Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/8B17DADAA98F11EAB9AA6924F8AEA228.roa
File:                     8B17DADAA98F11EAB9AA6924F8AEA228.roa (raw, json)
Hash identifier:          KYYTpk99AQONppdJtauPNE8kMIyequZ2O2Wm6wTUshU=
Subject key identifier:   41:15:60:F8:C5:AB:4B:33:27:EA:2B:C3:22:C1:5E:B4:B6:80:81:55
Certificate issuer:       /CN=F3682104AF/serialNumber=8B1026953ECF7C4CE139FE9A59BDD7228A153544
Certificate serial:       08
Authority key identifier: 8B:10:26:95:3E:CF:7C:4C:E1:39:FE:9A:59:BD:D7:22:8A:15:35:44
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/8B17DADAA98F11EAB9AA6924F8AEA228.roa
Signing time:             Mon 08 Jun 2020 13:54:17 +0000
ROA not before:           Mon 08 Jun 2020 13:54:11 +0000
ROA not after:            Tue 31 Dec 2030 13:54:11 +0000
asID:                     33771
IP address blocks:        196.201.208.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682104AF/serialNumber=8B1026953ECF7C4CE139FE9A59BDD7228A153544
        Validity
            Not Before: Jun  8 13:54:11 2020 GMT
            Not After : Dec 31 13:54:11 2030 GMT
        Subject: CN=5ede4309-08ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:d9:95:65:ab:d5:3e:dd:69:6a:08:bd:15:cf:
                    21:a9:be:e4:19:a2:8e:27:e2:db:25:a3:ca:6a:fd:
                    1d:6e:b5:11:29:1d:7e:37:21:bb:6f:f3:77:c5:21:
                    b5:28:4e:c9:16:d7:1c:5d:44:19:f2:24:61:d0:1f:
                    de:c6:60:c7:03:e3:d2:74:00:7f:57:ad:f7:e9:f5:
                    04:57:30:34:9b:5a:19:17:00:62:10:7f:09:32:e0:
                    fa:c1:e0:94:86:ef:8a:9d:55:33:31:19:e1:b9:5d:
                    78:67:07:4b:53:14:fd:51:6a:d8:18:44:d2:f8:44:
                    e7:6e:50:ae:99:ff:6e:44:e9:d9:62:6c:fd:f9:42:
                    a8:62:9f:46:6a:5d:ce:a6:82:1b:5a:6d:e8:53:69:
                    49:0a:8b:b8:c5:87:c0:68:2e:12:49:df:82:dd:fd:
                    6c:32:67:2a:57:cc:67:03:e0:94:df:61:0e:8e:8b:
                    fe:58:b8:5f:eb:d1:3c:62:d5:72:ba:4a:2d:98:4f:
                    a6:bc:15:d1:1b:88:a5:12:89:cb:06:a1:0b:c8:98:
                    7f:c5:b7:7a:67:ad:51:73:da:3f:14:44:72:d5:d9:
                    1d:15:54:5a:c9:dc:ac:ce:7e:89:1c:85:0c:5c:79:
                    e7:2a:b0:4a:ac:01:33:de:38:33:91:0d:9e:13:22:
                    1d:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:15:60:F8:C5:AB:4B:33:27:EA:2B:C3:22:C1:5E:B4:B6:80:81:55
            X509v3 Authority Key Identifier:
                keyid:8B:10:26:95:3E:CF:7C:4C:E1:39:FE:9A:59:BD:D7:22:8A:15:35:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/ixAmlT7PfEzhOf6aWb3XIooVNUQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ixAmlT7PfEzhOf6aWb3XIooVNUQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682104/09CCB94CA76311EABBC1911CF8AEA228/8B17DADAA98F11EAB9AA6924F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.201.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         07:76:e8:bc:dc:c3:42:99:37:62:61:fe:da:b7:a0:4b:bf:ed:
         d9:56:9f:bc:03:c3:fd:7b:49:44:fa:07:f8:1d:c1:f8:3c:3b:
         61:2f:a4:ad:df:69:e2:05:35:35:cb:b0:e5:90:c2:1a:76:5e:
         d8:88:43:44:a9:80:d9:be:5a:e7:fe:d7:13:7d:b3:4b:55:74:
         f1:89:5d:57:a9:ca:80:3b:42:a8:d7:06:ea:3b:6e:1a:0c:28:
         7b:53:e6:89:3f:ae:8b:e0:09:be:bb:61:2f:53:8c:e6:c3:aa:
         77:a9:d0:d5:d5:8d:ae:f9:34:e8:2a:e2:75:f7:a6:62:60:db:
         32:00:b7:e4:27:e3:44:71:c8:db:6c:d2:34:6f:d2:21:e3:0d:
         55:77:f3:70:73:3e:ba:ad:1a:64:fe:09:88:89:74:95:e4:47:
         0a:ae:55:39:34:6e:4c:07:ea:2d:ea:bf:81:73:43:ed:a3:fd:
         4c:39:ab:89:34:0e:3e:75:e5:32:f1:b8:9a:80:38:5b:27:91:
         e9:8d:f9:62:da:28:fc:ae:a8:c3:cd:c6:d4:9f:6b:d7:ce:9a:
         c6:53:a8:83:4a:b3:f2:a3:b5:2f:4e:8f:2c:6f:68:74:e2:c7:
         94:be:16:a4:41:99:61:a8:00:31:1e:45:6e:51:05:aa:0e:78:
         2f:3b:56:e8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
MjEwNEFGMTEwLwYDVQQFEyg4QjEwMjY5NTNFQ0Y3QzRDRTEzOUZFOUE1OUJERDcy
MjhBMTUzNTQ0MB4XDTIwMDYwODEzNTQxMVoXDTMwMTIzMTEzNTQxMVowGDEWMBQG
A1UEAxMNNWVkZTQzMDktMDhlYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzZlWWr1T7daWoIvRXPIam+5Bmijifi2yWjymr9HW61ESkdfjchu2/zd8Uh
tShOyRbXHF1EGfIkYdAf3sZgxwPj0nQAf1et9+n1BFcwNJtaGRcAYhB/CTLg+sHg
lIbvip1VMzEZ4bldeGcHS1MU/VFq2BhE0vhE525Qrpn/bkTp2WJs/flCqGKfRmpd
zqaCG1pt6FNpSQqLuMWHwGguEknfgt39bDJnKlfMZwPglN9hDo6L/li4X+vRPGLV
crpKLZhPprwV0RuIpRKJywahC8iYf8W3emetUXPaPxREctXZHRVUWsncrM5+iRyF
DFx55yqwSqwBM944M5ENnhMiHf0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRBFWD4
xatLMyfqK8MiwV60toCBVTAfBgNVHSMEGDAWgBSLECaVPs98TOE5/ppZvdciihU1
RDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODIxMDQvMDlDQ0I5NENBNzYzMTFFQUJCQzE5MTFDRjhBRUEyMjgvaXhBbWxU
N1BmRXpoT2Y2YVdiM1hJb29WTlVRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaXhBbWxUN1BmRXpoT2Y2YVdiM1hJb29WTlVRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODIxMDQvMDlDQ0I5NENBNzYzMTFFQUJCQzE5MTFDRjhB
RUEyMjgvOEIxN0RBREFBOThGMTFFQUI5QUE2OTI0RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMTJ0DANBgkqhkiG9w0BAQsF
AAOCAQEAB3bovNzDQpk3YmH+2regS7/t2VafvAPD/XtJRPoH+B3B+Dw7YS+krd9p
4gU1Ncuw5ZDCGnZe2IhDRKmA2b5a5/7XE32zS1V08YldV6nKgDtCqNcG6jtuGgwo
e1PmiT+ui+AJvrthL1OM5sOqd6nQ1dWNrvk06CridfemYmDbMgC35CfjRHHI22zS
NG/SIeMNVXfzcHM+uq0aZP4JiIl0leRHCq5VOTRuTAfqLeq/gXND7aP9TDmriTQO
PnXlMvG4moA4WyeR6Y35Ytoo/K6ow83G1J9r186axlOog0qz8qO1L06PLG9odOLH
lL4WpEGZYagAMR5FblEFqg54LztW6A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:55 2024 by rpki-client on console-fra.rpki-client.org