Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/AF78092A333C11EDA5A408E9F1222468.roa
File:                     AF78092A333C11EDA5A408E9F1222468.roa (raw, json)
Hash identifier:          E3/f7D5E8D5/pNbbRfu3LfUAHueGwmD0q/WRKgWbj5o=
Subject key identifier:   BE:8D:56:2D:80:48:DA:3E:94:AC:D7:CF:96:D9:EF:D4:16:24:79:D1
Certificate issuer:       /CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Certificate serial:       0B75
Authority key identifier: 8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/AF78092A333C11EDA5A408E9F1222468.roa
Signing time:             Tue 13 Sep 2022 08:18:45 +0000
ROA not before:           Tue 13 Sep 2022 08:18:39 +0000
ROA not after:            Wed 15 Sep 2027 08:18:39 +0000
asID:                     33764
IP address blocks:        2001:42d0:2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.mft
                          rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2933 (0xb75)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
        Validity
            Not Before: Sep 13 08:18:39 2022 GMT
            Not After : Sep 15 08:18:39 2027 GMT
        Subject: CN=63203ce5-7307
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:9c:f2:63:8c:6b:3d:f2:82:eb:c5:34:e1:8d:
                    b6:6b:0c:3e:5a:ba:44:d5:4d:0a:37:5f:ea:ab:94:
                    6b:df:17:da:4a:03:0d:44:8f:c4:65:9e:76:61:89:
                    51:bb:20:52:08:49:ef:ca:fc:2c:87:5f:e1:e0:fc:
                    b7:99:e6:fc:e4:06:ac:1f:86:6d:98:0e:72:ac:79:
                    dd:8c:a6:2a:ae:fb:84:da:6a:ab:00:d0:83:09:d3:
                    fe:ae:01:61:6a:ce:fb:ca:f7:99:2f:d8:ee:35:9e:
                    d4:ea:31:b4:0f:91:55:d9:78:85:5a:de:56:9c:63:
                    03:51:33:1d:70:f4:67:12:8d:bd:3e:52:e9:5d:fc:
                    b3:14:10:7c:c0:64:5e:c2:33:51:85:5a:6d:bf:ae:
                    ca:17:a4:9a:5c:7d:0e:e8:fb:9a:61:c1:51:13:1b:
                    af:f3:de:ed:72:35:e4:30:f3:20:ef:1e:5a:94:38:
                    4f:30:e2:37:e9:54:0b:8f:ed:61:29:63:cd:03:8e:
                    82:db:6c:dc:c8:69:54:70:61:72:a5:10:a2:36:4f:
                    0a:5c:66:cc:26:d8:d4:5c:a0:81:3e:c9:60:2e:f6:
                    7f:b2:cf:18:08:ef:09:3f:99:8d:24:6a:d6:fa:98:
                    5f:81:2a:33:8e:d5:2b:58:27:73:61:0f:2c:d6:61:
                    0b:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:8D:56:2D:80:48:DA:3E:94:AC:D7:CF:96:D9:EF:D4:16:24:79:D1
            X509v3 Authority Key Identifier:
                keyid:8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/AF78092A333C11EDA5A408E9F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:42d0:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         84:63:23:0c:ef:61:fd:9f:78:39:f2:92:e0:be:4f:83:93:79:
         05:64:d0:37:15:d3:cd:7d:ea:d0:0e:dc:41:44:f1:d0:53:08:
         d5:29:04:40:ef:b9:95:30:36:28:a2:35:81:50:1f:4d:f6:71:
         74:fd:5b:27:9a:b2:8b:aa:07:e3:e6:52:81:60:0f:f7:71:6e:
         0e:a0:ee:bf:5a:4e:bd:43:13:4e:48:48:f8:d6:44:06:62:e8:
         a1:04:cc:37:d8:8a:ea:23:a4:2f:86:0f:8d:e8:36:8b:9b:c7:
         94:9b:75:ef:30:b9:a2:83:39:c6:35:91:8b:ae:19:d2:1c:cc:
         da:7a:8a:2e:48:8b:64:2b:1f:21:23:52:78:7b:4e:eb:6b:9e:
         9c:4b:73:6d:9f:b5:c7:20:7c:7c:bc:22:e9:fa:ed:0f:99:3f:
         34:48:bb:4d:de:e1:a1:51:15:07:eb:f9:fb:0e:34:f9:27:58:
         22:d5:1a:7c:40:84:0d:cb:ad:3b:2d:d1:2f:a2:1e:14:cd:79:
         61:6c:6e:20:be:3b:84:db:ef:4d:2e:7c:29:18:6f:6c:16:5d:
         e5:34:34:e5:0d:82:69:35:4f:b0:1c:2b:f3:11:32:1c:95:ab:
         80:56:fd:bc:3c:19:fa:b8:a9:ab:01:c5:7b:83:b4:ed:fb:f7:
         52:fb:ad:e3
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICC3UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MzREMjJBRjExMC8GA1UEBRMoOEQwMUQ4MDhFODk3NzQ1NDNERTIyRDBEQTg0NDM3
OEVDRUE4QkI5QjAeFw0yMjA5MTMwODE4MzlaFw0yNzA5MTUwODE4MzlaMBgxFjAU
BgNVBAMMDTYzMjAzY2U1LTczMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAnPJjjGs98oLrxTThjbZrDD5aukTVTQo3X+qrlGvfF9pKAw1Ej8RlnnZh
iVG7IFIISe/K/CyHX+Hg/LeZ5vzkBqwfhm2YDnKsed2Mpiqu+4TaaqsA0IMJ0/6u
AWFqzvvK95kv2O41ntTqMbQPkVXZeIVa3lacYwNRMx1w9GcSjb0+Uuld/LMUEHzA
ZF7CM1GFWm2/rsoXpJpcfQ7o+5phwVETG6/z3u1yNeQw8yDvHlqUOE8w4jfpVAuP
7WEpY80DjoLbbNzIaVRwYXKlEKI2TwpcZswm2NRcoIE+yWAu9n+yzxgI7wk/mY0k
atb6mF+BKjOO1StYJ3NhDyzWYQtDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUvo1W
LYBI2j6UrNfPltnv1BYkedEwHwYDVR0jBBgwFoAUjQHYCOiXdFQ94i0NqEQ3js6o
u5swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4QUVBMjI4L2pRSFlD
T2lYZEZROTRpME5xRVEzanM2b3U1cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pRSFlDT2lYZEZROTRpME5xRVEzanM2b3U1cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4
QUVBMjI4L0FGNzgwOTJBMzMzQzExRURBNUE0MDhFOUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAULQAAIwDQYJKoZIhvcN
AQELBQADggEBAIRjIwzvYf2feDnykuC+T4OTeQVk0DcV08196tAO3EFE8dBTCNUp
BEDvuZUwNiiiNYFQH032cXT9WyeasouqB+PmUoFgD/dxbg6g7r9aTr1DE05ISPjW
RAZi6KEEzDfYiuojpC+GD43oNoubx5Sbde8wuaKDOcY1kYuuGdIczNp6ii5Ii2Qr
HyEjUnh7TutrnpxLc22ftccgfHy8Iun67Q+ZPzRIu03e4aFRFQfr+fsONPknWCLV
GnxAhA3LrTst0S+iHhTNeWFsbiC+O4Tb700ufCkYb2wWXeU0NOUNgmk1T7AcK/MR
MhyVq4BW/bw8Gfq4qasBxXuDtO3791L7reM=
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:02:08 2024 by rpki-client on console-ams.rpki-client.org