Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/121E3BA0BCCC11EBBAD51277F8AEA228.roa
File:                     121E3BA0BCCC11EBBAD51277F8AEA228.roa (raw, json)
Hash identifier:          DRVj99nTwW/kXI5iPTe7BNvTQmkcPXnHkUkSjUJkLEg=
Subject key identifier:   89:52:61:1E:46:DA:F6:DA:A6:EA:95:6F:D2:D7:40:E1:8E:B0:23:AB
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       0150
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/121E3BA0BCCC11EBBAD51277F8AEA228.roa
Signing time:             Mon 24 May 2021 20:10:23 +0000
ROA not before:           Mon 24 May 2021 20:10:10 +0000
ROA not after:            Fri 24 May 2041 20:10:10 +0000
asID:                     3741
IP address blocks:        196.41.128.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 336 (0x150)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: May 24 20:10:10 2021 GMT
            Not After : May 24 20:10:10 2041 GMT
        Subject: CN=60ac082f-4271
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f8:f6:07:66:58:a8:c4:a5:82:b8:50:0d:81:
                    eb:0d:da:fb:d2:7b:c8:00:1a:15:52:8c:81:17:36:
                    9d:d3:a7:e8:75:f2:8d:8e:90:84:58:17:20:56:e3:
                    f7:88:1a:c1:c8:33:a2:53:7c:6b:f1:4b:bb:dd:fb:
                    32:27:82:73:e8:67:09:31:4b:ff:fd:65:1c:95:5b:
                    7b:77:f0:29:8c:1b:86:3d:63:26:5d:ef:01:a0:b5:
                    94:ef:13:9a:86:ab:05:56:e2:f8:0c:17:0e:a9:77:
                    94:4d:21:4d:80:fb:27:4e:cf:a1:34:5b:8e:61:31:
                    81:bd:a3:eb:32:bc:e5:98:57:52:12:2c:19:72:3a:
                    c4:2f:ff:7f:ab:21:4a:ff:63:2a:93:3a:41:91:b2:
                    4e:2a:d7:7b:cb:37:78:83:f2:a5:54:86:a0:e5:53:
                    1d:33:08:e7:38:a2:a6:90:2d:b7:a3:2e:df:3f:04:
                    45:0f:f5:93:25:85:97:f1:58:a8:60:ac:4b:72:46:
                    9b:a2:3b:63:1b:79:0f:5c:dc:7f:24:a7:a8:7b:45:
                    74:34:4e:74:7a:da:62:fa:ba:f5:49:33:95:4a:e9:
                    60:61:bc:58:b0:35:bf:67:12:49:68:09:58:97:e8:
                    b6:b3:41:63:dc:e1:1e:2b:88:39:54:37:83:b8:21:
                    f2:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:52:61:1E:46:DA:F6:DA:A6:EA:95:6F:D2:D7:40:E1:8E:B0:23:AB
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/121E3BA0BCCC11EBBAD51277F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.41.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         48:a0:19:c4:75:bd:28:41:1b:c4:d4:c2:65:07:2b:97:26:1b:
         b9:a6:f0:b5:d5:4c:d3:10:da:65:73:a9:0e:7f:ed:a1:2b:36:
         cf:b1:d1:14:21:75:b0:3f:91:a8:74:04:40:03:19:00:ba:4c:
         08:b1:d2:12:bf:20:18:ea:1f:17:66:cd:60:de:0d:36:3f:5a:
         40:5a:3d:35:40:3f:c8:5c:10:24:b9:32:50:7f:a0:ef:02:d1:
         e2:1c:9e:ad:20:03:70:64:c7:3e:d0:ac:cd:5c:b9:ff:29:70:
         ef:8a:6c:f7:1a:62:cc:8f:0a:00:76:66:23:22:f6:2d:93:f5:
         f2:16:fc:95:ef:64:c8:c6:f6:ec:33:76:f7:0e:ae:87:32:2c:
         7d:45:ed:65:ba:ab:cf:ac:7d:ab:1e:fe:10:9b:66:ee:56:92:
         44:e6:80:6f:57:fe:9f:34:06:5e:3e:7d:f8:28:be:d3:44:69:
         ef:e7:c9:f4:44:d2:07:f2:28:0e:b7:00:11:59:dd:af:72:ca:
         b7:00:50:e2:d6:50:7c:8b:e6:0b:57:1a:04:11:f1:a9:2e:5c:
         ea:81:00:fd:ec:df:4b:45:03:4d:7f:87:3a:6d:c4:8a:4e:b8:
         10:dc:be:94:3d:d1:21:bb:5f:8f:e2:f8:ae:65:2f:5b:c6:d5:
         f3:c4:93:e1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAVAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTA1MjQyMDEwMTBaFw00MTA1MjQyMDEwMTBaMBgxFjAU
BgNVBAMTDTYwYWMwODJmLTQyNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDO+PYHZlioxKWCuFANgesN2vvSe8gAGhVSjIEXNp3Tp+h18o2OkIRYFyBW
4/eIGsHIM6JTfGvxS7vd+zIngnPoZwkxS//9ZRyVW3t38CmMG4Y9YyZd7wGgtZTv
E5qGqwVW4vgMFw6pd5RNIU2A+ydOz6E0W45hMYG9o+syvOWYV1ISLBlyOsQv/3+r
IUr/YyqTOkGRsk4q13vLN3iD8qVUhqDlUx0zCOc4oqaQLbejLt8/BEUP9ZMlhZfx
WKhgrEtyRpuiO2MbeQ9c3H8kp6h7RXQ0TnR62mL6uvVJM5VK6WBhvFiwNb9nEklo
CViX6LazQWPc4R4riDlUN4O4IfJXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUiVJh
Hkba9tqm6pVv0tdA4Y6wI6swHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzEyMUUzQkEwQkNDQzExRUJCQUQ1MTI3N0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXEKYAwDQYJKoZIhvcNAQEL
BQADggEBAEigGcR1vShBG8TUwmUHK5cmG7mm8LXVTNMQ2mVzqQ5/7aErNs+x0RQh
dbA/kah0BEADGQC6TAix0hK/IBjqHxdmzWDeDTY/WkBaPTVAP8hcECS5MlB/oO8C
0eIcnq0gA3Bkxz7QrM1cuf8pcO+KbPcaYsyPCgB2ZiMi9i2T9fIW/JXvZMjG9uwz
dvcOrocyLH1F7WW6q8+sfase/hCbZu5WkkTmgG9X/p80Bl4+ffgovtNEae/nyfRE
0gfyKA63ABFZ3a9yyrcAUOLWUHyL5gtXGgQR8akuXOqBAP3s30tFA01/hzptxIpO
uBDcvpQ90SG7X4/i+K5lL1vG1fPEk+E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org