Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/B11A1E688C5711EB860E2B3EF8AEA228.roa
File:                     B11A1E688C5711EB860E2B3EF8AEA228.roa (raw, json)
Hash identifier:          dQ1BJacKfUrYIrcOIyJNtIt0mnap5XIquHfN2y6XAOo=
Subject key identifier:   E4:83:2E:19:ED:CC:CE:15:94:D6:23:E0:12:B8:9C:95:17:55:B9:BE
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       17
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/B11A1E688C5711EB860E2B3EF8AEA228.roa
Signing time:             Wed 24 Mar 2021 04:16:23 +0000
ROA not before:           Wed 24 Mar 2021 04:16:17 +0000
ROA not after:            Mon 24 Mar 2031 04:16:17 +0000
asID:                     3741
IP address blocks:        196.23.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23 (0x17)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 24 04:16:17 2021 GMT
            Not After : Mar 24 04:16:17 2031 GMT
        Subject: CN=605abd16-1fc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:9c:4d:11:65:37:1f:74:62:9a:f1:33:cb:63:
                    e3:a9:22:b6:28:fc:c3:f2:72:01:1f:67:22:94:84:
                    a9:9a:10:fd:bc:11:43:33:72:49:09:fb:77:75:49:
                    99:9a:81:ec:1d:b0:63:ec:fc:a8:10:49:e0:32:57:
                    45:1b:6f:2d:a7:ab:4e:43:39:d8:97:21:7c:64:2f:
                    4a:b2:e5:9f:ea:55:25:d0:4c:5d:52:a5:02:6c:96:
                    5d:cd:f1:ce:9e:82:f9:57:58:9a:cb:c8:90:4b:d8:
                    8e:cd:28:34:f7:5d:d5:64:06:f0:68:67:0a:9f:7d:
                    03:c2:77:86:ad:19:8e:33:a9:d5:ad:b9:66:a6:55:
                    aa:61:70:f3:1c:32:9d:6f:25:30:e1:8f:3e:30:a4:
                    ae:02:d8:eb:bc:51:6c:38:cf:9d:ac:f7:c0:82:22:
                    51:52:5b:4f:08:94:4f:7b:53:50:a3:c7:93:c0:d3:
                    17:51:62:01:aa:02:30:a7:ca:31:7c:7f:55:48:c9:
                    20:b9:b0:e2:b1:5c:95:3c:3b:24:54:9b:1c:09:c3:
                    7a:d6:19:f0:9e:84:a8:7e:b3:7b:6e:c1:20:7c:a4:
                    34:b8:df:9b:35:1f:6f:01:c1:6a:4e:98:3d:67:ae:
                    a3:2c:da:7f:60:98:d5:d6:c6:c0:3e:6c:8c:de:59:
                    94:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:83:2E:19:ED:CC:CE:15:94:D6:23:E0:12:B8:9C:95:17:55:B9:BE
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/B11A1E688C5711EB860E2B3EF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.23.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         65:5d:74:eb:cf:ce:5a:47:ec:f5:2f:d6:af:95:a7:19:7e:d3:
         a4:40:b1:78:e2:fb:07:3f:d5:9d:cc:88:ff:b0:22:eb:f2:76:
         16:73:6d:15:c6:a9:f1:2c:f3:3f:75:16:ac:ae:20:70:5c:5c:
         14:c1:29:73:bc:c7:24:fb:2d:3e:64:cf:84:7e:ec:d4:92:8b:
         9a:13:bf:13:d1:0e:c4:d4:78:7d:63:88:59:ad:6f:1e:4b:3e:
         b3:5e:37:9f:7e:b1:13:97:7c:05:31:17:11:21:3f:c0:28:d4:
         61:4e:b2:75:75:5b:d4:b7:a0:d8:17:e0:12:0b:52:54:4e:1e:
         d9:c3:97:ca:9b:71:0c:fd:dc:3b:84:30:a1:c1:c5:4e:78:9a:
         b8:4b:67:7b:84:a5:6c:77:ea:02:64:85:72:4f:23:c6:3e:18:
         56:a5:df:86:5e:f8:5a:3c:9e:3e:3b:9c:e0:52:2a:25:89:96:
         a2:3d:5f:9c:03:10:0d:4e:87:9f:25:3b:ea:0b:15:72:54:89:
         d2:5d:56:d3:b8:e5:4f:2e:9a:bd:df:d0:96:6e:00:df:19:d1:
         eb:67:f9:ba:f1:27:68:b9:08:21:fe:05:e1:94:84:72:99:26:
         b4:2e:e0:c3:1c:fe:3d:6f:da:90:e6:b7:09:bd:e9:ba:e4:a8:
         76:89:fe:60
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjIxNkFGMTEwLwYDVQQFEygyRjQwN0ZFQ0Q4QjdERERDQTVENUI5MEE1RTE5NTg5
RDA2QzEwMURDMB4XDTIxMDMyNDA0MTYxN1oXDTMxMDMyNDA0MTYxN1owGDEWMBQG
A1UEAxMNNjA1YWJkMTYtMWZjOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKicTRFlNx90YprxM8tj46kitij8w/JyAR9nIpSEqZoQ/bwRQzNySQn7d3VJ
mZqB7B2wY+z8qBBJ4DJXRRtvLaerTkM52JchfGQvSrLln+pVJdBMXVKlAmyWXc3x
zp6C+VdYmsvIkEvYjs0oNPdd1WQG8GhnCp99A8J3hq0ZjjOp1a25ZqZVqmFw8xwy
nW8lMOGPPjCkrgLY67xRbDjPnaz3wIIiUVJbTwiUT3tTUKPHk8DTF1FiAaoCMKfK
MXx/VUjJILmw4rFclTw7JFSbHAnDetYZ8J6EqH6ze27BIHykNLjfmzUfbwHBak6Y
PWeuoyzaf2CY1dbGwD5sjN5ZlNUCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBTkgy4Z
7czOFZTWI+ASuJyVF1W5vjAfBgNVHSMEGDAWgBQvQH/s2Lfd3KXVuQpeGVidBsEB
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhBRUEyMjgvTDBCXzdO
aTMzZHlsMWJrS1hobFluUWJCQWR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTDBCXzdOaTMzZHlsMWJrS1hobFluUWJCQWR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhB
RUEyMjgvQjExQTFFNjg4QzU3MTFFQjg2MEUyQjNFRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMQXMA0GCSqGSIb3DQEBCwUA
A4IBAQBlXXTrz85aR+z1L9avlacZftOkQLF44vsHP9WdzIj/sCLr8nYWc20Vxqnx
LPM/dRasriBwXFwUwSlzvMck+y0+ZM+EfuzUkouaE78T0Q7E1Hh9Y4hZrW8eSz6z
XjeffrETl3wFMRcRIT/AKNRhTrJ1dVvUt6DYF+ASC1JUTh7Zw5fKm3EM/dw7hDCh
wcVOeJq4S2d7hKVsd+oCZIVyTyPGPhhWpd+GXvhaPJ4+O5zgUioliZaiPV+cAxAN
ToefJTvqCxVyVInSXVbTuOVPLpq939CWbgDfGdHrZ/m68SdouQgh/gXhlIRymSa0
LuDDHP49b9qQ5rcJvem65Kh2if5g
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org