Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/08DDC9D85DDE11EE97117A164AD9E6FC.roa
File:                     08DDC9D85DDE11EE97117A164AD9E6FC.roa (raw, json)
Hash identifier:          YTPBR2O7UMDxBF3Dv5l5lllDC58HOmSCof2QHjhKZws=
Subject key identifier:   06:41:C5:C4:4C:0A:68:58:69:7A:3A:BD:A2:A7:01:BB:1B:47:45:6D
Certificate issuer:       /CN=F36549B1AF/serialNumber=9F17383EB667E547BA00CFB7F914F4284C5849CC
Certificate serial:       0BCA
Authority key identifier: 9F:17:38:3E:B6:67:E5:47:BA:00:CF:B7:F9:14:F4:28:4C:58:49:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/08DDC9D85DDE11EE97117A164AD9E6FC.roa
Signing time:             Thu 28 Sep 2023 09:04:31 +0000
ROA not before:           Thu 28 Sep 2023 09:04:28 +0000
ROA not after:            Wed 01 Dec 2049 09:04:28 +0000
asID:                     0
IP address blocks:        2001:43f8:1f2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:06:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3018 (0xbca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36549B1AF/serialNumber=9F17383EB667E547BA00CFB7F914F4284C5849CC
        Validity
            Not Before: Sep 28 09:04:28 2023 GMT
            Not After : Dec  1 09:04:28 2049 GMT
        Subject: CN=6515419f-4c42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:17:9c:41:c3:ae:95:7a:4c:4e:7e:67:9a:54:
                    30:6f:7a:22:a8:79:a6:91:f0:90:c0:2f:32:dc:3a:
                    3f:55:2e:2a:61:84:ac:7c:e8:0c:b4:ca:50:6e:0f:
                    28:44:f9:f5:bf:f9:aa:59:45:a5:c1:0a:f6:06:84:
                    81:73:e6:00:60:b6:f3:e6:34:e3:ff:14:55:f7:8e:
                    30:cb:0d:e7:53:97:8c:32:ee:9b:1f:c1:ef:f2:7a:
                    a6:94:71:4a:fa:33:79:7b:25:39:8d:b6:71:4a:16:
                    a6:b1:e6:89:b1:f2:3b:b1:62:fc:63:f6:ac:99:13:
                    56:34:b8:70:fa:0a:a9:a5:fe:c3:8d:1a:b3:23:89:
                    40:db:7c:b0:bb:01:bc:03:d8:17:83:a2:f3:18:ab:
                    49:2c:90:c4:68:d2:37:ef:04:ea:e8:c5:fb:54:84:
                    5b:22:cc:29:5f:91:31:03:90:e2:a3:66:46:49:a0:
                    ee:23:d8:f9:8c:7a:20:c5:cc:6f:b1:c2:5e:d7:c3:
                    07:8e:67:6a:75:9b:2b:9d:0e:33:60:7a:da:72:a1:
                    f1:32:0f:f4:bb:47:86:bb:9f:8e:ac:f1:28:28:6b:
                    13:8f:3e:5d:f2:33:fe:f3:a4:42:fa:8a:7a:eb:52:
                    85:3c:6e:6e:56:f5:d6:40:15:fe:0d:d0:d3:75:e7:
                    c7:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:41:C5:C4:4C:0A:68:58:69:7A:3A:BD:A2:A7:01:BB:1B:47:45:6D
            X509v3 Authority Key Identifier:
                keyid:9F:17:38:3E:B6:67:E5:47:BA:00:CF:B7:F9:14:F4:28:4C:58:49:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/08DDC9D85DDE11EE97117A164AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:43f8:1f2::/48

    Signature Algorithm: sha256WithRSAEncryption
         11:d6:f3:86:d0:ce:20:4d:1c:19:01:24:16:8f:4d:1c:aa:04:
         bb:80:c8:5b:f0:b5:fa:d1:62:94:b7:81:b0:4b:15:bb:0a:1c:
         c1:ac:a8:00:5c:9d:a3:d1:3c:58:ff:02:d4:99:0e:b3:6f:fb:
         a7:eb:ec:f5:6b:54:4c:42:29:99:c5:da:01:92:2b:3b:07:a1:
         99:18:da:10:9b:f8:ae:8a:7e:c2:4c:6e:4a:03:71:30:86:43:
         07:40:94:38:1d:98:15:9e:fb:d4:b0:3d:be:31:17:d6:d7:c7:
         8c:69:73:95:c2:1d:78:00:8e:cf:a0:7f:fd:21:93:0b:18:59:
         20:7f:f5:6a:c5:79:8a:78:ae:70:3d:6d:ee:e8:45:b3:8f:c0:
         a4:2d:b1:16:2f:da:a5:e7:b6:1e:8e:c4:ea:7d:9c:ee:f0:c1:
         eb:ba:a3:38:c1:fd:57:3a:1f:a3:0d:17:bc:fb:66:9a:56:3c:
         ef:8b:9f:73:6b:11:5f:b7:5d:54:56:00:67:50:fc:f1:9b:4f:
         dc:42:e5:17:e7:74:3a:59:29:54:d6:ad:5c:a9:2a:06:87:2c:
         d2:75:8b:78:2f:26:ae:ca:30:02:a8:23:ef:0c:14:de:af:50:
         65:6c:1f:07:21:d7:2d:7b:5f:09:dd:55:0e:14:e7:80:b4:60:
         f9:b5:ea:df
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICC8owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTQ5QjFBRjExMC8GA1UEBRMoOUYxNzM4M0VCNjY3RTU0N0JBMDBDRkI3RjkxNEY0
Mjg0QzU4NDlDQzAeFw0yMzA5MjgwOTA0MjhaFw00OTEyMDEwOTA0MjhaMBgxFjAU
BgNVBAMTDTY1MTU0MTlmLTRjNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkF5xBw66VekxOfmeaVDBveiKoeaaR8JDALzLcOj9VLiphhKx86Ay0ylBu
DyhE+fW/+apZRaXBCvYGhIFz5gBgtvPmNOP/FFX3jjDLDedTl4wy7psfwe/yeqaU
cUr6M3l7JTmNtnFKFqax5omx8juxYvxj9qyZE1Y0uHD6Cqml/sONGrMjiUDbfLC7
AbwD2BeDovMYq0kskMRo0jfvBOroxftUhFsizClfkTEDkOKjZkZJoO4j2PmMeiDF
zG+xwl7XwweOZ2p1myudDjNgetpyofEyD/S7R4a7n46s8SgoaxOPPl3yM/7zpEL6
inrrUoU8bm5W9dZAFf4N0NN158ehAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUBkHF
xEwKaFhpejq9oqcBuxtHRW0wHwYDVR0jBBgwFoAUnxc4PrZn5Ue6AM+3+RT0KExY
ScwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU0OUIxL0RGNzg4Qzk4NTYxMzExRTVCMUEwRTM2MEY4QUVBMjI4L254YzRQ
clpuNVVlNkFNLTMtUlQwS0V4WVNjdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL254YzRQclpuNVVlNkFNLTMtUlQwS0V4WVNjdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU0OUIxL0RGNzg4Qzk4NTYxMzExRTVCMUEwRTM2MEY4
QUVBMjI4LzA4RERDOUQ4NURERTExRUU5NzExN0ExNjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAUP4AfIwDQYJKoZIhvcN
AQELBQADggEBABHW84bQziBNHBkBJBaPTRyqBLuAyFvwtfrRYpS3gbBLFbsKHMGs
qABcnaPRPFj/AtSZDrNv+6fr7PVrVExCKZnF2gGSKzsHoZkY2hCb+K6KfsJMbkoD
cTCGQwdAlDgdmBWe+9SwPb4xF9bXx4xpc5XCHXgAjs+gf/0hkwsYWSB/9WrFeYp4
rnA9be7oRbOPwKQtsRYv2qXnth6OxOp9nO7wweu6ozjB/Vc6H6MNF7z7ZppWPO+L
n3NrEV+3XVRWAGdQ/PGbT9xC5RfndDpZKVTWrVypKgaHLNJ1i3gvJq7KMAKoI+8M
FN6vUGVsHwch1y17XwndVQ4U54C0YPm16t8=
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:31:52 2024 by rpki-client on console-fra.rpki-client.org