:a3:3e:92:9f:21:12:67:fb:cd:4e:44:35:1b:
         2b:a5:08:0c:f8:11:40:9f:fb:c0:c3:8d:b3:3a:38:6f:e0:d8:
         2c:6e:8c:7f:25:a8:dd:6e:31:ef:da:00:38:33:cb:c4:2a:48:
         e7:a5:02:e5:39:d9:95:f3:6f:1d:bb:f1:f6:85:5b:8a:93:9b:
         a6:e3:4d:49:07:e7:53:40:d1:fa:ab:91:a4:59:91:14:8b:5a:
         38:c0:6a:90:2e:33:d8:61:90:12:27:3a:f2:fc:c5:72:1b:d2:
         45:cc:47:63
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgICArcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjgyMzFBRjExMC8GA1UEBRMoMTgxRUY3MUEzNEY5MkNGNjJEQ0QxMUQ3OTAwN0M1
ODU0ODM5QzFBQjAeFw0xOTA1MzExNDEzMDFaFw0yOTA1MzAxNDEzMDFaMBgxFjAU
BgNVBAMTDTVjZjEzNjcyLTUzYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCyKjvcr3+QLlTmbOSTDxIQRzaFDLv0FY3YT/FJDgy/4U0Ym8o7qAW2WmHr
i8lMpzYDzNlmorLTSfDpzDi8vaXdn1IqGNWqev9t/jdQK943eFN8eNkcJ26FcQUy
QQ0uCe+KiDXpVQJK4G6aBeZYk3js0Z1pr8XU/IcF8RkAdXOUx6cV1D5qLu/uNS0D
Q1OwxL3Ucv1JoDf6OzEYzis7batXXsRxeRtKYqiAH7xGuy9JVTRDZjbxKBN0Q6rK
NRmcVWXClvUY/SvVsIu5u+rZX3939ozIiHfXLScNGTjad6ej1lr0cHC0uP8ve9yC
Kf6+1b15u0uFj0cUyYE8sKL943ejAgMBAAGjggJuMIICajAdBgNVHQ4EFgQUHlKF
RoivNdgwKte6Ey+2CCGmSlUwHwYDVR0jBBgwFoAUGB73GjT5LPYtzRHXkAfFhUg5
waswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY4MjMxLzNBQThCQTIwNkI4RTExRTc5M0MxQzU2NUY4QUVBMjI4L0dCNzNH
alQ1TFBZdHpSSFhrQWZGaFVnNXdhcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0dCNzNHalQ1TFBZdHpSSFhrQWZGaFVnNXdhcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjY4MjMxLzNBQThCQTIwNkI4RTExRTc5M0MxQzU2NUY4
QUVBMjI4LzM1NUFENEE2ODNBRTExRTk4QTU1RDYyQUY4QUVBMjI4LnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB2ZAgDANBgkqhkiG9w0BAQsFAAOCAQEA
L3GiTB8HGXdF3PXwHOvdi8hvlB2TtaUYqsKpZI1uiTn9J7WkSM08nmgoWyiqVxJ4
YpeyQEry0VYzHfpIzYjFUftFKbRGIpLSD8ZAszXl1Rq8GAAZrJ1Th8wSJpmdvbmx
khCYuDE6FTewz3gVRb5zTZxPD58ssX+Fn8I2mtX90K9+5noWAzVycLq8zdpJIFpA
N7x0QpejPpKfIRJn+81ORDUbK6UIDPgRQJ/7wMONszo4b+DYLG6MfyWo3W4x79oA
ODPLxCpI56UC5TnZlfNvHbvx9oVbipObpuNNSQfnU0DR+quRpFmRFItaOMBqkC4z
2GGQEic68vzFchvSRcxHYw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org