Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/DDE70E525A6611EAB8C0D34BF8AEA228.roa
File:                     DDE70E525A6611EAB8C0D34BF8AEA228.roa (raw, json)
Hash identifier:          CTnWbvN7o+FlfyXlLcFUADgf4PWO/HvRao3/o/WHW3A=
Subject key identifier:   96:15:C7:D2:41:26:76:24:F1:7A:B0:BF:13:C6:D3:CE:F3:83:96:1D
Certificate issuer:       /CN=F36B70EFAF/serialNumber=D0BE67D045B33F05A5871510399E709C98F6D77D
Certificate serial:       04
Authority key identifier: D0:BE:67:D0:45:B3:3F:05:A5:87:15:10:39:9E:70:9C:98:F6:D7:7D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/0L5n0EWzPwWlhxUQOZ5wnJj2130.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/DDE70E525A6611EAB8C0D34BF8AEA228.roa
Signing time:             Fri 28 Feb 2020 20:14:05 +0000
ROA not before:           Fri 28 Feb 2020 20:14:01 +0000
ROA not after:            Thu 28 Feb 2030 20:14:01 +0000
asID:                     328337
IP address blocks:        2c0f:ef40::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/0L5n0EWzPwWlhxUQOZ5wnJj2130.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/0L5n0EWzPwWlhxUQOZ5wnJj2130.mft
                          rsync://rpki.afrinic.net/repository/afrinic/0L5n0EWzPwWlhxUQOZ5wnJj2130.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B70EFAF/serialNumber=D0BE67D045B33F05A5871510399E709C98F6D77D
        Validity
            Not Before: Feb 28 20:14:01 2020 GMT
            Not After : Feb 28 20:14:01 2030 GMT
        Subject: CN=5e59748d-e49b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a5:1c:24:9f:88:18:c3:b5:c0:9d:e6:9f:5a:
                    2e:20:d8:37:bd:db:4c:c7:64:a5:75:5a:6d:ae:05:
                    a5:43:8d:8b:6b:0b:81:5a:fc:ec:88:43:50:c7:f9:
                    4a:43:19:86:c2:15:c4:19:de:28:43:a8:2f:3d:03:
                    6c:a2:f7:b0:b0:39:80:0f:6c:6c:01:1c:6b:4e:59:
                    a8:4b:e8:02:88:ed:da:90:18:5d:3d:2a:ef:be:ae:
                    e9:f7:c2:b9:e3:f2:93:ab:7f:1d:3e:c1:62:3b:6e:
                    b3:5f:c0:33:7b:49:90:f0:0e:fc:94:d2:fe:af:c2:
                    43:81:b4:ba:45:1e:e5:8d:3f:06:0f:c5:1f:b9:a3:
                    82:db:9e:cf:95:7e:28:63:be:6c:3a:09:10:52:9e:
                    1b:9b:2e:e2:b5:a7:59:0e:48:78:36:a7:ce:b3:14:
                    03:51:30:dd:3c:8a:f2:4e:de:14:d7:2b:c9:9b:c8:
                    55:7a:08:1c:19:f5:be:c1:61:e8:3a:a6:7f:94:ef:
                    4a:71:40:e2:90:5d:9f:dc:76:0c:4a:d5:d0:ad:4a:
                    e0:45:6b:6f:f8:f4:92:79:35:3f:11:9d:a7:50:08:
                    f2:f4:eb:4c:5e:ec:17:fc:d2:4d:70:03:fa:6b:d6:
                    48:2c:9f:95:6f:e5:79:18:4c:a9:5e:d9:77:25:07:
                    c3:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:15:C7:D2:41:26:76:24:F1:7A:B0:BF:13:C6:D3:CE:F3:83:96:1D
            X509v3 Authority Key Identifier:
                keyid:D0:BE:67:D0:45:B3:3F:05:A5:87:15:10:39:9E:70:9C:98:F6:D7:7D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/0L5n0EWzPwWlhxUQOZ5wnJj2130.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0L5n0EWzPwWlhxUQOZ5wnJj2130.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B70EF/8F798B325A6611EABB216F4BF8AEA228/DDE70E525A6611EAB8C0D34BF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:ef40::/32

    Signature Algorithm: sha256WithRSAEncryption
         a0:0c:19:09:27:db:82:6a:c1:ee:4c:f6:66:b0:6a:0e:d2:24:
         c7:4d:c2:e2:8b:64:af:11:95:62:96:66:39:f1:b8:08:d6:ae:
         ae:1a:76:be:4b:17:e3:cb:fe:ca:26:2f:98:60:1e:f7:ff:aa:
         ec:7e:8c:1b:e3:5a:45:ee:75:8b:f8:01:f6:f5:fe:9c:de:1f:
         98:07:57:89:2d:f2:99:85:ac:df:05:31:b5:25:fa:22:ee:32:
         19:c4:ee:da:5b:11:c6:9c:fc:31:9c:92:4b:ef:16:31:c2:9e:
         5f:ab:f5:a5:9c:9f:3a:6c:e0:5c:db:c5:ad:f2:4e:7a:5f:98:
         93:68:46:fd:21:cb:95:a4:69:b1:28:02:ef:f4:66:7f:5b:00:
         8c:a9:2a:2a:fe:ee:21:02:75:26:84:17:6e:f2:c4:47:09:62:
         9c:6c:51:4a:2b:37:ee:89:3f:52:ee:6f:66:ad:8d:ca:83:9a:
         7e:6c:5a:54:37:01:88:85:06:7f:39:83:e1:57:55:12:4f:d2:
         49:0a:ee:1b:4f:46:f5:8d:e1:94:3a:f6:f6:f4:4e:73:f8:e6:
         3c:e2:82:80:aa:36:0e:be:db:4b:a6:0d:68:8c:9f:93:4a:b7:
         22:82:71:c6:b3:72:81:1f:55:21:c8:bb:ee:15:b0:61:d6:e7:
         70:4c:b5:0f
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
NzBFRkFGMTEwLwYDVQQFEyhEMEJFNjdEMDQ1QjMzRjA1QTU4NzE1MTAzOTlFNzA5
Qzk4RjZENzdEMB4XDTIwMDIyODIwMTQwMVoXDTMwMDIyODIwMTQwMVowGDEWMBQG
A1UEAxMNNWU1OTc0OGQtZTQ5YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALylHCSfiBjDtcCd5p9aLiDYN73bTMdkpXVaba4FpUONi2sLgVr87IhDUMf5
SkMZhsIVxBneKEOoLz0DbKL3sLA5gA9sbAEca05ZqEvoAojt2pAYXT0q776u6ffC
uePyk6t/HT7BYjtus1/AM3tJkPAO/JTS/q/CQ4G0ukUe5Y0/Bg/FH7mjgtuez5V+
KGO+bDoJEFKeG5su4rWnWQ5IeDanzrMUA1Ew3TyK8k7eFNcryZvIVXoIHBn1vsFh
6Dqmf5TvSnFA4pBdn9x2DErV0K1K4EVrb/j0knk1PxGdp1AI8vTrTF7sF/zSTXAD
+mvWSCyflW/leRhMqV7ZdyUHw3MCAwEAAaOCAm8wggJrMB0GA1UdDgQWBBSWFcfS
QSZ2JPF6sL8TxtPO84OWHTAfBgNVHSMEGDAWgBTQvmfQRbM/BaWHFRA5nnCcmPbX
fTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjcwRUYvOEY3OThCMzI1QTY2MTFFQUJCMjE2RjRCRjhBRUEyMjgvMEw1bjBF
V3pQd1dsaHhVUU9aNXduSmoyMTMwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMEw1bjBFV3pQd1dsaHhVUU9aNXduSmoyMTMwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjcwRUYvOEY3OThCMzI1QTY2MTFFQUJCMjE2RjRCRjhB
RUEyMjgvRERFNzBFNTI1QTY2MTFFQUI4QzBEMzRCRjhBRUEyMjgucm9hMCAGCCsG
AQUFBwEHAQH/BBEwDzANBAIAAjAHAwUALA/vQDANBgkqhkiG9w0BAQsFAAOCAQEA
oAwZCSfbgmrB7kz2ZrBqDtIkx03C4otkrxGVYpZmOfG4CNaurhp2vksX48v+yiYv
mGAe9/+q7H6MG+NaRe51i/gB9vX+nN4fmAdXiS3ymYWs3wUxtSX6Iu4yGcTu2lsR
xpz8MZySS+8WMcKeX6v1pZyfOmzgXNvFrfJOel+Yk2hG/SHLlaRpsSgC7/Rmf1sA
jKkqKv7uIQJ1JoQXbvLERwlinGxRSis37ok/Uu5vZq2NyoOafmxaVDcBiIUGfzmD
4VdVEk/SSQruG09G9Y3hlDr29vROc/jmPOKCgKo2Dr7bS6YNaIyfk0q3IoJxxrNy
gR9VIci77hWwYdbncEy1Dw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:40 2024 by rpki-client on console-ams.rpki-client.org