Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/6C0163EC20B311EAB8D01576F8AEA228.roa
File:                     6C0163EC20B311EAB8D01576F8AEA228.roa (raw, json)
Hash identifier:          qKJSwkjO0UEEtt3fvEcg777sLhnc5F/s5CDz6fXaO0M=
Subject key identifier:   94:CA:C6:1F:18:1D:E6:4C:79:4D:58:D1:24:AC:78:6D:98:11:CE:D4
Certificate issuer:       /CN=F367890AAF/serialNumber=0D5D9B092FE39C87F93BCB94CAC3F6C91D16C8EB
Certificate serial:       EA
Authority key identifier: 0D:5D:9B:09:2F:E3:9C:87:F9:3B:CB:94:CA:C3:F6:C9:1D:16:C8:EB
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/DV2bCS_jnIf5O8uUysP2yR0WyOs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/6C0163EC20B311EAB8D01576F8AEA228.roa
Signing time:             Tue 17 Dec 2019 09:55:57 +0000
ROA not before:           Tue 17 Dec 2019 09:55:53 +0000
ROA not after:            Mon 31 Dec 2029 09:55:53 +0000
asID:                     0
IP address blocks:        2001:43f8:6d0::/46 maxlen: 46

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/DV2bCS_jnIf5O8uUysP2yR0WyOs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/DV2bCS_jnIf5O8uUysP2yR0WyOs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/DV2bCS_jnIf5O8uUysP2yR0WyOs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:06:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 234 (0xea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367890AAF/serialNumber=0D5D9B092FE39C87F93BCB94CAC3F6C91D16C8EB
        Validity
            Not Before: Dec 17 09:55:53 2019 GMT
            Not After : Dec 31 09:55:53 2029 GMT
        Subject: CN=5df8a62d-8a3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:87:f2:67:44:d6:e1:d3:a6:5b:e6:57:2d:75:
                    c4:28:e3:c8:69:e3:a2:5f:42:65:30:ab:8e:36:d8:
                    08:68:01:c9:9b:7e:aa:ee:71:3c:48:0f:66:4b:fb:
                    64:c4:3e:50:95:40:e6:80:9f:6f:03:df:9c:4c:92:
                    39:10:86:e9:ef:5e:dc:a7:58:9d:37:71:1d:3e:d7:
                    ec:9d:a3:eb:d5:c7:ec:ec:6f:c0:c9:26:68:9c:82:
                    97:cf:2c:be:00:d3:4a:fe:c4:bb:ed:c7:4e:87:6c:
                    94:3e:f6:bd:fc:21:74:8f:92:fa:40:34:c9:43:fb:
                    d7:9f:ad:2b:f1:56:71:71:ee:f3:b0:be:6b:31:ff:
                    aa:46:79:32:98:b2:7b:4b:bc:d7:4a:eb:5c:fd:7c:
                    2c:22:70:6e:fb:f1:44:7c:58:a6:d3:f7:58:ef:64:
                    3b:7f:7f:e9:88:46:ed:bf:dd:03:cc:9a:c2:34:54:
                    9f:e2:3a:70:67:37:a7:d6:b2:97:f6:f6:13:27:01:
                    2e:69:3c:3e:32:33:ca:29:fd:e7:c1:13:e9:0d:a0:
                    27:30:df:b7:67:04:06:25:f0:2f:59:da:6b:64:34:
                    f8:76:53:d6:5b:ad:9e:cd:2a:b3:b1:2f:68:9b:3b:
                    2a:ff:e5:7e:8b:0d:6c:e3:6f:88:33:60:dd:a9:04:
                    55:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:CA:C6:1F:18:1D:E6:4C:79:4D:58:D1:24:AC:78:6D:98:11:CE:D4
            X509v3 Authority Key Identifier:
                keyid:0D:5D:9B:09:2F:E3:9C:87:F9:3B:CB:94:CA:C3:F6:C9:1D:16:C8:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/DV2bCS_jnIf5O8uUysP2yR0WyOs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DV2bCS_jnIf5O8uUysP2yR0WyOs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/6C0163EC20B311EAB8D01576F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:43f8:6d0::/46

    Signature Algorithm: sha256WithRSAEncryption
         a0:c0:72:a9:d8:37:99:50:58:8e:3d:8a:6f:39:c3:c1:46:e1:
         63:20:7c:45:28:53:7e:7d:d9:23:79:04:9c:fc:42:d8:6d:86:
         0f:bf:ae:02:1c:5f:7c:a4:07:43:1f:11:1f:ff:02:82:62:3e:
         f3:90:05:65:fc:63:98:47:78:ac:30:56:d7:23:bd:be:f3:8a:
         0c:4b:40:c3:9d:59:71:8e:a1:ae:6b:ad:d1:b0:0f:72:2c:7f:
         47:30:fe:86:03:63:38:cb:7e:14:ba:8f:1b:1f:23:b2:d2:5c:
         81:bc:49:28:7f:cf:f4:dd:a5:3e:22:5e:72:67:40:51:70:e0:
         32:27:7c:c6:69:d3:d0:12:b2:ac:d1:56:dd:b4:79:0b:e9:00:
         49:36:12:5a:89:54:e0:49:bc:1e:42:2d:85:11:d7:52:26:35:
         3c:47:54:02:a0:74:d5:d9:66:a9:0e:fb:2d:ef:a2:bb:d1:d5:
         8c:c6:df:cc:c3:92:83:7b:27:39:c1:ac:4d:47:84:0a:60:4e:
         ba:0a:55:2e:5b:6c:ad:c9:e6:3c:ac:7d:2f:6d:56:11:ec:c2:
         a5:30:1d:12:20:07:35:e8:b7:72:ae:a7:c3:ed:3c:ac:ad:bf:
         af:e9:83:bc:df:c2:cb:04:fd:e6:ac:5e:5d:24:42:ad:76:75:
         c4:63:7e:2e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgICAOowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Nzg5MEFBRjExMC8GA1UEBRMoMEQ1RDlCMDkyRkUzOUM4N0Y5M0JDQjk0Q0FDM0Y2
QzkxRDE2QzhFQjAeFw0xOTEyMTcwOTU1NTNaFw0yOTEyMzEwOTU1NTNaMBgxFjAU
BgNVBAMTDTVkZjhhNjJkLThhM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEh/JnRNbh06Zb5lctdcQo48hp46JfQmUwq4422AhoAcmbfqrucTxID2ZL
+2TEPlCVQOaAn28D35xMkjkQhunvXtynWJ03cR0+1+ydo+vVx+zsb8DJJmicgpfP
LL4A00r+xLvtx06HbJQ+9r38IXSPkvpANMlD+9efrSvxVnFx7vOwvmsx/6pGeTKY
sntLvNdK61z9fCwicG778UR8WKbT91jvZDt/f+mIRu2/3QPMmsI0VJ/iOnBnN6fW
spf29hMnAS5pPD4yM8op/efBE+kNoCcw37dnBAYl8C9Z2mtkNPh2U9ZbrZ7NKrOx
L2ibOyr/5X6LDWzjb4gzYN2pBFUFAgMBAAGjggJxMIICbTAdBgNVHQ4EFgQUlMrG
Hxgd5kx5TVjRJKx4bZgRztQwHwYDVR0jBBgwFoAUDV2bCS/jnIf5O8uUysP2yR0W
yOswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc4OTBBL0Q1OTUwQkZFODE0NjExRTk4QTI2RUMyM0Y4QUVBMjI4L0RWMmJD
U19qbklmNU84dVV5c1AyeVIwV3lPcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0RWMmJDU19qbklmNU84dVV5c1AyeVIwV3lPcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc4OTBBL0Q1OTUwQkZFODE0NjExRTk4QTI2RUMyM0Y4
QUVBMjI4LzZDMDE2M0VDMjBCMzExRUFCOEQwMTU3NkY4QUVBMjI4LnJvYTAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABQ/gG0DANBgkqhkiG9w0BAQsFAAOC
AQEAoMByqdg3mVBYjj2KbznDwUbhYyB8RShTfn3ZI3kEnPxC2G2GD7+uAhxffKQH
Qx8RH/8CgmI+85AFZfxjmEd4rDBW1yO9vvOKDEtAw51ZcY6hrmut0bAPcix/RzD+
hgNjOMt+FLqPGx8jstJcgbxJKH/P9N2lPiJecmdAUXDgMid8xmnT0BKyrNFW3bR5
C+kASTYSWolU4Em8HkIthRHXUiY1PEdUAqB01dlmqQ77Le+iu9HVjMbfzMOSg3sn
OcGsTUeECmBOugpVLltsrcnmPKx9L21WEezCpTAdEiAHNei3cq6nw+08rK2/r+mD
vN/CywT95qxeXSRCrXZ1xGN+Lg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:19:42 2024 by rpki-client on console-ams.rpki-client.org