Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/44122BBE5B7E11EEA5C359784AD9E6FC.roa
File:                     44122BBE5B7E11EEA5C359784AD9E6FC.roa (raw, json)
Hash identifier:          dlLpBI0Us25zgjOKkdJouRreKgFknaWvSBpHKXaHN4Q=
Subject key identifier:   46:C0:CF:1C:77:04:02:72:8F:31:52:44:40:6E:89:35:C0:48:9E:BD
Certificate issuer:       /CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Certificate serial:       36
Authority key identifier: A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/44122BBE5B7E11EEA5C359784AD9E6FC.roa
Signing time:             Mon 25 Sep 2023 08:33:56 +0000
ROA not before:           Mon 25 Sep 2023 08:33:53 +0000
ROA not after:            Sat 31 Dec 2033 08:33:53 +0000
asID:                     61266
IP address blocks:        2c0f:eb00:1100::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54 (0x36)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
        Validity
            Not Before: Sep 25 08:33:53 2023 GMT
            Not After : Dec 31 08:33:53 2033 GMT
        Subject: CN=651145f4-aa61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:6d:02:a6:25:e8:9e:d6:4e:1a:cd:3a:86:4c:
                    5d:c2:b0:08:e0:8b:0a:da:68:28:97:f4:74:eb:69:
                    c8:42:1e:95:e5:09:f1:0c:55:97:0e:da:ba:10:3d:
                    f5:ed:e7:98:26:31:b4:d6:28:55:c5:21:4f:df:35:
                    d0:47:85:6d:15:f0:e5:db:ff:aa:c7:7b:ec:d3:77:
                    5a:f2:2f:3e:1f:78:b1:56:55:53:bd:9d:e4:be:d4:
                    17:7c:7c:99:cf:33:e0:a5:d3:83:aa:df:c3:cd:df:
                    53:26:8a:dc:1c:33:b8:48:ec:91:6b:7b:05:11:87:
                    32:19:31:7c:3e:76:fa:11:e7:ae:44:98:a1:7b:56:
                    cc:ae:d4:55:3d:81:f5:c5:9a:85:83:8a:ac:d4:80:
                    26:ca:5d:c5:76:79:e9:46:80:b1:9a:a9:65:ef:4c:
                    e3:06:6c:65:46:8d:4a:3d:00:1e:11:f3:65:0a:08:
                    d2:aa:6e:45:b1:27:2a:84:ae:c0:71:eb:67:d8:16:
                    48:e5:aa:2e:9b:d4:6d:90:04:f2:0c:fb:31:24:74:
                    cb:93:8b:7c:e7:56:35:24:dc:26:a1:bd:ee:1a:f7:
                    14:5e:9a:26:e1:be:8c:5b:dc:7a:84:4e:59:0e:5d:
                    b6:9a:23:55:08:9b:9d:48:f7:57:c6:5f:f8:33:2d:
                    51:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:C0:CF:1C:77:04:02:72:8F:31:52:44:40:6E:89:35:C0:48:9E:BD
            X509v3 Authority Key Identifier:
                keyid:A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/44122BBE5B7E11EEA5C359784AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:eb00:1100::/40

    Signature Algorithm: sha256WithRSAEncryption
         7f:3e:57:37:52:66:78:69:59:58:12:78:ad:0e:0d:42:4a:e5:
         b5:d5:e1:1b:bc:42:42:4f:5a:ed:7e:15:58:c9:6d:67:67:59:
         cd:50:64:36:66:bc:20:a1:06:c7:68:ae:38:7b:39:d7:0b:3e:
         26:da:5e:7f:99:68:05:72:21:73:8b:77:e2:ee:d5:c0:7d:bb:
         37:e0:d6:5b:46:a2:dc:80:ba:c1:d3:46:47:fa:a4:ea:31:0f:
         06:a1:8e:af:81:ad:ed:4b:fa:db:b7:e3:1c:ea:29:09:94:36:
         53:1a:e2:24:18:72:ea:8b:c8:1f:d7:78:33:65:8b:ca:76:25:
         fd:9a:0a:f8:bd:f1:57:0e:87:f9:a2:ce:bf:f1:ce:f0:81:14:
         8e:b4:3e:89:7e:ff:ab:83:9c:6d:f6:e0:16:2f:fe:e8:44:f6:
         37:e3:b4:89:b6:26:4c:47:66:13:06:73:df:e9:82:a2:94:0c:
         ab:46:7a:f6:46:5c:18:6f:98:b7:9b:5a:03:3b:3b:be:ff:7a:
         8b:c3:31:4e:a9:ff:2d:7c:46:dd:3f:09:0a:b3:56:0f:3f:45:
         08:73:84:94:80:0b:68:d7:ae:b9:4c:9e:d6:01:0b:e6:11:f8:
         96:d9:85:16:e1:51:90:8a:95:b7:84:fd:d0:06:7b:73:ce:42:
         18:20:d3:fc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBNjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
OENGRUFGMTEwLwYDVQQFEyhBOEVGOTYwNTE0RTMzNjQ0NEQzQ0RFMzdCMjRCNjZE
QzM5RDQzRDFCMB4XDTIzMDkyNTA4MzM1M1oXDTMzMTIzMTA4MzM1M1owGDEWMBQG
A1UEAxMNNjUxMTQ1ZjQtYWE2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJtAqYl6J7WThrNOoZMXcKwCOCLCtpoKJf0dOtpyEIeleUJ8QxVlw7auhA9
9e3nmCYxtNYoVcUhT9810EeFbRXw5dv/qsd77NN3WvIvPh94sVZVU72d5L7UF3x8
mc8z4KXTg6rfw83fUyaK3BwzuEjskWt7BRGHMhkxfD52+hHnrkSYoXtWzK7UVT2B
9cWahYOKrNSAJspdxXZ56UaAsZqpZe9M4wZsZUaNSj0AHhHzZQoI0qpuRbEnKoSu
wHHrZ9gWSOWqLpvUbZAE8gz7MSR0y5OLfOdWNSTcJqG97hr3FF6aJuG+jFvceoRO
WQ5dtpojVQibnUj3V8Zf+DMtUf8CAwEAAaOCAqcwggKjMB0GA1UdDgQWBBRGwM8c
dwQCco8xUkRAbok1wEievTAfBgNVHSMEGDAWgBSo75YFFOM2RE083jeyS2bcOdQ9
GzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFEOUU2RkMvcU8tV0JS
VGpOa1JOUE40M3NrdG0zRG5VUFJzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcU8tV0JSVGpOa1JOUE40M3NrdG0zRG5VUFJzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFE
OUU2RkMvNDQxMjJCQkU1QjdFMTFFRUE1QzM1OTc4NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACwP6wARMA0GCSqGSIb3DQEB
CwUAA4IBAQB/Plc3UmZ4aVlYEnitDg1CSuW11eEbvEJCT1rtfhVYyW1nZ1nNUGQ2
ZrwgoQbHaK44eznXCz4m2l5/mWgFciFzi3fi7tXAfbs34NZbRqLcgLrB00ZH+qTq
MQ8GoY6vga3tS/rbt+Mc6ikJlDZTGuIkGHLqi8gf13gzZYvKdiX9mgr4vfFXDof5
os6/8c7wgRSOtD6Jfv+rg5xt9uAWL/7oRPY347SJtiZMR2YTBnPf6YKilAyrRnr2
RlwYb5i3m1oDOzu+/3qLwzFOqf8tfEbdPwkKs1YPP0UIc4SUgAto1665TJ7WAQvm
EfiW2YUW4VGQipW3hP3QBntzzkIYINP8
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org