Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D518D/83FDAF68CF7C11EB82E08342F8AEA228/9E14C3CCA2DB11ECAC4872A95A40D577.roa
File:                     9E14C3CCA2DB11ECAC4872A95A40D577.roa (raw, json)
Hash identifier:          sqHCz7QhDeQNCk+Oi9HPhFuqRLltffe8AfdV9zemzA8=
Subject key identifier:   97:D2:0E:A6:E4:96:5C:73:32:08:79:35:09:A7:F5:2A:3F:D7:6B:3B
Certificate issuer:       /CN=F36D518DAF/serialNumber=FC945B066AE879A61BDF6FCB18859C57A2E716D0
Certificate serial:       0129
Authority key identifier: FC:94:5B:06:6A:E8:79:A6:1B:DF:6F:CB:18:85:9C:57:A2:E7:16:D0
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_JRbBmroeaYb32_LGIWcV6LnFtA.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D518D/83FDAF68CF7C11EB82E08342F8AEA228/9E14C3CCA2DB11ECAC4872A95A40D577.roa
Signing time:             Sun 13 Mar 2022 14:41:08 +0000
ROA not before:           Sun 13 Mar 2022 14:41:03 +0000
ROA not after:            Fri 12 Mar 2032 14:41:03 +0000
asID:                     400463
IP address blocks:        196.51.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D518D/83FDAF68CF7C11EB82E08342F8AEA228/_JRbBmroeaYb32_LGIWcV6LnFtA.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D518D/83FDAF68CF7C11EB82E08342F8AEA228/_JRbBmroeaYb32_LGIWcV6LnFtA.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_JRbBmroeaYb32_LGIWcV6LnFtA.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 297 (0x129)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D518DAF/serialNumber=FC945B066AE879A61BDF6FCB18859C57A2E716D0
        Validity
            Not Before: Mar 13 14:41:03 2022 GMT
            Not After : Mar 12 14:41:03 2032 GMT
        Subject: CN=622e0283-ce29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:9b:42:a7:b5:b3:38:3e:5c:a5:7d:91:e5:84:
                    4f:9a:c0:1f:c3:49:9d:7c:bd:4f:68:47:e6:b8:3b:
                    0c:8a:12:55:cc:b5:e1:95:3d:96:ab:5a:31:51:6c:
                    d6:bc:a2:0e:e9:7c:7d:de:01:95:0d:a1:7a:ad:58:
                    2a:c3:76:c4:e7:ac:41:b6:e3:d9:e2:11:58:05:04:
                    f8:c0:e8:f1:99:41:74:5d:3b:f1:67:97:50:06:52:
                    ea:88:4c:62:03:eb:e1:e8:78:49:bc:b7:e5:97:1a:
                    ae:34:77:aa:3f:f3:4c:2c:f5:fd:5c:57:5f:71:6c:
                    57:b1:d6:08:bf:a9:6f:22:a1:61:ca:5e:e0:8c:e5:
                    d7:79:04:ec:75:e7:06:d8:4f:0f:d4:16:ac:a7:86:
                    ff:d5:6a:e7:72:7c:73:da:4a:df:83:74:8f:32:81:
                    98:0b:a7:16:9a:a5:77:a8:a5:31:b8:bb:57:f4:fc:
                    57:b9:19:70:fe:cd:76:ef:0a:4b:5a:82:45:65:63:
                    7d:0c:11:43:48:79:d0:58:94:03:8e:51:e7:19:25:
                    0d:69:95:82:7f:b3:c6:db:62:5a:4f:c2:95:92:b8:
                    63:de:81:57:61:b0:91:db:2b:a0:1d:78:b8:a4:aa:
                    3e:dd:cf:08:3c:a5:d6:26:51:cb:80:da:71:59:18:
                    cd:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:D2:0E:A6:E4:96:5C:73:32:08:79:35:09:A7:F5:2A:3F:D7:6B:3B
            X509v3 Authority Key Identifier:
                keyid:FC:94:5B:06:6A:E8:79:A6:1B:DF:6F:CB:18:85:9C:57:A2:E7:16:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D518D/83FDAF68CF7C11EB82E08342F8AEA228/_JRbBmroeaYb32_LGIWcV6LnFtA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_JRbBmroeaYb32_LGIWcV6LnFtA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D518D/83FDAF68CF7C11EB82E08342F8AEA228/9E14C3CCA2DB11ECAC4872A95A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.51.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         1a:e0:73:23:9f:8f:57:96:00:ed:f2:39:11:77:7f:17:86:6e:
         4f:16:00:18:b0:59:9a:10:19:00:84:91:0c:44:de:ea:d9:a8:
         8a:7c:cb:c8:23:12:dc:fa:7a:b3:2b:9a:69:10:84:21:bf:6a:
         d3:b0:b3:d6:e5:5c:f9:3c:cc:cc:1c:62:81:dc:00:fc:7d:d2:
         76:db:c1:be:80:9d:67:74:e0:58:bf:2f:92:5c:42:52:0c:67:
         4a:06:98:bf:17:76:3a:bf:ad:b1:e4:06:0f:e4:d7:23:07:64:
         9c:8a:ba:23:c7:ae:21:c4:61:93:38:34:ff:dd:b5:81:02:61:
         82:4c:85:62:3f:be:5b:15:bc:ce:b4:da:65:5d:58:ba:c6:37:
         4e:a0:5c:71:6c:87:49:48:30:e0:70:25:ed:78:07:22:40:f8:
         ab:1a:e2:31:ef:2a:29:f7:57:0b:6b:dc:7a:be:52:11:19:0d:
         d3:99:8c:fd:9f:b1:72:21:5d:5c:91:85:b5:68:dd:c7:e8:2d:
         8c:86:31:96:8b:32:6f:2e:20:c0:06:74:60:48:22:65:b4:5a:
         e6:5e:26:d5:a1:c3:44:e5:af:7f:76:14:a1:7f:65:7a:f1:1d:
         9c:5e:73:55:75:48:89:d0:38:a9:b3:ca:a3:4e:07:89:64:f8:
         15:bb:f7:6d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICASkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RDUxOERBRjExMC8GA1UEBRMoRkM5NDVCMDY2QUU4NzlBNjFCREY2RkNCMTg4NTlD
NTdBMkU3MTZEMDAeFw0yMjAzMTMxNDQxMDNaFw0zMjAzMTIxNDQxMDNaMBgxFjAU
BgNVBAMMDTYyMmUwMjgzLWNlMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2m0KntbM4PlylfZHlhE+awB/DSZ18vU9oR+a4OwyKElXMteGVPZarWjFR
bNa8og7pfH3eAZUNoXqtWCrDdsTnrEG249niEVgFBPjA6PGZQXRdO/Fnl1AGUuqI
TGID6+HoeEm8t+WXGq40d6o/80ws9f1cV19xbFex1gi/qW8ioWHKXuCM5dd5BOx1
5wbYTw/UFqynhv/VaudyfHPaSt+DdI8ygZgLpxaapXeopTG4u1f0/Fe5GXD+zXbv
CktagkVlY30MEUNIedBYlAOOUecZJQ1plYJ/s8bbYlpPwpWSuGPegVdhsJHbK6Ad
eLikqj7dzwg8pdYmUcuA2nFZGM2VAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUl9IO
puSWXHMyCHk1Caf1Kj/XazswHwYDVR0jBBgwFoAU/JRbBmroeaYb32/LGIWcV6Ln
FtAwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQ1MThELzgzRkRBRjY4Q0Y3QzExRUI4MkUwODM0MkY4QUVBMjI4L19KUmJC
bXJvZWFZYjMyX0xHSVdjVjZMbkZ0QS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL19KUmJCbXJvZWFZYjMyX0xHSVdjVjZMbkZ0QS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQ1MThELzgzRkRBRjY4Q0Y3QzExRUI4MkUwODM0MkY4
QUVBMjI4LzlFMTRDM0NDQTJEQjExRUNBQzQ4NzJBOTVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAfEM4AwDQYJKoZIhvcNAQEL
BQADggEBABrgcyOfj1eWAO3yORF3fxeGbk8WABiwWZoQGQCEkQxE3urZqIp8y8gj
Etz6erMrmmkQhCG/atOws9blXPk8zMwcYoHcAPx90nbbwb6AnWd04Fi/L5JcQlIM
Z0oGmL8Xdjq/rbHkBg/k1yMHZJyKuiPHriHEYZM4NP/dtYECYYJMhWI/vlsVvM60
2mVdWLrGN06gXHFsh0lIMOBwJe14ByJA+Ksa4jHvKin3Vwtr3Hq+UhEZDdOZjP2f
sXIhXVyRhbVo3cfoLYyGMZaLMm8uIMAGdGBIImW0WuZeJtWhw0Tlr392FKF/ZXrx
HZxec1V1SInQOKmzyqNOB4lk+BW7920=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:42 2024 by rpki-client on console-ams.rpki-client.org