Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/E7D5B60A565C11EBA0010685F8AEA228.roa
File:                     E7D5B60A565C11EBA0010685F8AEA228.roa (raw, json)
Hash identifier:          9moA2uR4O6SXo/cDdVAmYzRLzT5s7TKI9d7SrqHCCDw=
Subject key identifier:   4B:BD:E5:BC:C1:76:B1:3E:49:A5:7A:FF:25:C4:43:75:F4:E8:A8:AB
Certificate issuer:       /CN=F363AFA1AF/serialNumber=8F8C0979F73CE852DB9A4B81F79511C42F9D1B33
Certificate serial:       0105
Authority key identifier: 8F:8C:09:79:F7:3C:E8:52:DB:9A:4B:81:F7:95:11:C4:2F:9D:1B:33
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/j4wJefc86FLbmkuB95URxC-dGzM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/E7D5B60A565C11EBA0010685F8AEA228.roa
Signing time:             Thu 14 Jan 2021 11:37:40 +0000
ROA not before:           Thu 14 Jan 2021 11:37:33 +0000
ROA not after:            Tue 14 Jan 2031 11:37:33 +0000
asID:                     20459
IP address blocks:        2c0f:ef08::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/j4wJefc86FLbmkuB95URxC-dGzM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/j4wJefc86FLbmkuB95URxC-dGzM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/j4wJefc86FLbmkuB95URxC-dGzM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 261 (0x105)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363AFA1AF/serialNumber=8F8C0979F73CE852DB9A4B81F79511C42F9D1B33
        Validity
            Not Before: Jan 14 11:37:33 2021 GMT
            Not After : Jan 14 11:37:33 2031 GMT
        Subject: CN=60002d03-1149
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a3:bc:62:84:8c:fe:06:4b:85:b4:75:df:95:
                    44:11:52:f1:1e:3f:c1:28:0c:7b:fe:d5:a5:7a:8c:
                    c0:5c:55:e9:c3:29:b9:46:87:bf:99:ed:e3:04:4b:
                    88:26:01:96:19:40:9a:ab:a9:4a:78:70:9f:c5:4b:
                    3e:7a:35:b5:5b:0c:67:40:73:22:02:cd:ba:4d:3f:
                    23:12:8f:48:28:22:cd:60:af:91:5c:4c:1f:4e:e8:
                    0d:38:0a:91:d5:56:03:7b:cf:2c:3b:84:33:d7:62:
                    f9:23:16:15:ee:cc:46:d8:91:6f:4c:22:8b:52:12:
                    80:5f:47:1e:d9:08:30:16:6f:e8:7f:a2:1f:54:aa:
                    04:25:2f:04:d2:70:08:de:e7:2f:d2:0c:18:e2:ca:
                    cf:90:a2:aa:3c:cf:e0:31:14:34:9b:b9:62:e4:91:
                    65:4b:16:e6:cf:13:c4:14:43:c5:cf:26:70:f4:88:
                    5b:8e:b1:c0:54:43:68:31:af:6f:59:a2:57:3b:bf:
                    e7:a9:ea:25:76:1b:d2:a6:85:22:5b:8a:bd:21:87:
                    d6:6d:d7:29:21:cc:c8:73:1d:40:d8:c2:98:bb:b9:
                    17:83:f1:ee:14:a5:c0:8d:e8:f4:f3:45:b6:63:13:
                    ca:49:15:2b:c9:80:d9:3d:49:b7:0b:2b:9a:30:89:
                    fe:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:BD:E5:BC:C1:76:B1:3E:49:A5:7A:FF:25:C4:43:75:F4:E8:A8:AB
            X509v3 Authority Key Identifier:
                keyid:8F:8C:09:79:F7:3C:E8:52:DB:9A:4B:81:F7:95:11:C4:2F:9D:1B:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/j4wJefc86FLbmkuB95URxC-dGzM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/j4wJefc86FLbmkuB95URxC-dGzM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363AFA1/8FD2877E950C11EA8189FA61F8AEA228/E7D5B60A565C11EBA0010685F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:ef08::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:8c:cc:d4:fb:9c:c5:44:20:1a:39:3a:78:b2:1b:f2:e3:8d:
         0d:03:6c:c8:73:0b:ea:14:f8:61:f2:a7:16:bb:ef:ca:32:a2:
         c7:45:5d:85:2f:9f:3e:84:87:df:12:40:29:8a:ef:87:ab:da:
         c3:fd:36:f1:2f:b7:96:9b:1d:44:f1:e9:a8:a9:14:46:bb:0c:
         9f:89:39:8f:a2:ef:1c:3b:4d:24:80:7f:dc:e0:66:31:f3:ad:
         06:41:f5:95:ed:e5:23:d2:b4:55:32:f0:0c:24:95:f9:65:9c:
         f9:22:81:30:20:0d:fe:1c:15:6d:aa:2c:e0:59:c5:6f:0a:1e:
         88:09:f9:32:09:79:46:18:40:85:d6:c5:31:38:6a:ee:c8:c3:
         6d:75:18:a3:f2:75:ad:58:ff:55:1a:ee:56:8d:d7:34:0c:f0:
         a4:8b:28:a6:5b:cc:8b:ee:6d:0e:f2:a5:d4:b9:92:7d:44:ec:
         47:07:ac:37:45:5e:f1:3b:7f:9d:d8:f8:ae:48:f5:78:70:ac:
         2a:df:0f:b4:f4:76:18:01:38:47:fe:46:32:6c:d4:13:6f:a3:
         8b:ac:f3:9b:a9:53:7f:70:19:ce:41:7d:52:b0:be:74:f5:06:
         e3:9e:33:84:0f:d3:23:8e:77:15:6a:c4:72:1a:e0:28:1b:f9:
         03:98:84:12
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAQUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0FGQTFBRjExMC8GA1UEBRMoOEY4QzA5NzlGNzNDRTg1MkRCOUE0QjgxRjc5NTEx
QzQyRjlEMUIzMzAeFw0yMTAxMTQxMTM3MzNaFw0zMTAxMTQxMTM3MzNaMBgxFjAU
BgNVBAMTDTYwMDAyZDAzLTExNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDo7xihIz+BkuFtHXflUQRUvEeP8EoDHv+1aV6jMBcVenDKblGh7+Z7eME
S4gmAZYZQJqrqUp4cJ/FSz56NbVbDGdAcyICzbpNPyMSj0goIs1gr5FcTB9O6A04
CpHVVgN7zyw7hDPXYvkjFhXuzEbYkW9MIotSEoBfRx7ZCDAWb+h/oh9UqgQlLwTS
cAje5y/SDBjiys+Qoqo8z+AxFDSbuWLkkWVLFubPE8QUQ8XPJnD0iFuOscBUQ2gx
r29Zolc7v+ep6iV2G9KmhSJbir0hh9Zt1ykhzMhzHUDYwpi7uReD8e4UpcCN6PTz
RbZjE8pJFSvJgNk9SbcLK5owif4/AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUS73l
vMF2sT5JpXr/JcRDdfToqKswHwYDVR0jBBgwFoAUj4wJefc86FLbmkuB95URxC+d
GzMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNBRkExLzhGRDI4NzdFOTUwQzExRUE4MTg5RkE2MUY4QUVBMjI4L2o0d0pl
ZmM4NkZMYm1rdUI5NVVSeEMtZEd6TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2o0d0plZmM4NkZMYm1rdUI5NVVSeEMtZEd6TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNBRkExLzhGRDI4NzdFOTUwQzExRUE4MTg5RkE2MUY4
QUVBMjI4L0U3RDVCNjBBNTY1QzExRUJBMDAxMDY4NUY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD+8IMA0GCSqGSIb3DQEB
CwUAA4IBAQCMjMzU+5zFRCAaOTp4shvy440NA2zIcwvqFPhh8qcWu+/KMqLHRV2F
L58+hIffEkApiu+Hq9rD/TbxL7eWmx1E8emoqRRGuwyfiTmPou8cO00kgH/c4GYx
860GQfWV7eUj0rRVMvAMJJX5ZZz5IoEwIA3+HBVtqizgWcVvCh6ICfkyCXlGGECF
1sUxOGruyMNtdRij8nWtWP9VGu5Wjdc0DPCkiyimW8yL7m0O8qXUuZJ9ROxHB6w3
RV7xO3+d2PiuSPV4cKwq3w+09HYYAThH/kYybNQTb6OLrPObqVN/cBnOQX1SsL50
9QbjnjOED9MjjncVasRyGuAoG/kDmIQS
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:33 2024 by rpki-client on console-ams.rpki-client.org