Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/721EC3028C8011EBA502266EF8AEA228.roa
File:                     721EC3028C8011EBA502266EF8AEA228.roa (raw, json)
Hash identifier:          M5yN09f2S1Xr4s4yquR5NBmYB94s8Paw708/PhhRdoE=
Subject key identifier:   C7:02:CE:2E:52:C1:6E:B6:76:8A:F9:81:26:07:DF:34:9E:3D:7F:B2
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       96
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/721EC3028C8011EBA502266EF8AEA228.roa
Signing time:             Wed 24 Mar 2021 09:08:06 +0000
ROA not before:           Wed 24 Mar 2021 09:08:01 +0000
ROA not after:            Mon 24 Mar 2031 09:08:01 +0000
asID:                     12258
IP address blocks:        197.81.159.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 150 (0x96)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 24 09:08:01 2021 GMT
            Not After : Mar 24 09:08:01 2031 GMT
        Subject: CN=605b0176-23b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e3:b0:43:e7:39:2c:a6:08:d7:0c:a1:d9:0f:
                    c3:20:ba:5e:88:ce:a4:75:d4:81:66:63:a7:0b:1d:
                    6d:6e:ca:a0:40:67:04:c2:95:a8:8c:e0:da:1b:3b:
                    ae:e6:1b:69:ca:e2:50:93:36:9c:54:7b:1c:8a:2c:
                    e0:e7:46:30:9f:bf:52:04:e6:69:04:09:6b:c0:92:
                    e6:ce:74:5a:18:fe:90:88:ee:ff:7b:eb:38:40:e4:
                    1c:7f:cd:55:54:f1:a2:d6:17:5b:13:2b:4f:fc:9a:
                    fc:be:ee:a2:14:5f:fc:51:7d:df:9f:73:1f:9c:cf:
                    c3:06:cc:4d:72:19:82:1a:16:5b:b2:b0:18:22:d8:
                    2d:ad:63:ef:d1:7c:d9:38:f4:dd:89:39:91:23:00:
                    83:82:67:41:9b:ee:6f:0e:0f:e9:18:49:bc:a0:6a:
                    49:90:9f:59:85:45:ba:31:67:9e:6a:1f:60:43:76:
                    ec:28:4a:c9:0d:be:2c:cf:75:4d:b9:94:73:39:e5:
                    a9:93:5a:bd:a2:71:14:8e:56:24:00:91:8e:62:6a:
                    69:dd:b6:35:d7:40:49:50:23:24:98:6d:86:2d:d9:
                    b4:06:96:47:bd:0d:59:70:d3:80:62:eb:92:64:81:
                    31:02:e4:37:c1:12:8c:09:ec:66:8e:5c:85:08:18:
                    13:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:02:CE:2E:52:C1:6E:B6:76:8A:F9:81:26:07:DF:34:9E:3D:7F:B2
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/721EC3028C8011EBA502266EF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.81.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c6:66:dd:ac:48:44:66:29:02:39:d0:33:8d:8d:22:fb:d1:06:
         26:48:12:a0:5a:d2:f6:13:68:ff:7e:11:ad:4b:9f:c1:ce:b9:
         59:6b:f3:fa:2f:a2:f4:59:2b:30:b5:17:2b:6b:6e:d1:dc:cc:
         11:a5:b1:4a:2a:6a:12:18:f0:a0:57:53:ba:20:31:74:8c:7a:
         c1:92:5d:f7:07:92:02:9b:b3:59:fe:bb:7f:95:f8:59:da:a8:
         d0:06:2e:ba:23:2a:92:5c:ed:95:71:f2:a2:0b:6c:e7:61:aa:
         ba:b5:64:05:c2:48:23:5e:b0:91:51:1c:27:3e:36:6a:52:37:
         4e:01:02:ce:12:93:46:1d:d7:d9:6a:45:30:a4:ec:c6:48:6e:
         84:a1:a5:bf:5c:cc:a9:14:ab:14:d2:09:81:1e:e5:72:0c:cf:
         a2:e5:28:8e:83:8f:6e:68:5c:bd:c2:b3:1a:57:30:0a:c0:9a:
         04:23:08:10:89:90:cc:b4:a7:b5:5c:97:09:fd:1c:a6:5d:87:
         bd:e2:b5:e1:78:47:56:d8:e8:b1:51:a4:8a:0d:86:11:81:13:
         44:ba:e8:54:2d:32:18:5e:6b:bc:28:41:e4:24:8f:32:9f:8e:
         34:a9:3d:d3:6a:e9:77:b5:11:18:03:94:b5:64:93:7a:0d:3d:
         ef:39:95:72
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAJYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTAzMjQwOTA4MDFaFw0zMTAzMjQwOTA4MDFaMBgxFjAU
BgNVBAMTDTYwNWIwMTc2LTIzYjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCe47BD5zkspgjXDKHZD8Mgul6IzqR11IFmY6cLHW1uyqBAZwTClaiM4Nob
O67mG2nK4lCTNpxUexyKLODnRjCfv1IE5mkECWvAkubOdFoY/pCI7v976zhA5Bx/
zVVU8aLWF1sTK0/8mvy+7qIUX/xRfd+fcx+cz8MGzE1yGYIaFluysBgi2C2tY+/R
fNk49N2JOZEjAIOCZ0Gb7m8OD+kYSbygakmQn1mFRboxZ55qH2BDduwoSskNvizP
dU25lHM55amTWr2icRSOViQAkY5iamndtjXXQElQIySYbYYt2bQGlke9DVlw04Bi
65JkgTEC5DfBEowJ7GaOXIUIGBNTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxwLO
LlLBbrZ2ivmBJgffNJ49f7IwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzcyMUVDMzAyOEM4MDExRUJBNTAyMjY2RUY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADFUZ8wDQYJKoZIhvcNAQEL
BQADggEBAMZm3axIRGYpAjnQM42NIvvRBiZIEqBa0vYTaP9+Ea1Ln8HOuVlr8/ov
ovRZKzC1FytrbtHczBGlsUoqahIY8KBXU7ogMXSMesGSXfcHkgKbs1n+u3+V+Fna
qNAGLrojKpJc7ZVx8qILbOdhqrq1ZAXCSCNesJFRHCc+NmpSN04BAs4Sk0Yd19lq
RTCk7MZIboShpb9czKkUqxTSCYEe5XIMz6LlKI6Dj25oXL3CsxpXMArAmgQjCBCJ
kMy0p7Vclwn9HKZdh73iteF4R1bY6LFRpIoNhhGBE0S66FQtMhhea7woQeQkjzKf
jjSpPdNq6Xe1ERgDlLVkk3oNPe85lXI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org