Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/680709BABCD211EB885BDB83F8AEA228.roa
File:                     680709BABCD211EB885BDB83F8AEA228.roa (raw, json)
Hash identifier:          IrPwHY4jt/T2TWXjSkZKEjrz/FdNt1JrPZ/zkR0xiIY=
Subject key identifier:   CE:08:3C:D6:23:05:1D:10:EF:50:92:D3:EC:70:EE:30:02:9F:91:C1
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       0160
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/680709BABCD211EB885BDB83F8AEA228.roa
Signing time:             Mon 24 May 2021 20:55:44 +0000
ROA not before:           Mon 24 May 2021 20:55:38 +0000
ROA not after:            Fri 24 May 2041 20:55:38 +0000
asID:                     3741
IP address blocks:        197.81.155.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 352 (0x160)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: May 24 20:55:38 2021 GMT
            Not After : May 24 20:55:38 2041 GMT
        Subject: CN=60ac12d0-5af0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e3:f0:7f:48:7f:05:15:9a:2b:9d:c1:17:10:
                    a4:3a:dd:54:1f:78:4e:78:1c:d7:89:9d:aa:ca:f3:
                    31:90:91:87:ca:bd:32:c2:34:04:34:64:83:9b:b9:
                    34:cb:a0:e2:f9:f0:10:dc:2a:44:38:62:3d:7e:ef:
                    11:c5:ee:c7:b1:a9:df:7f:3e:fe:2f:ce:cf:00:a9:
                    4b:52:f0:2e:19:e9:4a:04:04:3a:df:17:e0:e5:36:
                    df:05:f5:9d:16:71:65:05:42:74:e2:37:7d:8a:7d:
                    d2:a1:53:9d:fe:a9:4b:d8:4d:33:0a:eb:23:9a:fd:
                    70:77:fd:15:bc:e5:7f:c8:26:8e:96:53:1f:50:84:
                    41:2c:ab:67:40:a0:6e:2d:99:09:a2:60:e3:02:bd:
                    85:a5:d1:4e:e4:0f:6b:70:b8:ab:19:78:8c:07:5f:
                    fc:52:3c:39:5f:be:00:08:67:d0:ee:68:6d:11:54:
                    ae:38:95:ff:08:91:3a:82:9d:10:40:29:ad:37:ad:
                    9f:fc:bb:9e:cb:8a:ed:49:e8:68:83:5f:b1:e5:66:
                    b8:ad:39:79:d2:64:33:4f:56:be:76:4b:49:53:fd:
                    86:44:18:5e:11:27:38:e7:54:33:b3:0f:c8:9f:dc:
                    c7:c5:42:50:90:36:b9:08:25:00:8d:0b:7c:f9:1d:
                    18:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:08:3C:D6:23:05:1D:10:EF:50:92:D3:EC:70:EE:30:02:9F:91:C1
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/680709BABCD211EB885BDB83F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.81.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:2c:95:4c:a9:c9:48:ec:1c:63:43:b8:93:e0:17:bc:63:f3:
         87:ed:52:6f:94:11:12:f6:bd:ad:c2:47:bd:f2:13:13:1d:c8:
         01:46:9a:8c:9e:b4:20:2a:b4:a3:c9:3e:ee:e8:a0:61:64:cf:
         37:fb:31:da:36:82:ea:13:d3:4f:2b:49:cd:20:51:c7:e8:a0:
         23:d8:9a:91:d9:41:28:cd:4e:83:ac:29:2f:cd:0a:3b:30:94:
         ef:ed:61:10:91:9f:a0:b3:1b:e3:8e:a9:22:94:eb:57:43:f1:
         52:32:83:99:77:c7:1a:53:1a:29:43:df:d8:8f:93:6c:99:04:
         3f:51:54:16:f1:ce:c4:79:f5:80:5d:f2:ab:ce:ea:de:1e:eb:
         e4:a8:3b:07:75:be:b1:96:7c:4e:cd:15:53:5f:0f:16:92:c2:
         22:22:99:08:50:68:33:86:83:84:be:21:e2:b3:b2:50:cf:6a:
         ed:7f:83:5b:6e:56:6b:74:a7:0e:39:69:ab:26:45:70:df:df:
         ec:e0:ea:dc:7a:e9:1a:3a:40:a0:fd:c8:a4:ba:80:b8:97:2a:
         1d:8f:3c:ff:ea:36:ec:21:a4:e4:14:d4:04:1b:6e:52:7c:cd:
         5f:83:1f:8c:62:c9:d2:32:aa:35:17:b2:38:ec:65:7f:dc:77:
         bd:88:9b:81
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAWAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTA1MjQyMDU1MzhaFw00MTA1MjQyMDU1MzhaMBgxFjAU
BgNVBAMTDTYwYWMxMmQwLTVhZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDG4/B/SH8FFZorncEXEKQ63VQfeE54HNeJnarK8zGQkYfKvTLCNAQ0ZIOb
uTTLoOL58BDcKkQ4Yj1+7xHF7sexqd9/Pv4vzs8AqUtS8C4Z6UoEBDrfF+DlNt8F
9Z0WcWUFQnTiN32KfdKhU53+qUvYTTMK6yOa/XB3/RW85X/IJo6WUx9QhEEsq2dA
oG4tmQmiYOMCvYWl0U7kD2twuKsZeIwHX/xSPDlfvgAIZ9DuaG0RVK44lf8IkTqC
nRBAKa03rZ/8u57Liu1J6GiDX7HlZritOXnSZDNPVr52S0lT/YZEGF4RJzjnVDOz
D8if3MfFQlCQNrkIJQCNC3z5HRhrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzgg8
1iMFHRDvUJLT7HDuMAKfkcEwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzY4MDcwOUJBQkNEMjExRUI4ODVCREI4M0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADFUZswDQYJKoZIhvcNAQEL
BQADggEBAJwslUypyUjsHGNDuJPgF7xj84ftUm+UERL2va3CR73yExMdyAFGmoye
tCAqtKPJPu7ooGFkzzf7Mdo2guoT008rSc0gUcfooCPYmpHZQSjNToOsKS/NCjsw
lO/tYRCRn6CzG+OOqSKU61dD8VIyg5l3xxpTGilD39iPk2yZBD9RVBbxzsR59YBd
8qvO6t4e6+SoOwd1vrGWfE7NFVNfDxaSwiIimQhQaDOGg4S+IeKzslDPau1/g1tu
Vmt0pw45aasmRXDf3+zg6tx66Ro6QKD9yKS6gLiXKh2PPP/qNuwhpOQU1AQbblJ8
zV+DH4xiydIyqjUXsjjsZX/cd72Im4E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org