Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3623193/C2BA301E62E011EAB00F3911F8AEA228/5C0FB8804D4611EE8DDA93274AD9E6FC.roa
File:                     5C0FB8804D4611EE8DDA93274AD9E6FC.roa (raw, json)
Hash identifier:          SxgVHhXL5IrkswBbmPJOseBCQMf1GvN01jHn/YpU+8I=
Subject key identifier:   49:B0:72:4D:F6:1F:65:EA:54:7A:F8:1E:CB:1C:FB:3A:6D:93:2F:79
Certificate issuer:       /CN=F3623193AF/serialNumber=227B6B37E17EB0094C0304939B2FC588E1E66E99
Certificate serial:       052B
Authority key identifier: 22:7B:6B:37:E1:7E:B0:09:4C:03:04:93:9B:2F:C5:88:E1:E6:6E:99
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/IntrN-F-sAlMAwSTmy_FiOHmbpk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3623193/C2BA301E62E011EAB00F3911F8AEA228/5C0FB8804D4611EE8DDA93274AD9E6FC.roa
Signing time:             Thu 07 Sep 2023 06:18:28 +0000
ROA not before:           Thu 07 Sep 2023 06:18:25 +0000
ROA not after:            Mon 07 Sep 2048 06:18:25 +0000
asID:                     328358
IP address blocks:        2001:43f8:1320::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3623193/C2BA301E62E011EAB00F3911F8AEA228/IntrN-F-sAlMAwSTmy_FiOHmbpk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3623193/C2BA301E62E011EAB00F3911F8AEA228/IntrN-F-sAlMAwSTmy_FiOHmbpk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/IntrN-F-sAlMAwSTmy_FiOHmbpk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1323 (0x52b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3623193AF/serialNumber=227B6B37E17EB0094C0304939B2FC588E1E66E99
        Validity
            Not Before: Sep  7 06:18:25 2023 GMT
            Not After : Sep  7 06:18:25 2048 GMT
        Subject: CN=64f96b34-35ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:4d:6f:0c:f7:3a:f3:2c:9d:42:f7:df:da:eb:
                    a4:b5:b6:e2:fa:ef:4b:ad:bc:bf:cd:7b:ba:e3:37:
                    8f:eb:3c:b5:3d:0d:b7:74:52:05:f0:ef:4f:1f:7b:
                    4e:d7:1b:c9:af:91:be:f5:04:d5:d4:2b:1c:aa:d6:
                    79:9b:15:3f:af:27:9f:5b:43:0c:ca:ce:71:22:00:
                    4a:d5:9b:57:c0:ef:1a:74:d2:b6:6d:35:e5:53:21:
                    c6:de:e7:f5:b2:30:cb:67:fa:21:6f:f6:60:2e:af:
                    25:f3:a2:ef:9f:7d:7d:e9:3a:67:e6:5f:46:c1:74:
                    ac:45:07:7a:87:51:e0:f0:76:35:65:fd:69:64:c1:
                    e8:9d:a7:98:b2:94:9f:2f:44:4b:89:a6:68:74:29:
                    a3:39:23:f6:eb:39:1f:0a:38:6d:90:a4:ec:13:94:
                    b4:3a:4a:46:96:a7:b4:c4:44:d2:a9:6a:e3:03:d6:
                    d6:8d:1d:2f:b1:4b:eb:b4:35:00:e0:6e:85:3b:88:
                    f9:23:c5:89:87:b4:c1:e4:95:c2:81:83:5e:0d:06:
                    12:3e:d0:cc:57:dd:e0:6d:61:45:23:d6:e1:80:3c:
                    25:49:7d:ee:28:5b:8a:82:c5:23:b6:9a:59:5e:5a:
                    27:34:fb:18:df:19:0b:2d:01:86:91:0f:b8:eb:f1:
                    4e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:B0:72:4D:F6:1F:65:EA:54:7A:F8:1E:CB:1C:FB:3A:6D:93:2F:79
            X509v3 Authority Key Identifier:
                keyid:22:7B:6B:37:E1:7E:B0:09:4C:03:04:93:9B:2F:C5:88:E1:E6:6E:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3623193/C2BA301E62E011EAB00F3911F8AEA228/IntrN-F-sAlMAwSTmy_FiOHmbpk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/IntrN-F-sAlMAwSTmy_FiOHmbpk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3623193/C2BA301E62E011EAB00F3911F8AEA228/5C0FB8804D4611EE8DDA93274AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:43f8:1320::/48

    Signature Algorithm: sha256WithRSAEncryption
         54:84:32:af:74:8a:c7:30:ec:6e:4f:f2:b9:b8:4d:2d:26:ff:
         b1:93:b0:a0:e1:e2:69:1a:95:6e:f4:d3:d0:b3:64:da:89:87:
         ea:0d:3d:c9:66:cc:15:39:96:09:18:88:80:60:bf:4e:61:21:
         7c:ce:94:73:ae:cf:19:56:34:d0:8a:1c:d2:d4:6c:b1:3f:73:
         fb:c6:82:c2:4d:51:43:c4:df:9e:85:83:c6:ad:bb:c4:e8:d5:
         26:9f:8d:b8:99:a8:10:0a:f4:a7:48:68:cf:32:2c:30:ea:3b:
         a0:28:41:84:a3:83:4a:f8:c4:e7:51:bf:00:87:e0:a4:2d:07:
         4a:1e:13:1f:1f:e8:21:d3:99:44:3b:85:5b:32:2c:75:17:6d:
         53:d0:19:05:c0:73:e3:5b:ad:22:67:f4:df:8c:f8:4c:0b:5a:
         02:83:54:a8:b6:b8:59:fa:e0:b4:3e:3e:06:8e:71:04:0c:7c:
         2b:1e:c4:21:3d:76:cc:41:96:db:e2:e8:95:35:a0:c1:00:42:
         3a:4f:8a:d8:1f:0c:c9:30:b8:3b:6d:5c:82:ef:90:bc:78:b4:
         82:eb:07:ef:27:1f:c4:65:c6:75:a6:60:45:11:8d:e6:0c:7d:
         2d:db:88:03:c6:ae:ac:bd:4d:00:b1:f3:b1:1a:c6:ce:83:9c:
         50:9c:3f:dd
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBSswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjMxOTNBRjExMC8GA1UEBRMoMjI3QjZCMzdFMTdFQjAwOTRDMDMwNDkzOUIyRkM1
ODhFMUU2NkU5OTAeFw0yMzA5MDcwNjE4MjVaFw00ODA5MDcwNjE4MjVaMBgxFjAU
BgNVBAMTDTY0Zjk2YjM0LTM1ZmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCbTW8M9zrzLJ1C99/a66S1tuL670utvL/Ne7rjN4/rPLU9Dbd0UgXw708f
e07XG8mvkb71BNXUKxyq1nmbFT+vJ59bQwzKznEiAErVm1fA7xp00rZtNeVTIcbe
5/WyMMtn+iFv9mAuryXzou+ffX3pOmfmX0bBdKxFB3qHUeDwdjVl/Wlkweidp5iy
lJ8vREuJpmh0KaM5I/brOR8KOG2QpOwTlLQ6SkaWp7TERNKpauMD1taNHS+xS+u0
NQDgboU7iPkjxYmHtMHklcKBg14NBhI+0MxX3eBtYUUj1uGAPCVJfe4oW4qCxSO2
mlleWic0+xjfGQstAYaRD7jr8U6BAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUSbBy
TfYfZepUevgeyxz7Om2TL3kwHwYDVR0jBBgwFoAUIntrN+F+sAlMAwSTmy/FiOHm
bpkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjIzMTkzL0MyQkEzMDFFNjJFMDExRUFCMDBGMzkxMUY4QUVBMjI4L0ludHJO
LUYtc0FsTUF3U1RteV9GaU9IbWJway5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0ludHJOLUYtc0FsTUF3U1RteV9GaU9IbWJway5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjIzMTkzL0MyQkEzMDFFNjJFMDExRUFCMDBGMzkxMUY4
QUVBMjI4LzVDMEZCODgwNEQ0NjExRUU4RERBOTMyNzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAUP4EyAwDQYJKoZIhvcN
AQELBQADggEBAFSEMq90iscw7G5P8rm4TS0m/7GTsKDh4mkalW7009CzZNqJh+oN
PclmzBU5lgkYiIBgv05hIXzOlHOuzxlWNNCKHNLUbLE/c/vGgsJNUUPE356Fg8at
u8To1SafjbiZqBAK9KdIaM8yLDDqO6AoQYSjg0r4xOdRvwCH4KQtB0oeEx8f6CHT
mUQ7hVsyLHUXbVPQGQXAc+NbrSJn9N+M+EwLWgKDVKi2uFn64LQ+PgaOcQQMfCse
xCE9dsxBltvi6JU1oMEAQjpPitgfDMkwuDttXILvkLx4tILrB+8nH8RlxnWmYEUR
jeYMfS3biAPGrqy9TQCx87Eaxs6DnFCcP90=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:24 2024 by rpki-client on console-fra.rpki-client.org