Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/84BFDBD68D6611EB989A2363F8AEA228.roa
File:                     84BFDBD68D6611EB989A2363F8AEA228.roa (raw, json)
Hash identifier:          +idGLtWs2OjOzsOvhMxkk+ndROXAMcDlBdUa2TiY/p4=
Subject key identifier:   29:06:01:AD:72:6E:1D:0E:40:64:F6:33:4E:A9:17:AC:BB:D3:EE:D9
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       C7
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/84BFDBD68D6611EB989A2363F8AEA228.roa
Signing time:             Thu 25 Mar 2021 12:35:02 +0000
ROA not before:           Thu 25 Mar 2021 12:34:56 +0000
ROA not after:            Tue 25 Mar 2031 12:34:56 +0000
asID:                     10474
IP address blocks:        196.2.45.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 199 (0xc7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 25 12:34:56 2021 GMT
            Not After : Mar 25 12:34:56 2031 GMT
        Subject: CN=605c8376-8c2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1a:ee:2e:01:34:b3:7d:10:6f:4e:70:f0:45:
                    50:1e:80:cb:19:04:df:49:ff:79:08:89:cb:5e:ce:
                    cb:57:52:01:b9:60:d3:f4:12:f6:7f:cc:da:a5:bc:
                    19:f5:1c:43:59:27:81:bd:e4:3b:e9:9c:d7:15:25:
                    6e:74:be:3f:7b:b6:75:88:c0:5a:27:f0:28:6f:b5:
                    86:40:1c:d9:a5:be:af:e8:2b:34:7f:74:36:0e:1b:
                    ec:3e:bd:ea:e9:34:9e:28:0d:c9:61:23:ca:d2:77:
                    8c:1a:fc:18:2c:c7:f8:36:fb:e6:b2:01:4b:2b:60:
                    81:aa:86:36:c6:c6:46:a3:49:aa:02:a9:2d:42:20:
                    84:e6:f7:5e:a9:e2:18:95:e9:7e:84:4a:d9:e6:47:
                    c7:ce:c1:a7:0a:f2:16:bd:d4:fa:51:74:e3:14:64:
                    cc:fe:0b:2a:47:1a:9b:e4:ed:e7:0e:86:77:9f:d5:
                    c6:f6:3d:92:13:11:ef:d7:72:16:8b:be:36:c8:88:
                    8d:44:5a:93:77:68:4c:2f:25:5f:c5:00:d9:f2:ef:
                    34:17:ed:32:70:7e:c7:00:c2:85:01:1d:1e:48:7b:
                    a1:e2:d7:0f:c2:38:39:14:6d:e8:82:66:de:40:75:
                    10:d3:d8:a8:4e:ba:ff:c8:89:ec:22:01:37:9d:80:
                    a2:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:06:01:AD:72:6E:1D:0E:40:64:F6:33:4E:A9:17:AC:BB:D3:EE:D9
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/84BFDBD68D6611EB989A2363F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.2.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:40:99:c2:6f:8a:ea:4f:59:33:b5:5a:32:73:86:29:e4:2c:
         a0:c5:d9:47:4d:86:30:c5:16:da:59:ba:76:2f:43:dd:e2:4c:
         92:2d:08:52:81:24:8c:68:0c:b6:95:b8:bc:8f:9b:08:37:ea:
         e7:d2:f6:38:cd:51:18:8a:a6:f0:8f:fc:b2:96:95:7a:33:70:
         c0:e3:1f:3b:d5:c1:bd:8d:fc:02:a4:0d:6b:8f:a1:da:41:1e:
         4c:ee:9a:44:1a:a8:1e:c5:4c:52:a0:79:1e:73:e7:6c:50:fe:
         b3:0a:a1:ca:9a:4b:7d:31:0b:e2:92:c6:36:92:9b:91:a6:05:
         fb:11:59:cc:70:6f:08:3a:97:9d:e2:c7:f8:56:71:54:20:f3:
         e7:39:05:57:06:4f:d9:7b:1c:d9:0d:aa:94:f7:f1:49:b4:18:
         0d:5e:de:37:2b:08:66:c0:85:ae:39:51:69:96:fe:4b:73:69:
         a2:3c:3a:ba:ae:b8:30:f1:74:f4:57:57:5c:98:34:61:a7:6a:
         f2:1a:99:d2:26:de:30:12:63:cc:87:b7:07:c4:cc:e4:0f:94:
         b5:aa:d2:e1:48:7c:aa:d9:99:97:b9:dd:fe:e0:2a:87:0c:76:
         df:15:26:cb:59:30:a2:bd:62:89:79:40:c6:1d:cc:78:85:f8:
         f9:58:79:52
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAMcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTAzMjUxMjM0NTZaFw0zMTAzMjUxMjM0NTZaMBgxFjAU
BgNVBAMTDTYwNWM4Mzc2LThjMmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2Gu4uATSzfRBvTnDwRVAegMsZBN9J/3kIictezstXUgG5YNP0EvZ/zNql
vBn1HENZJ4G95DvpnNcVJW50vj97tnWIwFon8ChvtYZAHNmlvq/oKzR/dDYOG+w+
verpNJ4oDclhI8rSd4wa/Bgsx/g2++ayAUsrYIGqhjbGxkajSaoCqS1CIITm916p
4hiV6X6EStnmR8fOwacK8ha91PpRdOMUZMz+CypHGpvk7ecOhnef1cb2PZITEe/X
chaLvjbIiI1EWpN3aEwvJV/FANny7zQX7TJwfscAwoUBHR5Ie6Hi1w/CODkUbeiC
Zt5AdRDT2KhOuv/IiewiATedgKIdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKQYB
rXJuHQ5AZPYzTqkXrLvT7tkwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4Lzg0QkZEQkQ2OEQ2NjExRUI5ODlBMjM2M0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEAi0wDQYJKoZIhvcNAQEL
BQADggEBAJpAmcJviupPWTO1WjJzhinkLKDF2UdNhjDFFtpZunYvQ93iTJItCFKB
JIxoDLaVuLyPmwg36ufS9jjNURiKpvCP/LKWlXozcMDjHzvVwb2N/AKkDWuPodpB
HkzumkQaqB7FTFKgeR5z52xQ/rMKocqaS30xC+KSxjaSm5GmBfsRWcxwbwg6l53i
x/hWcVQg8+c5BVcGT9l7HNkNqpT38Um0GA1e3jcrCGbAha45UWmW/ktzaaI8Orqu
uDDxdPRXV1yYNGGnavIamdIm3jASY8yHtwfEzOQPlLWq0uFIfKrZmZe53f7gKocM
dt8VJstZMKK9Yol5QMYdzHiF+PlYeVI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org