Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F0163/885DC644FC9A11E98179B23DF8AEA228/BF97D40AFC9B11E9A8F7AE3EF8AEA228.roa
File:                     BF97D40AFC9B11E9A8F7AE3EF8AEA228.roa (raw, json)
Hash identifier:          G9n58toWNUqMDu66699/GW70sTU/7pnUIRdVDqWMeDQ=
Subject key identifier:   58:21:C0:2A:F6:BA:1E:3B:F0:A7:1C:25:DE:BA:50:4B:CD:05:07:73
Certificate issuer:       /CN=F36F0163AF/serialNumber=39D030AE0AFAC6912B0B133FF7A342F784D0EA8C
Certificate serial:       02
Authority key identifier: 39:D0:30:AE:0A:FA:C6:91:2B:0B:13:3F:F7:A3:42:F7:84:D0:EA:8C
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/OdAwrgr6xpErCxM_96NC94TQ6ow.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F0163/885DC644FC9A11E98179B23DF8AEA228/BF97D40AFC9B11E9A8F7AE3EF8AEA228.roa
Signing time:             Fri 01 Nov 2019 11:35:48 +0000
ROA not before:           Fri 01 Nov 2019 11:35:41 +0000
ROA not after:            Thu 01 Nov 2029 11:35:41 +0000
asID:                     37682
IP address blocks:        2c0f:eac0:800::/37 maxlen: 37

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F0163/885DC644FC9A11E98179B23DF8AEA228/OdAwrgr6xpErCxM_96NC94TQ6ow.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F0163/885DC644FC9A11E98179B23DF8AEA228/OdAwrgr6xpErCxM_96NC94TQ6ow.mft
                          rsync://rpki.afrinic.net/repository/afrinic/OdAwrgr6xpErCxM_96NC94TQ6ow.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F0163AF/serialNumber=39D030AE0AFAC6912B0B133FF7A342F784D0EA8C
        Validity
            Not Before: Nov  1 11:35:41 2019 GMT
            Not After : Nov  1 11:35:41 2029 GMT
        Subject: CN=5dbc1894-cce3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:40:0f:a2:bd:07:a4:45:02:e3:b2:73:f3:61:
                    66:e5:c2:e7:21:db:0c:ab:39:c5:87:b9:6e:3d:0a:
                    d4:68:3c:69:3d:97:1e:14:1f:f6:d0:97:f8:76:80:
                    fa:ac:fe:ef:4d:1c:20:e5:17:4c:cc:b0:8b:45:67:
                    76:2a:7d:20:a8:d0:52:0a:04:71:75:9e:a5:fd:14:
                    44:51:91:57:56:0e:4d:9b:ca:21:d3:14:72:f5:46:
                    b0:1e:60:b1:ff:16:d7:92:51:9d:e7:58:05:81:4e:
                    a6:ad:c9:5c:11:9b:7e:ec:ea:75:da:a5:9b:b2:84:
                    ad:f7:56:58:2c:37:f1:35:69:94:89:a2:8a:f6:f9:
                    f2:4e:da:70:25:7b:6e:97:99:50:d9:c7:46:2f:0f:
                    b5:18:73:b9:c0:76:18:04:92:54:cb:b6:62:9a:51:
                    2d:5c:0a:a1:d2:6a:f1:e5:11:ec:f9:a5:c5:d1:bb:
                    83:6e:a1:8a:85:59:e8:99:f9:c1:ec:c4:af:3c:f5:
                    63:e0:5a:62:0a:5a:b8:73:b8:5c:a1:36:6a:c6:5c:
                    41:09:a8:a6:c9:dd:4b:da:75:7d:df:c5:3b:68:32:
                    5b:93:0e:2a:3e:33:1f:ef:54:b9:78:f7:ff:88:92:
                    84:0d:c4:48:32:47:33:2b:19:79:89:82:fa:6b:f6:
                    0e:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:21:C0:2A:F6:BA:1E:3B:F0:A7:1C:25:DE:BA:50:4B:CD:05:07:73
            X509v3 Authority Key Identifier:
                keyid:39:D0:30:AE:0A:FA:C6:91:2B:0B:13:3F:F7:A3:42:F7:84:D0:EA:8C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0163/885DC644FC9A11E98179B23DF8AEA228/OdAwrgr6xpErCxM_96NC94TQ6ow.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OdAwrgr6xpErCxM_96NC94TQ6ow.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0163/885DC644FC9A11E98179B23DF8AEA228/BF97D40AFC9B11E9A8F7AE3EF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:eac0:800::/37

    Signature Algorithm: sha256WithRSAEncryption
         83:42:8d:9d:87:d2:6b:b3:e7:11:fa:2f:b3:2c:22:69:77:12:
         cb:09:58:45:ee:28:64:06:e0:29:2e:fa:c8:9d:84:84:d6:56:
         e0:04:3a:4a:15:f5:45:90:50:c9:a5:b1:7a:25:bf:e5:85:09:
         d4:9c:27:65:17:05:d1:23:4d:93:3b:3b:b4:1b:f3:0c:b4:70:
         4d:a2:cf:e8:fc:3e:23:8b:71:ea:6a:d3:b8:d5:19:d5:36:52:
         1b:2a:de:b0:ba:0e:3a:56:57:7b:74:36:6a:bc:a8:6b:24:86:
         a3:7f:d8:33:1c:04:4b:16:75:14:5d:8b:05:a9:21:bb:f0:9a:
         b6:2c:84:90:32:e3:91:1b:b3:a6:00:8a:39:0d:de:19:82:09:
         17:c8:6e:08:0a:07:7a:88:3d:b6:f4:aa:20:c6:e1:14:17:5f:
         07:2b:46:ca:a6:89:cf:b8:75:43:3f:24:65:1e:b3:8b:9f:90:
         33:f0:59:4f:ce:c8:62:cd:9a:b2:a8:0d:4d:2a:90:b0:82:d5:
         c1:50:e7:fd:81:0a:10:d0:64:02:a0:ad:dd:ee:f5:f5:32:e9:
         3d:7f:af:c5:4f:2b:30:62:2a:21:86:ba:69:0f:9b:20:ce:70:
         f1:1f:cf:ab:7e:ef:98:31:62:d7:c6:61:48:f8:d8:d8:9c:40:
         82:c2:57:7d
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
MDE2M0FGMTEwLwYDVQQFEygzOUQwMzBBRTBBRkFDNjkxMkIwQjEzM0ZGN0EzNDJG
Nzg0RDBFQThDMB4XDTE5MTEwMTExMzU0MVoXDTI5MTEwMTExMzU0MVowGDEWMBQG
A1UEAxMNNWRiYzE4OTQtY2NlMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdAD6K9B6RFAuOyc/NhZuXC5yHbDKs5xYe5bj0K1Gg8aT2XHhQf9tCX+HaA
+qz+700cIOUXTMywi0Vndip9IKjQUgoEcXWepf0URFGRV1YOTZvKIdMUcvVGsB5g
sf8W15JRnedYBYFOpq3JXBGbfuzqddqlm7KErfdWWCw38TVplImiivb58k7acCV7
bpeZUNnHRi8PtRhzucB2GASSVMu2YppRLVwKodJq8eUR7PmlxdG7g26hioVZ6Jn5
wezErzz1Y+BaYgpauHO4XKE2asZcQQmopsndS9p1fd/FO2gyW5MOKj4zH+9UuXj3
/4iShA3ESDJHMysZeYmC+mv2DmMCAwEAAaOCAnAwggJsMB0GA1UdDgQWBBRYIcAq
9roeO/CnHCXeulBLzQUHczAfBgNVHSMEGDAWgBQ50DCuCvrGkSsLEz/3o0L3hNDq
jDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjAxNjMvODg1REM2NDRGQzlBMTFFOTgxNzlCMjNERjhBRUEyMjgvT2RBd3Jn
cjZ4cEVyQ3hNXzk2TkM5NFRRNm93LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT2RBd3JncjZ4cEVyQ3hNXzk2TkM5NFRRNm93LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjAxNjMvODg1REM2NDRGQzlBMTFFOTgxNzlCMjNERjhB
RUEyMjgvQkY5N0Q0MEFGQzlCMTFFOUE4RjdBRTNFRjhBRUEyMjgucm9hMCEGCCsG
AQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYDLA/qwAgwDQYJKoZIhvcNAQELBQADggEB
AINCjZ2H0muz5xH6L7MsIml3EssJWEXuKGQG4Cku+sidhITWVuAEOkoV9UWQUMml
sXolv+WFCdScJ2UXBdEjTZM7O7Qb8wy0cE2iz+j8PiOLcepq07jVGdU2Uhsq3rC6
DjpWV3t0Nmq8qGskhqN/2DMcBEsWdRRdiwWpIbvwmrYshJAy45Ebs6YAijkN3hmC
CRfIbggKB3qIPbb0qiDG4RQXXwcrRsqmic+4dUM/JGUes4ufkDPwWU/OyGLNmrKo
DU0qkLCC1cFQ5/2BChDQZAKgrd3u9fUy6T1/r8VPKzBiKiGGumkPmyDOcPEfz6t+
75gxYtfGYUj42NicQILCV30=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:00:16 2024 by rpki-client on console-fra.rpki-client.org