Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369E2BD/00F29B8E594311EABDC6E160F8AEA228/57DC8B94594311EAB1EE2E61F8AEA228.roa
File:                     57DC8B94594311EAB1EE2E61F8AEA228.roa (raw, json)
Hash identifier:          9IdSgdrivSza8u+XWxxC8YvqMBQsdLiCPyERfG7cngg=
Subject key identifier:   EF:0B:2C:99:85:BB:15:A8:B9:39:8C:AA:70:28:83:08:AA:40:3E:E1
Certificate issuer:       /CN=F369E2BDAF/serialNumber=1C3DB9D020C29BFE4910FA14AA5014F604A4267F
Certificate serial:       04
Authority key identifier: 1C:3D:B9:D0:20:C2:9B:FE:49:10:FA:14:AA:50:14:F6:04:A4:26:7F
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/HD250CDCm_5JEPoUqlAU9gSkJn8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369E2BD/00F29B8E594311EABDC6E160F8AEA228/57DC8B94594311EAB1EE2E61F8AEA228.roa
Signing time:             Thu 27 Feb 2020 09:27:16 +0000
ROA not before:           Thu 27 Feb 2020 09:27:11 +0000
ROA not after:            Thu 28 Feb 2030 09:27:11 +0000
asID:                     328622
IP address blocks:        2c0f:ebf0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369E2BD/00F29B8E594311EABDC6E160F8AEA228/HD250CDCm_5JEPoUqlAU9gSkJn8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369E2BD/00F29B8E594311EABDC6E160F8AEA228/HD250CDCm_5JEPoUqlAU9gSkJn8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/HD250CDCm_5JEPoUqlAU9gSkJn8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369E2BDAF/serialNumber=1C3DB9D020C29BFE4910FA14AA5014F604A4267F
        Validity
            Not Before: Feb 27 09:27:11 2020 GMT
            Not After : Feb 28 09:27:11 2030 GMT
        Subject: CN=5e578b74-4edd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:80:35:bc:4b:01:2d:ab:c5:eb:3d:12:3b:53:
                    17:0a:a2:2e:f2:1f:4c:56:44:4e:10:7f:40:49:8c:
                    86:54:c1:2f:bc:00:94:c4:d1:94:06:52:ae:1f:b5:
                    cf:28:87:36:d4:c5:29:9a:d2:a3:d5:b6:16:4c:84:
                    05:81:92:3f:dc:65:89:6a:74:bc:4b:fd:e9:11:4a:
                    05:a2:a4:38:e5:15:ae:82:d0:dc:e8:1d:71:b2:0c:
                    79:59:7f:21:7b:9e:d5:dd:fa:d2:4f:ba:ed:f9:d6:
                    67:40:03:79:52:17:d1:09:30:38:75:ab:9c:2b:7b:
                    2b:7e:ff:87:ca:9e:b7:46:05:7c:af:d7:76:6b:f8:
                    46:fa:64:f3:04:a1:d1:31:82:6d:df:1d:79:7f:f6:
                    01:03:6f:10:65:7c:4e:84:ed:7b:de:be:d6:d9:3d:
                    e3:b3:c9:1c:59:53:79:f7:ab:4d:fb:f8:48:2b:ca:
                    14:7f:12:cb:87:80:f0:40:34:5d:1d:59:a7:7c:d1:
                    c9:87:be:74:84:2c:64:55:19:3b:82:0c:7d:43:5a:
                    db:1f:79:92:db:6a:b9:aa:c9:db:1f:91:92:ff:d8:
                    5d:90:34:c8:db:4b:ce:0d:3e:36:e3:23:f8:2e:26:
                    c3:a7:1d:cf:c1:e2:fd:cf:84:fa:79:7a:a7:fb:93:
                    50:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:0B:2C:99:85:BB:15:A8:B9:39:8C:AA:70:28:83:08:AA:40:3E:E1
            X509v3 Authority Key Identifier:
                keyid:1C:3D:B9:D0:20:C2:9B:FE:49:10:FA:14:AA:50:14:F6:04:A4:26:7F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369E2BD/00F29B8E594311EABDC6E160F8AEA228/HD250CDCm_5JEPoUqlAU9gSkJn8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HD250CDCm_5JEPoUqlAU9gSkJn8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369E2BD/00F29B8E594311EABDC6E160F8AEA228/57DC8B94594311EAB1EE2E61F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:ebf0::/32

    Signature Algorithm: sha256WithRSAEncryption
         8b:ef:8c:4d:5e:2f:94:31:be:d6:3c:46:59:c9:97:05:23:e0:
         2c:96:35:0a:2c:c6:98:49:ce:98:7f:a0:cd:fd:30:0a:6b:42:
         8e:06:47:c7:09:e9:d8:1e:98:2c:1e:66:ab:1c:1b:c4:e0:07:
         79:17:e8:fd:2d:4f:c7:a6:d8:8a:1d:84:df:47:5b:6c:cf:b5:
         fe:8e:f7:97:03:4b:a9:ac:08:da:40:31:41:9f:35:c9:77:a4:
         95:50:ca:4c:7b:6c:9c:cf:11:ac:78:2b:9c:a0:e6:77:3a:01:
         8e:c3:94:3e:ee:26:19:73:a7:0f:21:59:66:46:a2:62:c1:6c:
         10:54:f9:e7:c6:af:27:35:ee:78:72:9c:9b:06:ff:d3:a6:d1:
         5a:61:3b:c5:4d:e7:95:c6:41:ec:3d:e5:98:3b:d3:c8:fa:ba:
         ee:7c:fa:e2:3b:6e:ce:d0:ba:30:73:92:1f:a0:d7:b9:40:4f:
         4e:7e:6a:86:44:52:54:37:ea:1c:9e:de:bd:40:31:fe:e9:71:
         b7:ad:92:80:43:c1:9a:9c:32:5d:62:41:6c:61:73:fb:f9:99:
         93:29:08:c6:2d:e3:09:b0:e1:c6:2d:39:4d:67:0a:36:32:62:
         ae:7f:35:8d:f3:e5:99:95:fc:41:74:fc:da:c4:90:29:63:c4:
         af:bd:32:77
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
RTJCREFGMTEwLwYDVQQFEygxQzNEQjlEMDIwQzI5QkZFNDkxMEZBMTRBQTUwMTRG
NjA0QTQyNjdGMB4XDTIwMDIyNzA5MjcxMVoXDTMwMDIyODA5MjcxMVowGDEWMBQG
A1UEAxMNNWU1NzhiNzQtNGVkZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuANbxLAS2rxes9EjtTFwqiLvIfTFZEThB/QEmMhlTBL7wAlMTRlAZSrh+1
zyiHNtTFKZrSo9W2FkyEBYGSP9xliWp0vEv96RFKBaKkOOUVroLQ3OgdcbIMeVl/
IXue1d360k+67fnWZ0ADeVIX0QkwOHWrnCt7K37/h8qet0YFfK/Xdmv4Rvpk8wSh
0TGCbd8deX/2AQNvEGV8ToTte96+1tk947PJHFlTeferTfv4SCvKFH8Sy4eA8EA0
XR1Zp3zRyYe+dIQsZFUZO4IMfUNa2x95kttquarJ2x+Rkv/YXZA0yNtLzg0+NuMj
+C4mw6cdz8Hi/c+E+nl6p/uTUG0CAwEAAaOCAm8wggJrMB0GA1UdDgQWBBTvCyyZ
hbsVqLk5jKpwKIMIqkA+4TAfBgNVHSMEGDAWgBQcPbnQIMKb/kkQ+hSqUBT2BKQm
fzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUUyQkQvMDBGMjlCOEU1OTQzMTFFQUJEQzZFMTYwRjhBRUEyMjgvSEQyNTBD
RENtXzVKRVBvVXFsQVU5Z1NrSm44LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSEQyNTBDRENtXzVKRVBvVXFsQVU5Z1NrSm44LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUUyQkQvMDBGMjlCOEU1OTQzMTFFQUJEQzZFMTYwRjhB
RUEyMjgvNTdEQzhCOTQ1OTQzMTFFQUIxRUUyRTYxRjhBRUEyMjgucm9hMCAGCCsG
AQUFBwEHAQH/BBEwDzANBAIAAjAHAwUALA/r8DANBgkqhkiG9w0BAQsFAAOCAQEA
i++MTV4vlDG+1jxGWcmXBSPgLJY1CizGmEnOmH+gzf0wCmtCjgZHxwnp2B6YLB5m
qxwbxOAHeRfo/S1Px6bYih2E30dbbM+1/o73lwNLqawI2kAxQZ81yXeklVDKTHts
nM8RrHgrnKDmdzoBjsOUPu4mGXOnDyFZZkaiYsFsEFT558avJzXueHKcmwb/06bR
WmE7xU3nlcZB7D3lmDvTyPq67nz64jtuztC6MHOSH6DXuUBPTn5qhkRSVDfqHJ7e
vUAx/ulxt62SgEPBmpwyXWJBbGFz+/mZkykIxi3jCbDhxi05TWcKNjJirn81jfPl
mZX8QXT82sSQKWPEr70ydw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:13 2024 by rpki-client on console-fra.rpki-client.org