Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/03236C2C8C6311EBA013FB4CF8AEA228.roa
File:                     03236C2C8C6311EBA013FB4CF8AEA228.roa (raw, json)
Hash identifier:          oTGTeHZrciSrPt1gUbpxqShzEhNuAc8HINghMRJ4jJc=
Subject key identifier:   B3:20:6F:C1:54:37:3A:E0:D2:27:7D:30:F3:3E:2E:18:A6:47:22:E8
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       4A
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/03236C2C8C6311EBA013FB4CF8AEA228.roa
Signing time:             Wed 24 Mar 2021 05:37:25 +0000
ROA not before:           Wed 24 Mar 2021 05:37:18 +0000
ROA not after:            Mon 24 Mar 2031 05:37:18 +0000
asID:                     10474
IP address blocks:        196.28.192.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74 (0x4a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 24 05:37:18 2021 GMT
            Not After : Mar 24 05:37:18 2031 GMT
        Subject: CN=605ad015-6ce9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:11:9e:69:59:65:55:45:3d:86:93:45:08:81:
                    7a:73:dc:91:fb:7f:89:f5:c3:37:9f:bc:ea:45:20:
                    b7:86:8b:e4:85:8c:59:fb:93:3b:11:f7:be:c2:53:
                    91:e2:a3:4b:92:b7:b4:63:d6:93:b8:3f:c8:91:5a:
                    55:d4:a0:13:c7:55:25:12:f6:85:2f:6c:bd:f8:89:
                    b1:e6:12:e5:5d:98:39:75:85:9a:2a:d1:7c:ae:05:
                    4b:85:88:5c:6e:f3:d7:ca:42:1e:5c:db:b7:10:52:
                    e4:d7:57:43:1c:35:7d:ec:0a:bc:20:7c:31:a4:43:
                    db:bb:5c:32:36:c6:4e:8a:3f:53:d9:fc:29:79:f1:
                    92:3e:20:de:ae:38:db:6e:1f:81:32:2f:fe:9d:dc:
                    72:a4:da:84:14:ac:ca:10:f7:7e:e7:01:7e:72:57:
                    e6:a9:61:da:87:f3:0a:a6:59:8c:a2:ad:61:6b:e5:
                    b5:1c:98:98:5b:c9:9b:61:31:c4:39:b9:e7:ca:7b:
                    96:33:8e:4a:4a:ca:63:2a:7c:69:7f:81:4c:0d:0d:
                    87:d7:27:6c:4a:cb:11:b8:ec:60:46:03:3b:dd:5e:
                    88:61:62:25:a9:75:80:00:f5:89:5a:58:5e:12:60:
                    5c:c5:d4:8d:b0:39:62:48:ea:90:03:c5:92:19:45:
                    79:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:20:6F:C1:54:37:3A:E0:D2:27:7D:30:F3:3E:2E:18:A6:47:22:E8
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/03236C2C8C6311EBA013FB4CF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.28.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         cf:05:d8:11:55:a0:7e:a9:12:af:50:4f:d8:c2:e6:f2:02:e5:
         8e:ac:a0:d0:9f:51:c0:fd:83:7c:82:e0:d0:ba:e7:60:76:dc:
         12:54:89:a6:4d:09:f0:2c:8a:e3:3c:87:66:db:da:4b:39:4c:
         4d:0a:26:4f:95:bd:26:f0:7d:22:d1:07:ff:b1:7a:ba:0c:91:
         3c:0b:e8:99:7d:22:41:1a:af:95:45:f2:76:4c:29:79:e3:20:
         91:e2:8e:29:80:a0:c4:95:bf:91:33:7d:d5:54:d2:b8:b3:64:
         62:3c:c8:e0:73:c9:4d:01:f7:88:07:02:78:af:37:9c:5d:12:
         64:7f:e7:77:ea:80:e3:a5:c9:28:e8:1d:63:52:77:bd:9c:d1:
         01:ba:93:48:ef:8d:54:58:88:48:d9:0d:fb:e4:63:db:04:0a:
         00:d2:cf:48:14:03:48:22:07:47:f0:b5:e3:05:a0:18:63:1b:
         fd:1a:e1:56:ae:58:89:52:f7:5c:57:92:21:32:54:85:3f:00:
         59:30:91:ec:46:67:88:ed:5c:94:a5:27:b9:91:e9:f9:80:ad:
         2a:24:1b:88:c8:90:8e:6e:aa:0f:93:c9:2c:84:0c:ac:c5:7b:
         e5:8c:37:06:2a:57:a9:95:7f:d1:52:5b:1f:0d:26:56:86:59:
         b5:74:b9:22
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBSjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjIxNkFGMTEwLwYDVQQFEygyRjQwN0ZFQ0Q4QjdERERDQTVENUI5MEE1RTE5NTg5
RDA2QzEwMURDMB4XDTIxMDMyNDA1MzcxOFoXDTMxMDMyNDA1MzcxOFowGDEWMBQG
A1UEAxMNNjA1YWQwMTUtNmNlOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANURnmlZZVVFPYaTRQiBenPckft/ifXDN5+86kUgt4aL5IWMWfuTOxH3vsJT
keKjS5K3tGPWk7g/yJFaVdSgE8dVJRL2hS9svfiJseYS5V2YOXWFmirRfK4FS4WI
XG7z18pCHlzbtxBS5NdXQxw1fewKvCB8MaRD27tcMjbGToo/U9n8KXnxkj4g3q44
224fgTIv/p3ccqTahBSsyhD3fucBfnJX5qlh2ofzCqZZjKKtYWvltRyYmFvJm2Ex
xDm558p7ljOOSkrKYyp8aX+BTA0Nh9cnbErLEbjsYEYDO91eiGFiJal1gAD1iVpY
XhJgXMXUjbA5YkjqkAPFkhlFedcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSzIG/B
VDc64NInfTDzPi4Ypkci6DAfBgNVHSMEGDAWgBQvQH/s2Lfd3KXVuQpeGVidBsEB
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhBRUEyMjgvTDBCXzdO
aTMzZHlsMWJrS1hobFluUWJCQWR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTDBCXzdOaTMzZHlsMWJrS1hobFluUWJCQWR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhB
RUEyMjgvMDMyMzZDMkM4QzYzMTFFQkEwMTNGQjRDRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcQcwDANBgkqhkiG9w0BAQsF
AAOCAQEAzwXYEVWgfqkSr1BP2MLm8gLljqyg0J9RwP2DfILg0LrnYHbcElSJpk0J
8CyK4zyHZtvaSzlMTQomT5W9JvB9ItEH/7F6ugyRPAvomX0iQRqvlUXydkwpeeMg
keKOKYCgxJW/kTN91VTSuLNkYjzI4HPJTQH3iAcCeK83nF0SZH/nd+qA46XJKOgd
Y1J3vZzRAbqTSO+NVFiISNkN++Rj2wQKANLPSBQDSCIHR/C14wWgGGMb/RrhVq5Y
iVL3XFeSITJUhT8AWTCR7EZniO1clKUnuZHp+YCtKiQbiMiQjm6qD5PJLIQMrMV7
5Yw3BipXqZV/0VJbHw0mVoZZtXS5Ig==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org