Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/FC18F79A921F11EBA9947017F8AEA228.roa
File:                     FC18F79A921F11EBA9947017F8AEA228.roa (raw, json)
Hash identifier:          RKdRAJWpL17RoVAMujqf9fIH7hU3y4wKUAYDtmQeYPE=
Subject key identifier:   EE:B5:B5:E1:BA:8D:6C:09:F5:BF:69:87:51:14:36:FA:AE:93:8A:E0
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       E1
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/FC18F79A921F11EBA9947017F8AEA228.roa
Signing time:             Wed 31 Mar 2021 12:52:44 +0000
ROA not before:           Wed 31 Mar 2021 12:52:36 +0000
ROA not after:            Mon 31 Mar 2031 12:52:36 +0000
asID:                     3741
IP address blocks:        197.94.56.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 225 (0xe1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 31 12:52:36 2021 GMT
            Not After : Mar 31 12:52:36 2031 GMT
        Subject: CN=6064709c-0b4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ea:1e:ed:b5:1e:93:9d:8b:85:a3:d5:e7:64:
                    ca:c2:a2:95:63:c0:f0:75:f1:b5:0d:f9:ca:89:71:
                    f4:0a:1f:10:56:c7:4b:61:0e:e8:db:a2:30:fb:6f:
                    07:72:57:69:f2:9c:1d:04:e4:fb:94:49:87:7e:e1:
                    ae:6e:08:af:d2:75:b5:ef:ff:a4:6f:89:4d:bd:a6:
                    f1:f0:64:75:2a:8a:71:37:13:c4:b8:4f:2b:68:62:
                    4f:38:c1:3c:52:4a:1c:6d:25:2e:de:99:74:fb:6c:
                    23:36:70:88:4f:8e:a9:0e:b7:1a:18:13:e0:52:f7:
                    5e:9d:1f:41:b1:20:4d:47:c6:0f:73:3a:64:be:4f:
                    e9:05:f1:92:cb:79:10:9b:4e:6f:76:a2:ea:58:1a:
                    18:00:b5:61:14:ed:d1:0f:9d:0e:69:5f:07:63:29:
                    bd:1a:ed:b8:ce:09:fe:09:5b:41:87:3f:11:23:da:
                    25:bb:b4:a2:a8:39:6e:af:4d:2f:99:4f:f7:7a:ae:
                    d4:ec:d3:09:eb:3b:71:68:5c:d0:51:0e:bd:d8:b3:
                    c0:b3:9d:19:3a:2d:f6:91:49:3b:0d:bd:0a:6c:ae:
                    3f:1d:e2:55:23:7b:8e:d9:3b:7e:33:25:6c:81:db:
                    5e:58:23:d0:e1:0f:37:f3:5d:16:fb:56:a4:54:c0:
                    0e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:B5:B5:E1:BA:8D:6C:09:F5:BF:69:87:51:14:36:FA:AE:93:8A:E0
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/FC18F79A921F11EBA9947017F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.94.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1a:f7:e4:9a:8b:b8:cf:ea:5b:8b:dc:f6:4e:c0:93:37:b6:05:
         33:2b:c6:69:c7:8e:91:f6:79:64:64:08:31:65:d7:52:e2:5f:
         b5:31:ae:63:d5:64:36:b6:eb:b4:94:8c:06:d2:68:36:27:d2:
         93:16:9f:15:fd:9c:86:d9:f5:b3:af:83:51:df:d4:fd:fc:37:
         0c:d2:f7:12:7d:c2:0f:b2:83:c1:ef:ec:a7:99:61:08:ff:eb:
         a4:5a:77:1f:cc:3a:bf:c0:93:a0:c5:fb:93:6a:0c:80:f7:33:
         bd:30:57:39:72:e1:2a:5f:10:23:d9:d0:11:a5:32:dd:de:f5:
         0e:6b:2c:e2:81:f9:34:df:1b:e5:b0:45:2f:70:00:ce:17:e1:
         9d:ed:bc:b9:09:66:e0:58:2f:4c:98:6c:9c:25:d8:88:d5:64:
         f5:f7:80:be:52:8a:02:8f:36:f4:3a:3e:f3:54:01:d7:67:a1:
         33:6b:47:e5:68:e0:67:ad:23:8d:ee:c1:4c:a0:b2:85:a4:d7:
         bb:90:68:34:fd:a3:33:18:4c:9b:9c:eb:d5:9c:81:80:b9:fe:
         4b:9e:4b:ff:79:13:0f:d5:68:bd:dd:04:88:68:e1:09:ef:fc:
         ff:e0:8c:c1:99:39:02:b5:f0:90:a1:8f:4e:30:ef:d7:32:bf:
         6a:68:29:88
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAOEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMTAzMzExMjUyMzZaFw0zMTAzMzExMjUyMzZaMBgxFjAU
BgNVBAMTDTYwNjQ3MDljLTBiNGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDD6h7ttR6TnYuFo9XnZMrCopVjwPB18bUN+cqJcfQKHxBWx0thDujbojD7
bwdyV2nynB0E5PuUSYd+4a5uCK/SdbXv/6RviU29pvHwZHUqinE3E8S4TytoYk84
wTxSShxtJS7emXT7bCM2cIhPjqkOtxoYE+BS916dH0GxIE1Hxg9zOmS+T+kF8ZLL
eRCbTm92oupYGhgAtWEU7dEPnQ5pXwdjKb0a7bjOCf4JW0GHPxEj2iW7tKKoOW6v
TS+ZT/d6rtTs0wnrO3FoXNBRDr3Ys8CznRk6LfaRSTsNvQpsrj8d4lUje47ZO34z
JWyB215YI9DhDzfzXRb7VqRUwA6XAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU7rW1
4bqNbAn1v2mHURQ2+q6TiuAwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4L0ZDMThGNzlBOTIxRjExRUJBOTk0NzAxN0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPFXjgwDQYJKoZIhvcNAQEL
BQADggEBABr35JqLuM/qW4vc9k7Akze2BTMrxmnHjpH2eWRkCDFl11LiX7UxrmPV
ZDa267SUjAbSaDYn0pMWnxX9nIbZ9bOvg1Hf1P38NwzS9xJ9wg+yg8Hv7KeZYQj/
66Radx/MOr/Ak6DF+5NqDID3M70wVzly4SpfECPZ0BGlMt3e9Q5rLOKB+TTfG+Ww
RS9wAM4X4Z3tvLkJZuBYL0yYbJwl2IjVZPX3gL5SigKPNvQ6PvNUAddnoTNrR+Vo
4GetI43uwUygsoWk17uQaDT9ozMYTJuc69WcgYC5/kueS/95Ew/VaL3dBIho4Qnv
/P/gjMGZOQK18JChj04w79cyv2poKYg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org