Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/8CD6FED820B311EAAC843476F8AEA228.roa
File:                     8CD6FED820B311EAAC843476F8AEA228.roa (raw, json)
Hash identifier:          Gf1aru2E3Yggqz5sr3+VkWloIXes+1L3V6Xe+EwFJW4=
Subject key identifier:   EA:2D:EE:D2:2F:9A:3E:7E:BC:1F:AB:88:D5:35:D8:1E:D3:53:F7:25
Certificate issuer:       /CN=F367890AAF/serialNumber=0D5D9B092FE39C87F93BCB94CAC3F6C91D16C8EB
Certificate serial:       EC
Authority key identifier: 0D:5D:9B:09:2F:E3:9C:87:F9:3B:CB:94:CA:C3:F6:C9:1D:16:C8:EB
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/DV2bCS_jnIf5O8uUysP2yR0WyOs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/8CD6FED820B311EAAC843476F8AEA228.roa
Signing time:             Tue 17 Dec 2019 09:56:52 +0000
ROA not before:           Tue 17 Dec 2019 09:56:48 +0000
ROA not after:            Mon 31 Dec 2029 09:56:48 +0000
asID:                     0
IP address blocks:        196.60.8.0/23 maxlen: 23
                          196.60.10.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/DV2bCS_jnIf5O8uUysP2yR0WyOs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/DV2bCS_jnIf5O8uUysP2yR0WyOs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/DV2bCS_jnIf5O8uUysP2yR0WyOs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:06:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 236 (0xec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367890AAF/serialNumber=0D5D9B092FE39C87F93BCB94CAC3F6C91D16C8EB
        Validity
            Not Before: Dec 17 09:56:48 2019 GMT
            Not After : Dec 31 09:56:48 2029 GMT
        Subject: CN=5df8a664-9726
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:c6:e4:3b:40:dd:f1:8c:b7:25:20:a3:70:d2:
                    e7:10:53:ea:35:28:18:a6:69:1c:01:4e:ed:1c:c3:
                    6e:9b:ca:5b:d6:33:13:33:86:a9:a3:7e:8c:ef:35:
                    96:72:c8:64:1d:3f:eb:f6:c0:47:11:1c:c3:79:cf:
                    12:6d:07:73:d1:d1:ab:18:e0:f0:8a:92:1c:de:35:
                    53:97:25:12:ed:3f:99:21:e6:7e:d9:76:74:21:d0:
                    c9:68:fe:f0:0e:86:84:91:d1:57:c5:6a:b8:8d:53:
                    15:74:e6:2b:b5:66:fa:63:82:b2:0e:69:31:19:30:
                    80:77:a6:ac:53:99:e1:02:f2:6f:76:04:0f:06:44:
                    04:5d:24:d6:cc:4b:0e:f6:36:06:a6:4e:2d:a2:85:
                    56:c7:43:25:36:22:61:7f:b8:6f:39:3f:59:15:c4:
                    11:f6:78:18:64:2c:d2:c9:82:ff:91:3f:1f:e0:cb:
                    88:05:52:83:09:ce:05:6b:31:ec:20:65:b4:81:20:
                    e9:9a:9f:16:d0:46:d1:74:35:ae:0e:d3:4c:fb:bd:
                    ac:00:9b:8d:b5:4d:c1:9f:c8:27:ad:ee:08:5e:96:
                    f7:1d:7e:c6:b7:bc:c6:ae:c1:6f:b4:fc:09:09:cf:
                    ae:85:1d:99:51:e3:bf:d5:79:05:c0:ef:04:a0:7a:
                    f8:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:2D:EE:D2:2F:9A:3E:7E:BC:1F:AB:88:D5:35:D8:1E:D3:53:F7:25
            X509v3 Authority Key Identifier:
                keyid:0D:5D:9B:09:2F:E3:9C:87:F9:3B:CB:94:CA:C3:F6:C9:1D:16:C8:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/DV2bCS_jnIf5O8uUysP2yR0WyOs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/DV2bCS_jnIf5O8uUysP2yR0WyOs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367890A/D5950BFE814611E98A26EC23F8AEA228/8CD6FED820B311EAAC843476F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.60.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c0:58:5a:f1:c2:7e:eb:49:44:47:81:04:16:26:fd:1e:9e:4e:
         a5:3c:a2:39:5e:27:3b:80:f9:8f:84:d8:11:57:a4:9b:75:5b:
         02:0b:4e:42:49:56:5c:52:62:05:f4:3d:c2:0f:1f:c2:b9:c4:
         bc:d0:36:36:65:b1:ac:57:3a:be:d4:d3:fd:e9:e7:77:44:c2:
         f9:14:9a:33:64:04:4c:31:d6:45:e6:bf:ae:0f:83:d8:97:1f:
         1e:35:34:d0:22:04:41:06:a4:fa:c4:81:ea:ba:24:e6:a2:3c:
         fa:31:16:3c:10:25:7b:53:4f:77:57:ac:89:5d:66:2b:ed:06:
         8c:e1:53:49:85:62:ff:a8:ea:29:92:ab:35:00:3c:61:1f:1e:
         93:34:60:c6:7b:63:a0:9c:fd:3c:c7:41:4c:58:17:08:e6:0b:
         f3:76:d9:22:cd:23:2d:c9:2d:4f:69:8a:1e:8d:9d:9c:32:31:
         17:45:6a:c8:48:f1:dc:6a:58:df:1a:c2:aa:c5:d2:32:08:87:
         4e:b5:ac:37:e2:41:5e:c2:b9:33:5b:37:f9:e8:3a:fc:18:c4:
         e0:9b:39:6a:c0:18:31:9b:22:fb:d3:25:84:a3:32:41:09:ad:
         7c:71:a8:a0:23:1b:4a:0b:da:6b:c9:56:c1:fa:8c:f0:db:32:
         5a:40:24:ad
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgICAOwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Nzg5MEFBRjExMC8GA1UEBRMoMEQ1RDlCMDkyRkUzOUM4N0Y5M0JDQjk0Q0FDM0Y2
QzkxRDE2QzhFQjAeFw0xOTEyMTcwOTU2NDhaFw0yOTEyMzEwOTU2NDhaMBgxFjAU
BgNVBAMTDTVkZjhhNjY0LTk3MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDNxuQ7QN3xjLclIKNw0ucQU+o1KBimaRwBTu0cw26bylvWMxMzhqmjfozv
NZZyyGQdP+v2wEcRHMN5zxJtB3PR0asY4PCKkhzeNVOXJRLtP5kh5n7ZdnQh0Mlo
/vAOhoSR0VfFariNUxV05iu1ZvpjgrIOaTEZMIB3pqxTmeEC8m92BA8GRARdJNbM
Sw72NgamTi2ihVbHQyU2ImF/uG85P1kVxBH2eBhkLNLJgv+RPx/gy4gFUoMJzgVr
MewgZbSBIOmanxbQRtF0Na4O00z7vawAm421TcGfyCet7ghelvcdfsa3vMauwW+0
/AkJz66FHZlR47/VeQXA7wSgevh3AgMBAAGjggJuMIICajAdBgNVHQ4EFgQU6i3u
0i+aPn68H6uI1TXYHtNT9yUwHwYDVR0jBBgwFoAUDV2bCS/jnIf5O8uUysP2yR0W
yOswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc4OTBBL0Q1OTUwQkZFODE0NjExRTk4QTI2RUMyM0Y4QUVBMjI4L0RWMmJD
U19qbklmNU84dVV5c1AyeVIwV3lPcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0RWMmJDU19qbklmNU84dVV5c1AyeVIwV3lPcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc4OTBBL0Q1OTUwQkZFODE0NjExRTk4QTI2RUMyM0Y4
QUVBMjI4LzhDRDZGRUQ4MjBCMzExRUFBQzg0MzQ3NkY4QUVBMjI4LnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsQ8CDANBgkqhkiG9w0BAQsFAAOCAQEA
wFha8cJ+60lER4EEFib9Hp5OpTyiOV4nO4D5j4TYEVekm3VbAgtOQklWXFJiBfQ9
wg8fwrnEvNA2NmWxrFc6vtTT/ennd0TC+RSaM2QETDHWRea/rg+D2JcfHjU00CIE
QQak+sSB6rok5qI8+jEWPBAle1NPd1esiV1mK+0GjOFTSYVi/6jqKZKrNQA8YR8e
kzRgxntjoJz9PMdBTFgXCOYL83bZIs0jLcktT2mKHo2dnDIxF0VqyEjx3GpY3xrC
qsXSMgiHTrWsN+JBXsK5M1s3+eg6/BjE4Js5asAYMZsi+9MlhKMyQQmtfHGooCMb
Sgvaa8lWwfqM8NsyWkAkrQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:10:18 2024 by rpki-client on console-fra.rpki-client.org