Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/2A87F7DC8D5411EBA620124FF8AEA228.roa
File:                     2A87F7DC8D5411EBA620124FF8AEA228.roa (raw, json)
Hash identifier:          jzXBX2Vq/jfsNqqwTU1eGVNOfFHh9/cKr0tEeaN/zRc=
Subject key identifier:   0B:2B:28:0B:E2:EC:96:19:0D:FD:96:2E:7F:97:28:3D:10:31:9E:D6
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       A7
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/2A87F7DC8D5411EBA620124FF8AEA228.roa
Signing time:             Thu 25 Mar 2021 10:23:39 +0000
ROA not before:           Thu 25 Mar 2021 10:23:34 +0000
ROA not after:            Tue 25 Mar 2031 10:23:34 +0000
asID:                     12258
IP address blocks:        196.28.192.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 167 (0xa7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 25 10:23:34 2021 GMT
            Not After : Mar 25 10:23:34 2031 GMT
        Subject: CN=605c64ab-b37b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:61:c3:31:56:d9:a5:e3:a5:29:d8:24:ea:de:
                    f7:0e:f1:6a:63:8d:b7:14:3e:67:88:70:21:93:bb:
                    1c:f8:2b:13:f4:8c:20:a6:49:7f:2b:ba:43:63:8e:
                    29:01:69:e6:18:cb:c9:4e:00:7f:40:57:d9:0f:84:
                    c3:14:85:49:ff:e8:f7:ec:97:e9:8a:cf:67:07:4c:
                    d8:e0:ad:aa:8d:95:a8:80:c6:00:42:0f:66:ba:d7:
                    23:81:2e:87:8c:88:89:e7:d9:6b:c0:e5:2d:26:b1:
                    e4:a3:db:42:a9:7f:03:bf:c3:35:86:12:82:53:e2:
                    ab:59:97:ab:0a:64:d2:9c:3a:75:47:19:93:7a:46:
                    54:6c:ec:23:37:62:cc:5a:f1:39:58:01:3d:10:ad:
                    3e:fb:bf:c6:36:55:e8:c3:1a:f5:ed:6b:b1:ec:bc:
                    59:96:9e:0a:44:52:b1:f0:c5:15:27:bf:1e:49:ff:
                    3f:e5:02:a0:c5:a5:31:44:13:3a:4a:b2:78:af:de:
                    7e:7c:78:69:35:80:ba:5f:14:fa:73:38:18:b3:ce:
                    2d:c1:05:4d:e6:41:11:bc:4a:be:80:ca:24:36:87:
                    bd:7f:5a:8c:22:c3:9e:a4:d7:42:3a:e7:32:c3:89:
                    41:04:ed:5f:0b:38:8e:3a:30:16:cf:67:6a:81:3b:
                    36:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:2B:28:0B:E2:EC:96:19:0D:FD:96:2E:7F:97:28:3D:10:31:9E:D6
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/2A87F7DC8D5411EBA620124FF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.28.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         96:ca:6e:8a:9c:7b:9c:1c:04:68:0a:ac:d4:99:85:8e:9c:92:
         95:30:9a:69:0f:b2:57:44:4e:3a:8e:09:42:43:8b:57:51:38:
         74:d0:43:f2:b3:61:2b:4e:f8:10:88:55:be:4a:bd:62:cf:79:
         de:25:ac:a9:92:ec:a1:76:68:f4:3c:83:4c:3e:ec:11:5f:ca:
         53:a0:4d:75:53:68:44:ad:3d:fb:fc:08:fc:9d:a4:97:8b:c3:
         38:1b:59:77:d9:93:12:32:21:63:a9:4a:8a:25:a6:12:4f:36:
         c9:54:a4:e9:6f:b3:4e:f4:2d:6a:44:cd:33:49:d9:da:27:c4:
         24:c4:82:e3:ba:32:c2:dd:58:06:54:e4:24:7a:a1:5e:ec:be:
         0f:76:a2:6a:27:a9:f3:ad:b7:b8:2e:06:58:ab:4d:ff:3b:fe:
         c6:c7:60:60:0e:9a:19:02:37:8c:a0:3a:aa:a3:c0:32:bc:3d:
         24:16:77:6f:90:0d:b5:1e:4f:ce:f3:98:f0:95:cb:22:88:85:
         5d:4b:b4:99:ff:95:42:ba:a0:ae:a9:04:b6:09:b2:6d:3d:0a:
         ec:03:ea:34:4a:3c:0f:93:f3:c5:95:c2:c4:32:78:4c:69:33:
         95:52:1b:38:a8:32:77:67:9d:c6:4a:0a:95:88:79:84:fc:55:
         d9:75:66:7e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAKcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTAzMjUxMDIzMzRaFw0zMTAzMjUxMDIzMzRaMBgxFjAU
BgNVBAMTDTYwNWM2NGFiLWIzN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDXYcMxVtml46Up2CTq3vcO8WpjjbcUPmeIcCGTuxz4KxP0jCCmSX8rukNj
jikBaeYYy8lOAH9AV9kPhMMUhUn/6Pfsl+mKz2cHTNjgraqNlaiAxgBCD2a61yOB
LoeMiInn2WvA5S0mseSj20KpfwO/wzWGEoJT4qtZl6sKZNKcOnVHGZN6RlRs7CM3
Ysxa8TlYAT0QrT77v8Y2VejDGvXta7HsvFmWngpEUrHwxRUnvx5J/z/lAqDFpTFE
EzpKsniv3n58eGk1gLpfFPpzOBizzi3BBU3mQRG8Sr6AyiQ2h71/Wowiw56k10I6
5zLDiUEE7V8LOI46MBbPZ2qBOzazAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUCyso
C+LslhkN/ZYuf5coPRAxntYwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzJBODdGN0RDOEQ1NDExRUJBNjIwMTI0RkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXEHMAwDQYJKoZIhvcNAQEL
BQADggEBAJbKboqce5wcBGgKrNSZhY6ckpUwmmkPsldETjqOCUJDi1dROHTQQ/Kz
YStO+BCIVb5KvWLPed4lrKmS7KF2aPQ8g0w+7BFfylOgTXVTaEStPfv8CPydpJeL
wzgbWXfZkxIyIWOpSoolphJPNslUpOlvs070LWpEzTNJ2donxCTEguO6MsLdWAZU
5CR6oV7svg92omonqfOtt7guBlirTf87/sbHYGAOmhkCN4ygOqqjwDK8PSQWd2+Q
DbUeT87zmPCVyyKIhV1LtJn/lUK6oK6pBLYJsm09CuwD6jRKPA+T88WVwsQyeExp
M5VSGzioMndnncZKCpWIeYT8Vdl1Zn4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org