Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/5351B66456EA11EE85DD5B5D4AD9E6FC.roa
File:                     5351B66456EA11EE85DD5B5D4AD9E6FC.roa (raw, json)
Hash identifier:          Zzalc9WKYN6BgZeDJjoydwR4m/YNlmnNS8Cg29SKiXI=
Subject key identifier:   96:B0:DA:C6:2B:B9:BB:FE:0E:1E:3B:EE:A8:74:81:32:B0:DF:83:23
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       0510
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/5351B66456EA11EE85DD5B5D4AD9E6FC.roa
Signing time:             Tue 19 Sep 2023 12:44:51 +0000
ROA not before:           Tue 19 Sep 2023 12:44:47 +0000
ROA not after:            Fri 30 Sep 2033 12:44:47 +0000
asID:                     3741
IP address blocks:        196.1.82.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1296 (0x510)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Sep 19 12:44:47 2023 GMT
            Not After : Sep 30 12:44:47 2033 GMT
        Subject: CN=650997c3-ed83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:50:b1:dd:60:35:a5:b4:1f:25:8e:da:c2:3c:
                    6f:88:86:f6:6a:a7:61:02:d1:84:68:42:d7:56:15:
                    e1:02:44:a9:d1:55:2b:17:a2:1f:3c:dd:ba:9f:69:
                    82:3e:ee:99:7a:2e:2f:99:55:54:ef:3a:bc:1c:ba:
                    3d:34:97:e5:a5:5b:c7:8a:c7:55:b5:95:93:9e:6d:
                    a9:16:7b:76:cc:1c:1a:bd:0a:4a:e0:8c:6e:59:ea:
                    c4:11:b3:20:86:48:71:0c:ad:2e:a5:eb:07:0b:94:
                    06:2d:13:04:22:06:b6:b7:3e:02:51:de:b4:1c:29:
                    55:7f:44:0d:29:36:84:6f:c5:b6:c6:5e:ed:ee:0c:
                    0b:7f:c7:a0:e9:f1:f3:12:c2:0f:f2:4a:4f:43:56:
                    d9:ad:74:30:5b:31:55:37:4d:8f:9a:62:b5:77:80:
                    49:b2:cf:a8:47:53:6d:b7:85:bb:21:f9:2b:8c:0e:
                    ba:28:29:06:c5:49:f7:37:08:02:02:f5:0c:1b:7a:
                    f4:be:3c:26:03:0c:51:f9:ce:b1:79:f7:e8:04:91:
                    2c:aa:24:bb:70:d3:f2:2e:73:1b:3e:f4:af:b8:28:
                    4e:5a:d1:76:e6:c2:29:08:af:9b:1a:42:23:53:91:
                    22:63:c0:5e:b8:18:72:ef:bb:13:22:df:9b:2e:fa:
                    0b:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:B0:DA:C6:2B:B9:BB:FE:0E:1E:3B:EE:A8:74:81:32:B0:DF:83:23
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/5351B66456EA11EE85DD5B5D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.1.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         13:e1:02:e6:32:27:03:43:6e:99:ec:e2:c8:a3:62:ff:17:b6:
         c4:bd:53:c2:7a:c0:bc:c9:4c:03:7d:13:a4:07:27:91:c2:03:
         95:ea:66:c4:35:14:dc:92:ab:92:0f:3c:28:98:dc:4b:61:c5:
         54:e4:f0:e0:ab:fc:e0:e8:09:9e:83:d0:ab:01:f1:48:29:de:
         49:54:64:c6:46:5b:73:8a:51:f5:ba:bb:a1:4d:a4:20:a9:d2:
         70:09:9b:4c:7d:95:1a:c5:7c:19:d7:84:7b:68:76:8a:43:e3:
         9a:21:70:53:74:1e:3e:41:eb:bc:91:24:6d:f8:15:0c:c4:bc:
         84:c5:36:51:52:09:9c:da:e4:f8:17:d7:7d:bc:c9:7a:62:c3:
         59:54:2b:1b:99:fa:1a:c0:49:23:57:97:ae:2e:1f:e4:a6:dd:
         ae:97:dc:56:9a:2a:ea:fc:eb:84:cb:02:dd:ce:9c:2a:30:2d:
         6c:9f:ec:45:5f:9d:a1:70:5f:53:2d:1f:ac:ed:58:bb:68:71:
         0c:72:75:3e:3a:f8:b5:2a:30:c2:91:ba:3d:16:cf:62:dc:e7:
         71:c5:a9:c9:b6:5c:12:00:73:6e:e0:19:73:46:bc:2f:b8:a2:
         0f:bc:52:c8:08:8e:9e:4e:bc:87:ef:f4:80:97:24:c5:81:70:
         e1:4b:4b:9d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBRAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMzA5MTkxMjQ0NDdaFw0zMzA5MzAxMjQ0NDdaMBgxFjAU
BgNVBAMTDTY1MDk5N2MzLWVkODMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCcULHdYDWltB8ljtrCPG+IhvZqp2EC0YRoQtdWFeECRKnRVSsXoh883bqf
aYI+7pl6Li+ZVVTvOrwcuj00l+WlW8eKx1W1lZOebakWe3bMHBq9CkrgjG5Z6sQR
syCGSHEMrS6l6wcLlAYtEwQiBra3PgJR3rQcKVV/RA0pNoRvxbbGXu3uDAt/x6Dp
8fMSwg/ySk9DVtmtdDBbMVU3TY+aYrV3gEmyz6hHU223hbsh+SuMDrooKQbFSfc3
CAIC9QwbevS+PCYDDFH5zrF59+gEkSyqJLtw0/Iucxs+9K+4KE5a0XbmwikIr5sa
QiNTkSJjwF64GHLvuxMi35su+gvZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUlrDa
xiu5u/4OHjvuqHSBMrDfgyMwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzUzNTFCNjY0NTZFQTExRUU4NURENUI1RDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHEAVIwDQYJKoZIhvcNAQEL
BQADggEBABPhAuYyJwNDbpns4sijYv8XtsS9U8J6wLzJTAN9E6QHJ5HCA5XqZsQ1
FNySq5IPPCiY3EthxVTk8OCr/ODoCZ6D0KsB8Ugp3klUZMZGW3OKUfW6u6FNpCCp
0nAJm0x9lRrFfBnXhHtodopD45ohcFN0Hj5B67yRJG34FQzEvITFNlFSCZza5PgX
1328yXpiw1lUKxuZ+hrASSNXl64uH+Sm3a6X3FaaKur864TLAt3OnCowLWyf7EVf
naFwX1MtH6ztWLtocQxydT46+LUqMMKRuj0Wz2Lc53HFqcm2XBIAc27gGXNGvC+4
og+8UsgIjp5OvIfv9ICXJMWBcOFLS50=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org