Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/0F114F527ACF11EDAC6D79A5F1222468.roa
File:                     0F114F527ACF11EDAC6D79A5F1222468.roa (raw, json)
Hash identifier:          46X5epXs0VFCJD66bt/bhtHNaIaecq5dD1lqndSuoV0=
Subject key identifier:   C5:1E:4C:72:0B:64:16:4C:C4:F5:C1:DB:5C:C5:18:23:4B:77:34:1F
Certificate issuer:       /CN=F36455FBAF/serialNumber=4462A2E3D1536684A6AD23280CFDA18585BA46E8
Certificate serial:       3F
Authority key identifier: 44:62:A2:E3:D1:53:66:84:A6:AD:23:28:0C:FD:A1:85:85:BA:46:E8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/RGKi49FTZoSmrSMoDP2hhYW6Rug.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/0F114F527ACF11EDAC6D79A5F1222468.roa
Signing time:             Tue 13 Dec 2022 10:15:25 +0000
ROA not before:           Tue 13 Dec 2022 10:15:21 +0000
ROA not after:            Wed 31 Dec 2025 10:15:21 +0000
asID:                     328785
IP address blocks:        2c0f:5980::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/RGKi49FTZoSmrSMoDP2hhYW6Rug.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/RGKi49FTZoSmrSMoDP2hhYW6Rug.mft
                          rsync://rpki.afrinic.net/repository/afrinic/RGKi49FTZoSmrSMoDP2hhYW6Rug.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63 (0x3f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36455FBAF/serialNumber=4462A2E3D1536684A6AD23280CFDA18585BA46E8
        Validity
            Not Before: Dec 13 10:15:21 2022 GMT
            Not After : Dec 31 10:15:21 2025 GMT
        Subject: CN=639850bd-c8f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:1c:ad:8e:26:f9:b2:b9:e9:1c:d4:5e:55:7e:
                    7a:8d:10:f0:ab:0e:c8:bd:4c:d6:57:d1:d4:79:8b:
                    42:3a:4c:15:42:77:a8:79:09:29:8d:bc:5d:f5:7a:
                    7a:bf:8f:37:20:02:0a:21:ec:d3:32:ca:8b:1e:f0:
                    e6:d3:06:e9:63:77:dd:19:ac:b7:a3:ae:4a:58:bc:
                    f7:11:d7:27:4e:88:6a:89:f6:aa:bc:56:f6:b5:7d:
                    64:19:d1:18:a1:bc:db:fa:1b:49:12:fe:44:e9:ce:
                    a0:4a:01:47:59:f3:53:9e:92:9c:9d:bf:48:e4:39:
                    33:a9:b1:19:a2:29:72:41:b9:33:e8:a8:6b:71:e5:
                    31:e8:fd:0f:ff:50:38:bb:8b:54:24:83:ac:8c:b1:
                    03:41:2d:b1:7f:ac:4f:d4:1e:e2:06:ec:ad:1a:20:
                    ea:af:fa:74:b1:bf:84:33:39:44:53:a3:bb:4d:ec:
                    88:8f:6c:7b:d4:eb:e1:1a:6c:b6:e5:47:8d:ad:48:
                    63:8d:21:e1:04:89:a4:50:b4:6e:59:3c:a6:26:d7:
                    75:80:40:84:37:86:b8:5f:86:b7:7a:b4:ee:ee:70:
                    8a:ca:9d:53:e3:c7:c7:a9:5f:65:4f:f9:52:c9:69:
                    d4:ac:73:78:5a:a7:56:eb:bc:4d:9a:41:cc:6d:e8:
                    da:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:1E:4C:72:0B:64:16:4C:C4:F5:C1:DB:5C:C5:18:23:4B:77:34:1F
            X509v3 Authority Key Identifier:
                keyid:44:62:A2:E3:D1:53:66:84:A6:AD:23:28:0C:FD:A1:85:85:BA:46:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/RGKi49FTZoSmrSMoDP2hhYW6Rug.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RGKi49FTZoSmrSMoDP2hhYW6Rug.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36455FB/157D54F455CB11ED97DF9691F1222468/0F114F527ACF11EDAC6D79A5F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:5980::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:eb:e3:9d:6f:72:be:40:24:a0:4a:f3:fd:35:27:ff:b3:fe:
         d8:7b:fd:43:79:d0:08:15:ef:32:30:b7:68:c4:5a:40:ed:bf:
         bc:69:02:7f:12:5d:1c:41:8c:79:2e:b3:e6:0a:e8:2d:6a:bf:
         65:ea:4d:a8:d0:b8:02:1f:0c:8d:2d:20:88:87:b1:36:65:01:
         0e:f7:8d:fd:ff:9e:93:70:8a:83:4a:ee:05:2d:39:28:e9:a7:
         19:73:f2:36:c7:bf:26:57:2a:fc:8a:3b:c7:dd:24:82:ef:ae:
         ac:f9:63:fe:71:01:55:bf:69:ef:70:ef:ab:a7:9c:40:8c:3e:
         30:06:3b:db:1d:8f:ce:05:26:1e:8a:97:93:d7:87:75:ef:7c:
         55:f6:0a:1d:f0:b3:9a:f6:43:00:bb:44:56:30:91:82:55:46:
         51:1e:cc:94:14:94:c4:14:e2:8a:78:de:23:04:32:13:27:7d:
         92:a6:d9:fd:59:4f:a6:e9:02:9a:4a:ad:51:f0:12:98:9d:c9:
         12:ae:ae:30:57:73:be:f6:92:aa:07:5a:77:b1:ed:99:22:64:
         91:21:f8:d3:ef:a6:62:d2:37:fa:c4:0b:65:93:85:db:82:f9:
         ce:82:82:ba:5e:d8:78:99:13:57:2c:b4:4c:69:ef:32:73:0d:
         78:95:68:e0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBPzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
NTVGQkFGMTEwLwYDVQQFEyg0NDYyQTJFM0QxNTM2Njg0QTZBRDIzMjgwQ0ZEQTE4
NTg1QkE0NkU4MB4XDTIyMTIxMzEwMTUyMVoXDTI1MTIzMTEwMTUyMVowGDEWMBQG
A1UEAwwNNjM5ODUwYmQtYzhmMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANocrY4m+bK56RzUXlV+eo0Q8KsOyL1M1lfR1HmLQjpMFUJ3qHkJKY28XfV6
er+PNyACCiHs0zLKix7w5tMG6WN33Rmst6OuSli89xHXJ06Iaon2qrxW9rV9ZBnR
GKG82/obSRL+ROnOoEoBR1nzU56SnJ2/SOQ5M6mxGaIpckG5M+ioa3HlMej9D/9Q
OLuLVCSDrIyxA0EtsX+sT9Qe4gbsrRog6q/6dLG/hDM5RFOju03siI9se9Tr4Rps
tuVHja1IY40h4QSJpFC0blk8pibXdYBAhDeGuF+Gt3q07u5wisqdU+PHx6lfZU/5
Uslp1KxzeFqnVuu8TZpBzG3o2rcCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBTFHkxy
C2QWTMT1wdtcxRgjS3c0HzAfBgNVHSMEGDAWgBREYqLj0VNmhKatIygM/aGFhbpG
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDU1RkIvMTU3RDU0RjQ1NUNCMTFFRDk3REY5NjkxRjEyMjI0NjgvUkdLaTQ5
RlRab1NtclNNb0RQMmhoWVc2UnVnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUkdLaTQ5RlRab1NtclNNb0RQMmhoWVc2UnVnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDU1RkIvMTU3RDU0RjQ1NUNCMTFFRDk3REY5NjkxRjEy
MjI0NjgvMEYxMTRGNTI3QUNGMTFFREFDNkQ3OUE1RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPWYAwDQYJKoZIhvcNAQEL
BQADggEBAIzr451vcr5AJKBK8/01J/+z/th7/UN50AgV7zIwt2jEWkDtv7xpAn8S
XRxBjHkus+YK6C1qv2XqTajQuAIfDI0tIIiHsTZlAQ73jf3/npNwioNK7gUtOSjp
pxlz8jbHvyZXKvyKO8fdJILvrqz5Y/5xAVW/ae9w76unnECMPjAGO9sdj84FJh6K
l5PXh3XvfFX2Ch3ws5r2QwC7RFYwkYJVRlEezJQUlMQU4op43iMEMhMnfZKm2f1Z
T6bpAppKrVHwEpidyRKurjBXc772kqoHWnex7ZkiZJEh+NPvpmLSN/rEC2WThduC
+c6Cgrpe2HiZE1cstExp7zJzDXiVaOA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org