Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/701698608C6611EB8F97ED51F8AEA228.roa
File:                     701698608C6611EB8F97ED51F8AEA228.roa (raw, json)
Hash identifier:          9vfAp3KTMT30C/8mgzGLIs5rCIc52PEDJizuREiG3tE=
Subject key identifier:   8B:2F:42:81:42:22:40:06:38:ED:BF:1E:4A:F3:8C:3D:E9:49:18:33
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       67
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/701698608C6611EB8F97ED51F8AEA228.roa
Signing time:             Wed 24 Mar 2021 06:01:56 +0000
ROA not before:           Wed 24 Mar 2021 06:01:52 +0000
ROA not after:            Mon 24 Mar 2031 06:01:52 +0000
asID:                     10474
IP address blocks:        196.28.32.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 103 (0x67)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 24 06:01:52 2021 GMT
            Not After : Mar 24 06:01:52 2031 GMT
        Subject: CN=605ad5d4-8b33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9b:ce:51:c7:ad:3f:a8:ea:68:fd:58:42:22:
                    16:7d:91:e5:29:dd:4b:ee:66:9c:71:2b:71:a2:23:
                    49:18:b4:9b:a1:75:a8:cf:87:14:38:76:f8:36:2e:
                    4a:bd:b1:03:0a:ac:84:82:5f:07:9b:ce:2e:de:cd:
                    74:54:de:27:09:40:d5:66:a1:6b:f5:62:6d:7b:11:
                    98:7c:21:01:e8:80:e9:5b:e8:fb:ba:33:45:5b:6b:
                    96:00:bb:2b:31:b2:6b:23:be:ae:fb:d7:f5:9a:09:
                    34:4f:f4:cc:c5:f0:b6:04:95:90:8d:4f:d0:1f:ef:
                    5f:2b:2f:47:f6:6f:60:91:e5:aa:0d:74:91:b7:0f:
                    43:49:46:76:10:6a:d8:aa:36:69:41:db:ef:28:a1:
                    73:40:c0:89:70:84:fc:83:06:d1:1d:d5:10:39:05:
                    64:19:83:6b:0b:aa:33:2f:4d:71:40:1d:49:cf:58:
                    15:0d:fd:89:6e:4b:41:29:7c:9c:36:82:4c:18:54:
                    c2:0a:88:c5:29:cc:38:bf:cd:0d:0b:ab:23:d0:5d:
                    55:7d:1d:eb:1f:40:77:96:39:28:90:25:c8:be:ac:
                    89:73:5a:17:03:c1:9a:76:a0:2e:a1:b8:a2:5c:55:
                    97:fa:42:80:a7:09:59:af:cc:25:a4:b1:f3:f0:e2:
                    03:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:2F:42:81:42:22:40:06:38:ED:BF:1E:4A:F3:8C:3D:E9:49:18:33
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/701698608C6611EB8F97ED51F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.28.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ad:3a:e5:fd:87:20:d9:2c:ed:00:51:29:85:5c:34:25:42:7f:
         d3:a0:dc:8e:b8:81:9c:60:ec:94:25:73:35:fd:14:9f:6c:4d:
         1e:11:06:6a:91:80:90:b9:48:dd:14:e7:8c:70:54:e9:4a:67:
         4a:4b:15:b5:ac:a5:73:af:10:c1:6c:38:e4:50:88:d9:36:03:
         80:d6:95:e3:34:da:87:70:75:53:df:b0:3b:aa:9c:b2:69:5e:
         cd:8a:58:59:0a:67:d6:58:ac:b6:b9:4e:8d:b6:80:2a:cc:0a:
         1c:5f:f6:23:73:e2:ec:80:c4:15:5f:82:e5:ec:4b:a4:2f:b6:
         cc:f3:65:23:73:fa:94:38:8b:e6:32:97:8e:5e:ae:1e:93:76:
         c1:bb:f6:c5:3b:fe:95:3a:79:ae:22:2a:d1:37:6d:d4:f0:66:
         87:f7:1c:38:25:e2:e7:18:43:b2:c5:aa:48:68:3a:95:af:d1:
         08:c4:78:6f:c4:ef:9d:5f:ec:2a:d4:cd:73:4a:d6:3f:48:18:
         66:5c:7e:70:1d:b3:b8:94:a4:77:84:df:86:1c:51:b3:27:44:
         94:c0:2b:35:a9:36:ef:cb:34:38:8a:cb:68:36:4f:e2:c2:1b:
         49:8c:e9:a3:a5:e1:2d:04:03:35:42:af:9e:48:b5:19:0b:8b:
         23:a6:94:d2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBZzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjIxNkFGMTEwLwYDVQQFEygyRjQwN0ZFQ0Q4QjdERERDQTVENUI5MEE1RTE5NTg5
RDA2QzEwMURDMB4XDTIxMDMyNDA2MDE1MloXDTMxMDMyNDA2MDE1MlowGDEWMBQG
A1UEAxMNNjA1YWQ1ZDQtOGIzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMybzlHHrT+o6mj9WEIiFn2R5SndS+5mnHErcaIjSRi0m6F1qM+HFDh2+DYu
Sr2xAwqshIJfB5vOLt7NdFTeJwlA1Waha/VibXsRmHwhAeiA6Vvo+7ozRVtrlgC7
KzGyayO+rvvX9ZoJNE/0zMXwtgSVkI1P0B/vXysvR/ZvYJHlqg10kbcPQ0lGdhBq
2Ko2aUHb7yihc0DAiXCE/IMG0R3VEDkFZBmDawuqMy9NcUAdSc9YFQ39iW5LQSl8
nDaCTBhUwgqIxSnMOL/NDQurI9BdVX0d6x9Ad5Y5KJAlyL6siXNaFwPBmnagLqG4
olxVl/pCgKcJWa/MJaSx8/DiAwMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSLL0KB
QiJABjjtvx5K84w96UkYMzAfBgNVHSMEGDAWgBQvQH/s2Lfd3KXVuQpeGVidBsEB
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhBRUEyMjgvTDBCXzdO
aTMzZHlsMWJrS1hobFluUWJCQWR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTDBCXzdOaTMzZHlsMWJrS1hobFluUWJCQWR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhB
RUEyMjgvNzAxNjk4NjA4QzY2MTFFQjhGOTdFRDUxRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMQcIDANBgkqhkiG9w0BAQsF
AAOCAQEArTrl/Ycg2SztAFEphVw0JUJ/06DcjriBnGDslCVzNf0Un2xNHhEGapGA
kLlI3RTnjHBU6UpnSksVtaylc68QwWw45FCI2TYDgNaV4zTah3B1U9+wO6qcsmle
zYpYWQpn1listrlOjbaAKswKHF/2I3Pi7IDEFV+C5exLpC+2zPNlI3P6lDiL5jKX
jl6uHpN2wbv2xTv+lTp5riIq0Tdt1PBmh/ccOCXi5xhDssWqSGg6la/RCMR4b8Tv
nV/sKtTNc0rWP0gYZlx+cB2zuJSkd4TfhhxRsydElMArNak278s0OIrLaDZP4sIb
SYzpo6XhLQQDNUKvnki1GQuLI6aU0g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org