Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/27594B14AA6111EAAF3E7076F8AEA228.roa
File:                     27594B14AA6111EAAF3E7076F8AEA228.roa (raw, json)
Hash identifier:          +UBoLDHhSRyhcHLCtlW120zF9c/uBcAoKI/HhyjUO+w=
Subject key identifier:   98:42:06:48:1C:4C:09:B3:82:B3:AD:4E:C6:99:73:18:D1:60:A1:BB
Certificate issuer:       /CN=F3682104AF/serialNumber=8B1026953ECF7C4CE139FE9A59BDD7228A153544
Certificate serial:       11
Authority key identifier: 8B:10:26:95:3E:CF:7C:4C:E1:39:FE:9A:59:BD:D7:22:8A:15:35:44
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/27594B14AA6111EAAF3E7076F8AEA228.roa
Signing time:             Tue 09 Jun 2020 14:54:44 +0000
ROA not before:           Tue 09 Jun 2020 14:54:39 +0000
ROA not after:            Tue 31 Dec 2030 14:54:39 +0000
asID:                     33771
IP address blocks:        105.160.0.0/13 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17 (0x11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682104AF/serialNumber=8B1026953ECF7C4CE139FE9A59BDD7228A153544
        Validity
            Not Before: Jun  9 14:54:39 2020 GMT
            Not After : Dec 31 14:54:39 2030 GMT
        Subject: CN=5edfa2b4-e8a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f7:73:59:42:23:df:5f:07:15:63:f4:8d:dd:
                    ce:aa:c5:5d:06:6d:0a:e5:b3:0f:08:b9:3a:18:f8:
                    2b:2e:be:d3:85:d5:3a:f1:d6:34:89:cf:fa:a8:d2:
                    2b:f9:6a:cb:ca:ca:9e:32:a7:11:db:fb:90:d8:4d:
                    7e:32:41:55:3f:79:12:98:52:8f:a7:da:a5:17:a1:
                    65:e7:ab:8a:3d:c0:75:7c:bb:f9:e9:8a:71:a1:9c:
                    35:25:9c:1f:4a:4c:36:7e:7e:57:73:6c:d0:70:03:
                    34:03:ac:a9:18:ab:fd:ae:17:85:55:c4:74:2c:78:
                    8f:13:f6:9d:d7:1b:aa:29:bb:c0:4e:7e:a3:2b:a4:
                    f9:39:17:0f:b9:50:01:95:fc:c2:9b:f9:b9:dc:3a:
                    8b:21:61:25:00:22:50:85:08:cc:d5:cb:60:fb:42:
                    54:9f:51:e7:4c:8a:48:02:e0:29:41:7e:62:f4:67:
                    63:86:13:26:14:ba:bb:93:97:25:72:4f:45:0c:30:
                    41:bc:ff:9b:1a:b0:8b:e2:ae:ba:9d:34:49:00:0b:
                    fa:c7:04:8a:b0:d4:7a:84:f7:d9:6b:c0:5b:a6:18:
                    ab:99:77:fe:5d:33:be:0a:43:3a:17:64:c0:ec:8a:
                    d6:d5:db:5e:32:f7:e1:43:e4:ab:4e:a8:38:3b:f1:
                    2c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:42:06:48:1C:4C:09:B3:82:B3:AD:4E:C6:99:73:18:D1:60:A1:BB
            X509v3 Authority Key Identifier:
                keyid:8B:10:26:95:3E:CF:7C:4C:E1:39:FE:9A:59:BD:D7:22:8A:15:35:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/27594B14AA6111EAAF3E7076F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  105.160.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         09:90:d4:f3:10:ff:47:b7:ab:90:b2:77:8e:61:ba:f9:a0:ed:
         16:7a:70:4c:61:66:6f:e3:91:68:dd:96:f8:d9:4f:78:b6:08:
         a1:43:c3:52:e0:d7:55:19:0e:40:2f:a5:69:dd:5a:e0:26:9c:
         3e:da:59:af:fe:83:3f:07:e0:44:54:58:63:fc:c3:c5:9e:ab:
         b9:df:63:5c:b0:5c:c7:50:4d:34:d7:b7:14:17:cb:14:34:63:
         c0:32:bc:07:b4:47:27:3a:f7:a3:d4:33:ac:b2:09:7b:45:8a:
         ed:1d:35:91:0c:31:b2:98:cb:31:fb:2f:68:a5:29:98:d9:de:
         27:77:33:4c:00:14:1e:45:cb:c7:a3:56:98:3c:37:ab:f6:64:
         91:ba:52:a2:5f:b0:d0:0e:92:f3:53:d9:f3:e7:ba:29:c0:14:
         3f:31:f7:a9:3c:4b:84:1b:b5:02:7b:9a:99:3b:7e:25:51:69:
         cf:e5:17:e0:a7:dc:6b:9c:ac:b2:81:b8:67:76:8e:d1:10:50:
         86:2f:d4:6e:8b:15:45:90:17:a7:e0:6e:6a:66:96:77:52:50:
         a7:07:f5:74:f3:3c:86:18:e8:52:e5:9f:5f:f9:75:03:d9:ee:
         c5:7b:20:38:11:84:95:c7:97:37:55:bf:6e:31:db:ec:d8:aa:
         2d:77:96:49
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
MjEwNEFGMTEwLwYDVQQFEyg4QjEwMjY5NTNFQ0Y3QzRDRTEzOUZFOUE1OUJERDcy
MjhBMTUzNTQ0MB4XDTIwMDYwOTE0NTQzOVoXDTMwMTIzMTE0NTQzOVowGDEWMBQG
A1UEAxMNNWVkZmEyYjQtZThhMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/3c1lCI99fBxVj9I3dzqrFXQZtCuWzDwi5Ohj4Ky6+04XVOvHWNInP+qjS
K/lqy8rKnjKnEdv7kNhNfjJBVT95EphSj6fapRehZeerij3AdXy7+emKcaGcNSWc
H0pMNn5+V3Ns0HADNAOsqRir/a4XhVXEdCx4jxP2ndcbqim7wE5+oyuk+TkXD7lQ
AZX8wpv5udw6iyFhJQAiUIUIzNXLYPtCVJ9R50yKSALgKUF+YvRnY4YTJhS6u5OX
JXJPRQwwQbz/mxqwi+Kuup00SQAL+scEirDUeoT32WvAW6YYq5l3/l0zvgpDOhdk
wOyK1tXbXjL34UPkq06oODvxLC8CAwEAAaOCAqQwggKgMB0GA1UdDgQWBBSYQgZI
HEwJs4KzrU7GmXMY0WChuzAfBgNVHSMEGDAWgBSLECaVPs98TOE5/ppZvdciihU1
RDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODIxMDQvMDlDQ0I5NENBNzYzMTFFQUJCQzE5MTFDRjhBRUEyMjgvaXhBbWxU
N1BmRXpoT2Y2YVdiM1hJb29WTlVRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaXhBbWxUN1BmRXpoT2Y2YVdiM1hJb29WTlVRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODIxMDQvMDlDQ0I5NENBNzYzMTFFQUJCQzE5MTFDRjhB
RUEyMjgvMjc1OTRCMTRBQTYxMTFFQUFGM0U3MDc2RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDA2mgMA0GCSqGSIb3DQEBCwUA
A4IBAQAJkNTzEP9Ht6uQsneOYbr5oO0WenBMYWZv45Fo3Zb42U94tgihQ8NS4NdV
GQ5AL6Vp3VrgJpw+2lmv/oM/B+BEVFhj/MPFnqu532NcsFzHUE0017cUF8sUNGPA
MrwHtEcnOvej1DOssgl7RYrtHTWRDDGymMsx+y9opSmY2d4ndzNMABQeRcvHo1aY
PDer9mSRulKiX7DQDpLzU9nz57opwBQ/MfepPEuEG7UCe5qZO34lUWnP5Rfgp9xr
nKyygbhndo7REFCGL9RuixVFkBen4G5qZpZ3UlCnB/V08zyGGOhS5Z9f+XUD2e7F
eyA4EYSVx5c3Vb9uMdvs2Kotd5ZJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org