Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367C385/A3D2CE00C5E511EAAB62B122F8AEA228/AE4BC78AC60111EA82B1BE3EF8AEA228.roa
File:                     AE4BC78AC60111EA82B1BE3EF8AEA228.roa (raw, json)
Hash identifier:          pyY/EVidRCr9GBFzwtVx7kYqYWYP30k2C6JFA5pk9G4=
Subject key identifier:   27:D9:6E:94:41:4A:42:8E:9D:9A:82:6B:13:EA:38:7A:EB:DE:17:86
Certificate issuer:       /CN=F367C385AF/serialNumber=CF6F4D60D0D5C2E6D379A711D1B6AF01130C2A6C
Certificate serial:       0B
Authority key identifier: CF:6F:4D:60:D0:D5:C2:E6:D3:79:A7:11:D1:B6:AF:01:13:0C:2A:6C
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/z29NYNDVwubTeacR0bavARMMKmw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367C385/A3D2CE00C5E511EAAB62B122F8AEA228/AE4BC78AC60111EA82B1BE3EF8AEA228.roa
Signing time:             Tue 14 Jul 2020 18:41:51 +0000
ROA not before:           Tue 14 Jul 2020 18:41:46 +0000
ROA not after:            Sun 14 Jul 2030 18:41:46 +0000
asID:                     328320
IP address blocks:        102.141.192.0/22 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367C385/A3D2CE00C5E511EAAB62B122F8AEA228/z29NYNDVwubTeacR0bavARMMKmw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367C385/A3D2CE00C5E511EAAB62B122F8AEA228/z29NYNDVwubTeacR0bavARMMKmw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/z29NYNDVwubTeacR0bavARMMKmw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11 (0xb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367C385AF/serialNumber=CF6F4D60D0D5C2E6D379A711D1B6AF01130C2A6C
        Validity
            Not Before: Jul 14 18:41:46 2020 GMT
            Not After : Jul 14 18:41:46 2030 GMT
        Subject: CN=5f0dfc6f-412a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:af:e6:ed:14:9d:70:2a:6c:8a:3e:b7:16:fe:
                    7e:c9:80:17:39:de:bb:c8:94:f7:59:0e:9c:66:13:
                    a7:62:78:7d:ad:a9:36:91:d1:1f:fa:da:64:2b:14:
                    8d:4a:5b:15:43:d0:a1:15:84:89:a8:a2:99:a5:a0:
                    3e:53:1a:b9:7f:a9:49:15:5c:a5:10:63:a7:5e:24:
                    78:97:44:97:c5:55:f9:9b:9c:ee:58:b1:58:7e:ba:
                    4b:e7:35:82:09:17:41:07:37:d2:cd:ed:60:1d:9f:
                    fb:6a:8d:6c:9f:4e:fe:83:eb:8e:d7:ff:0f:33:8d:
                    26:4d:c6:1c:7b:dc:c5:e1:d2:ac:9c:46:04:d5:0a:
                    c4:19:b1:e2:cb:3f:eb:17:70:f9:1d:3e:38:40:d5:
                    39:bf:a4:94:88:60:19:42:97:ed:bd:68:57:93:ee:
                    b7:d8:48:71:79:a1:70:f3:ce:31:8a:ad:ac:03:9a:
                    69:7b:df:98:51:af:fd:d1:0d:82:a3:dc:3f:3b:c7:
                    c7:7e:27:6e:ef:55:93:80:13:b8:56:59:54:ca:ee:
                    3c:f5:47:fd:8f:b2:36:2a:4b:8a:85:db:c8:cc:29:
                    b2:f7:55:6e:e8:cf:32:bb:dc:81:6f:39:05:6d:fa:
                    3f:d5:93:b7:3b:cf:07:a1:92:35:d7:62:6d:39:10:
                    79:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:D9:6E:94:41:4A:42:8E:9D:9A:82:6B:13:EA:38:7A:EB:DE:17:86
            X509v3 Authority Key Identifier:
                keyid:CF:6F:4D:60:D0:D5:C2:E6:D3:79:A7:11:D1:B6:AF:01:13:0C:2A:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367C385/A3D2CE00C5E511EAAB62B122F8AEA228/z29NYNDVwubTeacR0bavARMMKmw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/z29NYNDVwubTeacR0bavARMMKmw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367C385/A3D2CE00C5E511EAAB62B122F8AEA228/AE4BC78AC60111EA82B1BE3EF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.141.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2f:da:48:5b:20:82:6a:11:cd:e9:d0:e4:fc:30:26:07:41:6d:
         2f:5f:de:7a:f4:b7:05:00:ca:cc:78:6e:7e:a8:9f:37:9b:5e:
         7b:c5:3d:fb:94:37:d1:46:94:29:b6:78:06:a1:ae:c6:19:b9:
         97:6c:2b:f1:b8:16:a7:67:58:5a:a3:ee:30:a4:f9:0f:08:5e:
         d5:67:7c:d1:05:a5:b5:2b:be:a3:3a:ea:59:06:49:bd:92:68:
         e9:59:3f:9e:bf:7e:c5:97:a0:4c:1b:13:ae:09:e9:73:79:c5:
         fc:36:db:5f:99:80:6f:ea:03:fd:13:4c:4b:a7:c0:1f:d3:a5:
         d1:53:6b:00:f4:93:5a:78:ee:49:c1:92:02:74:e2:16:e6:06:
         eb:d6:4a:d1:bb:00:49:90:6e:dd:e9:d0:cd:3a:2f:5d:92:bc:
         d3:88:ae:98:e5:69:5a:ee:4a:d5:6b:a0:20:6a:dc:4e:e7:71:
         42:9a:c1:59:9a:e0:e4:8b:93:c0:f9:ee:c9:3e:55:c3:63:ce:
         06:48:ab:a8:d3:24:50:56:52:ac:c3:72:5b:7d:24:ad:da:93:
         ff:9d:82:6a:63:33:37:e2:e5:b4:0a:9f:c5:78:74:7b:9e:04:
         5e:e1:b5:22:fd:a5:e2:b7:1a:d5:f2:ee:7e:36:3d:08:2c:74:
         0e:7e:d9:f8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QzM4NUFGMTEwLwYDVQQFEyhDRjZGNEQ2MEQwRDVDMkU2RDM3OUE3MTFEMUI2QUYw
MTEzMEMyQTZDMB4XDTIwMDcxNDE4NDE0NloXDTMwMDcxNDE4NDE0NlowGDEWMBQG
A1UEAxMNNWYwZGZjNmYtNDEyYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKv5u0UnXAqbIo+txb+fsmAFzneu8iU91kOnGYTp2J4fa2pNpHRH/raZCsU
jUpbFUPQoRWEiaiimaWgPlMauX+pSRVcpRBjp14keJdEl8VV+Zuc7lixWH66S+c1
ggkXQQc30s3tYB2f+2qNbJ9O/oPrjtf/DzONJk3GHHvcxeHSrJxGBNUKxBmx4ss/
6xdw+R0+OEDVOb+klIhgGUKX7b1oV5Put9hIcXmhcPPOMYqtrAOaaXvfmFGv/dEN
gqPcPzvHx34nbu9Vk4ATuFZZVMruPPVH/Y+yNipLioXbyMwpsvdVbujPMrvcgW85
BW36P9WTtzvPB6GSNddibTkQeRMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQn2W6U
QUpCjp2agmsT6jh6694XhjAfBgNVHSMEGDAWgBTPb01g0NXC5tN5pxHRtq8BEwwq
bDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0MzODUvQTNEMkNFMDBDNUU1MTFFQUFCNjJCMTIyRjhBRUEyMjgvejI5TllO
RFZ3dWJUZWFjUjBiYXZBUk1NS213LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvejI5TllORFZ3dWJUZWFjUjBiYXZBUk1NS213LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0MzODUvQTNEMkNFMDBDNUU1MTFFQUFCNjJCMTIyRjhB
RUEyMjgvQUU0QkM3OEFDNjAxMTFFQTgyQjFCRTNFRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmaNwDANBgkqhkiG9w0BAQsF
AAOCAQEAL9pIWyCCahHN6dDk/DAmB0FtL1/eevS3BQDKzHhufqifN5tee8U9+5Q3
0UaUKbZ4BqGuxhm5l2wr8bgWp2dYWqPuMKT5Dwhe1Wd80QWltSu+ozrqWQZJvZJo
6Vk/nr9+xZegTBsTrgnpc3nF/DbbX5mAb+oD/RNMS6fAH9Ol0VNrAPSTWnjuScGS
AnTiFuYG69ZK0bsASZBu3enQzTovXZK804iumOVpWu5K1WugIGrcTudxQprBWZrg
5IuTwPnuyT5Vw2POBkirqNMkUFZSrMNyW30krdqT/52CamMzN+LltAqfxXh0e54E
XuG1Iv2l4rca1fLufjY9CCx0Dn7Z+A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org