Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B560/EEF897B2934111ED8045848DF1222468/C6A0ECC2934311ED87F36E92F1222468.roa
File:                     C6A0ECC2934311ED87F36E92F1222468.roa (raw, json)
Hash identifier:          dbr+kLrAwWa2cBy+XTM27d2TWkBTRedrZivGl3lEoFg=
Subject key identifier:   C2:AA:87:21:59:FD:DD:7A:C7:56:F0:8D:43:F5:EF:AF:85:A5:CF:DC
Certificate issuer:       /CN=F367B560AF/serialNumber=646FCDF8F4A278A08EAB347BC5B2BAF9AF6BF064
Certificate serial:       02
Authority key identifier: 64:6F:CD:F8:F4:A2:78:A0:8E:AB:34:7B:C5:B2:BA:F9:AF:6B:F0:64
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/ZG_N-PSieKCOqzR7xbK6-a9r8GQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B560/EEF897B2934111ED8045848DF1222468/C6A0ECC2934311ED87F36E92F1222468.roa
Signing time:             Fri 13 Jan 2023 13:11:22 +0000
ROA not before:           Fri 13 Jan 2023 13:11:17 +0000
ROA not after:            Wed 13 Jan 2027 13:11:17 +0000
asID:                     25429
IP address blocks:        196.2.8.0/21 maxlen: 24
                          2c0f:f908::/32 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B560/EEF897B2934111ED8045848DF1222468/ZG_N-PSieKCOqzR7xbK6-a9r8GQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B560/EEF897B2934111ED8045848DF1222468/ZG_N-PSieKCOqzR7xbK6-a9r8GQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/ZG_N-PSieKCOqzR7xbK6-a9r8GQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B560AF/serialNumber=646FCDF8F4A278A08EAB347BC5B2BAF9AF6BF064
        Validity
            Not Before: Jan 13 13:11:17 2023 GMT
            Not After : Jan 13 13:11:17 2027 GMT
        Subject: CN=63c1587a-6d1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f5:11:8f:3b:4b:d6:05:b6:14:ad:41:fb:fb:
                    5c:e8:4e:7a:74:e2:e1:11:34:de:af:e7:fc:c7:27:
                    64:b8:a7:6e:a4:a2:22:1b:98:23:97:36:5b:03:08:
                    a0:b6:64:af:f2:b5:01:1b:8a:13:87:a3:f7:47:fa:
                    3e:cd:56:c7:02:61:44:1d:5e:4a:d8:cb:e5:03:d8:
                    f2:d4:98:95:23:d3:91:8a:df:b8:36:c4:38:c2:1d:
                    02:5b:c0:b6:82:d2:89:d0:6d:4f:21:f5:c7:87:19:
                    5b:bb:e8:fd:f2:d6:12:a4:5d:d1:7c:b4:8a:23:75:
                    ca:71:fe:28:82:48:21:12:6f:c3:88:e5:93:6f:98:
                    a3:ab:9b:d3:66:27:fd:42:94:ad:01:7f:44:4c:c0:
                    0f:ec:3d:0d:7d:ee:d2:e3:5f:93:74:8f:43:42:c8:
                    25:0f:52:32:bb:ed:00:85:7e:ea:24:f5:3e:0d:ee:
                    19:64:35:45:41:af:2c:26:6e:fd:7e:a7:ef:99:95:
                    18:ff:92:5f:a8:5c:5b:62:01:51:ec:21:87:29:c2:
                    d4:cd:6f:f1:1b:32:37:51:3a:40:d4:af:06:ba:36:
                    11:52:d0:b2:af:34:af:43:a9:2a:5e:7b:3d:59:66:
                    29:aa:26:c5:f9:92:a1:4b:21:b8:db:c8:80:26:37:
                    d3:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:AA:87:21:59:FD:DD:7A:C7:56:F0:8D:43:F5:EF:AF:85:A5:CF:DC
            X509v3 Authority Key Identifier:
                keyid:64:6F:CD:F8:F4:A2:78:A0:8E:AB:34:7B:C5:B2:BA:F9:AF:6B:F0:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B560/EEF897B2934111ED8045848DF1222468/ZG_N-PSieKCOqzR7xbK6-a9r8GQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ZG_N-PSieKCOqzR7xbK6-a9r8GQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B560/EEF897B2934111ED8045848DF1222468/C6A0ECC2934311ED87F36E92F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.2.8.0/21
                IPv6:
                  2c0f:f908::/32

    Signature Algorithm: sha256WithRSAEncryption
         01:ec:9f:1f:e9:b0:8e:17:a6:72:f8:e5:7e:f7:0a:46:1a:70:
         00:42:50:f5:1c:99:fd:16:46:79:f7:a3:84:2a:97:61:81:57:
         52:59:f3:89:97:62:38:7b:cb:1c:c9:70:29:5b:bd:67:a7:83:
         ad:a0:bd:99:7c:08:63:d8:cd:16:4b:de:2f:be:19:73:a3:36:
         8a:82:a1:a0:0e:d9:2e:4c:04:4b:47:c6:cc:c0:4a:a4:ae:7e:
         fa:f2:99:38:3b:26:99:50:76:a4:4d:22:c0:6b:e6:49:d3:dc:
         5e:8b:76:a9:d9:d2:49:f3:90:bf:b2:71:42:25:50:f8:49:eb:
         93:68:d5:dc:cb:9b:e4:fc:29:22:0b:98:ae:c1:a3:d6:f9:2c:
         81:34:be:65:a0:ee:c7:dd:2a:8a:96:84:8e:56:0c:4b:dd:c3:
         9f:9f:ac:0c:34:db:b5:47:0a:ca:97:dd:03:46:aa:84:e6:76:
         52:e3:19:6e:9c:e2:cc:49:39:68:9e:d0:bc:2c:87:2e:78:67:
         24:6d:9a:79:12:f3:91:1c:eb:7a:2a:ee:c7:04:3b:72:d9:ae:
         1b:1f:72:55:fa:a0:e0:97:a4:ef:5a:5d:fa:0a:4a:b7:5f:82:
         f7:b1:3c:b2:53:5d:a2:ed:4c:e7:c8:d8:b8:b8:94:0e:80:ee:
         51:a8:00:2e
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY3
QjU2MEFGMTEwLwYDVQQFEyg2NDZGQ0RGOEY0QTI3OEEwOEVBQjM0N0JDNUIyQkFG
OUFGNkJGMDY0MB4XDTIzMDExMzEzMTExN1oXDTI3MDExMzEzMTExN1owGDEWMBQG
A1UEAwwNNjNjMTU4N2EtNmQxZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMf1EY87S9YFthStQfv7XOhOenTi4RE03q/n/McnZLinbqSiIhuYI5c2WwMI
oLZkr/K1ARuKE4ej90f6Ps1WxwJhRB1eStjL5QPY8tSYlSPTkYrfuDbEOMIdAlvA
toLSidBtTyH1x4cZW7vo/fLWEqRd0Xy0iiN1ynH+KIJIIRJvw4jlk2+Yo6ub02Yn
/UKUrQF/REzAD+w9DX3u0uNfk3SPQ0LIJQ9SMrvtAIV+6iT1Pg3uGWQ1RUGvLCZu
/X6n75mVGP+SX6hcW2IBUewhhynC1M1v8RsyN1E6QNSvBro2EVLQsq80r0OpKl57
PVlmKaomxfmSoUshuNvIgCY307kCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTCqoch
Wf3desdW8I1D9e+vhaXP3DAfBgNVHSMEGDAWgBRkb8349KJ4oI6rNHvFsrr5r2vw
ZDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0I1NjAvRUVGODk3QjI5MzQxMTFFRDgwNDU4NDhERjEyMjI0NjgvWkdfTi1Q
U2llS0NPcXpSN3hiSzYtYTlyOEdRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWkdfTi1QU2llS0NPcXpSN3hiSzYtYTlyOEdRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0I1NjAvRUVGODk3QjI5MzQxMTFFRDgwNDU4NDhERjEy
MjI0NjgvQzZBMEVDQzI5MzQzMTFFRDg3RjM2RTkyRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA8QCCDANBAIAAjAHAwUALA/5
CDANBgkqhkiG9w0BAQsFAAOCAQEAAeyfH+mwjhemcvjlfvcKRhpwAEJQ9RyZ/RZG
efejhCqXYYFXUlnziZdiOHvLHMlwKVu9Z6eDraC9mXwIY9jNFkveL74Zc6M2ioKh
oA7ZLkwES0fGzMBKpK5++vKZODsmmVB2pE0iwGvmSdPcXot2qdnSSfOQv7JxQiVQ
+Enrk2jV3Mub5PwpIguYrsGj1vksgTS+ZaDux90qipaEjlYMS93Dn5+sDDTbtUcK
ypfdA0aqhOZ2UuMZbpzizEk5aJ7QvCyHLnhnJG2aeRLzkRzreiruxwQ7ctmuGx9y
Vfqg4Jek71pd+gpKt1+C97E8slNdou1M58jYuLiUDoDuUagALg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:09 2024 by rpki-client on console-fra.rpki-client.org