Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/81A77036B81711EBA3B2C95BF8AEA228.roa
File:                     81A77036B81711EBA3B2C95BF8AEA228.roa (raw, json)
Hash identifier:          TFcTmWhXSmS/Ik0+1/pRcMcGs85NpX66Pkw8pb/urmk=
Subject key identifier:   D8:AA:8E:3F:20:4C:5C:6C:35:D1:33:D4:86:AD:63:0C:A1:B6:01:A9
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       012E
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/81A77036B81711EBA3B2C95BF8AEA228.roa
Signing time:             Tue 18 May 2021 20:27:47 +0000
ROA not before:           Tue 18 May 2021 20:27:39 +0000
ROA not after:            Sat 18 May 2041 20:27:39 +0000
asID:                     3741
IP address blocks:        196.2.148.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 302 (0x12e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: May 18 20:27:39 2021 GMT
            Not After : May 18 20:27:39 2041 GMT
        Subject: CN=60a42343-9a0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:26:c5:96:ef:8c:92:f8:b5:72:16:75:07:92:
                    11:17:eb:cd:28:9a:3c:3d:0b:19:55:58:8e:18:01:
                    01:6e:6e:ae:cb:8c:80:d8:4e:33:3f:d7:10:95:55:
                    2b:9d:39:74:cc:28:29:20:b9:f8:3d:62:92:73:41:
                    1f:62:fe:81:c2:77:1c:bb:7b:69:bf:c0:53:cd:19:
                    fc:ef:58:58:41:f5:aa:26:0d:46:1e:c1:ff:ed:3f:
                    80:74:c7:08:e0:5a:b9:dd:b7:e2:f8:6c:8c:79:ed:
                    8e:7b:19:2e:70:62:d6:e3:de:90:7b:a0:de:3b:dc:
                    40:bd:9f:c9:1f:f9:10:24:fc:0f:09:f8:51:ed:42:
                    ff:00:7a:d3:19:a0:71:a8:17:d8:54:de:4a:fd:d7:
                    37:74:f4:6d:8c:d3:c9:63:b6:fe:58:10:fe:ab:fd:
                    02:b7:c3:53:19:fa:e3:df:f6:82:d0:6a:2c:f9:f6:
                    06:6b:05:31:4a:64:df:a4:93:ab:e6:87:fa:db:53:
                    6c:e2:55:e1:7f:92:a6:b0:25:ed:c2:0b:f8:5d:b3:
                    31:71:c5:19:db:23:09:9a:51:84:dd:dd:cd:db:f7:
                    bd:cd:3e:bf:57:9e:89:7c:6f:b2:93:a9:e0:b5:71:
                    cd:5f:1e:c1:d8:38:26:8e:ac:64:c3:ef:2d:bb:14:
                    f7:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:AA:8E:3F:20:4C:5C:6C:35:D1:33:D4:86:AD:63:0C:A1:B6:01:A9
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/81A77036B81711EBA3B2C95BF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.2.148.0/23

    Signature Algorithm: sha256WithRSAEncryption
         61:94:0c:61:ff:48:6c:ec:d9:f0:88:1f:3a:e5:0d:e8:1b:60:
         7f:b6:be:1c:fe:3c:fb:6e:f3:8b:0b:d3:55:aa:b1:11:2b:73:
         4d:d8:33:82:e8:81:70:83:97:75:d5:77:56:8e:50:d0:17:a1:
         37:fa:39:aa:ee:ae:c2:19:8e:ff:44:2c:b6:c4:2f:4b:fe:dd:
         c5:f8:ec:e4:03:a1:2b:d1:39:75:22:c7:e7:9a:ec:7c:c8:ee:
         88:0e:81:8e:43:e2:20:f0:4c:af:ca:33:1f:f0:7a:cb:33:82:
         83:ff:6f:ae:9e:2e:c6:73:06:fb:e5:2f:d0:f3:a1:f7:48:21:
         3a:4c:69:c7:6d:ce:eb:b4:f2:8d:25:22:7e:44:84:a3:78:3f:
         4c:be:d5:2a:86:e6:56:5b:3c:79:83:c0:27:4d:c1:98:43:f9:
         62:5c:f0:aa:4a:e8:b5:18:64:a8:4a:8b:ce:67:f1:95:62:40:
         85:59:f6:1b:4b:cc:06:14:0d:f7:6c:56:49:59:2f:8b:f1:7f:
         87:34:4b:42:f1:26:37:f4:9d:df:08:b6:1d:e1:ab:eb:5e:e3:
         74:82:f2:5b:8d:21:38:df:ae:b2:5e:0e:ae:5c:46:05:42:a7:
         0d:46:89:5b:03:72:2f:57:e9:55:2a:67:30:71:1b:d7:71:71:
         4a:4b:56:ad
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAS4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTA1MTgyMDI3MzlaFw00MTA1MTgyMDI3MzlaMBgxFjAU
BgNVBAMTDTYwYTQyMzQzLTlhMGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDCJsWW74yS+LVyFnUHkhEX680omjw9CxlVWI4YAQFubq7LjIDYTjM/1xCV
VSudOXTMKCkgufg9YpJzQR9i/oHCdxy7e2m/wFPNGfzvWFhB9aomDUYewf/tP4B0
xwjgWrndt+L4bIx57Y57GS5wYtbj3pB7oN473EC9n8kf+RAk/A8J+FHtQv8AetMZ
oHGoF9hU3kr91zd09G2M08ljtv5YEP6r/QK3w1MZ+uPf9oLQaiz59gZrBTFKZN+k
k6vmh/rbU2ziVeF/kqawJe3CC/hdszFxxRnbIwmaUYTd3c3b973NPr9Xnol8b7KT
qeC1cc1fHsHYOCaOrGTD7y27FPfFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2KqO
PyBMXGw10TPUhq1jDKG2AakwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzgxQTc3MDM2QjgxNzExRUJBM0IyQzk1QkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHEApQwDQYJKoZIhvcNAQEL
BQADggEBAGGUDGH/SGzs2fCIHzrlDegbYH+2vhz+PPtu84sL01WqsRErc03YM4Lo
gXCDl3XVd1aOUNAXoTf6OarursIZjv9ELLbEL0v+3cX47OQDoSvROXUix+ea7HzI
7ogOgY5D4iDwTK/KMx/wesszgoP/b66eLsZzBvvlL9DzofdIITpMacdtzuu08o0l
In5EhKN4P0y+1SqG5lZbPHmDwCdNwZhD+WJc8KpK6LUYZKhKi85n8ZViQIVZ9htL
zAYUDfdsVklZL4vxf4c0S0LxJjf0nd8Ith3hq+te43SC8luNITjfrrJeDq5cRgVC
pw1GiVsDci9X6VUqZzBxG9dxcUpLVq0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org