Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366F2B5/A9C06A8C741111EF8B0A9DA8762E951A/6217C884742E11EFA821E659762E951A.roa
File:                     6217C884742E11EFA821E659762E951A.roa (raw, json)
Hash identifier:          DqF+PQ0X8r1rRPiZ8RZ4fS3gA5sEXR5BPLyS3G+8cdE=
Subject key identifier:   A3:97:E8:5F:05:F9:B5:32:63:30:C9:B4:5D:BB:C8:62:50:27:48:7C
Certificate issuer:       /CN=F366F2B5AF/serialNumber=9093645F56187261E65B708274DBD52C00DF250D
Certificate serial:       06
Authority key identifier: 90:93:64:5F:56:18:72:61:E6:5B:70:82:74:DB:D5:2C:00:DF:25:0D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/kJNkX1YYcmHmW3CCdNvVLADfJQ0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366F2B5/A9C06A8C741111EF8B0A9DA8762E951A/6217C884742E11EFA821E659762E951A.roa
Signing time:             Mon 16 Sep 2024 13:20:04 +0000
ROA not before:           Mon 16 Sep 2024 13:20:00 +0000
ROA not after:            Sun 30 Sep 2029 13:20:00 +0000
asID:                     328744
IP address blocks:        2c0f:e9e8::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366F2B5/A9C06A8C741111EF8B0A9DA8762E951A/kJNkX1YYcmHmW3CCdNvVLADfJQ0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366F2B5/A9C06A8C741111EF8B0A9DA8762E951A/kJNkX1YYcmHmW3CCdNvVLADfJQ0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/kJNkX1YYcmHmW3CCdNvVLADfJQ0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 26 Oct 2024 00:05:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366F2B5AF/serialNumber=9093645F56187261E65B708274DBD52C00DF250D
        Validity
            Not Before: Sep 16 13:20:00 2024 GMT
            Not After : Sep 30 13:20:00 2029 GMT
        Subject: CN=66e83083-a379
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:32:fa:ec:e4:36:b7:f0:67:b1:c2:ad:33:b1:
                    c7:79:ad:58:ae:61:17:49:60:d9:ac:65:30:be:aa:
                    87:9c:08:ff:e1:e8:f3:cc:53:fa:05:e5:55:44:7a:
                    d3:b6:56:a8:b1:6b:e9:1b:29:10:37:ff:67:55:60:
                    ab:2a:6d:37:64:98:13:8a:ac:c5:45:97:82:8a:63:
                    5d:29:5d:14:b7:61:61:28:73:f3:6d:d0:46:0a:9c:
                    dc:f4:89:db:ab:10:60:b4:1e:24:31:c1:25:af:94:
                    c3:fc:3f:95:90:01:f6:c0:e4:df:30:34:4c:c6:00:
                    87:40:a7:dd:ec:2d:1b:ea:fe:cb:da:8c:ed:a5:8a:
                    31:e7:52:c9:9e:a2:ce:b2:ba:ab:48:ff:d8:76:40:
                    1e:fc:f4:bf:fc:c4:5a:b2:b0:9f:b8:d1:5f:7b:7d:
                    f2:b3:d6:b8:e8:a5:f6:0e:cf:5e:7f:41:7c:7d:e6:
                    66:7d:01:e1:e5:f5:57:f3:9a:83:b7:a1:b1:84:44:
                    01:8e:9b:ac:de:da:0c:e0:ae:b1:fb:be:91:f1:44:
                    d3:92:c5:00:6c:97:9f:2a:04:ed:36:c8:a8:30:77:
                    e7:a5:7f:a8:93:4d:18:e2:1a:49:3f:ca:09:7d:12:
                    ac:00:5a:2e:01:15:13:0f:8b:d9:49:9c:dc:6e:71:
                    53:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:97:E8:5F:05:F9:B5:32:63:30:C9:B4:5D:BB:C8:62:50:27:48:7C
            X509v3 Authority Key Identifier:
                keyid:90:93:64:5F:56:18:72:61:E6:5B:70:82:74:DB:D5:2C:00:DF:25:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366F2B5/A9C06A8C741111EF8B0A9DA8762E951A/kJNkX1YYcmHmW3CCdNvVLADfJQ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/kJNkX1YYcmHmW3CCdNvVLADfJQ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366F2B5/A9C06A8C741111EF8B0A9DA8762E951A/6217C884742E11EFA821E659762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:e9e8::/32

    Signature Algorithm: sha256WithRSAEncryption
         cc:de:d3:31:ee:8a:8c:f5:f8:32:d0:d2:b4:86:28:50:e1:62:
         75:29:85:6f:6b:38:08:f2:f5:4d:a3:0c:98:43:29:9c:74:44:
         57:b1:af:25:05:ef:8a:19:98:21:5a:12:f4:1f:4b:bb:33:e8:
         52:16:06:5a:cb:65:7b:e6:ed:bd:e0:24:7e:01:70:3b:7c:65:
         62:cd:99:c7:36:89:18:87:31:31:bc:df:e4:62:c6:e1:f4:40:
         be:f2:55:93:95:c9:62:10:7b:30:22:11:86:9d:32:59:97:1d:
         a6:ea:19:a7:a5:3b:23:ca:02:d7:95:e3:90:1e:8b:a1:98:fa:
         b0:aa:a0:9b:c4:d9:d0:82:f4:50:ad:95:dd:ed:ae:06:2c:c9:
         19:58:6a:20:fe:f0:28:b6:f3:98:e6:a8:f2:7e:03:71:4d:27:
         03:a8:73:68:38:5e:28:d2:a9:15:a5:ef:63:6f:e9:d2:dc:31:
         75:94:fd:a5:cf:61:19:42:44:2f:92:65:8e:3c:de:be:46:4b:
         11:0f:a2:f4:61:c6:61:8e:c5:1e:b4:c6:8c:0a:88:88:c6:9a:
         53:3e:59:43:5a:e6:d8:1c:eb:e5:c1:a2:07:9f:16:a0:ac:66:
         29:e5:e9:91:ed:35:38:38:c6:a6:13:9d:d4:f7:69:02:56:84:
         5a:71:dc:19
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
RjJCNUFGMTEwLwYDVQQFEyg5MDkzNjQ1RjU2MTg3MjYxRTY1QjcwODI3NERCRDUy
QzAwREYyNTBEMB4XDTI0MDkxNjEzMjAwMFoXDTI5MDkzMDEzMjAwMFowGDEWMBQG
A1UEAxMNNjZlODMwODMtYTM3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIy+uzkNrfwZ7HCrTOxx3mtWK5hF0lg2axlML6qh5wI/+Ho88xT+gXlVUR6
07ZWqLFr6RspEDf/Z1VgqyptN2SYE4qsxUWXgopjXSldFLdhYShz823QRgqc3PSJ
26sQYLQeJDHBJa+Uw/w/lZAB9sDk3zA0TMYAh0Cn3ewtG+r+y9qM7aWKMedSyZ6i
zrK6q0j/2HZAHvz0v/zEWrKwn7jRX3t98rPWuOil9g7PXn9BfH3mZn0B4eX1V/Oa
g7ehsYREAY6brN7aDOCusfu+kfFE05LFAGyXnyoE7TbIqDB356V/qJNNGOIaST/K
CX0SrABaLgEVEw+L2Umc3G5xUzECAwEAAaOCAqYwggKiMB0GA1UdDgQWBBSjl+hf
Bfm1MmMwybRdu8hiUCdIfDAfBgNVHSMEGDAWgBSQk2RfVhhyYeZbcIJ029UsAN8l
DTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkYyQjUvQTlDMDZBOEM3NDExMTFFRjhCMEE5REE4NzYyRTk1MUEva0pOa1gx
WVljbUhtVzNDQ2ROdlZMQURmSlEwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMva0pOa1gxWVljbUhtVzNDQ2ROdlZMQURmSlEwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkYyQjUvQTlDMDZBOEM3NDExMTFFRjhCMEE5REE4NzYy
RTk1MUEvNjIxN0M4ODQ3NDJFMTFFRkE4MjFFNjU5NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP6egwDQYJKoZIhvcNAQEL
BQADggEBAMze0zHuioz1+DLQ0rSGKFDhYnUphW9rOAjy9U2jDJhDKZx0RFexryUF
74oZmCFaEvQfS7sz6FIWBlrLZXvm7b3gJH4BcDt8ZWLNmcc2iRiHMTG83+RixuH0
QL7yVZOVyWIQezAiEYadMlmXHabqGaelOyPKAteV45Aei6GY+rCqoJvE2dCC9FCt
ld3trgYsyRlYaiD+8Ci285jmqPJ+A3FNJwOoc2g4XijSqRWl72Nv6dLcMXWU/aXP
YRlCRC+SZY483r5GSxEPovRhxmGOxR60xowKiIjGmlM+WUNa5tgc6+XBogefFqCs
Zinl6ZHtNTg4xqYTndT3aQJWhFpx3Bk=
-----END CERTIFICATE-----