Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3645590/95C1A38A27F811EFA48126167DDC24C2/098CB55C27F911EF9DB4BD167DDC24C2.roa
File:                     098CB55C27F911EF9DB4BD167DDC24C2.roa (raw, json)
Hash identifier:          MnuSnmQB8rdokjiI++mFKj9UCdOQLKSSBfHFFf46+p0=
Subject key identifier:   92:A1:6A:1A:7F:9B:3D:4D:9C:BB:C6:0E:55:53:25:16:8F:5D:1C:EC
Certificate issuer:       /CN=F3645590AF/serialNumber=3DD57418676B56AB9DE56FAA80C278879BD945CE
Certificate serial:       02
Authority key identifier: 3D:D5:74:18:67:6B:56:AB:9D:E5:6F:AA:80:C2:78:87:9B:D9:45:CE
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PdV0GGdrVqud5W-qgMJ4h5vZRc4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3645590/95C1A38A27F811EFA48126167DDC24C2/098CB55C27F911EF9DB4BD167DDC24C2.roa
Signing time:             Tue 11 Jun 2024 13:46:43 +0000
ROA not before:           Tue 11 Jun 2024 13:46:34 +0000
ROA not after:            Wed 30 Jun 2027 13:46:34 +0000
asID:                     328596
IP address blocks:        2c0f:eba0::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3645590/95C1A38A27F811EFA48126167DDC24C2/PdV0GGdrVqud5W-qgMJ4h5vZRc4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3645590/95C1A38A27F811EFA48126167DDC24C2/PdV0GGdrVqud5W-qgMJ4h5vZRc4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PdV0GGdrVqud5W-qgMJ4h5vZRc4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3645590AF/serialNumber=3DD57418676B56AB9DE56FAA80C278879BD945CE
        Validity
            Not Before: Jun 11 13:46:34 2024 GMT
            Not After : Jun 30 13:46:34 2027 GMT
        Subject: CN=66685543-d55b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ec:5b:d6:55:4d:dc:a1:44:bb:cf:29:1d:2e:
                    b0:ca:1e:b4:c9:d7:da:fe:23:27:9d:c6:b8:90:bb:
                    5a:4a:88:64:b2:3a:05:c1:38:d8:81:47:d5:94:7f:
                    0c:63:48:96:27:ef:a6:39:cf:0c:53:aa:9f:e6:e5:
                    86:6d:c9:97:64:13:d3:3c:52:0c:6b:ed:24:3c:70:
                    c2:cb:98:f7:85:6b:0c:cd:c2:8f:a5:58:e9:30:04:
                    f0:17:48:0a:af:3d:84:5d:f6:9e:91:03:94:70:55:
                    8f:35:09:16:d4:67:e7:68:da:78:f5:ee:f8:69:35:
                    7c:58:29:fa:a3:63:8d:e0:18:21:0f:35:0a:a7:47:
                    b5:b6:9e:eb:9a:2c:0f:24:8c:9e:58:9a:97:13:f5:
                    94:78:07:10:89:3e:45:a3:26:f3:e5:fc:4f:4c:6d:
                    f0:c2:01:21:8c:9f:3c:73:e9:ef:03:40:3a:30:b0:
                    04:08:44:3e:bd:c5:bc:ea:4a:aa:92:b2:74:ac:a3:
                    b5:c1:6a:0c:8c:90:d1:49:2b:58:04:d4:2e:c0:cc:
                    74:34:62:5e:81:93:fe:87:94:cd:3a:fd:01:59:05:
                    ac:ab:a2:df:dd:f1:0d:9f:a2:bc:e2:12:46:46:c9:
                    79:d6:79:5f:92:bd:d5:ea:e3:03:fe:7f:04:8a:fd:
                    bb:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:A1:6A:1A:7F:9B:3D:4D:9C:BB:C6:0E:55:53:25:16:8F:5D:1C:EC
            X509v3 Authority Key Identifier:
                keyid:3D:D5:74:18:67:6B:56:AB:9D:E5:6F:AA:80:C2:78:87:9B:D9:45:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3645590/95C1A38A27F811EFA48126167DDC24C2/PdV0GGdrVqud5W-qgMJ4h5vZRc4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PdV0GGdrVqud5W-qgMJ4h5vZRc4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3645590/95C1A38A27F811EFA48126167DDC24C2/098CB55C27F911EF9DB4BD167DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:eba0::/32

    Signature Algorithm: sha256WithRSAEncryption
         25:4d:01:b8:a9:d8:94:85:da:ae:79:94:97:2e:af:f9:94:0e:
         f1:e2:98:94:69:14:d1:3b:68:04:4a:3e:45:ce:d2:7c:02:ed:
         4e:ff:f8:7c:d9:11:80:82:71:5b:9c:a2:66:c8:5b:16:1e:bc:
         95:05:3a:95:86:d7:51:47:99:1e:4b:74:ef:72:12:1d:2b:90:
         5b:50:b2:f6:d7:35:24:c5:55:e6:73:7a:69:e0:26:0f:50:1a:
         1d:9c:d4:08:fc:17:48:b1:02:4f:ff:cc:fb:89:c8:c1:ea:04:
         63:33:62:64:3f:40:de:56:1b:d8:a9:3c:0c:94:4c:b5:c8:6b:
         4e:89:14:bc:f8:99:b3:d1:d5:44:ef:07:cc:1c:5b:bd:01:42:
         9f:13:00:ac:e2:76:13:b4:15:30:71:19:6f:c5:c8:d3:97:5f:
         de:e9:26:40:1a:69:6b:6f:28:12:5c:0d:d7:08:df:ec:e0:ff:
         90:ad:1a:e4:a2:9d:76:16:c1:be:8a:54:32:56:03:75:2e:b6:
         e8:82:82:ad:8a:fc:d7:fe:84:91:0d:f8:c9:4d:ea:2d:af:21:
         a7:44:ba:24:f1:d3:a0:3f:39:31:f2:30:ad:c2:96:80:3a:9c:
         c9:0a:71:80:95:57:a1:bc:3d:82:6f:8c:5c:3f:9c:4a:8a:39:
         9e:11:4f:4f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
NTU5MEFGMTEwLwYDVQQFEygzREQ1NzQxODY3NkI1NkFCOURFNTZGQUE4MEMyNzg4
NzlCRDk0NUNFMB4XDTI0MDYxMTEzNDYzNFoXDTI3MDYzMDEzNDYzNFowGDEWMBQG
A1UEAxMNNjY2ODU1NDMtZDU1YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfsW9ZVTdyhRLvPKR0usMoetMnX2v4jJ53GuJC7WkqIZLI6BcE42IFH1ZR/
DGNIlifvpjnPDFOqn+blhm3Jl2QT0zxSDGvtJDxwwsuY94VrDM3Cj6VY6TAE8BdI
Cq89hF32npEDlHBVjzUJFtRn52jaePXu+Gk1fFgp+qNjjeAYIQ81CqdHtbae65os
DySMnlialxP1lHgHEIk+RaMm8+X8T0xt8MIBIYyfPHPp7wNAOjCwBAhEPr3FvOpK
qpKydKyjtcFqDIyQ0UkrWATULsDMdDRiXoGT/oeUzTr9AVkFrKui393xDZ+ivOIS
RkbJedZ5X5K91erjA/5/BIr9u68CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBSSoWoa
f5s9TZy7xg5VUyUWj10c7DAfBgNVHSMEGDAWgBQ91XQYZ2tWq53lb6qAwniHm9lF
zjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDU1OTAvOTVDMUEzOEEyN0Y4MTFFRkE0ODEyNjE2N0REQzI0QzIvUGRWMEdH
ZHJWcXVkNVctcWdNSjRoNXZaUmM0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUGRWMEdHZHJWcXVkNVctcWdNSjRoNXZaUmM0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDU1OTAvOTVDMUEzOEEyN0Y4MTFFRkE0ODEyNjE2N0RE
QzI0QzIvMDk4Q0I1NUMyN0Y5MTFFRjlEQjRCRDE2N0REQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP66AwDQYJKoZIhvcNAQEL
BQADggEBACVNAbip2JSF2q55lJcur/mUDvHimJRpFNE7aARKPkXO0nwC7U7/+HzZ
EYCCcVucombIWxYevJUFOpWG11FHmR5LdO9yEh0rkFtQsvbXNSTFVeZzemngJg9Q
Gh2c1Aj8F0ixAk//zPuJyMHqBGMzYmQ/QN5WG9ipPAyUTLXIa06JFLz4mbPR1UTv
B8wcW70BQp8TAKzidhO0FTBxGW/FyNOXX97pJkAaaWtvKBJcDdcI3+zg/5CtGuSi
nXYWwb6KVDJWA3UutuiCgq2K/Nf+hJEN+MlN6i2vIadEuiTx06A/OTHyMK3CloA6
nMkKcYCVV6G8PYJvjFw/nEqKOZ4RT08=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org