Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369BF27/451248DA91EA11E9BA92847AF8AEA228/0A728C7696AE11E994BEB045F8AEA228.roa
File:                     0A728C7696AE11E994BEB045F8AEA228.roa (raw, json)
Hash identifier:          jhN1xgY7+Ai6dzJNk3/cbOqfB/7bGkdkvygH1Fmr1S4=
Subject key identifier:   E6:D0:03:CD:95:27:09:4B:4A:56:B7:68:A9:8A:CC:BA:F3:D3:9D:FC
Certificate issuer:       /CN=F369BF27AF/serialNumber=6057F489F5ADC4E9269C260D702C81AAB6AA2E6D
Certificate serial:       16
Authority key identifier: 60:57:F4:89:F5:AD:C4:E9:26:9C:26:0D:70:2C:81:AA:B6:AA:2E:6D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/YFf0ifWtxOkmnCYNcCyBqraqLm0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369BF27/451248DA91EA11E9BA92847AF8AEA228/0A728C7696AE11E994BEB045F8AEA228.roa
Signing time:             Mon 24 Jun 2019 18:29:46 +0000
ROA not before:           Mon 24 Jun 2019 18:29:41 +0000
ROA not after:            Mon 25 Jun 2029 18:29:41 +0000
asID:                     37049
IP address blocks:        196.32.248.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369BF27/451248DA91EA11E9BA92847AF8AEA228/YFf0ifWtxOkmnCYNcCyBqraqLm0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369BF27/451248DA91EA11E9BA92847AF8AEA228/YFf0ifWtxOkmnCYNcCyBqraqLm0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/YFf0ifWtxOkmnCYNcCyBqraqLm0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22 (0x16)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369BF27AF/serialNumber=6057F489F5ADC4E9269C260D702C81AAB6AA2E6D
        Validity
            Not Before: Jun 24 18:29:41 2019 GMT
            Not After : Jun 25 18:29:41 2029 GMT
        Subject: CN=5d11169a-5551
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f4:1f:c6:f8:4c:4a:e6:ff:7d:6f:61:21:f7:
                    21:f8:f4:25:91:01:77:87:de:b8:2a:60:e5:ed:ae:
                    78:9e:d5:d9:16:d5:b3:3b:82:69:60:19:5b:9f:c3:
                    fa:4d:ae:a4:c6:be:23:e4:49:28:c1:24:a2:34:41:
                    24:8c:fa:c9:bb:fd:38:d8:8a:91:e6:d4:18:0a:78:
                    ea:a2:c7:e6:fe:90:6d:f0:b6:80:74:5c:f2:92:83:
                    30:6c:c3:1a:eb:ed:a5:b1:d6:91:b7:22:5d:a2:eb:
                    78:b9:d7:f8:53:c1:35:b3:c8:10:c6:8d:be:be:54:
                    68:5d:72:ee:aa:b3:bc:e2:fe:24:1a:10:6f:0a:d0:
                    2e:4a:07:40:da:38:42:4f:25:0f:4d:1c:f5:42:27:
                    11:6d:c2:69:5e:c5:b7:f5:e9:ce:9a:95:39:9e:c0:
                    60:8a:d4:4f:4d:1b:00:2f:2a:9e:20:b5:cf:ff:b3:
                    3e:79:e2:8d:e4:57:b8:1f:b8:ba:60:00:4c:06:e9:
                    ed:27:f9:97:aa:0f:64:9b:fa:0f:c1:6b:2c:da:90:
                    95:25:74:d9:dd:e8:04:4d:55:0f:95:20:26:68:82:
                    34:eb:ed:b6:6a:b7:19:d2:8a:01:30:a8:2e:47:4b:
                    bb:ac:8d:2b:1e:1c:10:71:bc:67:b7:f3:fb:27:5c:
                    1c:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:D0:03:CD:95:27:09:4B:4A:56:B7:68:A9:8A:CC:BA:F3:D3:9D:FC
            X509v3 Authority Key Identifier:
                keyid:60:57:F4:89:F5:AD:C4:E9:26:9C:26:0D:70:2C:81:AA:B6:AA:2E:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369BF27/451248DA91EA11E9BA92847AF8AEA228/YFf0ifWtxOkmnCYNcCyBqraqLm0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YFf0ifWtxOkmnCYNcCyBqraqLm0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369BF27/451248DA91EA11E9BA92847AF8AEA228/0A728C7696AE11E994BEB045F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.32.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         d6:5a:3e:50:08:a9:ff:02:fe:08:45:d6:c3:ed:6c:51:61:42:
         dd:25:d6:0d:6f:1b:d0:1a:a1:bb:05:3a:c7:a8:34:d8:08:e3:
         7b:eb:29:16:19:49:08:97:0d:0a:38:ff:b6:a7:66:4e:9e:79:
         9e:57:e8:ce:39:c3:e6:dd:e4:09:36:45:1b:32:0a:f6:f4:36:
         34:06:9c:e7:be:23:fb:ff:bb:06:18:68:f1:92:f7:3e:e5:1e:
         e9:4f:bd:20:fd:3d:e7:ce:bd:21:5a:20:48:e0:a5:1f:23:9d:
         52:96:84:b4:e3:f5:8f:66:2f:c2:2a:82:5a:24:ff:2b:73:9e:
         11:f7:d7:3a:4d:1f:db:5d:05:8a:c8:c5:3f:6e:41:70:4b:1a:
         bd:bf:e5:69:49:9b:0e:9f:c9:69:dc:c7:af:e8:54:4a:e2:52:
         3b:4f:43:42:2a:fa:b8:91:b8:bb:a4:13:f8:42:55:9e:c0:e5:
         ad:ad:8b:8e:a0:5d:9f:e1:e5:33:16:e0:d6:f2:d6:49:89:f2:
         28:76:4c:ca:fd:0e:4e:79:b2:ab:d2:80:e5:db:a2:f5:9b:f9:
         d6:5b:ca:92:f7:a0:ac:88:0d:6e:6f:b4:e7:27:0d:2b:d7:1a:
         72:6a:0e:9d:33:43:44:b4:1d:58:00:bb:e9:91:1b:79:20:10:
         59:61:9f:72
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBFjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
QkYyN0FGMTEwLwYDVQQFEyg2MDU3RjQ4OUY1QURDNEU5MjY5QzI2MEQ3MDJDODFB
QUI2QUEyRTZEMB4XDTE5MDYyNDE4Mjk0MVoXDTI5MDYyNTE4Mjk0MVowGDEWMBQG
A1UEAxMNNWQxMTE2OWEtNTU1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANn0H8b4TErm/31vYSH3Ifj0JZEBd4feuCpg5e2ueJ7V2RbVszuCaWAZW5/D
+k2upMa+I+RJKMEkojRBJIz6ybv9ONiKkebUGAp46qLH5v6QbfC2gHRc8pKDMGzD
GuvtpbHWkbciXaLreLnX+FPBNbPIEMaNvr5UaF1y7qqzvOL+JBoQbwrQLkoHQNo4
Qk8lD00c9UInEW3CaV7Ft/XpzpqVOZ7AYIrUT00bAC8qniC1z/+zPnnijeRXuB+4
umAATAbp7Sf5l6oPZJv6D8FrLNqQlSV02d3oBE1VD5UgJmiCNOvttmq3GdKKATCo
LkdLu6yNKx4cEHG8Z7fz+ydcHFECAwEAAaOCAm4wggJqMB0GA1UdDgQWBBTm0APN
lScJS0pWt2ipisy689Od/DAfBgNVHSMEGDAWgBRgV/SJ9a3E6SacJg1wLIGqtqou
bTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUJGMjcvNDUxMjQ4REE5MUVBMTFFOUJBOTI4NDdBRjhBRUEyMjgvWUZmMGlm
V3R4T2ttbkNZTmNDeUJxcmFxTG0wLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWUZmMGlmV3R4T2ttbkNZTmNDeUJxcmFxTG0wLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUJGMjcvNDUxMjQ4REE5MUVBMTFFOUJBOTI4NDdBRjhB
RUEyMjgvMEE3MjhDNzY5NkFFMTFFOTk0QkVCMDQ1RjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDxCD4MA0GCSqGSIb3DQEBCwUAA4IBAQDW
Wj5QCKn/Av4IRdbD7WxRYULdJdYNbxvQGqG7BTrHqDTYCON76ykWGUkIlw0KOP+2
p2ZOnnmeV+jOOcPm3eQJNkUbMgr29DY0BpznviP7/7sGGGjxkvc+5R7pT70g/T3n
zr0hWiBI4KUfI51SloS04/WPZi/CKoJaJP8rc54R99c6TR/bXQWKyMU/bkFwSxq9
v+VpSZsOn8lp3Mev6FRK4lI7T0NCKvq4kbi7pBP4QlWewOWtrYuOoF2f4eUzFuDW
8tZJifIodkzK/Q5OebKr0oDl26L1m/nWW8qS96CsiA1ub7TnJw0r1xpyag6dM0NE
tB1YALvpkRt5IBBZYZ9y
-----END CERTIFICATE-----