Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/4B1F6790532F11EC90C1831ED8A014CE.roa
File:                     4B1F6790532F11EC90C1831ED8A014CE.roa (raw, json)
Hash identifier:          ELkepuwGqkp4OwjbpJ4s0LiN5zzQJggQYB6/QQtDAy0=
Subject key identifier:   8D:89:F1:12:0E:8B:92:6B:F8:67:0F:F3:85:3F:06:48:41:68:E4:3A
Certificate issuer:       /CN=F363212DAF/serialNumber=EBC4A85197C32B425638A6C7E5860B5964E657FE
Certificate serial:       0F
Authority key identifier: EB:C4:A8:51:97:C3:2B:42:56:38:A6:C7:E5:86:0B:59:64:E6:57:FE
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/68SoUZfDK0JWOKbH5YYLWWTmV_4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/4B1F6790532F11EC90C1831ED8A014CE.roa
Signing time:             Thu 02 Dec 2021 05:18:33 +0000
ROA not before:           Thu 02 Dec 2021 05:18:30 +0000
ROA not after:            Thu 02 Dec 2049 05:18:30 +0000
asID:                     327979
IP address blocks:        2c0f:f850:1::/48 maxlen: 48
                          2c0f:f850:2::/48 maxlen: 48
                          2c0f:f850:154::/48 maxlen: 48
                          2c0f:f850:dc01::/48 maxlen: 48
                          2c0f:f850:dc03::/48 maxlen: 48
                          2c0f:f850:dc05::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/68SoUZfDK0JWOKbH5YYLWWTmV_4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/68SoUZfDK0JWOKbH5YYLWWTmV_4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/68SoUZfDK0JWOKbH5YYLWWTmV_4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15 (0xf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363212DAF/serialNumber=EBC4A85197C32B425638A6C7E5860B5964E657FE
        Validity
            Not Before: Dec  2 05:18:30 2021 GMT
            Not After : Dec  2 05:18:30 2049 GMT
        Subject: CN=61a85729-96e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:86:f6:93:84:3c:c5:2e:8b:b4:31:e6:91:f6:
                    ab:73:2b:5b:bd:d9:52:71:67:01:d8:93:28:c7:86:
                    74:a5:c7:24:87:cd:08:2f:ec:17:3b:e4:dc:5f:cd:
                    22:34:57:e8:87:23:24:d7:92:de:34:f6:94:fe:34:
                    0c:58:37:f2:8b:bd:32:b1:ee:74:06:67:a0:c6:bf:
                    d2:70:68:37:0a:18:02:27:ee:b9:cc:63:96:ff:cc:
                    52:ef:2c:a5:5e:c1:60:9d:93:ed:e9:3b:dd:bd:e3:
                    11:72:60:75:86:7b:29:1c:cc:82:2b:b4:bc:8f:64:
                    e9:d7:03:1f:e5:dd:89:18:13:e4:87:35:ae:a6:11:
                    99:42:87:31:9e:18:e6:8a:27:bb:bc:6f:b8:b1:72:
                    2a:67:a8:93:89:88:7b:b0:60:72:35:76:84:39:4d:
                    28:9e:f6:5e:41:c2:56:4a:30:1f:7b:94:f9:dc:d2:
                    47:50:8c:c2:3b:3a:45:1f:38:c0:7f:e7:d8:92:8d:
                    4b:e7:34:6f:05:56:f7:68:2a:1d:45:b7:8a:87:b2:
                    64:38:ad:cb:1a:7d:65:04:56:02:81:32:e5:a0:19:
                    43:fe:d2:bf:90:e1:a1:fb:d7:20:da:ed:92:6f:45:
                    b4:a4:ff:34:f3:be:64:56:e1:cc:b7:26:97:53:a4:
                    4c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:89:F1:12:0E:8B:92:6B:F8:67:0F:F3:85:3F:06:48:41:68:E4:3A
            X509v3 Authority Key Identifier:
                keyid:EB:C4:A8:51:97:C3:2B:42:56:38:A6:C7:E5:86:0B:59:64:E6:57:FE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/68SoUZfDK0JWOKbH5YYLWWTmV_4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/68SoUZfDK0JWOKbH5YYLWWTmV_4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363212D/1E968F6051B711ECBFC54543D8A014CE/4B1F6790532F11EC90C1831ED8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f850:1::-2c0f:f850:2:ffff:ffff:ffff:ffff:ffff
                  2c0f:f850:154::/48
                  2c0f:f850:dc01::/48
                  2c0f:f850:dc03::/48
                  2c0f:f850:dc05::/48

    Signature Algorithm: sha256WithRSAEncryption
         13:ac:e7:55:50:78:00:5b:f9:8e:f0:54:34:04:6f:57:62:46:
         72:d8:83:a5:56:03:a5:20:4f:19:55:20:be:e0:13:8c:94:a1:
         ab:13:41:f6:a3:0f:f0:de:04:b3:81:00:5d:99:46:99:46:05:
         a3:17:95:fb:b1:83:94:4c:58:a2:10:19:7d:c3:06:9c:69:69:
         2f:36:0f:33:3f:a8:1d:87:3e:12:2b:72:97:73:a0:50:70:2f:
         82:68:48:e8:dc:99:a4:4a:ca:c1:46:7a:bb:e7:84:ba:27:d1:
         c4:18:54:3f:19:7e:dc:a4:87:da:d8:98:02:1a:40:17:ce:23:
         06:73:c2:fc:64:de:7d:50:f4:27:31:75:fe:b5:c8:7d:d3:7d:
         bb:9e:52:c9:43:03:aa:86:13:39:3c:f9:b4:c0:f0:cc:dc:39:
         75:8f:35:71:a0:81:2a:b6:b7:d0:84:6d:2c:59:a9:59:ab:58:
         59:a6:26:3d:67:ed:9c:da:f2:4c:e0:df:39:cb:23:b7:a0:75:
         b2:a9:c5:c1:95:9c:ff:ae:ca:be:a2:3e:bc:14:d1:24:83:ed:
         07:08:15:82:a9:69:a4:a3:59:1a:35:55:e3:8a:cd:41:d4:8d:
         66:7d:ae:e1:75:ef:4e:42:da:bc:b4:23:e2:1e:07:99:02:78:
         8e:15:1a:2c
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIBDzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYz
MjEyREFGMTEwLwYDVQQFEyhFQkM0QTg1MTk3QzMyQjQyNTYzOEE2QzdFNTg2MEI1
OTY0RTY1N0ZFMB4XDTIxMTIwMjA1MTgzMFoXDTQ5MTIwMjA1MTgzMFowGDEWMBQG
A1UEAwwNNjFhODU3MjktOTZlNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmG9pOEPMUui7Qx5pH2q3MrW73ZUnFnAdiTKMeGdKXHJIfNCC/sFzvk3F/N
IjRX6IcjJNeS3jT2lP40DFg38ou9MrHudAZnoMa/0nBoNwoYAifuucxjlv/MUu8s
pV7BYJ2T7ek73b3jEXJgdYZ7KRzMgiu0vI9k6dcDH+XdiRgT5Ic1rqYRmUKHMZ4Y
5oonu7xvuLFyKmeok4mIe7BgcjV2hDlNKJ72XkHCVkowH3uU+dzSR1CMwjs6RR84
wH/n2JKNS+c0bwVW92gqHUW3ioeyZDityxp9ZQRWAoEy5aAZQ/7Sv5DhofvXINrt
km9FtKT/NPO+ZFbhzLcml1OkTCUCAwEAAaOCAtcwggLTMB0GA1UdDgQWBBSNifES
DouSa/hnD/OFPwZIQWjkOjAfBgNVHSMEGDAWgBTrxKhRl8MrQlY4psflhgtZZOZX
/jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzIxMkQvMUU5NjhGNjA1MUI3MTFFQ0JGQzU0NTQzRDhBMDE0Q0UvNjhTb1Va
ZkRLMEpXT0tiSDVZWUxXV1RtVl80LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNjhTb1VaZkRLMEpXT0tiSDVZWUxXV1RtVl80LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzIxMkQvMUU5NjhGNjA1MUI3MTFFQ0JGQzU0NTQzRDhB
MDE0Q0UvNEIxRjY3OTA1MzJGMTFFQzkwQzE4MzFFRDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBRBggrBgEFBQcBBwEB/wRCMEAwPgQCAAIwODASAwcALA/4UAABAwcALA/4UAAC
AwcALA/4UAFUAwcALA/4UNwBAwcALA/4UNwDAwcALA/4UNwFMA0GCSqGSIb3DQEB
CwUAA4IBAQATrOdVUHgAW/mO8FQ0BG9XYkZy2IOlVgOlIE8ZVSC+4BOMlKGrE0H2
ow/w3gSzgQBdmUaZRgWjF5X7sYOUTFiiEBl9wwacaWkvNg8zP6gdhz4SK3KXc6BQ
cC+CaEjo3JmkSsrBRnq754S6J9HEGFQ/GX7cpIfa2JgCGkAXziMGc8L8ZN59UPQn
MXX+tch90327nlLJQwOqhhM5PPm0wPDM3Dl1jzVxoIEqtrfQhG0sWalZq1hZpiY9
Z+2c2vJM4N85yyO3oHWyqcXBlZz/rsq+oj68FNEkg+0HCBWCqWmko1kaNVXjis1B
1I1mfa7hde9OQtq8tCPiHgeZAniOFRos
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:27:10 2024 by rpki-client on console-ams.rpki-client.org