Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/ED12B09E947211EEA3E88B2DD25BE465.roa
File:                     ED12B09E947211EEA3E88B2DD25BE465.roa (raw, json)
Hash identifier:          P45iO95R8x1J/NlG9jL0a9An1yrPHj2xd72KCu4/3bc=
Subject key identifier:   8A:11:FC:06:C5:64:32:4D:FD:9D:0E:AF:28:DE:3B:2E:83:26:9A:A5
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       0567
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/ED12B09E947211EEA3E88B2DD25BE465.roa
Signing time:             Wed 06 Dec 2023 20:06:22 +0000
ROA not before:           Wed 06 Dec 2023 20:06:18 +0000
ROA not after:            Fri 31 Dec 2049 20:06:18 +0000
asID:                     3741
IP address blocks:        197.80.140.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1383 (0x567)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Dec  6 20:06:18 2023 GMT
            Not After : Dec 31 20:06:18 2049 GMT
        Subject: CN=6570d43e-8b67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:02:29:4e:64:fd:70:a1:95:a1:1a:74:25:73:
                    3f:43:c0:bd:fc:92:a9:a4:52:ab:81:a1:61:cf:00:
                    9a:0c:cb:96:4a:32:87:9a:87:79:10:ca:5f:2c:55:
                    94:b9:7b:fd:ac:2a:02:91:52:bb:77:ee:8a:1c:dd:
                    7c:e9:99:49:0d:c0:20:63:df:8b:27:ab:e9:63:c5:
                    90:0d:9a:ab:bf:aa:ef:c8:4d:66:3e:43:5b:e2:17:
                    f5:78:7a:1b:72:c7:98:d1:ce:70:69:e6:e6:d5:18:
                    3a:b2:72:26:b3:44:9a:3d:b1:8b:ac:9d:67:da:fe:
                    c1:d6:0f:de:bd:8b:bb:af:a5:ee:d9:1b:84:b4:78:
                    c4:f4:47:cc:1a:2f:74:e0:26:be:cb:b0:ba:b1:12:
                    80:7f:f0:2f:1a:ce:ac:a0:2b:8d:32:37:a7:16:5c:
                    a9:b4:0e:3f:f7:c4:77:02:39:e9:2a:31:dc:20:da:
                    9d:49:c6:d5:5f:ef:8d:23:f4:02:b2:63:c2:69:c0:
                    4b:6f:e0:78:49:c9:a8:7b:02:62:e0:2f:e4:3c:72:
                    99:a9:43:26:07:84:2b:9b:6a:e8:ac:6d:b8:84:26:
                    d0:94:3d:48:35:de:ab:8c:60:6d:e4:e0:9d:b0:59:
                    ef:b4:c1:d6:c6:ee:ae:51:a7:93:13:e3:6a:57:af:
                    45:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:11:FC:06:C5:64:32:4D:FD:9D:0E:AF:28:DE:3B:2E:83:26:9A:A5
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/ED12B09E947211EEA3E88B2DD25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.80.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:24:3c:fc:87:8b:3c:0d:01:11:34:96:af:90:73:30:0f:e6:
         7a:a2:71:8f:bf:c8:84:92:88:a8:12:c6:3a:47:f4:a3:de:c1:
         63:27:82:d0:f2:2a:03:28:08:0d:53:06:d1:5f:d4:6f:81:19:
         98:c5:e3:fa:e1:d2:2d:25:6c:35:ad:f8:2f:fd:a7:ec:51:bb:
         4a:c6:96:79:42:f7:1f:87:72:9e:e9:ad:13:fe:39:c7:e1:d4:
         5f:ce:e3:27:99:8a:53:96:90:48:f7:e8:e5:53:9c:0c:8d:78:
         c7:34:3e:7d:4a:8c:66:15:d8:a4:d2:97:4e:8e:f3:dc:1e:7c:
         eb:a2:e4:23:6e:2d:95:db:70:8e:58:db:9d:05:af:0c:0f:41:
         b5:e1:2c:a4:a6:ed:75:b0:78:da:61:f2:6b:4e:54:15:a8:4c:
         10:9a:8f:b7:3b:50:0f:2b:32:1c:4b:24:47:cb:53:cd:ec:33:
         ae:36:c4:45:87:c5:ad:ad:2a:51:68:0d:a5:c3:bc:20:1f:16:
         76:bd:d3:f9:38:52:fd:47:04:20:75:c5:f0:37:43:c8:9c:42:
         df:95:0a:59:9f:21:d5:21:a3:6e:4c:39:86:93:67:3d:71:2b:
         b2:9f:3c:ab:37:81:62:55:16:6a:8c:05:05:27:e1:4f:0c:2a:
         c6:d0:ab:b9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBWcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMzEyMDYyMDA2MThaFw00OTEyMzEyMDA2MThaMBgxFjAU
BgNVBAMTDTY1NzBkNDNlLThiNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDhAilOZP1woZWhGnQlcz9DwL38kqmkUquBoWHPAJoMy5ZKMoeah3kQyl8s
VZS5e/2sKgKRUrt37ooc3XzpmUkNwCBj34snq+ljxZANmqu/qu/ITWY+Q1viF/V4
ehtyx5jRznBp5ubVGDqyciazRJo9sYusnWfa/sHWD969i7uvpe7ZG4S0eMT0R8wa
L3TgJr7LsLqxEoB/8C8azqygK40yN6cWXKm0Dj/3xHcCOekqMdwg2p1JxtVf740j
9AKyY8JpwEtv4HhJyah7AmLgL+Q8cpmpQyYHhCubauisbbiEJtCUPUg13quMYG3k
4J2wWe+0wdbG7q5Rp5MT42pXr0X7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUihH8
BsVkMk39nQ6vKN47LoMmmqUwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4L0VEMTJCMDlFOTQ3MjExRUVBM0U4OEIyREQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADFUIwwDQYJKoZIhvcNAQEL
BQADggEBAJwkPPyHizwNARE0lq+QczAP5nqicY+/yISSiKgSxjpH9KPewWMngtDy
KgMoCA1TBtFf1G+BGZjF4/rh0i0lbDWt+C/9p+xRu0rGlnlC9x+Hcp7prRP+Ocfh
1F/O4yeZilOWkEj36OVTnAyNeMc0Pn1KjGYV2KTSl06O89wefOui5CNuLZXbcI5Y
250FrwwPQbXhLKSm7XWweNph8mtOVBWoTBCaj7c7UA8rMhxLJEfLU83sM642xEWH
xa2tKlFoDaXDvCAfFna90/k4Uv1HBCB1xfA3Q8icQt+VClmfIdUho25MOYaTZz1x
K7KfPKs3gWJVFmqMBQUn4U8MKsbQq7k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org