Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/3DB30B9ABBA311EA89315C15F8AEA228.roa
File:                     3DB30B9ABBA311EA89315C15F8AEA228.roa (raw, json)
Hash identifier:          hSqmYouNDlFmwq98ze5AjMKjQCjmauvVZMjECey0gS8=
Subject key identifier:   36:14:14:9A:36:56:ED:21:DD:04:A0:40:87:1E:95:0C:0B:F8:19:25
Certificate issuer:       /CN=F36E3D7FAF/serialNumber=965C8C35B0F10F8EA5DBDA544F291B6CA9283B5D
Certificate serial:       C0
Authority key identifier: 96:5C:8C:35:B0:F1:0F:8E:A5:DB:DA:54:4F:29:1B:6C:A9:28:3B:5D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/llyMNbDxD46l29pUTykbbKkoO10.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/3DB30B9ABBA311EA89315C15F8AEA228.roa
Signing time:             Wed 01 Jul 2020 14:00:38 +0000
ROA not before:           Wed 01 Jul 2020 14:00:35 +0000
ROA not after:            Sun 01 Jul 2040 14:00:35 +0000
asID:                     0
IP address blocks:        196.251.160.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/llyMNbDxD46l29pUTykbbKkoO10.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/llyMNbDxD46l29pUTykbbKkoO10.mft
                          rsync://rpki.afrinic.net/repository/afrinic/llyMNbDxD46l29pUTykbbKkoO10.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 192 (0xc0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E3D7FAF/serialNumber=965C8C35B0F10F8EA5DBDA544F291B6CA9283B5D
        Validity
            Not Before: Jul  1 14:00:35 2020 GMT
            Not After : Jul  1 14:00:35 2040 GMT
        Subject: CN=5efc9706-9a35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a7:9f:71:c6:d6:ba:06:4f:d7:28:d8:17:23:
                    88:ca:28:c6:0c:cc:2c:e9:4c:7d:5e:ff:51:e1:df:
                    03:cf:e6:28:50:b0:48:c6:60:49:40:f1:31:d4:db:
                    6f:1d:d8:8a:7b:cf:83:8d:2c:ee:e1:84:79:39:ec:
                    e9:28:59:e2:dc:08:33:89:df:bc:63:ba:a5:ef:e0:
                    a7:1c:b9:af:76:45:ff:1e:a1:db:cc:0c:0e:47:b9:
                    0b:23:b3:20:a6:74:c2:cf:4a:a2:97:ca:93:03:20:
                    aa:2c:af:ae:90:78:4c:08:56:a3:bc:01:1b:bf:5e:
                    6a:61:5a:27:04:d4:7b:3f:f5:6b:87:56:86:de:37:
                    af:5a:71:d6:44:10:01:65:ec:b2:16:58:a1:54:7e:
                    8f:64:7b:d2:97:82:3e:28:57:53:23:57:e3:b8:6e:
                    ae:5c:fc:5e:e8:97:63:82:2e:0b:f1:fc:e6:45:fa:
                    29:2f:83:70:5c:b3:e4:0b:cc:4e:26:b7:21:e1:6e:
                    2d:b2:17:02:5d:fc:22:ac:a9:b5:6c:66:e4:3f:8d:
                    e9:14:9a:71:78:18:ec:13:17:f6:d4:70:a4:95:8c:
                    6b:c9:38:6d:64:c8:4b:ee:31:86:9e:4d:04:a8:e4:
                    02:28:df:2c:64:78:a0:00:4e:2d:95:a7:01:56:36:
                    48:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:14:14:9A:36:56:ED:21:DD:04:A0:40:87:1E:95:0C:0B:F8:19:25
            X509v3 Authority Key Identifier:
                keyid:96:5C:8C:35:B0:F1:0F:8E:A5:DB:DA:54:4F:29:1B:6C:A9:28:3B:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/llyMNbDxD46l29pUTykbbKkoO10.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/llyMNbDxD46l29pUTykbbKkoO10.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/3DB30B9ABBA311EA89315C15F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.251.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         0b:d9:e7:a7:53:7f:d5:fb:aa:4e:ed:63:1b:f4:6b:40:89:bb:
         91:5f:d3:92:cc:32:95:99:2a:d2:81:74:4e:e5:29:d3:56:a1:
         19:43:5e:bf:be:e9:2a:ea:6d:fb:14:86:bd:d4:96:ee:30:2d:
         92:58:81:20:f6:19:8e:8e:cc:da:5a:25:b3:9c:4d:72:13:3d:
         61:90:b7:c0:f7:c3:b8:83:58:97:30:fa:05:74:20:07:09:7c:
         bf:be:fc:a7:6a:53:a6:e7:c5:7d:f4:ed:02:bc:a0:91:67:e5:
         c2:5f:9e:20:59:69:31:50:2a:fb:87:ec:a2:9f:d2:4f:64:92:
         1f:83:ff:b5:64:86:db:dc:0e:e2:86:26:5c:46:4f:b7:9b:d0:
         0b:1e:47:33:31:a1:ea:1c:b9:05:90:87:f4:ed:de:e5:43:f5:
         c1:f1:e4:72:5e:4a:d9:56:ad:cf:58:29:b0:b3:69:41:4c:1b:
         e2:38:ce:9e:90:3c:a0:da:d5:f8:91:99:2e:a6:56:8e:79:33:
         8a:f4:f9:64:89:62:27:cb:8a:1a:bc:c5:56:cb:37:11:f2:d6:
         16:1f:fe:6d:6f:1b:4f:23:f8:f4:be:35:eb:1a:dd:a7:f1:6a:
         de:fb:17:d5:da:5d:52:04:cf:92:89:a4:15:b8:f4:40:18:a7:
         59:84:5d:ea
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAMAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTNEN0ZBRjExMC8GA1UEBRMoOTY1QzhDMzVCMEYxMEY4RUE1REJEQTU0NEYyOTFC
NkNBOTI4M0I1RDAeFw0yMDA3MDExNDAwMzVaFw00MDA3MDExNDAwMzVaMBgxFjAU
BgNVBAMTDTVlZmM5NzA2LTlhMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQClp59xxta6Bk/XKNgXI4jKKMYMzCzpTH1e/1Hh3wPP5ihQsEjGYElA8THU
228d2Ip7z4ONLO7hhHk57OkoWeLcCDOJ37xjuqXv4Kccua92Rf8eodvMDA5HuQsj
syCmdMLPSqKXypMDIKosr66QeEwIVqO8ARu/XmphWicE1Hs/9WuHVobeN69acdZE
EAFl7LIWWKFUfo9ke9KXgj4oV1MjV+O4bq5c/F7ol2OCLgvx/OZF+ikvg3Bcs+QL
zE4mtyHhbi2yFwJd/CKsqbVsZuQ/jekUmnF4GOwTF/bUcKSVjGvJOG1kyEvuMYae
TQSo5AIo3yxkeKAATi2VpwFWNkgdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNhQU
mjZW7SHdBKBAhx6VDAv4GSUwHwYDVR0jBBgwFoAUllyMNbDxD46l29pUTykbbKko
O10wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzRDdGL0I3MDVFQUYyNDFBNjExRUE4ODFBNjcyOEY4QUVBMjI4L2xseU1O
YkR4RDQ2bDI5cFVUeWtiYktrb08xMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2xseU1OYkR4RDQ2bDI5cFVUeWtiYktrb08xMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzRDdGL0I3MDVFQUYyNDFBNjExRUE4ODFBNjcyOEY4
QUVBMjI4LzNEQjMwQjlBQkJBMzExRUE4OTMxNUMxNUY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXE+6AwDQYJKoZIhvcNAQEL
BQADggEBAAvZ56dTf9X7qk7tYxv0a0CJu5Ff05LMMpWZKtKBdE7lKdNWoRlDXr++
6SrqbfsUhr3Ulu4wLZJYgSD2GY6OzNpaJbOcTXITPWGQt8D3w7iDWJcw+gV0IAcJ
fL++/KdqU6bnxX307QK8oJFn5cJfniBZaTFQKvuH7KKf0k9kkh+D/7VkhtvcDuKG
JlxGT7eb0AseRzMxoeocuQWQh/Tt3uVD9cHx5HJeStlWrc9YKbCzaUFMG+I4zp6Q
PKDa1fiRmS6mVo55M4r0+WSJYifLihq8xVbLNxHy1hYf/m1vG08j+PS+Nesa3afx
at77F9XaXVIEz5KJpBW49EAYp1mEXeo=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:39:23 2024 by rpki-client on console-fra.rpki-client.org