Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/02F283DE8C6611EB9FE44351F8AEA228.roa
File:                     02F283DE8C6611EB9FE44351F8AEA228.roa (raw, json)
Hash identifier:          EMt9aUaQ5CfLSK3wWjO+VA7aTyf0fC5z9fQYJcCm99o=
Subject key identifier:   97:BB:3E:4C:6A:FF:C0:EB:E9:67:1D:AD:42:B4:5A:44:5A:9B:E2:50
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       63
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/02F283DE8C6611EB9FE44351F8AEA228.roa
Signing time:             Wed 24 Mar 2021 05:58:53 +0000
ROA not before:           Wed 24 Mar 2021 05:58:46 +0000
ROA not after:            Mon 24 Mar 2031 05:58:46 +0000
asID:                     10474
IP address blocks:        196.28.16.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99 (0x63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 24 05:58:46 2021 GMT
            Not After : Mar 24 05:58:46 2031 GMT
        Subject: CN=605ad51d-25da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9d:38:39:c4:ea:36:69:d6:10:b2:a7:8d:5e:
                    e4:78:67:34:43:c9:41:19:94:56:e3:9c:8f:b5:a5:
                    43:4f:0d:81:09:47:15:b0:8e:f4:04:a1:b5:a5:f6:
                    77:6d:59:f6:72:f9:aa:5c:9d:24:73:8f:73:3a:02:
                    a6:c3:a1:94:07:53:4a:88:a7:10:42:e8:a2:6c:81:
                    fc:42:59:b2:e2:a3:b8:56:2a:26:35:c0:ac:09:96:
                    6e:7d:15:63:70:d8:dc:ee:12:85:bf:56:c4:cf:40:
                    dd:4c:c2:f5:42:9c:99:7c:3c:74:66:9d:e6:45:1b:
                    38:78:a6:85:51:fa:c8:10:5a:41:71:67:c8:49:86:
                    30:c1:2d:e3:05:58:a6:c9:ce:3c:40:e2:de:9c:f4:
                    04:9d:84:48:18:ec:a9:b3:9e:06:f8:e2:11:bb:83:
                    d9:1e:28:b2:0a:46:94:15:33:c4:31:88:14:6f:81:
                    f3:fe:43:55:89:65:ed:a1:2c:12:15:0a:c6:38:08:
                    23:14:32:26:ea:ae:8e:9f:8f:5f:0b:7c:09:e3:16:
                    fb:87:17:21:d5:2a:c8:d7:18:07:f5:4c:6d:00:c4:
                    db:15:77:63:37:86:fb:17:d6:58:c0:c3:77:3b:34:
                    9f:5f:2e:6e:06:0d:8a:c6:28:30:e1:ad:ba:5c:89:
                    84:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:BB:3E:4C:6A:FF:C0:EB:E9:67:1D:AD:42:B4:5A:44:5A:9B:E2:50
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/02F283DE8C6611EB9FE44351F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.28.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         1e:e4:3f:39:94:f6:6d:f8:1f:57:8c:c5:7c:a8:0f:a4:40:83:
         4a:00:f6:53:ec:ed:bb:b8:06:0c:81:3c:01:78:73:e1:62:11:
         6b:9d:19:b2:92:da:a7:f5:a8:e2:60:ea:da:fd:ac:8a:aa:4a:
         fd:b2:59:24:46:da:7d:3b:03:dd:5e:3c:e2:a7:ae:ef:2b:80:
         b3:d6:8c:91:ed:58:c0:d8:6e:1a:f5:77:5d:88:49:2d:b8:46:
         0e:6a:72:30:ad:5f:b5:ee:63:c9:85:0d:e5:b9:7a:0b:26:d3:
         70:b8:8a:bc:09:6d:40:46:9c:ac:7a:7e:65:ef:12:bd:59:6e:
         db:9b:4c:14:35:4a:8e:4c:0b:35:16:0f:92:64:1f:3e:7e:29:
         06:7e:45:ee:f4:59:46:93:b5:83:62:5c:47:60:02:0d:2b:5b:
         71:31:8a:1d:e0:78:27:31:e9:58:f3:79:f2:2c:86:64:ca:b6:
         85:68:29:24:31:d5:c6:4b:82:41:2c:23:ed:a2:4f:4b:fb:db:
         42:fa:11:e9:de:33:75:8f:6f:23:8a:79:78:2c:35:bf:ad:79:
         df:87:2e:07:73:54:f1:7a:48:fc:5e:37:76:64:1d:23:2d:61:
         1f:e4:e5:88:52:bb:93:c9:53:18:61:b9:71:55:87:66:1e:3a:
         3a:c0:4e:49
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBYzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjIxNkFGMTEwLwYDVQQFEygyRjQwN0ZFQ0Q4QjdERERDQTVENUI5MEE1RTE5NTg5
RDA2QzEwMURDMB4XDTIxMDMyNDA1NTg0NloXDTMxMDMyNDA1NTg0NlowGDEWMBQG
A1UEAxMNNjA1YWQ1MWQtMjVkYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmdODnE6jZp1hCyp41e5HhnNEPJQRmUVuOcj7WlQ08NgQlHFbCO9AShtaX2
d21Z9nL5qlydJHOPczoCpsOhlAdTSoinEELoomyB/EJZsuKjuFYqJjXArAmWbn0V
Y3DY3O4Shb9WxM9A3UzC9UKcmXw8dGad5kUbOHimhVH6yBBaQXFnyEmGMMEt4wVY
psnOPEDi3pz0BJ2ESBjsqbOeBvjiEbuD2R4osgpGlBUzxDGIFG+B8/5DVYll7aEs
EhUKxjgIIxQyJuqujp+PXwt8CeMW+4cXIdUqyNcYB/VMbQDE2xV3YzeG+xfWWMDD
dzs0n18ubgYNisYoMOGtulyJhPMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSXuz5M
av/A6+lnHa1CtFpEWpviUDAfBgNVHSMEGDAWgBQvQH/s2Lfd3KXVuQpeGVidBsEB
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhBRUEyMjgvTDBCXzdO
aTMzZHlsMWJrS1hobFluUWJCQWR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTDBCXzdOaTMzZHlsMWJrS1hobFluUWJCQWR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhB
RUEyMjgvMDJGMjgzREU4QzY2MTFFQjlGRTQ0MzUxRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMQcEDANBgkqhkiG9w0BAQsF
AAOCAQEAHuQ/OZT2bfgfV4zFfKgPpECDSgD2U+ztu7gGDIE8AXhz4WIRa50ZspLa
p/Wo4mDq2v2siqpK/bJZJEbafTsD3V484qeu7yuAs9aMke1YwNhuGvV3XYhJLbhG
DmpyMK1fte5jyYUN5bl6CybTcLiKvAltQEacrHp+Ze8SvVlu25tMFDVKjkwLNRYP
kmQfPn4pBn5F7vRZRpO1g2JcR2ACDStbcTGKHeB4JzHpWPN58iyGZMq2hWgpJDHV
xkuCQSwj7aJPS/vbQvoR6d4zdY9vI4p5eCw1v61534cuB3NU8XpI/F43dmQdIy1h
H+TliFK7k8lTGGG5cVWHZh46OsBOSQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org