Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/B48C661EBCCC11EB8561EB77F8AEA228.roa
File:                     B48C661EBCCC11EB8561EB77F8AEA228.roa (raw, json)
Hash identifier:          FdLd17Ur+RkzjHDanPqj4LFI9xDAdD8nJnpxiaaxc2U=
Subject key identifier:   25:51:09:67:5E:CF:79:8E:3F:4F:A8:DF:15:3C:D3:85:98:2C:74:3C
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       0152
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/B48C661EBCCC11EB8561EB77F8AEA228.roa
Signing time:             Mon 24 May 2021 20:14:55 +0000
ROA not before:           Mon 24 May 2021 20:14:49 +0000
ROA not after:            Fri 24 May 2041 20:14:49 +0000
asID:                     3741
IP address blocks:        196.28.128.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 338 (0x152)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: May 24 20:14:49 2021 GMT
            Not After : May 24 20:14:49 2041 GMT
        Subject: CN=60ac093f-eb9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:46:8f:a8:16:ac:ac:5c:2c:cf:de:cd:bf:33:
                    e4:9e:0d:8b:95:db:18:ae:61:60:f4:17:b5:41:4b:
                    86:91:6c:12:a5:f3:67:4b:12:5b:68:23:12:39:2c:
                    96:68:97:d6:96:60:da:d7:9e:bc:7d:09:c4:73:70:
                    39:00:2f:3c:ff:87:3f:fa:37:27:3e:7a:e8:00:66:
                    b1:7d:b9:48:cf:7b:6f:44:f0:cb:c8:f9:7f:b3:d7:
                    87:36:1c:82:17:53:e0:61:e3:aa:c6:cc:9b:97:91:
                    bd:60:f2:47:95:bb:7d:fb:e0:88:ea:c7:3b:36:27:
                    87:f9:1b:21:ee:0c:06:71:6e:69:69:8d:f0:4c:ff:
                    99:83:92:a5:4f:46:33:26:d9:7d:32:66:b1:20:1f:
                    98:a4:7e:3d:d2:57:98:7d:81:63:67:58:ee:a2:85:
                    6c:ac:18:ed:66:2b:91:3c:03:df:9c:c7:86:69:5d:
                    24:9b:7e:b7:0d:8f:60:40:83:3b:e3:73:4d:f3:96:
                    01:6f:cd:b5:86:5b:16:d0:f1:1c:ca:58:93:26:f4:
                    1f:df:2f:91:3b:ec:44:53:f0:25:f1:e8:c5:02:c7:
                    2d:cf:99:a1:4b:dc:8f:5f:19:e0:80:8f:8a:cf:5b:
                    59:f0:8d:fb:5a:75:01:b8:48:e1:80:2b:7b:30:c7:
                    f4:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:51:09:67:5E:CF:79:8E:3F:4F:A8:DF:15:3C:D3:85:98:2C:74:3C
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/B48C661EBCCC11EB8561EB77F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.28.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         7b:a4:7e:52:8a:bc:c8:0f:37:cd:b0:06:6a:f9:43:e4:e7:09:
         ff:68:7f:76:33:6c:3a:db:52:79:0c:12:fd:34:86:42:5b:ff:
         ef:3c:95:da:fe:95:ea:7e:d3:9a:10:10:37:7c:79:c9:18:9e:
         21:1a:a0:07:ef:75:74:4b:8c:51:57:f6:08:0a:09:b2:f9:99:
         9f:06:fd:b0:ce:1d:1d:99:6f:a6:fa:86:7d:a3:6f:f3:34:ff:
         66:e1:ed:32:9f:c9:f5:c4:3a:9a:5f:fd:88:04:20:ac:c0:83:
         46:f3:24:80:60:52:81:fa:b7:ed:ee:f6:8e:52:03:9e:a5:6c:
         51:46:37:4f:63:b2:27:1c:b3:a2:0b:49:cf:99:38:90:31:0f:
         94:aa:a2:83:2a:37:5d:54:18:c7:a9:63:83:e0:8a:30:18:9d:
         91:e9:b6:13:d6:f4:d7:0d:b7:4f:0b:ed:2b:27:d2:14:48:a3:
         36:dd:d0:51:3a:70:c3:6a:63:29:13:68:27:82:05:2a:55:28:
         5d:ed:45:fd:5c:61:ab:b8:b3:c1:36:5d:dd:11:c8:f6:89:6f:
         6a:54:75:3f:03:f6:8a:03:34:73:b7:a2:63:70:dd:ba:5d:d5:
         00:6b:39:37:0a:d2:aa:de:8b:ce:18:44:c9:01:72:60:ab:0a:
         ae:6e:0d:32
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAVIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTA1MjQyMDE0NDlaFw00MTA1MjQyMDE0NDlaMBgxFjAU
BgNVBAMTDTYwYWMwOTNmLWViOWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC1Ro+oFqysXCzP3s2/M+SeDYuV2xiuYWD0F7VBS4aRbBKl82dLEltoIxI5
LJZol9aWYNrXnrx9CcRzcDkALzz/hz/6Nyc+eugAZrF9uUjPe29E8MvI+X+z14c2
HIIXU+Bh46rGzJuXkb1g8keVu3374Ijqxzs2J4f5GyHuDAZxbmlpjfBM/5mDkqVP
RjMm2X0yZrEgH5ikfj3SV5h9gWNnWO6ihWysGO1mK5E8A9+cx4ZpXSSbfrcNj2BA
gzvjc03zlgFvzbWGWxbQ8RzKWJMm9B/fL5E77ERT8CXx6MUCxy3PmaFL3I9fGeCA
j4rPW1nwjftadQG4SOGAK3swx/S9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJVEJ
Z17PeY4/T6jfFTzThZgsdDwwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4L0I0OEM2NjFFQkNDQzExRUI4NTYxRUI3N0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbEHIAwDQYJKoZIhvcNAQEL
BQADggEBAHukflKKvMgPN82wBmr5Q+TnCf9of3YzbDrbUnkMEv00hkJb/+88ldr+
lep+05oQEDd8eckYniEaoAfvdXRLjFFX9ggKCbL5mZ8G/bDOHR2Zb6b6hn2jb/M0
/2bh7TKfyfXEOppf/YgEIKzAg0bzJIBgUoH6t+3u9o5SA56lbFFGN09jsiccs6IL
Sc+ZOJAxD5SqooMqN11UGMepY4PgijAYnZHpthPW9NcNt08L7Ssn0hRIozbd0FE6
cMNqYykTaCeCBSpVKF3tRf1cYau4s8E2Xd0RyPaJb2pUdT8D9ooDNHO3omNw3bpd
1QBrOTcK0qrei84YRMkBcmCrCq5uDTI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org