Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/1CD89842944B11EA8D91181BF8AEA228.roa
File:                     1CD89842944B11EA8D91181BF8AEA228.roa (raw, json)
Hash identifier:          G8QTB1cDSlhFc1aM1m+wP1xl5Ubb7Vbu7br4H677GAs=
Subject key identifier:   BE:BA:3E:B6:1A:5A:33:5A:8A:4D:D2:86:49:8E:65:98:FD:11:51:CA
Certificate issuer:       /CN=F367890AAF/serialNumber=0D5D9B092FE39C87F93BCB94CAC3F6C91D16C8EB
Certificate serial:       0188
Authority key identifier: 0D:5D:9B:09:2F:E3:9C:87:F9:3B:CB:94:CA:C3:F6:C9:1D:16:C8:EB
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/DV2bCS_jnIf5O8uUysP2yR0WyOs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/1CD89842944B11EA8D91181BF8AEA228.roa
Signing time:             Tue 12 May 2020 12:21:32 +0000
ROA not before:           Tue 12 May 2020 12:21:29 +0000
ROA not after:            Fri 31 May 2030 12:21:29 +0000
asID:                     0
IP address blocks:        196.60.70.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/DV2bCS_jnIf5O8uUysP2yR0WyOs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/DV2bCS_jnIf5O8uUysP2yR0WyOs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/DV2bCS_jnIf5O8uUysP2yR0WyOs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:06:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 392 (0x188)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367890AAF/serialNumber=0D5D9B092FE39C87F93BCB94CAC3F6C91D16C8EB
        Validity
            Not Before: May 12 12:21:29 2020 GMT
            Not After : May 31 12:21:29 2030 GMT
        Subject: CN=5eba94cc-c1f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:97:52:78:36:26:eb:a0:a1:44:9d:bf:fb:7c:
                    47:6a:c6:b7:ad:a6:84:3e:77:d8:20:10:0a:91:15:
                    8f:5d:3e:71:05:be:5d:ae:2f:2c:4f:91:0a:69:18:
                    dd:20:c2:7c:82:b4:20:b4:ec:43:f1:f9:b6:35:19:
                    2f:88:43:f0:fc:7d:ef:af:e9:55:77:2b:2f:7c:f7:
                    9c:47:c3:a6:b6:fc:94:87:44:3a:c2:4a:74:b3:cf:
                    a0:26:af:0d:7e:e4:bc:95:ca:c1:95:dc:8a:01:0b:
                    fb:4c:06:64:7f:17:a5:fd:51:f9:10:4d:be:48:40:
                    92:fd:f5:f5:75:12:a3:ed:b1:79:c9:5c:1c:6b:0b:
                    10:b2:80:31:92:0f:ca:2c:cd:97:b2:7e:aa:7a:ec:
                    4c:43:71:09:33:4c:f1:56:ea:19:00:8e:61:ee:71:
                    95:c2:bd:95:48:3e:bc:80:18:f6:43:fe:a4:cc:a8:
                    98:26:06:63:a8:e8:16:ee:59:63:4b:34:66:eb:a7:
                    41:07:f5:48:4d:4a:76:08:51:5a:54:7d:1d:3f:f1:
                    75:76:1f:0a:84:31:ee:3c:13:ea:13:81:eb:8f:3a:
                    57:34:a8:ed:b5:cc:7a:15:0a:d4:4a:06:05:4e:a0:
                    66:4a:fe:c1:95:59:c9:68:3a:33:2f:d3:0f:6d:2c:
                    9c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:BA:3E:B6:1A:5A:33:5A:8A:4D:D2:86:49:8E:65:98:FD:11:51:CA
            X509v3 Authority Key Identifier:
                keyid:0D:5D:9B:09:2F:E3:9C:87:F9:3B:CB:94:CA:C3:F6:C9:1D:16:C8:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/DV2bCS_jnIf5O8uUysP2yR0WyOs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DV2bCS_jnIf5O8uUysP2yR0WyOs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/1CD89842944B11EA8D91181BF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.60.70.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:04:1e:00:39:78:19:54:6e:85:fa:04:b2:f6:0e:75:fb:8d:
         7c:4d:32:97:eb:1d:f3:e3:0c:f6:50:63:fd:42:30:01:f5:c7:
         74:5a:2d:46:31:a7:ec:83:90:f1:c2:1d:6b:1c:29:09:ec:38:
         80:65:f3:59:82:53:18:09:a1:cd:80:8a:f9:b4:02:f2:1c:8c:
         c8:c0:50:5a:8c:f8:53:4a:6d:f1:b8:71:a8:fe:a8:96:be:03:
         72:00:08:f5:cb:45:fe:1f:25:d3:b4:d1:5f:6b:1b:80:51:97:
         ea:ce:bc:4e:c2:d6:d1:b9:99:39:24:3f:7b:aa:28:20:13:c6:
         4a:c2:f5:e1:3d:b2:7f:0d:f6:b2:e1:b5:1d:fb:f7:56:db:4c:
         69:1f:a8:1c:c6:b9:69:b1:22:52:ff:35:dd:6f:1b:7a:bb:93:
         40:20:b2:b0:05:54:57:55:b7:6b:14:77:b2:27:86:c6:5c:ef:
         37:73:0e:04:cf:da:dc:d9:7b:f1:e8:92:ac:c0:b2:e1:34:1c:
         49:29:e6:a9:a1:2b:f2:39:2a:d7:82:4f:cc:b7:8e:82:76:50:
         2d:a6:19:88:69:eb:d2:d5:87:7d:08:55:8d:95:bd:71:8c:f2:
         79:79:ce:d4:71:10:fa:fc:91:eb:00:fe:a0:0c:a1:6e:59:5e:
         02:93:2e:3f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAYgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Nzg5MEFBRjExMC8GA1UEBRMoMEQ1RDlCMDkyRkUzOUM4N0Y5M0JDQjk0Q0FDM0Y2
QzkxRDE2QzhFQjAeFw0yMDA1MTIxMjIxMjlaFw0zMDA1MzExMjIxMjlaMBgxFjAU
BgNVBAMTDTVlYmE5NGNjLWMxZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJl1J4NibroKFEnb/7fEdqxretpoQ+d9ggEAqRFY9dPnEFvl2uLyxPkQpp
GN0gwnyCtCC07EPx+bY1GS+IQ/D8fe+v6VV3Ky9895xHw6a2/JSHRDrCSnSzz6Am
rw1+5LyVysGV3IoBC/tMBmR/F6X9UfkQTb5IQJL99fV1EqPtsXnJXBxrCxCygDGS
D8oszZeyfqp67ExDcQkzTPFW6hkAjmHucZXCvZVIPryAGPZD/qTMqJgmBmOo6Bbu
WWNLNGbrp0EH9UhNSnYIUVpUfR0/8XV2HwqEMe48E+oTgeuPOlc0qO21zHoVCtRK
BgVOoGZK/sGVWcloOjMv0w9tLJyJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUvro+
thpaM1qKTdKGSY5lmP0RUcowHwYDVR0jBBgwFoAUDV2bCS/jnIf5O8uUysP2yR0W
yOswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc4OTBBL0Q1OTUwQkZFODE0NjExRTk4QTI2RUMyM0Y4QUVBMjI4L0RWMmJD
U19qbklmNU84dVV5c1AyeVIwV3lPcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0RWMmJDU19qbklmNU84dVV5c1AyeVIwV3lPcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc4OTBBL0Q1OTUwQkZFODE0NjExRTk4QTI2RUMyM0Y4
QUVBMjI4LzFDRDg5ODQyOTQ0QjExRUE4RDkxMTgxQkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHEPEYwDQYJKoZIhvcNAQEL
BQADggEBAAYEHgA5eBlUboX6BLL2DnX7jXxNMpfrHfPjDPZQY/1CMAH1x3RaLUYx
p+yDkPHCHWscKQnsOIBl81mCUxgJoc2Aivm0AvIcjMjAUFqM+FNKbfG4caj+qJa+
A3IACPXLRf4fJdO00V9rG4BRl+rOvE7C1tG5mTkkP3uqKCATxkrC9eE9sn8N9rLh
tR3791bbTGkfqBzGuWmxIlL/Nd1vG3q7k0AgsrAFVFdVt2sUd7InhsZc7zdzDgTP
2tzZe/HokqzAsuE0HEkp5qmhK/I5KteCT8y3joJ2UC2mGYhp69LVh30IVY2VvXGM
8nl5ztRxEPr8kesA/qAMoW5ZXgKTLj8=
-----END CERTIFICATE-----