Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/63270E8C9B5C11EB95F66646F8AEA228.roa
File:                     63270E8C9B5C11EB95F66646F8AEA228.roa (raw, json)
Hash identifier:          yX89YZzA/e3S6jiHssPhS7AZF9Uy2pKMziOWs/u00K8=
Subject key identifier:   C2:AB:BF:F3:02:57:B6:73:56:55:99:E9:61:9F:02:07:C1:7C:30:A3
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       F0
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/63270E8C9B5C11EB95F66646F8AEA228.roa
Signing time:             Mon 12 Apr 2021 06:57:47 +0000
ROA not before:           Mon 12 Apr 2021 06:57:40 +0000
ROA not after:            Wed 30 Apr 2031 06:57:40 +0000
asID:                     3741
IP address blocks:        196.45.96.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 240 (0xf0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Apr 12 06:57:40 2021 GMT
            Not After : Apr 30 06:57:40 2031 GMT
        Subject: CN=6073ef6b-bf07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a3:1b:69:ff:c4:6c:2f:a5:13:b8:bb:b0:93:
                    36:dc:56:d9:73:5b:6f:a5:29:46:8b:ed:2c:02:60:
                    fd:88:d2:8b:ef:48:82:d5:bb:63:63:5e:23:29:2a:
                    2a:06:f1:7a:ea:2d:8e:69:ff:74:cc:7d:02:85:14:
                    65:b4:12:f9:6d:fa:36:42:ee:5e:b6:5f:fd:11:61:
                    45:a5:f4:a2:20:8e:f7:4e:fb:a9:dc:66:15:8e:8b:
                    8e:cb:0d:74:f7:68:5f:b3:71:de:6c:10:16:47:d0:
                    f6:a9:cd:f1:51:db:82:f8:1b:87:ce:46:69:03:9b:
                    28:b7:67:63:db:a6:2f:be:3c:34:58:9c:18:7e:9f:
                    16:7d:d3:aa:5e:e3:e3:ec:04:ff:c5:17:93:20:c1:
                    36:ef:44:1c:cb:4d:38:7d:25:65:ba:c1:ce:7f:ca:
                    5f:f8:2b:3f:98:32:4f:ae:e2:cf:c0:b4:9a:e6:99:
                    36:79:5b:0c:62:62:f1:4a:42:44:6c:21:86:e3:a0:
                    68:bf:9d:82:47:5b:75:f9:8c:09:67:8f:78:89:76:
                    50:7c:1e:6e:4c:16:05:68:cf:f3:4e:2e:3a:02:e7:
                    62:62:3d:2f:b9:4b:c7:02:65:11:49:77:bc:a9:2e:
                    66:d9:c6:ef:17:33:82:f3:8c:2e:2e:38:e1:1b:66:
                    6b:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:AB:BF:F3:02:57:B6:73:56:55:99:E9:61:9F:02:07:C1:7C:30:A3
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/63270E8C9B5C11EB95F66646F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.45.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         43:11:f4:ba:e4:ee:6c:fb:7d:37:bd:d5:a2:ea:0b:f1:3d:e7:
         e4:9c:82:4f:6f:2b:4d:f7:af:69:b1:4a:28:e0:e5:6f:19:09:
         41:c4:42:c1:01:48:f9:93:19:aa:2e:53:55:53:13:0d:fd:b4:
         fc:85:33:bc:9d:43:27:3e:54:7c:6a:c4:f3:31:26:df:e1:30:
         7b:db:ad:9e:b5:63:66:30:58:a5:c0:45:32:20:8b:3a:e7:32:
         a2:2a:b3:36:f2:fa:2a:3e:92:1e:ab:5a:ad:23:7b:fd:f6:d6:
         8b:34:25:0b:47:ca:f4:1d:bd:11:30:44:4c:b9:24:73:a3:d8:
         30:e0:33:3d:e9:5f:4f:d4:36:b4:fd:11:b4:10:67:af:bb:33:
         fb:27:8f:c0:ca:cc:8a:c3:11:8c:db:4d:8e:58:d3:21:ba:e6:
         d6:63:34:01:23:2c:f3:f7:4b:55:bc:98:5f:00:ff:99:61:aa:
         35:d5:e8:11:cf:a5:f2:e5:f0:b2:8a:16:70:2b:4c:43:95:42:
         bd:65:00:c4:34:37:34:62:f7:9e:1a:44:4e:03:b8:67:d2:06:
         86:d1:7e:5c:3b:41:fc:26:c0:84:5e:66:e2:91:01:b1:29:f6:
         6a:eb:39:17:0c:c7:c1:48:b4:1b:ff:aa:5f:f1:01:95:a8:bd:
         e3:e5:86:04
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAPAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTA0MTIwNjU3NDBaFw0zMTA0MzAwNjU3NDBaMBgxFjAU
BgNVBAMTDTYwNzNlZjZiLWJmMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC1oxtp/8RsL6UTuLuwkzbcVtlzW2+lKUaL7SwCYP2I0ovvSILVu2NjXiMp
KioG8XrqLY5p/3TMfQKFFGW0Evlt+jZC7l62X/0RYUWl9KIgjvdO+6ncZhWOi47L
DXT3aF+zcd5sEBZH0PapzfFR24L4G4fORmkDmyi3Z2Pbpi++PDRYnBh+nxZ906pe
4+PsBP/FF5MgwTbvRBzLTTh9JWW6wc5/yl/4Kz+YMk+u4s/AtJrmmTZ5WwxiYvFK
QkRsIYbjoGi/nYJHW3X5jAlnj3iJdlB8Hm5MFgVoz/NOLjoC52JiPS+5S8cCZRFJ
d7ypLmbZxu8XM4LzjC4uOOEbZmv7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUwqu/
8wJXtnNWVZnpYZ8CB8F8MKMwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzYzMjcwRThDOUI1QzExRUI5NUY2NjY0NkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATELWAwDQYJKoZIhvcNAQEL
BQADggEBAEMR9Lrk7mz7fTe91aLqC/E95+Scgk9vK033r2mxSijg5W8ZCUHEQsEB
SPmTGaouU1VTEw39tPyFM7ydQyc+VHxqxPMxJt/hMHvbrZ61Y2YwWKXARTIgizrn
MqIqszby+io+kh6rWq0je/321os0JQtHyvQdvREwREy5JHOj2DDgMz3pX0/UNrT9
EbQQZ6+7M/snj8DKzIrDEYzbTY5Y0yG65tZjNAEjLPP3S1W8mF8A/5lhqjXV6BHP
pfLl8LKKFnArTEOVQr1lAMQ0NzRi954aRE4DuGfSBobRflw7QfwmwIReZuKRAbEp
9mrrORcMx8FItBv/ql/xAZWovePlhgQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org