Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620ACF/925E2BE6586D11E5AEB55C2FF8AEA228/AA3A8B5E155611ECB70DA62FD8A014CE.roa
File:                     AA3A8B5E155611ECB70DA62FD8A014CE.roa (raw, json)
Hash identifier:          oylej++hlt4CSGV5/IZZeR0C3dM4otrHkh7MutLV9Go=
Subject key identifier:   18:FA:99:29:BE:76:F8:7A:BA:F2:8E:91:82:0C:B9:5E:F8:15:9F:33
Certificate issuer:       /CN=F3620ACFAF/serialNumber=882629895D8DB57B2541EA48FA1126325E29020B
Certificate serial:       08DC
Authority key identifier: 88:26:29:89:5D:8D:B5:7B:25:41:EA:48:FA:11:26:32:5E:29:02:0B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/iCYpiV2NtXslQepI-hEmMl4pAgs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/925E2BE6586D11E5AEB55C2FF8AEA228/AA3A8B5E155611ECB70DA62FD8A014CE.roa
Signing time:             Tue 14 Sep 2021 12:24:11 +0000
ROA not before:           Tue 14 Sep 2021 12:24:07 +0000
ROA not after:            Wed 30 Apr 2031 12:24:07 +0000
asID:                     327750
IP address blocks:        2c0f:f368::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/925E2BE6586D11E5AEB55C2FF8AEA228/iCYpiV2NtXslQepI-hEmMl4pAgs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/925E2BE6586D11E5AEB55C2FF8AEA228/iCYpiV2NtXslQepI-hEmMl4pAgs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/iCYpiV2NtXslQepI-hEmMl4pAgs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2268 (0x8dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3620ACFAF/serialNumber=882629895D8DB57B2541EA48FA1126325E29020B
        Validity
            Not Before: Sep 14 12:24:07 2021 GMT
            Not After : Apr 30 12:24:07 2031 GMT
        Subject: CN=6140946b-de65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:1a:b6:40:d8:85:72:1b:9d:31:58:ac:c0:b4:
                    22:b9:be:37:ca:c4:0f:b0:39:69:7d:23:4f:97:df:
                    6b:59:ad:aa:f0:aa:f5:92:b1:27:75:88:27:6b:a0:
                    16:2c:63:a9:06:93:e4:63:e4:90:09:34:35:0d:b2:
                    c9:e0:c8:8b:de:3b:8a:61:b0:a1:29:d2:47:8b:29:
                    c6:9d:1b:e9:5e:bb:3d:5f:a0:bb:f8:fb:f7:78:c3:
                    9c:49:46:53:be:36:91:98:06:4e:b1:3a:51:bc:1c:
                    45:f4:dc:2e:b1:a6:99:f5:ab:a0:8f:7c:cb:79:a9:
                    cf:6f:f9:a9:8c:cf:e8:43:a7:47:4f:ca:93:55:f0:
                    bd:f6:94:66:b4:46:a6:c2:ed:54:70:b4:30:43:e5:
                    ce:d7:ef:d2:25:b7:92:e4:0e:4b:96:83:83:c4:12:
                    da:42:79:69:01:ef:29:a7:70:4e:21:b7:48:b3:cc:
                    2f:53:7a:28:ca:56:d7:11:88:37:e5:34:8e:d4:37:
                    4a:cf:9f:03:03:2a:14:b6:12:c7:79:cb:81:0c:9e:
                    c1:5f:6f:e6:b1:4f:cb:76:16:6c:4c:f6:95:43:1a:
                    42:90:16:55:30:58:44:7c:42:53:04:18:42:90:0b:
                    39:6b:9f:56:71:bc:b0:28:64:63:0d:6e:b6:d6:2f:
                    f0:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:FA:99:29:BE:76:F8:7A:BA:F2:8E:91:82:0C:B9:5E:F8:15:9F:33
            X509v3 Authority Key Identifier:
                keyid:88:26:29:89:5D:8D:B5:7B:25:41:EA:48:FA:11:26:32:5E:29:02:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/925E2BE6586D11E5AEB55C2FF8AEA228/iCYpiV2NtXslQepI-hEmMl4pAgs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/iCYpiV2NtXslQepI-hEmMl4pAgs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/925E2BE6586D11E5AEB55C2FF8AEA228/AA3A8B5E155611ECB70DA62FD8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f368::/32

    Signature Algorithm: sha256WithRSAEncryption
         60:ba:7d:5e:03:29:29:20:e9:0e:75:28:69:ca:79:e2:0c:fe:
         aa:01:c8:b4:10:07:8e:68:52:fb:2f:11:c5:54:62:df:54:49:
         a7:00:d9:28:3c:f5:09:8d:97:10:02:fb:9a:96:59:18:ee:6f:
         0a:9c:c6:c1:52:9b:53:9f:de:77:5f:b0:44:61:84:b8:11:3d:
         05:29:62:1d:1a:48:4b:90:11:63:00:c9:d7:3d:ac:ae:c5:cf:
         f3:bf:03:a5:9f:36:c4:49:02:3d:49:52:e9:c9:c8:01:f4:3a:
         4e:d6:e0:d0:27:52:74:3d:f5:ea:31:41:aa:da:78:eb:45:0d:
         40:6c:d7:69:6a:24:5a:e1:74:3b:fc:10:1c:f6:83:ec:bf:98:
         0f:de:ce:9e:12:0d:93:e7:07:8e:0a:9b:ac:8e:e0:e1:96:1a:
         14:b9:e3:33:59:4d:12:e9:0f:48:ce:2b:cf:95:bc:ee:c8:9a:
         b4:92:5b:02:ea:79:9a:be:fc:f1:54:7c:10:1b:74:c3:7e:61:
         da:7b:28:f2:fc:9a:0f:72:b5:15:74:bb:f3:c9:d4:44:2e:fb:
         02:08:96:b1:ef:a0:d8:dd:29:cb:13:c2:df:4a:af:62:87:9a:
         8c:80:c7:32:1d:39:5c:5b:6f:14:df:91:09:3d:a7:ed:b9:d3:
         df:ab:d1:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCNwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjBBQ0ZBRjExMC8GA1UEBRMoODgyNjI5ODk1RDhEQjU3QjI1NDFFQTQ4RkExMTI2
MzI1RTI5MDIwQjAeFw0yMTA5MTQxMjI0MDdaFw0zMTA0MzAxMjI0MDdaMBgxFjAU
BgNVBAMMDTYxNDA5NDZiLWRlNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDXGrZA2IVyG50xWKzAtCK5vjfKxA+wOWl9I0+X32tZrarwqvWSsSd1iCdr
oBYsY6kGk+Rj5JAJNDUNssngyIveO4phsKEp0keLKcadG+leuz1foLv4+/d4w5xJ
RlO+NpGYBk6xOlG8HEX03C6xppn1q6CPfMt5qc9v+amMz+hDp0dPypNV8L32lGa0
RqbC7VRwtDBD5c7X79Ilt5LkDkuWg4PEEtpCeWkB7ymncE4ht0izzC9TeijKVtcR
iDflNI7UN0rPnwMDKhS2Esd5y4EMnsFfb+axT8t2FmxM9pVDGkKQFlUwWER8QlME
GEKQCzlrn1ZxvLAoZGMNbrbWL/AjAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUGPqZ
Kb52+Hq68o6Rggy5XvgVnzMwHwYDVR0jBBgwFoAUiCYpiV2NtXslQepI+hEmMl4p
AgswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjIwQUNGLzkyNUUyQkU2NTg2RDExRTVBRUI1NUMyRkY4QUVBMjI4L2lDWXBp
VjJOdFhzbFFlcEktaEVtTWw0cEFncy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2lDWXBpVjJOdFhzbFFlcEktaEVtTWw0cEFncy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjIwQUNGLzkyNUUyQkU2NTg2RDExRTVBRUI1NUMyRkY4
QUVBMjI4L0FBM0E4QjVFMTU1NjExRUNCNzBEQTYyRkQ4QTAxNENFLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/NoMA0GCSqGSIb3DQEB
CwUAA4IBAQBgun1eAykpIOkOdShpynniDP6qAci0EAeOaFL7LxHFVGLfVEmnANko
PPUJjZcQAvuallkY7m8KnMbBUptTn953X7BEYYS4ET0FKWIdGkhLkBFjAMnXPayu
xc/zvwOlnzbESQI9SVLpycgB9DpO1uDQJ1J0PfXqMUGq2njrRQ1AbNdpaiRa4XQ7
/BAc9oPsv5gP3s6eEg2T5weOCpusjuDhlhoUueMzWU0S6Q9IzivPlbzuyJq0klsC
6nmavvzxVHwQG3TDfmHaeyjy/JoPcrUVdLvzydRELvsCCJax76DY3SnLE8LfSq9i
h5qMgMcyHTlcW28U35EJPaftudPfq9HL
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:51 2024 by rpki-client on console-fra.rpki-client.org