Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/D99CB9ACBCD811EB98EED810F8AEA228.roa
File:                     D99CB9ACBCD811EB98EED810F8AEA228.roa (raw, json)
Hash identifier:          IsZsMjP76YPBDd8ZfW6tFr3u6g21qSol3XJAuweK+tk=
Subject key identifier:   1C:26:ED:4A:55:DD:7A:BB:A4:B5:2D:FE:E6:40:08:56:B6:EF:86:73
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       0175
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/D99CB9ACBCD811EB98EED810F8AEA228.roa
Signing time:             Mon 24 May 2021 21:41:51 +0000
ROA not before:           Mon 24 May 2021 21:41:45 +0000
ROA not after:            Fri 24 May 2041 21:41:45 +0000
asID:                     3741
IP address blocks:        196.28.16.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 373 (0x175)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: May 24 21:41:45 2021 GMT
            Not After : May 24 21:41:45 2041 GMT
        Subject: CN=60ac1d9f-78fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:2d:c1:e7:c5:c0:c4:27:1d:8c:3a:f1:4c:40:
                    d1:f4:64:df:83:41:a9:d4:88:0e:02:b0:ab:26:3a:
                    6e:fa:16:33:93:ac:be:85:38:0c:1a:68:73:19:3b:
                    f9:e1:92:cf:46:22:ac:7b:dc:6e:4f:d4:70:0b:82:
                    5c:4e:30:eb:6b:d5:f0:84:45:2a:8e:7d:53:dc:c5:
                    96:91:e7:92:7d:e7:d5:2d:57:aa:d2:e4:d2:d0:a2:
                    5d:aa:03:d3:d5:a5:51:9f:72:68:40:51:dd:fe:8f:
                    cb:db:6a:5a:31:01:37:90:12:d5:98:ee:82:9a:a7:
                    7a:4e:bd:55:a0:69:2f:de:f2:4e:ac:a3:19:ed:2d:
                    b3:ca:68:d2:a5:23:15:7e:1a:67:40:71:e8:d4:34:
                    7b:39:7f:28:29:b6:8f:88:8d:8f:ad:ba:df:be:fe:
                    35:99:35:6e:fe:05:3f:ee:84:13:f7:9b:ee:b9:a7:
                    51:16:a7:74:6c:93:38:c0:aa:15:94:99:79:50:f7:
                    bf:0e:07:0d:4e:d8:31:45:52:22:ae:85:63:e8:d0:
                    89:08:bd:3d:c2:3f:35:7d:25:4b:ff:96:94:03:41:
                    9b:3f:02:35:95:0e:81:bf:d3:82:95:63:9b:9b:83:
                    43:ab:87:b1:96:a4:51:a7:cb:d4:ff:4e:53:fc:85:
                    f0:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:26:ED:4A:55:DD:7A:BB:A4:B5:2D:FE:E6:40:08:56:B6:EF:86:73
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/D99CB9ACBCD811EB98EED810F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.28.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         c4:17:27:18:8d:ce:cb:d4:53:15:58:2e:c0:82:bb:67:c5:6c:
         9a:fb:a3:8b:ed:ab:a2:78:52:de:29:d9:8e:c9:98:c5:94:7a:
         23:b8:8d:ae:e8:b7:60:9d:8f:ea:b4:31:a5:e4:ed:e7:0f:a2:
         e4:a2:4e:04:2d:c0:0a:ce:6c:e4:45:76:97:03:8f:29:75:d3:
         63:28:74:11:e5:22:21:e6:2d:e6:7b:81:1f:dd:1a:69:c1:5c:
         56:fd:97:82:a3:e7:10:08:fd:f7:44:85:1c:3b:32:6a:23:64:
         24:e7:e4:32:90:94:08:35:51:1b:c5:98:eb:a4:ae:07:f0:e2:
         2d:09:e4:5e:0d:c5:1e:13:46:46:a8:f0:dc:55:9a:8a:9e:89:
         b5:8a:a0:6e:62:60:12:88:30:d1:ce:7f:6c:0f:8c:68:50:54:
         38:8e:87:69:7b:cb:ac:28:82:46:dd:b6:96:ed:46:d8:3b:99:
         a4:6c:e8:b8:63:95:5e:a0:e1:93:0c:28:b8:64:56:c5:3d:2d:
         f0:02:91:31:63:31:24:cc:fb:8b:52:8b:1f:b4:d7:ea:f9:49:
         64:26:cb:12:dd:75:24:7b:a8:cf:df:6f:58:12:8d:11:f8:e2:
         99:ab:e1:fb:10:32:3b:4b:72:1f:b5:e6:58:7f:a2:eb:a6:67:
         f1:14:cd:7a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAXUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTA1MjQyMTQxNDVaFw00MTA1MjQyMTQxNDVaMBgxFjAU
BgNVBAMTDTYwYWMxZDlmLTc4ZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDaLcHnxcDEJx2MOvFMQNH0ZN+DQanUiA4CsKsmOm76FjOTrL6FOAwaaHMZ
O/nhks9GIqx73G5P1HALglxOMOtr1fCERSqOfVPcxZaR55J959UtV6rS5NLQol2q
A9PVpVGfcmhAUd3+j8vbaloxATeQEtWY7oKap3pOvVWgaS/e8k6soxntLbPKaNKl
IxV+GmdAcejUNHs5fygpto+IjY+tut++/jWZNW7+BT/uhBP3m+65p1EWp3RskzjA
qhWUmXlQ978OBw1O2DFFUiKuhWPo0IkIvT3CPzV9JUv/lpQDQZs/AjWVDoG/04KV
Y5ubg0Orh7GWpFGny9T/TlP8hfAXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUHCbt
SlXderuktS3+5kAIVrbvhnMwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4L0Q5OUNCOUFDQkNEODExRUI5OEVFRDgxMEY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATEHBAwDQYJKoZIhvcNAQEL
BQADggEBAMQXJxiNzsvUUxVYLsCCu2fFbJr7o4vtq6J4Ut4p2Y7JmMWUeiO4ja7o
t2Cdj+q0MaXk7ecPouSiTgQtwArObORFdpcDjyl102ModBHlIiHmLeZ7gR/dGmnB
XFb9l4Kj5xAI/fdEhRw7MmojZCTn5DKQlAg1URvFmOukrgfw4i0J5F4NxR4TRkao
8NxVmoqeibWKoG5iYBKIMNHOf2wPjGhQVDiOh2l7y6wogkbdtpbtRtg7maRs6Lhj
lV6g4ZMMKLhkVsU9LfACkTFjMSTM+4tSix+01+r5SWQmyxLddSR7qM/fb1gSjRH4
4pmr4fsQMjtLch+15lh/ouumZ/EUzXo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org