Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/23460494BCDB11EBABDB4B14F8AEA228.roa
File:                     23460494BCDB11EBABDB4B14F8AEA228.roa (raw, json)
Hash identifier:          24C3Z9T+RIXRlSYeVRLAfkD6VO80/wjZsNtLx8kUVkA=
Subject key identifier:   22:30:36:5E:59:13:B7:EA:E0:6C:D0:66:3F:F6:61:E7:C1:D3:34:4F
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       0181
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/23460494BCDB11EBABDB4B14F8AEA228.roa
Signing time:             Mon 24 May 2021 21:58:14 +0000
ROA not before:           Mon 24 May 2021 21:58:08 +0000
ROA not after:            Fri 24 May 2041 21:58:08 +0000
asID:                     3741
IP address blocks:        197.80.0.0/13 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 385 (0x181)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: May 24 21:58:08 2021 GMT
            Not After : May 24 21:58:08 2041 GMT
        Subject: CN=60ac2176-c3e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e6:5f:0d:e6:a6:88:3e:cf:4a:58:7a:30:1a:
                    4e:98:e8:65:35:5a:36:a0:f8:67:3a:c7:5a:ed:db:
                    f9:c4:00:01:17:a2:fc:e9:2e:6b:62:cd:46:01:39:
                    5d:cc:f4:85:28:74:84:1a:1b:63:5c:5e:67:18:23:
                    2c:67:3f:24:10:64:7e:61:a9:52:f9:24:bb:0e:5d:
                    95:a8:47:14:8e:53:69:c4:d5:54:2b:71:2a:c4:ff:
                    b2:8a:2f:81:e2:94:3a:04:43:d6:d2:6f:3e:c6:22:
                    8d:f1:9c:4b:91:6f:6c:c7:36:a5:4c:3e:8c:f6:6f:
                    49:60:a2:96:e0:06:7e:2d:bf:d7:5b:ff:bf:50:fd:
                    7c:ce:af:b8:13:a4:69:57:6d:80:56:69:03:1d:2d:
                    59:4f:f2:e3:b8:8f:fa:65:41:c8:fd:8d:8e:4e:68:
                    4a:d9:04:7f:e1:8f:bf:fe:53:42:bf:f0:99:56:f6:
                    32:11:b6:8e:62:87:f5:1c:17:bb:b7:d1:20:27:34:
                    d7:2c:71:06:76:3c:8f:c6:82:9b:e9:48:31:81:b9:
                    bd:54:cf:00:b9:72:21:53:1b:3d:b3:85:bf:6c:54:
                    97:d4:35:16:00:9f:48:82:0b:38:af:95:16:34:be:
                    72:a4:45:7a:4d:80:85:28:49:e0:1d:cd:27:84:52:
                    8a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:30:36:5E:59:13:B7:EA:E0:6C:D0:66:3F:F6:61:E7:C1:D3:34:4F
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/23460494BCDB11EBABDB4B14F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.80.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         88:a3:25:56:fd:0d:3b:4d:fb:ec:a0:0c:4d:e1:a3:60:2f:a5:
         d2:5f:d3:16:01:2e:91:bf:df:78:4f:8b:41:49:bc:70:d5:fc:
         d9:bb:c8:5b:ac:0d:30:89:ac:46:8c:9d:77:7f:dc:4c:71:b6:
         f5:7d:31:1b:96:08:1c:9d:6a:06:22:69:76:e3:a7:21:fb:e1:
         b2:0d:7c:98:90:34:de:62:3e:ad:9d:41:79:5a:a0:28:64:c7:
         62:e2:7b:98:b5:b9:8c:50:a4:bb:7e:29:16:1a:21:78:5d:eb:
         41:da:24:18:b8:b0:31:30:1c:bd:5a:f5:7f:45:aa:cd:be:fd:
         10:90:6c:5b:00:f2:b1:30:c3:b7:61:38:5c:d9:62:42:85:dd:
         ef:10:11:b9:c5:4f:11:be:37:cb:51:ca:5a:ca:a1:6d:eb:19:
         a5:a4:0a:ae:e9:7a:fd:08:53:97:e0:15:61:64:2f:bf:7d:b4:
         d1:5d:d7:16:de:00:0e:e3:39:49:eb:29:5f:f7:a9:ab:f6:cd:
         50:ac:f0:50:45:03:f8:8b:04:78:7f:00:47:a8:fa:ec:07:c5:
         e6:53:4a:93:0b:3d:e6:e4:ae:db:10:09:dc:24:1e:c0:3d:bf:
         4a:ae:80:bc:52:0c:89:0e:15:27:61:47:b4:8c:0b:49:69:47:
         a0:2d:5d:72
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAYEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTA1MjQyMTU4MDhaFw00MTA1MjQyMTU4MDhaMBgxFjAU
BgNVBAMTDTYwYWMyMTc2LWMzZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDM5l8N5qaIPs9KWHowGk6Y6GU1Wjag+Gc6x1rt2/nEAAEXovzpLmtizUYB
OV3M9IUodIQaG2NcXmcYIyxnPyQQZH5hqVL5JLsOXZWoRxSOU2nE1VQrcSrE/7KK
L4HilDoEQ9bSbz7GIo3xnEuRb2zHNqVMPoz2b0lgopbgBn4tv9db/79Q/XzOr7gT
pGlXbYBWaQMdLVlP8uO4j/plQcj9jY5OaErZBH/hj7/+U0K/8JlW9jIRto5ih/Uc
F7u30SAnNNcscQZ2PI/GgpvpSDGBub1UzwC5ciFTGz2zhb9sVJfUNRYAn0iCCziv
lRY0vnKkRXpNgIUoSeAdzSeEUoonAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUIjA2
XlkTt+rgbNBmP/Zh58HTNE8wHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzIzNDYwNDk0QkNEQjExRUJBQkRCNEIxNEY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwPFUDANBgkqhkiG9w0BAQsF
AAOCAQEAiKMlVv0NO0377KAMTeGjYC+l0l/TFgEukb/feE+LQUm8cNX82bvIW6wN
MImsRoydd3/cTHG29X0xG5YIHJ1qBiJpduOnIfvhsg18mJA03mI+rZ1BeVqgKGTH
YuJ7mLW5jFCku34pFhoheF3rQdokGLiwMTAcvVr1f0Wqzb79EJBsWwDysTDDt2E4
XNliQoXd7xARucVPEb43y1HKWsqhbesZpaQKrul6/QhTl+AVYWQvv3200V3XFt4A
DuM5SespX/epq/bNUKzwUEUD+IsEeH8AR6j67AfF5lNKkws95uSu2xAJ3CQewD2/
Sq6AvFIMiQ4VJ2FHtIwLSWlHoC1dcg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org