Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/7D0B92E25DFF11EEA083CC7C4AD9E6FC.roa
File:                     7D0B92E25DFF11EEA083CC7C4AD9E6FC.roa (raw, json)
Hash identifier:          yPevgGeVIgPXFmD7thEhkTJ0C74tfVN031am+qRV4Ns=
Subject key identifier:   13:49:34:9E:F4:12:06:FD:DC:94:7D:C1:F2:6F:26:70:79:84:10:75
Certificate issuer:       /CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
Certificate serial:       0359
Authority key identifier: 1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/7D0B92E25DFF11EEA083CC7C4AD9E6FC.roa
Signing time:             Thu 28 Sep 2023 13:03:59 +0000
ROA not before:           Thu 28 Sep 2023 13:03:56 +0000
ROA not after:            Tue 30 Sep 2025 13:03:56 +0000
asID:                     328327
IP address blocks:        2c0f:c00:200::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 857 (0x359)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
        Validity
            Not Before: Sep 28 13:03:56 2023 GMT
            Not After : Sep 30 13:03:56 2025 GMT
        Subject: CN=651579bf-8fab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:17:a5:48:c0:56:fa:7e:69:55:4f:5c:94:dd:
                    4f:24:88:97:ef:96:bb:95:4d:99:a0:da:9a:84:3f:
                    21:7d:0b:39:18:df:14:f0:47:a1:d7:8a:0d:2b:c9:
                    fe:ef:6e:07:c4:2c:cd:82:61:a8:56:01:d7:a2:80:
                    ac:db:84:fb:e1:3a:79:51:f0:2d:88:75:8a:95:47:
                    36:c2:1b:aa:d0:58:a9:de:b3:77:ec:39:3a:20:8a:
                    f0:09:07:47:ba:f6:a0:2f:ce:72:38:39:9c:58:f7:
                    0c:9e:62:13:a4:8e:0e:52:00:90:92:7e:eb:b1:ce:
                    d8:fd:5b:d0:41:66:5c:d1:6f:a8:a5:9c:29:54:ee:
                    7f:bf:3a:db:55:7f:2b:77:25:1c:53:2d:a8:2a:c8:
                    56:67:24:e4:da:b4:79:73:e9:1d:a3:db:14:b6:3a:
                    82:0e:8c:dd:c8:21:80:fd:d8:b3:90:33:ca:22:b3:
                    d9:dd:f7:9b:57:f9:af:56:b5:c8:9e:e0:15:39:8e:
                    22:0f:91:7e:dc:ac:b1:43:7b:ed:64:ee:b7:b7:6e:
                    9c:bd:1c:6a:a7:80:b8:02:f8:0d:a6:20:34:28:d3:
                    84:32:86:d8:77:5f:4b:63:9d:39:19:37:b1:43:68:
                    13:2f:a6:4c:b7:3b:4a:30:6c:67:07:49:b7:ae:2e:
                    3f:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:49:34:9E:F4:12:06:FD:DC:94:7D:C1:F2:6F:26:70:79:84:10:75
            X509v3 Authority Key Identifier:
                keyid:1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/7D0B92E25DFF11EEA083CC7C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:c00:200::/48

    Signature Algorithm: sha256WithRSAEncryption
         31:ea:4c:0e:b9:d3:21:0b:65:d1:4d:42:6b:a5:a3:e0:c0:1a:
         15:0e:b9:2f:4e:42:1b:2a:83:0c:15:65:24:c1:4d:22:94:ca:
         59:b8:e1:92:99:8b:42:15:10:b5:84:b6:64:a9:92:f5:85:a9:
         9c:d6:86:ad:7e:10:10:9b:33:16:2b:ce:11:b4:ea:db:27:ba:
         b2:e0:0d:e0:32:21:47:2f:37:c9:ff:75:92:d3:cf:f7:09:54:
         60:00:4f:0f:34:01:90:3d:cc:b2:42:00:71:19:a7:f5:63:9c:
         9a:95:46:f1:23:98:95:4d:98:c9:05:18:63:d5:bc:27:b3:13:
         4d:c6:02:88:84:5a:c7:30:c6:d0:7d:52:fd:a7:46:36:93:1f:
         f1:22:3a:cd:e2:f6:12:4a:92:e0:cc:08:0a:54:8b:69:d2:d6:
         c8:be:56:ad:17:e8:61:b7:39:77:e1:17:7f:68:aa:47:59:5b:
         df:47:e0:9c:cb:f1:0d:64:f0:72:98:78:ee:a7:c1:f6:1a:b4:
         32:e7:b8:0d:2f:67:f5:8f:00:5a:e0:e4:42:2e:70:93:dc:05:
         12:c4:ec:95:e7:c3:a0:2e:3f:ff:ae:22:2f:e7:be:f5:37:dc:
         ed:1c:f3:4a:51:9d:1f:63:3e:1d:ac:84:31:17:8e:50:a3:aa:
         a8:39:4e:0f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICA1kwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjFDMDZBRjExMC8GA1UEBRMoMUREMTZGRDY4QkZGN0NBQjFBQjkxQzU1REE2MUZD
MENERkY0MTc0MzAeFw0yMzA5MjgxMzAzNTZaFw0yNTA5MzAxMzAzNTZaMBgxFjAU
BgNVBAMTDTY1MTU3OWJmLThmYWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9F6VIwFb6fmlVT1yU3U8kiJfvlruVTZmg2pqEPyF9CzkY3xTwR6HXig0r
yf7vbgfELM2CYahWAdeigKzbhPvhOnlR8C2IdYqVRzbCG6rQWKnes3fsOTogivAJ
B0e69qAvznI4OZxY9wyeYhOkjg5SAJCSfuuxztj9W9BBZlzRb6ilnClU7n+/OttV
fyt3JRxTLagqyFZnJOTatHlz6R2j2xS2OoIOjN3IIYD92LOQM8ois9nd95tX+a9W
tcie4BU5jiIPkX7crLFDe+1k7re3bpy9HGqngLgC+A2mIDQo04Qyhth3X0tjnTkZ
N7FDaBMvpky3O0owbGcHSbeuLj8FAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUE0k0
nvQSBv3clH3B8m8mcHmEEHUwHwYDVR0jBBgwFoAUHdFv1ov/fKsauRxV2mH8DN/0
F0MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjIxQzA2LzU4QzlCNzhDMjA1OTExRUM5OTFCNjg3N0Q4QTAxNENFL0hkRnYx
b3ZfZktzYXVSeFYybUg4RE5fMEYwTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0hkRnYxb3ZfZktzYXVSeFYybUg4RE5fMEYwTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjIxQzA2LzU4QzlCNzhDMjA1OTExRUM5OTFCNjg3N0Q4
QTAxNENFLzdEMEI5MkUyNURGRjExRUVBMDgzQ0M3QzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAsDwwAAgAwDQYJKoZIhvcN
AQELBQADggEBADHqTA650yELZdFNQmulo+DAGhUOuS9OQhsqgwwVZSTBTSKUylm4
4ZKZi0IVELWEtmSpkvWFqZzWhq1+EBCbMxYrzhG06tsnurLgDeAyIUcvN8n/dZLT
z/cJVGAATw80AZA9zLJCAHEZp/VjnJqVRvEjmJVNmMkFGGPVvCezE03GAoiEWscw
xtB9Uv2nRjaTH/EiOs3i9hJKkuDMCApUi2nS1si+Vq0X6GG3OXfhF39oqkdZW99H
4JzL8Q1k8HKYeO6nwfYatDLnuA0vZ/WPAFrg5EIucJPcBRLE7JXnw6AuP/+uIi/n
vvU33O0c80pRnR9jPh2shDEXjlCjqqg5Tg8=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:18 2024 by rpki-client on console-ams.rpki-client.org