Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/7B3DF01C8F6F11E9B8F82D5FF8AEA228.roa
File:                     7B3DF01C8F6F11E9B8F82D5FF8AEA228.roa (raw, json)
Hash identifier:          nFOWMxTM8t65qguasjyQKc77AeNcYXGCBaZB7vYGI0Q=
Subject key identifier:   10:28:7C:6E:C8:B8:58:31:B2:C3:AD:93:8E:C0:82:84:34:10:7C:76
Certificate issuer:       /CN=F36FEA6BAF/serialNumber=93C2C99AF0EC4D1A4643497F5F8CBDC7EC45748F
Certificate serial:       0A
Authority key identifier: 93:C2:C9:9A:F0:EC:4D:1A:46:43:49:7F:5F:8C:BD:C7:EC:45:74:8F
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/7B3DF01C8F6F11E9B8F82D5FF8AEA228.roa
Signing time:             Sat 15 Jun 2019 13:14:19 +0000
ROA not before:           Sat 15 Jun 2019 13:14:13 +0000
ROA not after:            Tue 12 Jun 2029 13:14:13 +0000
asID:                     327844
IP address blocks:        196.49.5.0/24 maxlen: 32
                          2001:43f8:1::/48 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10 (0xa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FEA6BAF/serialNumber=93C2C99AF0EC4D1A4643497F5F8CBDC7EC45748F
        Validity
            Not Before: Jun 15 13:14:13 2019 GMT
            Not After : Jun 12 13:14:13 2029 GMT
        Subject: CN=5d04ef2a-daae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:80:8a:16:73:03:5e:28:9b:2e:6f:b3:2b:37:
                    6b:8b:4b:e9:a8:9f:ac:eb:fd:03:71:75:d6:f0:cd:
                    f4:9a:31:21:43:c4:88:03:ff:97:98:02:8a:c6:c4:
                    1f:de:74:41:39:db:a6:84:c5:5b:08:09:98:ba:ad:
                    70:d4:81:e8:b1:79:3a:bb:c4:10:fe:4a:c4:af:d6:
                    3b:4a:4a:c7:d7:8b:79:fd:19:32:1f:06:68:04:32:
                    f2:85:e3:32:45:fc:58:a2:27:36:54:16:16:98:6e:
                    80:d6:84:b6:5f:31:c9:73:e6:62:2b:c4:44:ed:02:
                    8e:9e:54:32:cc:07:16:a2:b7:12:23:b6:19:43:18:
                    0e:ce:46:3c:c3:93:05:e9:4e:e4:3a:97:24:8b:b4:
                    4d:60:1b:de:bc:37:76:d4:86:02:ea:b5:27:4e:20:
                    dc:a9:b4:dc:5d:a7:d5:76:4e:fc:dd:f6:c2:e3:b7:
                    6d:ef:38:9a:c4:99:36:31:0f:55:e9:71:ad:02:ce:
                    8f:c5:b2:5b:65:51:43:2b:90:47:67:65:ec:55:66:
                    15:1f:5f:78:9b:5f:52:b5:a9:6e:aa:36:54:03:f9:
                    a0:92:00:df:b1:db:80:2f:8c:e2:e0:09:99:3b:8d:
                    6d:a9:53:ed:64:f1:d5:70:2f:b9:9e:57:02:50:f2:
                    e3:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:28:7C:6E:C8:B8:58:31:B2:C3:AD:93:8E:C0:82:84:34:10:7C:76
            X509v3 Authority Key Identifier:
                keyid:93:C2:C9:9A:F0:EC:4D:1A:46:43:49:7F:5F:8C:BD:C7:EC:45:74:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/k8LJmvDsTRpGQ0l_X4y9x-xFdI8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FEA6B/7B27920E8B8211E9888B6F73F8AEA228/7B3DF01C8F6F11E9B8F82D5FF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.49.5.0/24
                IPv6:
                  2001:43f8:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:0e:84:4c:d9:6b:cb:b2:f6:df:91:62:b7:59:01:2d:00:bd:
         05:ca:83:32:cf:31:e0:4f:3f:f4:63:5b:31:f7:ac:02:17:9d:
         c6:b2:30:76:6f:0a:e7:32:2b:8d:1e:34:3d:c3:2c:ec:3a:28:
         cc:cb:63:0f:8c:95:11:45:8a:4b:9f:93:92:4c:fa:69:8b:32:
         9d:d3:08:74:22:fc:a7:1d:8d:8f:41:b1:c8:cf:eb:bd:cb:99:
         68:c6:41:73:0f:ec:f9:59:4c:a3:51:be:bf:97:6d:fa:bf:51:
         76:8c:5d:fc:bd:04:29:aa:b8:10:87:60:5e:9e:2f:1e:97:01:
         ad:57:c1:7a:cd:0b:62:c9:d0:c2:4e:da:e2:e1:92:12:5b:e1:
         65:d5:4c:55:b5:e0:0a:49:d5:ed:b3:9b:57:b8:0f:a6:ea:0f:
         19:64:61:0a:00:d5:93:f8:f2:6e:8c:44:99:1f:95:df:34:df:
         9b:b6:3a:bf:ca:a9:17:c0:5a:ba:18:fd:4c:6f:cf:20:c7:f5:
         a2:80:a5:79:44:3d:1c:16:55:d1:9a:a4:08:1a:29:78:95:6e:
         ac:84:d9:2c:67:c1:0f:68:25:79:65:91:b8:8d:9c:8d:7a:08:
         41:36:e9:23:47:d2:cb:ea:98:1b:ba:06:20:6d:58:a9:b6:f8:
         a5:82:71:8a
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
RUE2QkFGMTEwLwYDVQQFEyg5M0MyQzk5QUYwRUM0RDFBNDY0MzQ5N0Y1RjhDQkRD
N0VDNDU3NDhGMB4XDTE5MDYxNTEzMTQxM1oXDTI5MDYxMjEzMTQxM1owGDEWMBQG
A1UEAxMNNWQwNGVmMmEtZGFhZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKAihZzA14omy5vsys3a4tL6aifrOv9A3F11vDN9JoxIUPEiAP/l5gCisbE
H950QTnbpoTFWwgJmLqtcNSB6LF5OrvEEP5KxK/WO0pKx9eLef0ZMh8GaAQy8oXj
MkX8WKInNlQWFphugNaEtl8xyXPmYivERO0Cjp5UMswHFqK3EiO2GUMYDs5GPMOT
BelO5DqXJIu0TWAb3rw3dtSGAuq1J04g3Km03F2n1XZO/N32wuO3be84msSZNjEP
VelxrQLOj8WyW2VRQyuQR2dl7FVmFR9feJtfUrWpbqo2VAP5oJIA37HbgC+M4uAJ
mTuNbalT7WTx1XAvuZ5XAlDy4/8CAwEAAaOCAn8wggJ7MB0GA1UdDgQWBBQQKHxu
yLhYMbLDrZOOwIKENBB8djAfBgNVHSMEGDAWgBSTwsma8OxNGkZDSX9fjL3H7EV0
jzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkVBNkIvN0IyNzkyMEU4QjgyMTFFOTg4OEI2RjczRjhBRUEyMjgvazhMSm12
RHNUUnBHUTBsX1g0eTl4LXhGZEk4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvazhMSm12RHNUUnBHUTBsX1g0eTl4LXhGZEk4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkVBNkIvN0IyNzkyMEU4QjgyMTFFOTg4OEI2RjczRjhB
RUEyMjgvN0IzREYwMUM4RjZGMTFFOUI4RjgyRDVGRjhBRUEyMjgucm9hMDAGCCsG
AQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAxDEFMA8EAgACMAkDBwAgAUP4AAEwDQYJ
KoZIhvcNAQELBQADggEBADcOhEzZa8uy9t+RYrdZAS0AvQXKgzLPMeBPP/RjWzH3
rAIXncayMHZvCucyK40eND3DLOw6KMzLYw+MlRFFikufk5JM+mmLMp3TCHQi/Kcd
jY9BscjP673LmWjGQXMP7PlZTKNRvr+Xbfq/UXaMXfy9BCmquBCHYF6eLx6XAa1X
wXrNC2LJ0MJO2uLhkhJb4WXVTFW14ApJ1e2zm1e4D6bqDxlkYQoA1ZP48m6MRJkf
ld8035u2Or/KqRfAWroY/UxvzyDH9aKApXlEPRwWVdGapAgaKXiVbqyE2SxnwQ9o
JXllkbiNnI16CEE26SNH0svqmBu6BiBtWKm2+KWCcYo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:34 2024 by rpki-client on console-ams.rpki-client.org