Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/B40E678241A811EAA7C5E729F8AEA228.roa
File:                     B40E678241A811EAA7C5E729F8AEA228.roa (raw, json)
Hash identifier:          XAPOYmRjaK2w2T04vQDdp2fxUIdT3IVwudZSh0yQ+tE=
Subject key identifier:   5E:39:DF:AA:15:3A:46:E4:F6:71:70:E0:A4:16:B5:7A:15:E2:73:79
Certificate issuer:       /CN=F36E3D7FAF/serialNumber=965C8C35B0F10F8EA5DBDA544F291B6CA9283B5D
Certificate serial:       04
Authority key identifier: 96:5C:8C:35:B0:F1:0F:8E:A5:DB:DA:54:4F:29:1B:6C:A9:28:3B:5D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/llyMNbDxD46l29pUTykbbKkoO10.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/B40E678241A811EAA7C5E729F8AEA228.roa
Signing time:             Tue 28 Jan 2020 08:32:23 +0000
ROA not before:           Tue 28 Jan 2020 08:32:16 +0000
ROA not after:            Thu 31 Jan 2030 08:32:16 +0000
asID:                     3491
IP address blocks:        41.221.208.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/llyMNbDxD46l29pUTykbbKkoO10.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/llyMNbDxD46l29pUTykbbKkoO10.mft
                          rsync://rpki.afrinic.net/repository/afrinic/llyMNbDxD46l29pUTykbbKkoO10.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E3D7FAF/serialNumber=965C8C35B0F10F8EA5DBDA544F291B6CA9283B5D
        Validity
            Not Before: Jan 28 08:32:16 2020 GMT
            Not After : Jan 31 08:32:16 2030 GMT
        Subject: CN=5e2ff196-adb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:00:a4:74:5a:af:d4:6a:86:7d:2e:e8:46:fd:
                    72:d4:de:9c:08:f4:fd:2c:7c:85:ca:93:2b:d7:4c:
                    e1:f6:4e:f6:2e:8b:fe:0c:aa:4a:58:e7:53:ba:7b:
                    b2:b1:4f:4f:d3:1e:38:75:50:b4:b0:b9:83:f6:1f:
                    36:83:67:57:e5:f9:ae:58:ac:9a:c7:1f:84:b7:2c:
                    fd:b2:2b:06:8f:47:0a:9f:4c:59:2c:b6:91:84:e3:
                    10:aa:58:a1:7b:0d:ac:70:d7:c5:06:13:59:af:ab:
                    6f:46:0b:b8:22:3b:a8:ab:8e:46:95:cf:b3:8a:b8:
                    16:7c:4b:4d:57:56:b7:ad:3c:de:7d:30:01:e1:73:
                    a1:4f:47:60:da:89:f4:28:20:c5:be:dc:c1:51:c1:
                    d9:94:2d:45:1f:b5:cd:e3:86:77:e4:20:cd:a3:99:
                    7a:94:99:39:2e:2c:46:52:6e:c5:8e:57:9f:c3:fb:
                    14:67:73:fa:cd:03:39:42:cc:8e:ef:f0:3a:f2:5c:
                    59:77:b4:ac:42:0a:df:76:a3:7a:12:c0:79:4d:b6:
                    b4:fa:6d:50:69:a8:9e:33:f0:34:f9:4b:82:07:8a:
                    ba:70:15:f1:d2:a5:67:57:95:bd:5d:98:dc:65:26:
                    43:79:f3:e3:30:1a:29:39:d0:2c:fc:80:3f:7b:0d:
                    ce:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:39:DF:AA:15:3A:46:E4:F6:71:70:E0:A4:16:B5:7A:15:E2:73:79
            X509v3 Authority Key Identifier:
                keyid:96:5C:8C:35:B0:F1:0F:8E:A5:DB:DA:54:4F:29:1B:6C:A9:28:3B:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/llyMNbDxD46l29pUTykbbKkoO10.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/llyMNbDxD46l29pUTykbbKkoO10.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/B40E678241A811EAA7C5E729F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.221.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         98:59:9a:79:00:3d:97:6a:d1:5f:9d:b1:0e:e0:10:f5:8a:34:
         df:b1:6c:6a:32:2f:53:25:b2:1e:f1:57:e6:8e:42:d2:5b:bb:
         34:20:dd:03:fc:09:a4:29:01:de:1e:55:24:d4:0f:7c:2f:b3:
         30:64:df:e5:1e:1f:e8:55:51:2c:50:51:90:f3:0a:24:92:76:
         4c:00:3e:fb:d6:1e:3c:9d:3f:0d:c4:b9:84:aa:16:5e:65:0e:
         87:95:12:d8:0b:e0:40:c1:3e:47:87:99:13:8f:fe:00:f5:e1:
         26:52:4f:d7:3d:91:f5:84:43:11:df:84:a6:bf:37:98:70:82:
         e2:40:d0:58:45:41:db:d5:d5:24:d3:17:3b:c5:3b:d2:72:cd:
         b1:43:b9:5a:9c:31:b2:91:5c:a7:73:0c:82:9a:5d:86:c8:50:
         86:b4:83:c5:ef:90:fb:1a:81:db:98:a7:e5:d9:d4:b7:ff:81:
         86:2b:a8:08:da:12:f1:31:d2:1f:d8:c6:5d:03:47:fa:0d:db:
         28:bc:c7:52:43:51:55:13:d1:0f:d7:77:4b:49:2b:66:ba:31:
         5b:ec:03:f7:90:cb:45:d2:7a:93:77:06:95:59:7c:5d:c8:82:
         04:c5:10:cb:c5:e4:a9:0b:b0:91:0a:bd:66:25:1d:36:82:11:
         37:92:da:7d
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
M0Q3RkFGMTEwLwYDVQQFEyg5NjVDOEMzNUIwRjEwRjhFQTVEQkRBNTQ0RjI5MUI2
Q0E5MjgzQjVEMB4XDTIwMDEyODA4MzIxNloXDTMwMDEzMTA4MzIxNlowGDEWMBQG
A1UEAxMNNWUyZmYxOTYtYWRiNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIApHRar9Rqhn0u6Eb9ctTenAj0/Sx8hcqTK9dM4fZO9i6L/gyqSljnU7p7
srFPT9MeOHVQtLC5g/YfNoNnV+X5rlismscfhLcs/bIrBo9HCp9MWSy2kYTjEKpY
oXsNrHDXxQYTWa+rb0YLuCI7qKuORpXPs4q4FnxLTVdWt6083n0wAeFzoU9HYNqJ
9Cggxb7cwVHB2ZQtRR+1zeOGd+QgzaOZepSZOS4sRlJuxY5Xn8P7FGdz+s0DOULM
ju/wOvJcWXe0rEIK33ajehLAeU22tPptUGmonjPwNPlLggeKunAV8dKlZ1eVvV2Y
3GUmQ3nz4zAaKTnQLPyAP3sNzl0CAwEAAaOCAm4wggJqMB0GA1UdDgQWBBReOd+q
FTpG5PZxcOCkFrV6FeJzeTAfBgNVHSMEGDAWgBSWXIw1sPEPjqXb2lRPKRtsqSg7
XTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTNEN0YvQjcwNUVBRjI0MUE2MTFFQTg4MUE2NzI4RjhBRUEyMjgvbGx5TU5i
RHhENDZsMjlwVVR5a2JiS2tvTzEwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbGx5TU5iRHhENDZsMjlwVVR5a2JiS2tvTzEwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTNEN0YvQjcwNUVBRjI0MUE2MTFFQTg4MUE2NzI4RjhB
RUEyMjgvQjQwRTY3ODI0MUE4MTFFQUE3QzVFNzI5RjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEKd3QMA0GCSqGSIb3DQEBCwUAA4IBAQCY
WZp5AD2XatFfnbEO4BD1ijTfsWxqMi9TJbIe8VfmjkLSW7s0IN0D/AmkKQHeHlUk
1A98L7MwZN/lHh/oVVEsUFGQ8wokknZMAD771h48nT8NxLmEqhZeZQ6HlRLYC+BA
wT5Hh5kTj/4A9eEmUk/XPZH1hEMR34SmvzeYcILiQNBYRUHb1dUk0xc7xTvScs2x
Q7lanDGykVyncwyCml2GyFCGtIPF75D7GoHbmKfl2dS3/4GGK6gI2hLxMdIf2MZd
A0f6DdsovMdSQ1FVE9EP13dLSStmujFb7AP3kMtF0nqTdwaVWXxdyIIExRDLxeSp
C7CRCr1mJR02ghE3ktp9
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:19 2024 by rpki-client on console-fra.rpki-client.org