Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/48AE64E45D0411EEABE47A5F4AD9E6FC.roa
File:                     48AE64E45D0411EEABE47A5F4AD9E6FC.roa (raw, json)
Hash identifier:          NlN5GuQ4P+VJ7e0Fy7dfihYVptHxpkRN+RO9eJe+tjA=
Subject key identifier:   AC:0C:83:5A:40:E2:D6:89:F6:89:F0:3F:23:F2:D9:FA:33:A1:FC:11
Certificate issuer:       /CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
Certificate serial:       0345
Authority key identifier: 1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/48AE64E45D0411EEABE47A5F4AD9E6FC.roa
Signing time:             Wed 27 Sep 2023 07:05:47 +0000
ROA not before:           Wed 27 Sep 2023 07:05:44 +0000
ROA not after:            Tue 30 Sep 2025 07:05:44 +0000
asID:                     328327
IP address blocks:        2c0f:c00:4000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 837 (0x345)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
        Validity
            Not Before: Sep 27 07:05:44 2023 GMT
            Not After : Sep 30 07:05:44 2025 GMT
        Subject: CN=6513d44b-4ac3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d8:b4:cf:22:07:4b:e6:67:67:d6:8d:e8:f9:
                    a8:6c:e5:58:55:2f:06:8b:85:b0:b6:15:c9:63:4e:
                    2c:34:9d:37:58:b5:21:d1:d3:64:0e:aa:fd:44:6a:
                    64:71:cf:a9:55:b4:bf:47:07:ff:a8:56:77:03:20:
                    29:fe:c6:e6:0d:6d:fb:1f:5b:b6:3a:d2:9e:f9:f3:
                    a3:56:b2:8c:72:6b:9f:0c:fd:a9:17:f8:bc:9e:a5:
                    35:2c:9c:53:16:fe:3a:48:be:e1:9c:6a:cc:f6:a3:
                    75:c4:ea:30:b4:9a:f3:87:93:d2:cd:52:39:64:3d:
                    2c:92:a5:eb:e0:39:d1:8a:94:ed:b7:f7:86:a5:44:
                    68:cd:13:c8:be:76:a0:29:42:e1:e7:d7:1a:db:05:
                    ca:cb:52:db:5d:24:2b:85:88:51:55:4c:be:d7:15:
                    7a:32:ea:67:09:70:8f:6b:9f:9f:5e:be:32:4a:a7:
                    a2:6f:3d:54:76:bf:e8:50:59:6a:82:1c:4e:92:80:
                    26:4d:ed:96:cc:c6:2c:d5:2f:97:be:a1:62:9f:6a:
                    b9:5f:eb:b0:77:c2:7c:e2:93:9a:c4:70:8f:33:9d:
                    f6:9b:5c:90:df:46:58:ab:77:fe:1b:27:8f:93:8c:
                    fb:0b:73:07:7c:5d:43:f0:f3:55:83:e8:36:1b:6b:
                    d9:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:0C:83:5A:40:E2:D6:89:F6:89:F0:3F:23:F2:D9:FA:33:A1:FC:11
            X509v3 Authority Key Identifier:
                keyid:1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/48AE64E45D0411EEABE47A5F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:c00:4000::/48

    Signature Algorithm: sha256WithRSAEncryption
         41:2a:31:f2:bc:f5:e8:fd:3f:85:31:4d:9e:2a:0e:41:2d:0d:
         97:77:ea:c6:ef:ef:88:2a:9b:80:5e:92:40:7b:af:0c:35:05:
         40:30:32:5b:29:7d:66:2a:29:8c:f3:da:6d:7f:3a:5f:43:a7:
         ec:c3:d2:2f:39:78:77:4d:70:1a:7d:a8:a1:2e:a7:db:cb:7b:
         b6:6c:7a:c0:28:34:2b:d9:19:3a:35:e6:b4:bd:44:38:d0:83:
         74:23:c9:80:29:bb:2b:9b:1b:0c:3f:ae:de:c9:93:76:c6:07:
         ad:25:16:f1:ad:b7:18:f6:f8:94:64:84:ba:be:3b:02:b4:74:
         a3:ef:f8:8d:4e:8b:10:5d:52:97:54:dd:02:63:1b:9d:df:21:
         da:c9:7c:47:41:48:ce:b4:eb:f3:2b:2c:ec:6d:7b:93:34:d4:
         1a:88:b4:06:b8:9e:dd:28:ac:db:da:9b:5a:8a:6d:7c:be:0d:
         5e:02:8f:bb:a2:bd:38:75:4b:9a:57:63:72:a9:19:7e:3c:f4:
         9d:c5:60:fb:87:02:cf:f0:ed:bb:d8:88:27:46:61:c5:a9:4d:
         a2:b5:0b:02:33:17:e0:2f:df:34:12:8f:b7:5c:17:6d:5b:e4:
         0b:38:57:fe:2b:c5:ed:e6:9d:92:02:f7:8e:0c:4e:f5:18:e9:
         22:0d:93:e0
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICA0UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjFDMDZBRjExMC8GA1UEBRMoMUREMTZGRDY4QkZGN0NBQjFBQjkxQzU1REE2MUZD
MENERkY0MTc0MzAeFw0yMzA5MjcwNzA1NDRaFw0yNTA5MzAwNzA1NDRaMBgxFjAU
BgNVBAMTDTY1MTNkNDRiLTRhYzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCc2LTPIgdL5mdn1o3o+ahs5VhVLwaLhbC2FcljTiw0nTdYtSHR02QOqv1E
amRxz6lVtL9HB/+oVncDICn+xuYNbfsfW7Y60p7586NWsoxya58M/akX+LyepTUs
nFMW/jpIvuGcasz2o3XE6jC0mvOHk9LNUjlkPSySpevgOdGKlO2394alRGjNE8i+
dqApQuHn1xrbBcrLUttdJCuFiFFVTL7XFXoy6mcJcI9rn59evjJKp6JvPVR2v+hQ
WWqCHE6SgCZN7ZbMxizVL5e+oWKfarlf67B3wnzik5rEcI8znfabXJDfRlird/4b
J4+TjPsLcwd8XUPw81WD6DYba9kbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUrAyD
WkDi1on2ifA/I/LZ+jOh/BEwHwYDVR0jBBgwFoAUHdFv1ov/fKsauRxV2mH8DN/0
F0MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjIxQzA2LzU4QzlCNzhDMjA1OTExRUM5OTFCNjg3N0Q4QTAxNENFL0hkRnYx
b3ZfZktzYXVSeFYybUg4RE5fMEYwTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0hkRnYxb3ZfZktzYXVSeFYybUg4RE5fMEYwTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjIxQzA2LzU4QzlCNzhDMjA1OTExRUM5OTFCNjg3N0Q4
QTAxNENFLzQ4QUU2NEU0NUQwNDExRUVBQkU0N0E1RjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAsDwwAQAAwDQYJKoZIhvcN
AQELBQADggEBAEEqMfK89ej9P4UxTZ4qDkEtDZd36sbv74gqm4BekkB7rww1BUAw
MlspfWYqKYzz2m1/Ol9Dp+zD0i85eHdNcBp9qKEup9vLe7ZsesAoNCvZGTo15rS9
RDjQg3QjyYApuyubGww/rt7Jk3bGB60lFvGttxj2+JRkhLq+OwK0dKPv+I1OixBd
UpdU3QJjG53fIdrJfEdBSM606/MrLOxte5M01BqItAa4nt0orNvam1qKbXy+DV4C
j7uivTh1S5pXY3KpGX489J3FYPuHAs/w7bvYiCdGYcWpTaK1CwIzF+Av3zQSj7dc
F21b5As4V/4rxe3mnZIC944MTvUY6SINk+A=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:24 2024 by rpki-client on console-fra.rpki-client.org