Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/B0D7EE1E8D6811EB85723966F8AEA228.roa
File:                     B0D7EE1E8D6811EB85723966F8AEA228.roa (raw, json)
Hash identifier:          Um5XSB37K70h1lSImS7Kmvp2ienQQUHY673dVbcily8=
Subject key identifier:   C3:62:3B:F0:4D:73:6D:8C:2F:32:14:BE:90:3C:CE:7F:A2:BE:90:58
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       D7
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/B0D7EE1E8D6811EB85723966F8AEA228.roa
Signing time:             Thu 25 Mar 2021 12:50:35 +0000
ROA not before:           Thu 25 Mar 2021 12:50:28 +0000
ROA not after:            Tue 25 Mar 2031 12:50:28 +0000
asID:                     10474
IP address blocks:        196.2.150.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 215 (0xd7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 25 12:50:28 2021 GMT
            Not After : Mar 25 12:50:28 2031 GMT
        Subject: CN=605c871b-7093
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:db:f1:20:73:b1:db:f9:3d:74:75:55:77:75:
                    f0:73:b3:21:df:da:7d:f2:2b:53:7e:cd:b4:9f:cd:
                    5e:a1:aa:44:9f:6e:ef:43:b6:af:dc:19:f2:a8:3e:
                    4c:3a:03:a6:47:1b:ba:3a:19:47:87:0d:b6:1e:ba:
                    c3:b0:a6:d1:37:2f:a3:7a:12:e4:54:97:5f:85:5e:
                    29:9f:e8:05:9e:ee:34:26:42:b0:40:db:fe:dc:10:
                    87:e8:53:10:73:50:79:57:78:c0:b5:69:e9:f9:69:
                    ef:ac:ac:7d:d5:ed:d6:3a:ec:89:48:81:db:e0:35:
                    e0:fc:aa:ad:67:1c:77:61:77:07:31:c8:63:0c:0c:
                    da:5a:37:6e:c1:51:f1:5b:93:11:88:7d:05:77:11:
                    9f:be:5a:db:17:28:7b:4b:73:4a:06:67:c3:c0:65:
                    5e:a5:b4:d0:4c:ec:37:b9:40:5f:90:a8:b3:54:3b:
                    d3:42:04:50:4d:fa:cc:d5:43:bb:ea:d5:c0:99:21:
                    3e:ad:b7:24:ba:0c:a8:7c:c4:a0:56:5a:a8:33:ad:
                    a4:b9:fd:b9:5d:17:70:01:10:55:5f:2b:fe:be:87:
                    a4:56:02:f6:f0:7f:13:a7:23:b5:ad:bd:6a:00:4a:
                    8a:6d:00:d8:67:eb:d7:cd:7c:c6:c4:66:47:f4:d3:
                    5c:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:62:3B:F0:4D:73:6D:8C:2F:32:14:BE:90:3C:CE:7F:A2:BE:90:58
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/B0D7EE1E8D6811EB85723966F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.2.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:98:66:c9:4f:28:3c:d2:71:5c:8a:39:d0:b4:31:41:36:2d:
         9c:94:4d:c4:6b:d9:fe:c3:2a:53:71:3a:44:5a:0c:f8:ad:81:
         41:fd:3f:52:5b:9d:09:27:84:9f:84:1d:02:c9:65:8f:76:33:
         26:60:65:91:b5:7a:4c:b8:91:e9:3b:e5:1e:17:a4:ea:e3:e7:
         26:7e:a4:49:d7:14:9c:5e:40:4e:0e:4a:97:2a:03:46:14:9e:
         a5:37:00:4e:9e:eb:82:07:9c:8a:75:b9:0c:20:43:42:40:99:
         2c:ac:cd:6e:01:58:27:2f:9c:e3:00:c1:ff:1d:38:e8:a1:df:
         d0:5f:b0:3e:56:56:c4:93:61:d2:6a:65:25:10:bb:c5:89:c3:
         34:45:d7:85:a5:16:35:b4:03:f4:e7:51:29:32:d8:66:33:89:
         42:03:e9:98:30:2c:8b:32:dc:5b:34:bb:f3:95:12:cd:2b:3e:
         e6:37:35:82:1d:87:38:cc:63:4c:be:2e:22:15:c1:5f:25:c7:
         8e:6a:ff:24:b6:4a:d0:f4:53:93:45:dd:de:c2:aa:66:09:a5:
         56:8c:0a:81:3a:c2:b3:9a:73:5c:53:59:86:41:65:60:82:36:
         00:47:b4:ed:c7:22:90:2b:93:c6:a0:e7:78:b1:3b:77:79:49:
         f7:55:30:56
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICANcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTAzMjUxMjUwMjhaFw0zMTAzMjUxMjUwMjhaMBgxFjAU
BgNVBAMTDTYwNWM4NzFiLTcwOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCk2/Egc7Hb+T10dVV3dfBzsyHf2n3yK1N+zbSfzV6hqkSfbu9Dtq/cGfKo
Pkw6A6ZHG7o6GUeHDbYeusOwptE3L6N6EuRUl1+FXimf6AWe7jQmQrBA2/7cEIfo
UxBzUHlXeMC1aen5ae+srH3V7dY67IlIgdvgNeD8qq1nHHdhdwcxyGMMDNpaN27B
UfFbkxGIfQV3EZ++WtsXKHtLc0oGZ8PAZV6ltNBM7De5QF+QqLNUO9NCBFBN+szV
Q7vq1cCZIT6ttyS6DKh8xKBWWqgzraS5/bldF3ABEFVfK/6+h6RWAvbwfxOnI7Wt
vWoASoptANhn69fNfMbEZkf001yBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUw2I7
8E1zbYwvMhS+kDzOf6K+kFgwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4L0IwRDdFRTFFOEQ2ODExRUI4NTcyMzk2NkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEApYwDQYJKoZIhvcNAQEL
BQADggEBAFCYZslPKDzScVyKOdC0MUE2LZyUTcRr2f7DKlNxOkRaDPitgUH9P1Jb
nQknhJ+EHQLJZY92MyZgZZG1eky4kek75R4XpOrj5yZ+pEnXFJxeQE4OSpcqA0YU
nqU3AE6e64IHnIp1uQwgQ0JAmSyszW4BWCcvnOMAwf8dOOih39BfsD5WVsSTYdJq
ZSUQu8WJwzRF14WlFjW0A/TnUSky2GYziUID6ZgwLIsy3Fs0u/OVEs0rPuY3NYId
hzjMY0y+LiIVwV8lx45q/yS2StD0U5NF3d7CqmYJpVaMCoE6wrOac1xTWYZBZWCC
NgBHtO3HIpArk8ag53ixO3d5SfdVMFY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org