Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/452D66F88D6811EB81F4A365F8AEA228.roa
File:                     452D66F88D6811EB81F4A365F8AEA228.roa (raw, json)
Hash identifier:          DxJ3Gj6cmL3xY8y6c17QTNcsjVj1F6KHmBpPNQgzXLo=
Subject key identifier:   02:B1:AB:A7:30:E5:13:80:6C:BB:77:45:3B:C7:51:65:0E:06:8C:52
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       D4
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/452D66F88D6811EB81F4A365F8AEA228.roa
Signing time:             Thu 25 Mar 2021 12:47:34 +0000
ROA not before:           Thu 25 Mar 2021 12:47:27 +0000
ROA not after:            Tue 25 Mar 2031 12:47:27 +0000
asID:                     10474
IP address blocks:        196.2.148.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 212 (0xd4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 25 12:47:27 2021 GMT
            Not After : Mar 25 12:47:27 2031 GMT
        Subject: CN=605c8666-8589
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:98:a7:7a:f5:b0:57:12:b1:dc:8e:8a:29:09:
                    8a:64:fc:f3:5b:90:d2:e7:8a:46:42:f8:8d:e9:49:
                    1c:4c:18:7f:6f:1f:ae:a0:6b:d3:4b:0b:29:6a:0c:
                    c8:e1:c6:aa:fc:5f:9e:14:c3:58:03:10:df:08:a7:
                    8e:ac:5d:18:ad:51:51:68:c7:31:4c:16:0d:e4:18:
                    4c:7a:c7:f5:91:78:25:c9:ad:3c:cb:8f:bf:b6:70:
                    53:ab:70:e5:df:02:b8:19:d6:aa:52:a1:75:7c:99:
                    87:05:b8:87:1c:7e:e9:f2:5c:ac:7f:31:f3:04:62:
                    75:2e:86:59:84:8d:ef:d1:12:53:c9:7e:29:60:e2:
                    02:f3:ae:d8:ec:ce:30:5e:31:09:3e:da:45:dc:f0:
                    2d:c6:46:64:93:cb:90:8f:82:3d:a7:85:96:7a:f8:
                    43:1e:ea:22:b6:fd:80:38:1d:f4:23:fe:63:4d:a6:
                    81:f1:5e:8c:1a:de:67:e1:c8:14:95:40:ed:2e:0d:
                    f5:03:94:f4:e4:06:f7:b6:cc:dc:97:c4:cc:d8:09:
                    3c:16:37:38:65:4a:0d:6c:d7:ec:03:18:74:3e:4c:
                    43:1b:9c:e6:1a:ef:35:c7:21:23:af:68:52:bb:dc:
                    91:6d:8a:0f:41:0b:69:99:4c:5a:47:4b:14:2e:c7:
                    0f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:B1:AB:A7:30:E5:13:80:6C:BB:77:45:3B:C7:51:65:0E:06:8C:52
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/452D66F88D6811EB81F4A365F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.2.148.0/23

    Signature Algorithm: sha256WithRSAEncryption
         15:97:04:b8:53:4f:f1:ba:06:b8:0f:c5:c9:77:53:32:22:37:
         69:52:f6:5b:ca:e4:c0:aa:5a:05:44:3e:44:c6:68:b5:03:d9:
         b1:dd:fa:ec:c5:58:cc:3e:0a:6d:1c:6c:b2:58:75:c6:bb:f6:
         b4:ab:b3:b3:08:a1:b3:d6:b5:30:43:e5:e9:31:c5:e7:a9:2a:
         ef:97:3d:41:bf:fa:df:0d:9b:5b:c5:c4:da:00:4b:45:71:a0:
         09:de:9b:28:3e:a5:b6:d6:8b:a4:44:9a:4e:f9:4d:64:51:98:
         0c:96:66:63:36:ce:06:c7:f9:72:ac:4b:e9:41:f6:1b:1c:4d:
         fd:bb:a7:f8:d6:42:ca:56:0a:c1:8e:10:80:aa:57:f1:b1:05:
         63:62:4f:3f:12:03:3d:9f:29:68:ef:e9:2f:2e:d4:4c:f4:d4:
         1a:df:b0:39:bd:0a:76:aa:bd:6d:cf:14:bc:e8:6e:ed:ff:51:
         a0:e3:8c:06:90:b2:b0:51:f8:9d:04:9a:b5:a3:41:0f:65:7a:
         f9:30:ab:7e:4e:8c:4e:51:44:60:87:75:f6:57:61:16:76:15:
         db:71:6c:d1:ea:7a:c4:f8:fc:72:e3:52:37:af:c9:3e:2b:ce:
         05:05:c8:4d:7d:92:a5:65:a5:a1:d3:41:a2:73:ec:10:8f:91:
         0b:ce:f3:0c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICANQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTAzMjUxMjQ3MjdaFw0zMTAzMjUxMjQ3MjdaMBgxFjAU
BgNVBAMTDTYwNWM4NjY2LTg1ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5mKd69bBXErHcjoopCYpk/PNbkNLnikZC+I3pSRxMGH9vH66ga9NLCylq
DMjhxqr8X54Uw1gDEN8Ip46sXRitUVFoxzFMFg3kGEx6x/WReCXJrTzLj7+2cFOr
cOXfArgZ1qpSoXV8mYcFuIccfunyXKx/MfMEYnUuhlmEje/RElPJfilg4gLzrtjs
zjBeMQk+2kXc8C3GRmSTy5CPgj2nhZZ6+EMe6iK2/YA4HfQj/mNNpoHxXowa3mfh
yBSVQO0uDfUDlPTkBve2zNyXxMzYCTwWNzhlSg1s1+wDGHQ+TEMbnOYa7zXHISOv
aFK73JFtig9BC2mZTFpHSxQuxw/BAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUArGr
pzDlE4Bsu3dFO8dRZQ4GjFIwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzQ1MkQ2NkY4OEQ2ODExRUI4MUY0QTM2NUY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHEApQwDQYJKoZIhvcNAQEL
BQADggEBABWXBLhTT/G6BrgPxcl3UzIiN2lS9lvK5MCqWgVEPkTGaLUD2bHd+uzF
WMw+Cm0cbLJYdca79rSrs7MIobPWtTBD5ekxxeepKu+XPUG/+t8Nm1vFxNoAS0Vx
oAnemyg+pbbWi6REmk75TWRRmAyWZmM2zgbH+XKsS+lB9hscTf27p/jWQspWCsGO
EICqV/GxBWNiTz8SAz2fKWjv6S8u1Ez01BrfsDm9CnaqvW3PFLzobu3/UaDjjAaQ
srBR+J0EmrWjQQ9levkwq35OjE5RRGCHdfZXYRZ2FdtxbNHqesT4/HLjUjevyT4r
zgUFyE19kqVlpaHTQaJz7BCPkQvO8ww=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org