Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/E8119DE6B81811EB8BBB095FF8AEA228.roa
File:                     E8119DE6B81811EB8BBB095FF8AEA228.roa (raw, json)
Hash identifier:          +Mkxw4ca39xDR1MVVe3rjaWmsR2y8ZbawGovBt9ptok=
Subject key identifier:   9F:A1:3B:E7:52:0F:37:67:90:C1:B8:0A:2A:09:9E:73:12:24:8E:1C
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       0131
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/E8119DE6B81811EB8BBB095FF8AEA228.roa
Signing time:             Tue 18 May 2021 20:37:48 +0000
ROA not before:           Tue 18 May 2021 20:37:40 +0000
ROA not after:            Sat 18 May 2041 20:37:40 +0000
asID:                     3741
IP address blocks:        196.2.144.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 305 (0x131)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: May 18 20:37:40 2021 GMT
            Not After : May 18 20:37:40 2041 GMT
        Subject: CN=60a4259c-f8ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:aa:a2:a4:b0:28:05:c1:59:e0:d7:83:ff:c8:
                    81:e3:26:e5:f1:88:c8:a4:ae:ea:41:d6:b8:c8:63:
                    bf:b3:1b:96:ea:4c:56:ba:50:34:e6:11:d1:00:eb:
                    05:0b:d6:53:37:7b:43:0c:62:d0:c6:25:d9:00:b9:
                    dd:f9:30:70:3a:7f:ea:0d:a6:6f:3c:be:60:c0:99:
                    75:11:a6:fd:16:62:df:cf:a3:65:94:b7:71:41:f2:
                    df:7d:2c:ac:ac:63:5c:64:fa:bb:8f:8e:18:e9:e7:
                    94:94:09:81:7e:ec:4d:d2:e1:56:a5:e5:74:3c:ba:
                    32:7c:12:5a:44:f4:7d:12:fd:93:f5:26:d8:d5:1d:
                    b2:df:c8:27:a9:56:fe:e7:48:f3:f5:1f:c5:84:09:
                    83:e7:4d:9e:6d:0b:ca:0d:a7:2f:d3:33:e5:07:02:
                    17:4a:88:9e:fc:14:14:1c:28:14:89:bf:cb:bf:89:
                    c1:2e:b5:cc:22:c0:a3:c4:2a:f3:34:45:f3:38:f0:
                    f8:43:44:59:50:1b:19:ca:92:56:95:a3:b8:70:80:
                    b8:ee:7a:25:33:3b:16:81:94:f7:62:c9:a6:00:2d:
                    84:da:f3:0f:36:c2:41:f6:64:6c:9a:c1:16:56:7a:
                    42:ba:2e:d9:0a:f5:ec:29:b9:14:0d:f8:33:e4:aa:
                    15:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:A1:3B:E7:52:0F:37:67:90:C1:B8:0A:2A:09:9E:73:12:24:8E:1C
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/E8119DE6B81811EB8BBB095FF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.2.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         34:87:b2:1d:c7:91:c3:06:06:a1:21:e6:4d:09:26:d0:ec:70:
         f0:fa:89:37:42:db:d4:ed:71:44:31:a6:11:71:92:54:65:aa:
         b1:0a:c9:28:82:fa:99:ce:4a:ab:28:05:cc:95:61:6f:d0:ba:
         06:a8:48:ba:66:ce:c3:89:af:11:d9:e0:98:6e:f3:e9:13:fc:
         78:f1:3a:41:7d:be:b5:09:e8:48:5f:a9:b6:eb:51:1d:fa:5d:
         4c:fa:31:b0:13:16:08:57:3f:cf:16:37:02:9c:07:0f:fc:de:
         8e:9b:a0:f9:65:31:93:81:cb:df:d0:7f:aa:93:d4:24:02:77:
         09:3e:ab:2e:17:3d:35:6b:75:49:5a:1b:13:1d:91:ac:cb:4f:
         d9:04:c9:c0:6a:5e:ab:3b:cb:4d:2b:75:c5:05:7d:13:5c:08:
         b3:e0:9b:81:cb:d6:96:a4:62:0b:23:fd:c4:4c:df:ff:28:95:
         82:1b:14:c2:27:36:df:80:c4:41:ce:ff:ee:d6:26:44:fb:ad:
         1a:6b:73:36:d1:71:72:3f:19:ab:8c:70:f3:fb:01:61:4a:31:
         80:93:bf:a9:ba:ed:a5:a2:c2:60:ab:81:d6:89:cf:15:8c:75:
         07:0e:b2:4d:e6:14:4a:7a:b4:e7:13:b2:68:8a:d5:94:fb:4c:
         b0:00:5a:44
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICATEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTA1MTgyMDM3NDBaFw00MTA1MTgyMDM3NDBaMBgxFjAU
BgNVBAMTDTYwYTQyNTljLWY4YWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGqqKksCgFwVng14P/yIHjJuXxiMikrupB1rjIY7+zG5bqTFa6UDTmEdEA
6wUL1lM3e0MMYtDGJdkAud35MHA6f+oNpm88vmDAmXURpv0WYt/Po2WUt3FB8t99
LKysY1xk+ruPjhjp55SUCYF+7E3S4Val5XQ8ujJ8ElpE9H0S/ZP1JtjVHbLfyCep
Vv7nSPP1H8WECYPnTZ5tC8oNpy/TM+UHAhdKiJ78FBQcKBSJv8u/icEutcwiwKPE
KvM0RfM48PhDRFlQGxnKklaVo7hwgLjueiUzOxaBlPdiyaYALYTa8w82wkH2ZGya
wRZWekK6LtkK9ewpuRQN+DPkqhVLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUn6E7
51IPN2eQwbgKKgmecxIkjhwwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4L0U4MTE5REU2QjgxODExRUI4QkJCMDk1RkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALEApAwDQYJKoZIhvcNAQEL
BQADggEBADSHsh3HkcMGBqEh5k0JJtDscPD6iTdC29TtcUQxphFxklRlqrEKySiC
+pnOSqsoBcyVYW/QugaoSLpmzsOJrxHZ4Jhu8+kT/HjxOkF9vrUJ6EhfqbbrUR36
XUz6MbATFghXP88WNwKcBw/83o6boPllMZOBy9/Qf6qT1CQCdwk+qy4XPTVrdUla
GxMdkazLT9kEycBqXqs7y00rdcUFfRNcCLPgm4HL1pakYgsj/cRM3/8olYIbFMIn
Nt+AxEHO/+7WJkT7rRprczbRcXI/GauMcPP7AWFKMYCTv6m67aWiwmCrgdaJzxWM
dQcOsk3mFEp6tOcTsmiK1ZT7TLAAWkQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org