Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367FC4F/59C96FCC80BF11E69BC8B87EF8AEA228/CF0B622680CF11E6B85F0616F8AEA228.roa
File:                     CF0B622680CF11E6B85F0616F8AEA228.roa (raw, json)
Hash identifier:          1lI0Ic1CEtnqLpkbf3wsFe/5DRUyxbUGqpE48sR72kQ=
Subject key identifier:   5E:6B:E6:83:5D:67:4A:21:88:57:92:BA:A7:9A:CD:C5:46:31:86:73
Certificate issuer:       /CN=F367FC4FAR/serialNumber=E3112FEFB70618C2566B1CA096EC8D1BB5F3B9CB
Certificate serial:       02
Authority key identifier: E3:11:2F:EF:B7:06:18:C2:56:6B:1C:A0:96:EC:8D:1B:B5:F3:B9:CB
Authority info access:    rsync://rpki.afrinic.net/repository/arin/4xEv77cGGMJWaxygluyNG7Xzucs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/59C96FCC80BF11E69BC8B87EF8AEA228/CF0B622680CF11E6B85F0616F8AEA228.roa
Signing time:             Thu 22 Sep 2016 14:21:13 +0000
ROA not before:           Thu 22 Sep 2016 14:21:02 +0000
ROA not after:            Tue 15 Sep 2026 14:21:02 +0000
asID:                     328039
IP address blocks:        45.222.32.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/59C96FCC80BF11E69BC8B87EF8AEA228/4xEv77cGGMJWaxygluyNG7Xzucs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/59C96FCC80BF11E69BC8B87EF8AEA228/4xEv77cGGMJWaxygluyNG7Xzucs.mft
                          rsync://rpki.afrinic.net/repository/arin/4xEv77cGGMJWaxygluyNG7Xzucs.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 28 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367FC4FAR/serialNumber=E3112FEFB70618C2566B1CA096EC8D1BB5F3B9CB
        Validity
            Not Before: Sep 22 14:21:02 2016 GMT
            Not After : Sep 15 14:21:02 2026 GMT
        Subject: CN=57e3e8d9-703b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:80:78:a0:ce:43:49:39:d7:a2:b9:08:7f:24:
                    60:1b:b5:cf:f6:23:66:e9:bc:68:75:48:fe:1a:63:
                    8e:a8:11:74:bd:95:6b:01:23:b0:2c:45:9a:9f:eb:
                    f3:f6:15:9e:17:8a:ff:b7:99:f3:22:36:43:85:3b:
                    3c:89:af:08:ae:b8:37:94:26:79:8c:4e:d2:ca:f0:
                    5d:ec:6b:3a:42:93:3b:f9:a1:47:f9:59:41:88:18:
                    e0:e1:1e:bd:17:3e:60:9a:7d:ea:38:35:b3:dd:e3:
                    7e:07:ad:d3:e2:0a:23:68:6c:b9:7a:66:38:c2:78:
                    3e:d9:fb:6c:6e:6b:e6:53:85:ec:62:42:94:db:37:
                    78:d2:8c:3c:b1:75:63:62:00:ce:e7:83:15:2c:26:
                    8c:c6:b1:1f:6f:5c:cb:ea:ba:81:c7:0f:12:05:2e:
                    56:b5:4d:21:d1:e0:18:7e:56:76:fb:aa:e2:1d:b1:
                    78:40:e3:c7:2f:8f:2d:b7:d4:4b:42:63:ef:df:02:
                    70:e2:3f:4b:92:ce:0d:2d:c4:5a:04:59:cc:d9:ba:
                    e0:a7:31:32:4f:ad:7b:54:37:27:54:48:46:70:fc:
                    f5:0c:07:21:7e:b5:29:bf:4c:6a:c2:f1:e4:50:bc:
                    b9:6e:d0:b7:9b:9a:f3:be:7f:6b:ef:de:50:76:75:
                    a4:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:6B:E6:83:5D:67:4A:21:88:57:92:BA:A7:9A:CD:C5:46:31:86:73
            X509v3 Authority Key Identifier:
                keyid:E3:11:2F:EF:B7:06:18:C2:56:6B:1C:A0:96:EC:8D:1B:B5:F3:B9:CB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/59C96FCC80BF11E69BC8B87EF8AEA228/4xEv77cGGMJWaxygluyNG7Xzucs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/4xEv77cGGMJWaxygluyNG7Xzucs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC4F/59C96FCC80BF11E69BC8B87EF8AEA228/CF0B622680CF11E6B85F0616F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.222.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         44:db:e9:3e:87:3d:45:f8:2d:5a:08:05:5a:85:61:95:3a:ac:
         3f:f9:54:b0:22:66:87:f0:ff:65:ef:7d:5a:0b:27:4d:48:65:
         64:3a:dd:b4:fc:f3:d4:15:47:2f:40:b9:7a:41:6e:21:bd:6a:
         e4:bf:ea:45:ca:e4:f2:76:9c:b2:af:48:e0:3f:04:9d:2a:3d:
         16:94:63:c1:02:40:61:b4:70:19:c8:9b:9e:bb:4d:d7:b5:91:
         2b:4f:c5:76:99:3e:55:42:16:ea:d1:ba:6d:7f:cc:0c:e1:b0:
         7c:fc:7d:1b:76:c3:2e:72:e0:57:f3:4a:16:d2:61:bd:d1:91:
         1f:8c:50:1b:4a:d4:41:9c:cf:ad:96:19:b4:45:cf:f9:f2:84:
         e4:9d:2a:be:ba:62:f3:9b:06:33:c9:44:86:57:b9:65:2e:8e:
         d6:bc:75:fc:33:5c:8c:b8:8b:dc:47:5d:6d:4c:51:ac:b7:d8:
         9e:bb:4a:5f:f5:ae:54:63:1c:74:76:ba:46:48:cf:4f:ca:41:
         38:bb:2e:b4:cc:0e:f2:66:e7:c5:21:65:41:61:fd:c7:a7:30:
         ff:c5:2c:18:ca:14:a6:86:a0:8a:98:b1:ef:31:99:8a:9f:1b:
         02:16:8e:32:93:b6:6a:aa:7b:ae:c1:71:9e:2a:46:48:5d:80:
         e6:ce:f4:de
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
RkM0RkFSMTEwLwYDVQQFEyhFMzExMkZFRkI3MDYxOEMyNTY2QjFDQTA5NkVDOEQx
QkI1RjNCOUNCMB4XDTE2MDkyMjE0MjEwMloXDTI2MDkxNTE0MjEwMlowGDEWMBQG
A1UEAxMNNTdlM2U4ZDktNzAzYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+AeKDOQ0k516K5CH8kYBu1z/YjZum8aHVI/hpjjqgRdL2VawEjsCxFmp/r
8/YVnheK/7eZ8yI2Q4U7PImvCK64N5QmeYxO0srwXexrOkKTO/mhR/lZQYgY4OEe
vRc+YJp96jg1s93jfget0+IKI2hsuXpmOMJ4Ptn7bG5r5lOF7GJClNs3eNKMPLF1
Y2IAzueDFSwmjMaxH29cy+q6gccPEgUuVrVNIdHgGH5Wdvuq4h2xeEDjxy+PLbfU
S0Jj798CcOI/S5LODS3EWgRZzNm64KcxMk+te1Q3J1RIRnD89QwHIX61Kb9MasLx
5FC8uW7Qt5ua875/a+/eUHZ1pL8CAwEAAaOCAmswggJnMB0GA1UdDgQWBBRea+aD
XWdKIYhXkrqnms3FRjGGczAfBgNVHSMEGDAWgBTjES/vtwYYwlZrHKCW7I0btfO5
yzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0ZDNEYvNTlDOTZGQ0M4MEJGMTFFNjlCQzhCODdFRjhBRUEyMjgvNHhFdjc3
Y0dHTUpXYXh5Z2x1eU5HN1h6dWNzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
NHhFdjc3Y0dHTUpXYXh5Z2x1eU5HN1h6dWNzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2N0ZDNEYvNTlDOTZGQ0M4MEJGMTFFNjlCQzhCODdFRjhBRUEy
MjgvQ0YwQjYyMjY4MENGMTFFNkI4NUYwNjE2RjhBRUEyMjgucm9hMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQELd4gMA0GCSqGSIb3DQEBCwUAA4IBAQBE2+k+
hz1F+C1aCAVahWGVOqw/+VSwImaH8P9l731aCydNSGVkOt20/PPUFUcvQLl6QW4h
vWrkv+pFyuTydpyyr0jgPwSdKj0WlGPBAkBhtHAZyJueu03XtZErT8V2mT5VQhbq
0bptf8wM4bB8/H0bdsMucuBX80oW0mG90ZEfjFAbStRBnM+tlhm0Rc/58oTknSq+
umLzmwYzyUSGV7llLo7WvHX8M1yMuIvcR11tTFGst9ieu0pf9a5UYxx0drpGSM9P
ykE4uy60zA7yZufFIWVBYf3HpzD/xSwYyhSmhqCKmLHvMZmKnxsCFo4yk7Zqqnuu
wXGeKkZIXYDmzvTe
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:18:50 2024 by rpki-client on console-fra.rpki-client.org