Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/7A109FF65D0511EE940659634AD9E6FC.roa
File:                     7A109FF65D0511EE940659634AD9E6FC.roa (raw, json)
Hash identifier:          zi9Vy+xYI0UvmjrfPQMC6MnvjqOO85SwSNuBtpF4/Rk=
Subject key identifier:   CE:DB:3D:91:81:8D:D0:00:D2:FB:F5:76:79:B9:4E:A1:1C:4B:C6:BB
Certificate issuer:       /CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
Certificate serial:       0356
Authority key identifier: 1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/7A109FF65D0511EE940659634AD9E6FC.roa
Signing time:             Wed 27 Sep 2023 07:14:20 +0000
ROA not before:           Wed 27 Sep 2023 07:14:17 +0000
ROA not after:            Tue 30 Sep 2025 07:14:17 +0000
asID:                     328327
IP address blocks:        2c0f:c00:2090::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 854 (0x356)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
        Validity
            Not Before: Sep 27 07:14:17 2023 GMT
            Not After : Sep 30 07:14:17 2025 GMT
        Subject: CN=6513d64c-4b1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d3:ae:00:41:78:fd:a7:af:6b:06:99:3d:35:
                    3e:c8:d5:94:d9:14:25:43:28:a9:e7:c7:20:c0:0a:
                    5e:6b:e8:0c:9f:fc:3c:93:71:66:8e:09:9b:c2:aa:
                    c0:9a:41:61:d0:ea:07:68:38:87:9f:5c:ad:3a:27:
                    59:fc:b1:a8:fd:2e:cb:fc:d7:5e:1e:67:a8:23:a8:
                    fe:d9:97:60:38:2b:52:ca:e8:0d:30:77:c3:55:da:
                    13:ad:bc:51:93:93:db:4b:25:19:41:e1:8e:89:84:
                    8a:63:c4:ec:5b:a4:60:61:44:a5:73:cd:33:65:6f:
                    39:dc:11:47:70:ab:17:1a:5e:92:1c:8a:f8:15:45:
                    1e:12:a2:4f:b9:d2:39:c7:e4:a2:c4:f2:42:7a:26:
                    a4:dd:05:54:1a:2f:54:66:3b:80:25:e7:95:4a:bb:
                    0b:a8:29:65:66:2a:29:c8:2a:45:be:74:a8:6d:44:
                    db:25:32:55:30:7a:e5:80:e1:27:58:1d:91:3f:d6:
                    a7:3c:0c:bc:9c:85:f5:40:d8:3f:87:89:a4:8a:fa:
                    ae:fb:ae:39:11:76:a0:58:5c:b7:9f:e9:0f:ec:b4:
                    d1:77:36:d5:92:c3:09:73:2a:0e:30:c7:62:4d:ca:
                    59:37:37:4d:cb:d6:e0:df:32:2f:a0:6a:cd:6d:3a:
                    3b:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:DB:3D:91:81:8D:D0:00:D2:FB:F5:76:79:B9:4E:A1:1C:4B:C6:BB
            X509v3 Authority Key Identifier:
                keyid:1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/7A109FF65D0511EE940659634AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:c00:2090::/48

    Signature Algorithm: sha256WithRSAEncryption
         29:87:36:65:df:51:7b:7e:3c:d7:1c:cc:c6:a9:26:8b:f7:d3:
         38:82:32:91:ec:6d:45:79:7d:84:3f:75:ed:20:56:4d:88:b0:
         33:dc:6d:ee:e4:ff:ae:49:5a:21:30:31:ea:12:23:2f:e7:2b:
         a6:a1:c3:ff:1c:7c:94:9e:48:3a:09:04:59:3c:6e:cd:89:f3:
         29:05:c1:69:27:e1:1e:22:cf:81:a6:22:89:16:e8:cf:01:5a:
         a6:80:51:f9:0b:86:ee:88:8c:c9:2d:a6:54:b0:de:f7:0c:b1:
         cf:07:79:65:7a:f0:d4:92:50:a7:5e:65:02:8d:1e:46:fa:a0:
         d1:5f:ea:64:9d:22:e2:62:80:f5:a7:08:15:fd:f8:74:e9:59:
         d7:12:2b:81:df:8f:7b:9d:79:b2:17:9f:06:37:90:d2:a7:a8:
         c8:0f:4b:48:7d:e5:9d:31:61:07:2c:26:b6:34:ab:ca:01:2b:
         e1:c8:46:ce:37:cc:7a:fc:87:a9:9c:77:79:39:79:c4:31:a7:
         f5:d6:eb:ed:97:19:e3:44:ce:69:71:64:10:67:25:53:42:d1:
         3b:49:1b:d0:be:5b:30:af:29:b3:49:39:64:d8:77:a7:70:f6:
         f9:69:33:f1:49:14:8e:56:9b:9a:ca:02:85:36:db:b0:ed:8a:
         73:c5:fd:23
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICA1YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjFDMDZBRjExMC8GA1UEBRMoMUREMTZGRDY4QkZGN0NBQjFBQjkxQzU1REE2MUZD
MENERkY0MTc0MzAeFw0yMzA5MjcwNzE0MTdaFw0yNTA5MzAwNzE0MTdaMBgxFjAU
BgNVBAMTDTY1MTNkNjRjLTRiMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCq064AQXj9p69rBpk9NT7I1ZTZFCVDKKnnxyDACl5r6Ayf/DyTcWaOCZvC
qsCaQWHQ6gdoOIefXK06J1n8saj9Lsv8114eZ6gjqP7Zl2A4K1LK6A0wd8NV2hOt
vFGTk9tLJRlB4Y6JhIpjxOxbpGBhRKVzzTNlbzncEUdwqxcaXpIcivgVRR4Sok+5
0jnH5KLE8kJ6JqTdBVQaL1RmO4Al55VKuwuoKWVmKinIKkW+dKhtRNslMlUweuWA
4SdYHZE/1qc8DLychfVA2D+HiaSK+q77rjkRdqBYXLef6Q/stNF3NtWSwwlzKg4w
x2JNylk3N03L1uDfMi+gas1tOjs3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUzts9
kYGN0ADS+/V2eblOoRxLxrswHwYDVR0jBBgwFoAUHdFv1ov/fKsauRxV2mH8DN/0
F0MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjIxQzA2LzU4QzlCNzhDMjA1OTExRUM5OTFCNjg3N0Q4QTAxNENFL0hkRnYx
b3ZfZktzYXVSeFYybUg4RE5fMEYwTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0hkRnYxb3ZfZktzYXVSeFYybUg4RE5fMEYwTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjIxQzA2LzU4QzlCNzhDMjA1OTExRUM5OTFCNjg3N0Q4
QTAxNENFLzdBMTA5RkY2NUQwNTExRUU5NDA2NTk2MzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAsDwwAIJAwDQYJKoZIhvcN
AQELBQADggEBACmHNmXfUXt+PNcczMapJov30ziCMpHsbUV5fYQ/de0gVk2IsDPc
be7k/65JWiEwMeoSIy/nK6ahw/8cfJSeSDoJBFk8bs2J8ykFwWkn4R4iz4GmIokW
6M8BWqaAUfkLhu6IjMktplSw3vcMsc8HeWV68NSSUKdeZQKNHkb6oNFf6mSdIuJi
gPWnCBX9+HTpWdcSK4Hfj3udebIXnwY3kNKnqMgPS0h95Z0xYQcsJrY0q8oBK+HI
Rs43zHr8h6mcd3k5ecQxp/XW6+2XGeNEzmlxZBBnJVNC0TtJG9C+WzCvKbNJOWTY
d6dw9vlpM/FJFI5Wm5rKAoU227DtinPF/SM=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:24 2024 by rpki-client on console-fra.rpki-client.org