Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/DA8DBE0252E911EE9DC1491A4AD9E6FC.roa
File:                     DA8DBE0252E911EE9DC1491A4AD9E6FC.roa (raw, json)
Hash identifier:          gyjWBWRPP1lo7XhYqcp8iquv8p0o5RvcpRpnc4dqLg4=
Subject key identifier:   D3:5A:53:BB:C8:0C:1D:13:80:9F:85:75:A3:B2:99:FB:AF:BE:57:11
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       0503
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/DA8DBE0252E911EE9DC1491A4AD9E6FC.roa
Signing time:             Thu 14 Sep 2023 10:31:24 +0000
ROA not before:           Thu 14 Sep 2023 10:31:20 +0000
ROA not after:            Fri 30 Sep 2033 10:31:20 +0000
asID:                     20011
IP address blocks:        196.210.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1283 (0x503)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Sep 14 10:31:20 2023 GMT
            Not After : Sep 30 10:31:20 2033 GMT
        Subject: CN=6502e0fc-8081
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:68:36:ed:9a:81:04:37:ef:5c:a0:7d:93:f2:
                    bb:0c:d8:7a:fe:51:15:17:b2:6f:f9:88:47:5a:42:
                    a2:eb:55:6d:8a:c1:2a:2f:f2:53:d1:26:91:2f:67:
                    ca:9a:51:12:b1:9e:20:56:91:88:f2:a0:11:85:62:
                    d4:d6:52:70:cf:6d:bc:3b:5c:ce:ca:bc:02:78:10:
                    4d:d9:fa:48:60:b5:f0:1d:ed:69:e4:17:21:cd:be:
                    83:e3:4f:59:3a:05:88:62:7e:4e:e7:a2:8e:3a:1c:
                    d3:48:2d:7b:d1:6b:2b:3d:58:25:8b:b5:f9:6f:d1:
                    fb:12:db:37:d7:48:7b:8a:a0:4b:65:9b:15:1a:ba:
                    e1:ec:3d:e6:64:41:88:71:dc:4a:85:64:a4:76:49:
                    67:fa:46:d1:91:1e:6f:02:f1:6b:11:74:ba:f2:c3:
                    d0:b6:25:82:64:59:6a:4d:56:c3:1b:08:52:3f:3c:
                    55:8b:38:91:55:24:1d:31:f9:30:ef:01:9f:fe:d1:
                    07:0a:bf:59:c4:4b:99:95:0f:5d:9c:bc:85:ed:ae:
                    7a:e9:09:3c:31:a8:d6:51:9e:20:53:7e:1f:51:b1:
                    64:ca:97:7d:b9:a7:58:d3:63:23:15:e9:dc:ca:72:
                    2a:27:50:81:bf:a5:cf:e4:69:42:a5:44:f9:82:ec:
                    85:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:5A:53:BB:C8:0C:1D:13:80:9F:85:75:A3:B2:99:FB:AF:BE:57:11
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/DA8DBE0252E911EE9DC1491A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.210.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         21:04:de:43:b7:0c:36:60:a1:f0:73:ba:7f:a9:10:1a:91:8c:
         c9:2a:70:a5:00:9b:4c:8c:19:4b:ab:0e:48:8b:ff:8e:c3:58:
         90:34:eb:4c:c0:41:b7:6a:76:08:7f:b4:6d:bf:1f:16:bf:34:
         53:1c:4e:e6:6a:80:57:58:8b:be:08:fe:b8:1e:df:1a:9c:b6:
         3d:48:96:f8:6d:a2:d6:0e:3b:3f:19:fb:78:fc:69:12:9c:ab:
         5a:d4:25:a1:35:75:52:15:f9:41:45:19:ef:1b:e1:ea:69:d2:
         04:5e:de:ba:c1:65:6f:fb:5d:f0:6b:bc:ff:2a:6e:80:5a:66:
         65:e1:7e:6f:17:b8:b8:95:46:70:55:5d:8f:82:af:cd:fe:2a:
         1a:32:eb:3e:06:21:12:ea:76:e9:48:af:9f:30:04:55:b4:b7:
         b1:f3:2c:64:63:6b:e0:e0:ef:e6:fe:77:c5:f2:be:1b:84:37:
         f0:93:ab:48:d5:63:5f:9b:45:4a:e6:76:b6:d5:af:6b:83:d0:
         90:f2:8a:8b:3a:b5:19:ee:7d:54:64:1c:6e:12:62:65:da:c9:
         95:b7:0d:5a:8f:a7:e8:a9:61:eb:b5:b9:ff:72:63:9e:54:e5:
         0d:b7:5d:d3:7e:52:d2:a2:74:1b:63:f3:1e:48:97:69:7b:42:
         fb:d1:df:3f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBQMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMzA5MTQxMDMxMjBaFw0zMzA5MzAxMDMxMjBaMBgxFjAU
BgNVBAMTDTY1MDJlMGZjLTgwODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4aDbtmoEEN+9coH2T8rsM2Hr+URUXsm/5iEdaQqLrVW2KwSov8lPRJpEv
Z8qaURKxniBWkYjyoBGFYtTWUnDPbbw7XM7KvAJ4EE3Z+khgtfAd7WnkFyHNvoPj
T1k6BYhifk7noo46HNNILXvRays9WCWLtflv0fsS2zfXSHuKoEtlmxUauuHsPeZk
QYhx3EqFZKR2SWf6RtGRHm8C8WsRdLryw9C2JYJkWWpNVsMbCFI/PFWLOJFVJB0x
+TDvAZ/+0QcKv1nES5mVD12cvIXtrnrpCTwxqNZRniBTfh9RsWTKl325p1jTYyMV
6dzKcionUIG/pc/kaUKlRPmC7IWvAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQU01pT
u8gMHROAn4V1o7KZ+6++VxEwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4L0RBOERCRTAyNTJFOTExRUU5REMxNDkxQTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDE0jANBgkqhkiG9w0BAQsF
AAOCAQEAIQTeQ7cMNmCh8HO6f6kQGpGMySpwpQCbTIwZS6sOSIv/jsNYkDTrTMBB
t2p2CH+0bb8fFr80UxxO5mqAV1iLvgj+uB7fGpy2PUiW+G2i1g47Pxn7ePxpEpyr
WtQloTV1UhX5QUUZ7xvh6mnSBF7eusFlb/td8Gu8/ypugFpmZeF+bxe4uJVGcFVd
j4Kvzf4qGjLrPgYhEup26UivnzAEVbS3sfMsZGNr4ODv5v53xfK+G4Q38JOrSNVj
X5tFSuZ2ttWva4PQkPKKizq1Ge59VGQcbhJiZdrJlbcNWo+n6Klh67W5/3JjnlTl
Dbdd035S0qJ0G2PzHkiXaXtC+9HfPw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org