Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/4B8EEDB40A2F11EEA86653594AD9E6FC.roa
File:                     4B8EEDB40A2F11EEA86653594AD9E6FC.roa (raw, json)
Hash identifier:          XtlDMiWVbKF1PyU7Dxovz8F8BLVHU9h4HjWuTp4MLtA=
Subject key identifier:   86:8E:01:8D:44:27:3C:45:C3:15:DF:1B:0B:4D:3D:16:E8:91:34:8A
Certificate issuer:       /CN=F364C329AF/serialNumber=ED7665290D13123EBD2C11CF087D83FF50CB724F
Certificate serial:       0D
Authority key identifier: ED:76:65:29:0D:13:12:3E:BD:2C:11:CF:08:7D:83:FF:50:CB:72:4F
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/7XZlKQ0TEj69LBHPCH2D_1DLck8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/4B8EEDB40A2F11EEA86653594AD9E6FC.roa
Signing time:             Tue 13 Jun 2023 21:14:34 +0000
ROA not before:           Wed 14 Jun 2023 21:14:29 +0000
ROA not after:            Fri 31 Dec 2049 21:14:29 +0000
asID:                     328858
IP address blocks:        2c0f:b40::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/7XZlKQ0TEj69LBHPCH2D_1DLck8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/7XZlKQ0TEj69LBHPCH2D_1DLck8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/7XZlKQ0TEj69LBHPCH2D_1DLck8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13 (0xd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F364C329AF/serialNumber=ED7665290D13123EBD2C11CF087D83FF50CB724F
        Validity
            Not Before: Jun 14 21:14:29 2023 GMT
            Not After : Dec 31 21:14:29 2049 GMT
        Subject: CN=6488dc3a-a39f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:53:76:3b:9f:e1:0a:4d:53:84:44:56:8c:34:
                    c7:68:35:6a:a6:f2:ce:ec:2d:a0:fd:54:d2:e8:53:
                    7a:2e:c3:d5:9c:06:ca:5d:e1:2d:dc:31:34:44:68:
                    5f:83:55:e4:0b:e8:1c:a9:f2:ad:4b:82:1f:6b:d7:
                    f5:1b:ae:53:db:f4:ba:0a:fe:92:39:5f:a3:b6:5b:
                    6f:95:8d:ba:b5:f7:48:de:a1:45:b1:8d:0d:5d:85:
                    44:dd:32:e9:64:46:2e:74:89:a3:c1:ef:b3:68:f4:
                    9a:f5:8e:3c:f2:54:81:c3:b0:7b:6f:e0:22:f8:48:
                    75:c6:9e:4b:26:4c:fd:be:4a:a6:b6:c5:de:5a:e5:
                    2d:86:25:a6:5c:cd:df:ff:20:f3:4c:15:41:89:61:
                    37:3f:4d:c9:d9:3e:21:af:a7:1c:5f:c5:33:6c:b1:
                    75:ad:63:f1:93:18:38:87:8c:54:d7:bc:c2:78:5a:
                    3c:d3:99:08:eb:26:f4:c3:8b:55:ab:a7:8d:79:9e:
                    3f:ff:1b:dc:00:0d:1d:3f:69:c2:13:cf:ec:6b:aa:
                    40:71:81:f4:95:aa:41:97:e2:a8:19:7a:b6:3f:fc:
                    4c:ff:69:e7:51:a4:df:31:76:a1:ba:fb:96:ee:ed:
                    28:9a:ec:c7:7f:0b:99:b9:96:98:ea:92:ce:a1:67:
                    d9:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:8E:01:8D:44:27:3C:45:C3:15:DF:1B:0B:4D:3D:16:E8:91:34:8A
            X509v3 Authority Key Identifier:
                keyid:ED:76:65:29:0D:13:12:3E:BD:2C:11:CF:08:7D:83:FF:50:CB:72:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/7XZlKQ0TEj69LBHPCH2D_1DLck8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/7XZlKQ0TEj69LBHPCH2D_1DLck8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364C329/E383A4E0048D11EEA39B4C6A4AD9E6FC/4B8EEDB40A2F11EEA86653594AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:b40::/32

    Signature Algorithm: sha256WithRSAEncryption
         43:e7:5c:1d:66:b8:5f:95:c8:8a:0a:99:60:7b:b0:c2:59:f7:
         4c:86:bd:c7:e6:f4:16:c8:61:b6:c5:d3:d7:8a:11:e4:b9:16:
         ef:e6:fc:92:b8:e9:47:fc:56:70:2b:ce:cd:89:02:ba:58:d5:
         ca:bd:6b:c0:3c:5c:24:16:7a:e3:93:dd:33:a7:4a:cb:7f:ea:
         31:3f:f0:45:40:70:23:f6:7e:60:35:3d:9a:7f:d6:24:05:a9:
         04:87:59:04:c2:dd:5f:b8:0b:35:4b:0a:13:bb:d7:eb:fd:01:
         3b:07:4f:9f:4c:e6:ee:38:71:36:ca:da:d2:ac:bc:69:59:44:
         5e:4f:41:ef:7f:9c:47:51:4c:b1:c0:4c:1c:6a:68:5d:fb:f7:
         e5:02:a1:1b:d9:e2:ed:1b:c9:0a:92:e7:3d:bb:dd:c9:8e:87:
         ff:e3:d8:80:9c:94:04:3d:34:10:8d:4e:53:32:99:12:ba:df:
         d6:22:a1:29:3d:86:3a:cc:e3:9d:c7:1f:b0:15:a3:cd:b8:ad:
         73:66:bd:c3:44:88:96:71:91:f4:58:c4:b0:5b:a9:42:0e:1c:
         3e:cd:4d:ca:cc:d1:87:c2:61:4e:50:49:88:5e:64:0d:20:29:
         83:22:23:c6:39:03:d0:67:e5:6a:c6:66:a8:44:35:50:f5:06:
         e0:bc:de:6d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBDTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
QzMyOUFGMTEwLwYDVQQFEyhFRDc2NjUyOTBEMTMxMjNFQkQyQzExQ0YwODdEODNG
RjUwQ0I3MjRGMB4XDTIzMDYxNDIxMTQyOVoXDTQ5MTIzMTIxMTQyOVowGDEWMBQG
A1UEAxMNNjQ4OGRjM2EtYTM5ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOlTdjuf4QpNU4REVow0x2g1aqbyzuwtoP1U0uhTei7D1ZwGyl3hLdwxNERo
X4NV5AvoHKnyrUuCH2vX9RuuU9v0ugr+kjlfo7Zbb5WNurX3SN6hRbGNDV2FRN0y
6WRGLnSJo8Hvs2j0mvWOPPJUgcOwe2/gIvhIdcaeSyZM/b5KprbF3lrlLYYlplzN
3/8g80wVQYlhNz9Nydk+Ia+nHF/FM2yxda1j8ZMYOIeMVNe8wnhaPNOZCOsm9MOL
VaunjXmeP/8b3AANHT9pwhPP7GuqQHGB9JWqQZfiqBl6tj/8TP9p51Gk3zF2obr7
lu7tKJrsx38LmbmWmOqSzqFn2b0CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBSGjgGN
RCc8RcMV3xsLTT0W6JE0ijAfBgNVHSMEGDAWgBTtdmUpDRMSPr0sEc8IfYP/UMty
TzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NEMzMjkvRTM4M0E0RTAwNDhEMTFFRUEzOUI0QzZBNEFEOUU2RkMvN1habEtR
MFRFajY5TEJIUENIMkRfMURMY2s4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvN1habEtRMFRFajY5TEJIUENIMkRfMURMY2s4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NEMzMjkvRTM4M0E0RTAwNDhEMTFFRUEzOUI0QzZBNEFE
OUU2RkMvNEI4RUVEQjQwQTJGMTFFRUE4NjY1MzU5NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPC0AwDQYJKoZIhvcNAQEL
BQADggEBAEPnXB1muF+VyIoKmWB7sMJZ90yGvcfm9BbIYbbF09eKEeS5Fu/m/JK4
6Uf8VnArzs2JArpY1cq9a8A8XCQWeuOT3TOnSst/6jE/8EVAcCP2fmA1PZp/1iQF
qQSHWQTC3V+4CzVLChO71+v9ATsHT59M5u44cTbK2tKsvGlZRF5PQe9/nEdRTLHA
TBxqaF379+UCoRvZ4u0byQqS5z273cmOh//j2ICclAQ9NBCNTlMymRK639YioSk9
hjrM453HH7AVo824rXNmvcNEiJZxkfRYxLBbqUIOHD7NTcrM0YfCYU5QSYheZA0g
KYMiI8Y5A9Bn5WrGZqhENVD1BuC83m0=
-----END CERTIFICATE-----
Generated at Sun Nov 24 03:17:54 2024 by rpki-client on console-ams.rpki-client.org