Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36252A7/89497A60E38311E99E55F585F8AEA228/34BC8634C70711ED87A7AD9EF1222468.roa
File:                     34BC8634C70711ED87A7AD9EF1222468.roa (raw, json)
Hash identifier:          jLffPLsCVmDn3eu+ZH7RN7a2yuNgI7fFi99PH05ncKE=
Subject key identifier:   FC:30:9C:84:9E:51:37:1D:53:0C:68:54:41:38:70:04:26:B8:65:99
Certificate issuer:       /CN=F36252A7AF/serialNumber=027E1A4463C685FBD63863F9D3B23BAC2D93B168
Certificate serial:       0515
Authority key identifier: 02:7E:1A:44:63:C6:85:FB:D6:38:63:F9:D3:B2:3B:AC:2D:93:B1:68
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/An4aRGPGhfvWOGP507I7rC2TsWg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36252A7/89497A60E38311E99E55F585F8AEA228/34BC8634C70711ED87A7AD9EF1222468.roa
Signing time:             Mon 20 Mar 2023 10:08:48 +0000
ROA not before:           Mon 20 Mar 2023 10:08:44 +0000
ROA not after:            Mon 20 Feb 2034 10:08:44 +0000
asID:                     36985
IP address blocks:        2c0f:f150::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36252A7/89497A60E38311E99E55F585F8AEA228/An4aRGPGhfvWOGP507I7rC2TsWg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36252A7/89497A60E38311E99E55F585F8AEA228/An4aRGPGhfvWOGP507I7rC2TsWg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/An4aRGPGhfvWOGP507I7rC2TsWg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1301 (0x515)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36252A7AF/serialNumber=027E1A4463C685FBD63863F9D3B23BAC2D93B168
        Validity
            Not Before: Mar 20 10:08:44 2023 GMT
            Not After : Feb 20 10:08:44 2034 GMT
        Subject: CN=641830b0-ab60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:51:46:7b:a3:29:c1:dc:31:61:86:c5:db:cf:
                    16:3a:3a:07:aa:f9:e9:fa:b7:91:6b:d1:7b:2c:c4:
                    c8:3a:ef:98:bb:6e:e9:a5:d9:fc:68:ed:32:cb:33:
                    67:50:bf:ab:51:72:45:ef:8e:1f:f7:d2:e4:72:57:
                    07:2f:6c:63:b4:e9:c3:bf:20:5a:bd:f3:ff:92:81:
                    c8:8e:ca:b4:f5:42:41:c8:8b:e1:66:f9:fe:2b:c0:
                    b9:94:7d:61:73:b5:3f:64:ad:0d:fd:e8:65:d8:fd:
                    c6:11:0c:bd:0b:99:37:aa:b5:23:d1:74:49:cc:44:
                    69:67:c7:12:9d:bd:c3:dc:32:3d:a5:d6:79:c9:30:
                    e2:83:bd:65:f1:63:26:ef:e3:d3:ff:b0:95:04:1f:
                    b6:99:84:95:b6:fb:b2:6c:a2:4e:ed:75:da:03:7d:
                    75:69:c1:e5:37:19:69:66:b6:5e:b6:4b:71:7f:e3:
                    97:c9:f1:f1:3f:d9:e9:61:ea:77:c4:ac:43:17:9f:
                    95:a5:33:53:df:1c:08:8f:77:f4:ec:d1:22:42:7b:
                    43:e2:2e:33:30:bb:aa:14:34:72:8f:ef:77:3e:af:
                    06:6f:bc:93:7d:cf:0c:b1:06:f0:e5:6d:bb:58:3c:
                    01:57:28:5a:5e:d5:70:98:7d:4a:9a:45:ff:3c:ff:
                    f5:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:30:9C:84:9E:51:37:1D:53:0C:68:54:41:38:70:04:26:B8:65:99
            X509v3 Authority Key Identifier:
                keyid:02:7E:1A:44:63:C6:85:FB:D6:38:63:F9:D3:B2:3B:AC:2D:93:B1:68

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36252A7/89497A60E38311E99E55F585F8AEA228/An4aRGPGhfvWOGP507I7rC2TsWg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/An4aRGPGhfvWOGP507I7rC2TsWg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36252A7/89497A60E38311E99E55F585F8AEA228/34BC8634C70711ED87A7AD9EF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f150::/32

    Signature Algorithm: sha256WithRSAEncryption
         a9:15:b7:a7:ee:2c:c3:5e:83:cd:a6:9e:6c:85:ef:28:7b:19:
         82:44:47:a1:b2:73:35:fe:74:b1:54:ca:91:9d:67:ff:84:3b:
         35:df:59:72:67:c2:5e:da:6e:5c:1a:02:7d:3a:d8:b6:8f:c8:
         24:be:27:f9:a4:50:96:82:09:87:7e:72:7d:6f:d9:b7:c9:6b:
         34:d9:38:e2:90:9b:83:80:0e:6c:29:41:76:b8:fe:38:fd:01:
         2c:2d:1e:13:ec:72:a1:79:c0:b4:14:92:3b:ef:fb:3c:c2:83:
         b1:0e:42:57:ae:62:bd:e9:f4:a9:dd:6c:ac:5f:f9:08:e3:89:
         15:e6:6d:86:d5:2b:f7:72:d9:bc:8c:90:13:28:3a:58:e8:c8:
         f4:e3:1b:89:37:36:28:f2:0d:54:64:fc:29:b4:94:2c:c0:cf:
         3a:45:9f:ea:f1:f1:8d:ab:5d:3b:4b:3e:1e:d5:c9:74:0f:74:
         34:bf:19:28:24:0c:95:09:b4:07:a6:b6:d6:06:46:75:46:04:
         68:31:14:49:c6:98:b5:8a:0a:21:fa:16:7d:cf:d1:d8:5d:3a:
         ce:40:89:e8:bb:cc:5b:b8:b9:cc:ad:34:30:28:15:b1:40:13:
         8a:37:82:c1:f5:fc:21:a2:36:2f:95:72:a0:19:16:79:6a:54:
         24:d6:28:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBRUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjUyQTdBRjExMC8GA1UEBRMoMDI3RTFBNDQ2M0M2ODVGQkQ2Mzg2M0Y5RDNCMjNC
QUMyRDkzQjE2ODAeFw0yMzAzMjAxMDA4NDRaFw0zNDAyMjAxMDA4NDRaMBgxFjAU
BgNVBAMMDTY0MTgzMGIwLWFiNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdUUZ7oynB3DFhhsXbzxY6Ogeq+en6t5Fr0XssxMg675i7buml2fxo7TLL
M2dQv6tRckXvjh/30uRyVwcvbGO06cO/IFq98/+SgciOyrT1QkHIi+Fm+f4rwLmU
fWFztT9krQ396GXY/cYRDL0LmTeqtSPRdEnMRGlnxxKdvcPcMj2l1nnJMOKDvWXx
Yybv49P/sJUEH7aZhJW2+7Jsok7tddoDfXVpweU3GWlmtl62S3F/45fJ8fE/2elh
6nfErEMXn5WlM1PfHAiPd/Ts0SJCe0PiLjMwu6oUNHKP73c+rwZvvJN9zwyxBvDl
bbtYPAFXKFpe1XCYfUqaRf88//UvAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU/DCc
hJ5RNx1TDGhUQThwBCa4ZZkwHwYDVR0jBBgwFoAUAn4aRGPGhfvWOGP507I7rC2T
sWgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI1MkE3Lzg5NDk3QTYwRTM4MzExRTk5RTU1RjU4NUY4QUVBMjI4L0FuNGFS
R1BHaGZ2V09HUDUwN0k3ckMyVHNXZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0FuNGFSR1BHaGZ2V09HUDUwN0k3ckMyVHNXZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjI1MkE3Lzg5NDk3QTYwRTM4MzExRTk5RTU1RjU4NUY4
QUVBMjI4LzM0QkM4NjM0QzcwNzExRUQ4N0E3QUQ5RUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/FQMA0GCSqGSIb3DQEB
CwUAA4IBAQCpFben7izDXoPNpp5she8oexmCREehsnM1/nSxVMqRnWf/hDs131ly
Z8Je2m5cGgJ9Oti2j8gkvif5pFCWggmHfnJ9b9m3yWs02TjikJuDgA5sKUF2uP44
/QEsLR4T7HKhecC0FJI77/s8woOxDkJXrmK96fSp3WysX/kI44kV5m2G1Sv3ctm8
jJATKDpY6Mj04xuJNzYo8g1UZPwptJQswM86RZ/q8fGNq107Sz4e1cl0D3Q0vxko
JAyVCbQHprbWBkZ1RgRoMRRJxpi1igoh+hZ9z9HYXTrOQInou8xbuLnMrTQwKBWx
QBOKN4LB9fwhojYvlXKgGRZ5alQk1ihB
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:31 2024 by rpki-client on console-ams.rpki-client.org