Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B8D1/561E2FDC21F011EEACFC01104AD9E6FC/E1F87CC6261711EE9112117E4AD9E6FC.roa
File:                     E1F87CC6261711EE9112117E4AD9E6FC.roa (raw, json)
Hash identifier:          L/3Ed8SgC2Eem41w8cHehrxxaShVOqXifUiGhdxr7zk=
Subject key identifier:   3C:5A:C2:CF:43:DB:D9:C8:0C:FF:1C:F7:CE:AC:EA:7C:FA:96:A7:5C
Certificate issuer:       /CN=F367B8D1AF/serialNumber=2FD39D92ACDAA5137BCE481ABE6C8DF1DCCD0EF6
Certificate serial:       09
Authority key identifier: 2F:D3:9D:92:AC:DA:A5:13:7B:CE:48:1A:BE:6C:8D:F1:DC:CD:0E:F6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L9OdkqzapRN7zkgavmyN8dzNDvY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B8D1/561E2FDC21F011EEACFC01104AD9E6FC/E1F87CC6261711EE9112117E4AD9E6FC.roa
Signing time:             Wed 19 Jul 2023 09:37:31 +0000
ROA not before:           Wed 19 Jul 2023 09:37:27 +0000
ROA not after:            Tue 19 Jul 2033 09:37:27 +0000
asID:                     28683
IP address blocks:        2c0f:f188::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B8D1/561E2FDC21F011EEACFC01104AD9E6FC/L9OdkqzapRN7zkgavmyN8dzNDvY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B8D1/561E2FDC21F011EEACFC01104AD9E6FC/L9OdkqzapRN7zkgavmyN8dzNDvY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L9OdkqzapRN7zkgavmyN8dzNDvY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B8D1AF/serialNumber=2FD39D92ACDAA5137BCE481ABE6C8DF1DCCD0EF6
        Validity
            Not Before: Jul 19 09:37:27 2023 GMT
            Not After : Jul 19 09:37:27 2033 GMT
        Subject: CN=64b7aedb-13d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:db:41:43:3f:58:f8:55:19:ca:94:e4:63:da:
                    c2:9d:65:0e:75:32:a2:e6:7a:c7:70:30:49:53:f7:
                    56:67:9e:d3:56:1e:93:a1:de:8c:0f:e3:77:58:4e:
                    52:7a:f8:29:ac:c5:ab:bc:ce:e9:30:01:44:de:20:
                    3e:b1:79:28:6c:b8:e3:1a:8a:e1:6b:cf:6d:da:b1:
                    bd:11:14:99:b0:9f:60:32:d9:be:cd:6d:75:f8:7b:
                    43:f5:01:a6:af:67:1b:fb:55:c3:06:1e:f8:aa:c5:
                    a0:86:34:e3:7f:12:fe:bf:cb:0f:43:32:2e:db:78:
                    b5:19:15:db:83:c3:9d:2b:8a:19:32:5a:05:83:dd:
                    08:5b:53:23:aa:1f:10:e1:9a:33:2d:f5:65:71:a4:
                    88:5b:e5:b6:cd:8a:b9:21:d2:b8:b2:98:a9:07:87:
                    58:12:b9:30:e6:83:2e:dd:d5:8f:18:b4:04:c8:92:
                    42:42:fd:14:0b:c0:cb:37:48:fe:12:54:73:b7:a1:
                    6a:30:d6:39:66:0f:3b:17:ea:69:be:7b:7c:74:09:
                    21:ac:c1:3c:3b:33:60:ea:a7:d5:ea:4e:dd:36:3a:
                    dd:2a:2d:5b:a0:d9:6b:25:f9:30:e4:1e:d9:fe:54:
                    e8:a4:49:87:e2:99:5f:40:01:82:62:df:17:7f:2e:
                    cc:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:5A:C2:CF:43:DB:D9:C8:0C:FF:1C:F7:CE:AC:EA:7C:FA:96:A7:5C
            X509v3 Authority Key Identifier:
                keyid:2F:D3:9D:92:AC:DA:A5:13:7B:CE:48:1A:BE:6C:8D:F1:DC:CD:0E:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B8D1/561E2FDC21F011EEACFC01104AD9E6FC/L9OdkqzapRN7zkgavmyN8dzNDvY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L9OdkqzapRN7zkgavmyN8dzNDvY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B8D1/561E2FDC21F011EEACFC01104AD9E6FC/E1F87CC6261711EE9112117E4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f188::/32

    Signature Algorithm: sha256WithRSAEncryption
         3e:8c:10:58:37:3f:af:da:0d:24:47:9f:52:72:b7:3a:9a:70:
         ca:27:ad:44:97:95:2e:da:f1:d6:0d:b6:d2:b7:e8:15:e3:b0:
         60:4b:2b:45:1c:a0:25:78:38:9b:77:9d:c4:e7:cc:c8:aa:09:
         7c:26:4f:64:b6:30:4a:32:45:75:ce:ff:04:2d:94:69:ac:f3:
         20:ce:17:f1:99:41:7f:23:20:bf:37:f2:8b:c2:05:80:ab:64:
         42:ef:34:71:e1:d7:f0:52:ff:69:dd:99:34:88:6e:52:c3:dd:
         6b:e3:ba:41:90:32:14:3c:f3:74:7f:d7:d9:f6:31:3e:ab:50:
         ec:ed:7c:50:15:ae:37:f3:be:0b:66:a2:0f:4d:75:b8:c2:a1:
         69:25:bc:b4:e1:53:c9:87:76:87:1f:25:57:d8:61:de:33:5f:
         aa:cf:2b:99:57:00:46:01:d9:38:9a:99:97:8f:08:96:a5:f0:
         51:e9:b6:b9:95:c7:78:32:b7:e5:8b:cf:a0:b9:e2:71:7e:3f:
         00:15:10:7b:6e:6a:02:7f:f5:51:6d:aa:bd:f7:a0:fb:24:3a:
         ae:a4:33:4e:ee:3b:7c:f0:93:ee:a7:55:3b:b5:6e:9c:49:62:
         b0:a6:63:d0:11:46:34:d2:32:86:05:c1:14:43:ec:d8:cc:45:
         a8:7a:7d:7a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBCTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjhEMUFGMTEwLwYDVQQFEygyRkQzOUQ5MkFDREFBNTEzN0JDRTQ4MUFCRTZDOERG
MURDQ0QwRUY2MB4XDTIzMDcxOTA5MzcyN1oXDTMzMDcxOTA5MzcyN1owGDEWMBQG
A1UEAxMNNjRiN2FlZGItMTNkOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7bQUM/WPhVGcqU5GPawp1lDnUyouZ6x3AwSVP3Vmee01Yek6HejA/jd1hO
Unr4KazFq7zO6TABRN4gPrF5KGy44xqK4WvPbdqxvREUmbCfYDLZvs1tdfh7Q/UB
pq9nG/tVwwYe+KrFoIY0438S/r/LD0MyLtt4tRkV24PDnSuKGTJaBYPdCFtTI6of
EOGaMy31ZXGkiFvlts2KuSHSuLKYqQeHWBK5MOaDLt3Vjxi0BMiSQkL9FAvAyzdI
/hJUc7ehajDWOWYPOxfqab57fHQJIazBPDszYOqn1epO3TY63SotW6DZayX5MOQe
2f5U6KRJh+KZX0ABgmLfF38uzP8CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQ8WsLP
Q9vZyAz/HPfOrOp8+panXDAfBgNVHSMEGDAWgBQv052SrNqlE3vOSBq+bI3x3M0O
9jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0I4RDEvNTYxRTJGREMyMUYwMTFFRUFDRkMwMTEwNEFEOUU2RkMvTDlPZGtx
emFwUk43emtnYXZteU44ZHpORHZZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTDlPZGtxemFwUk43emtnYXZteU44ZHpORHZZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0I4RDEvNTYxRTJGREMyMUYwMTFFRUFDRkMwMTEwNEFE
OUU2RkMvRTFGODdDQzYyNjE3MTFFRTkxMTIxMTdFNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP8YgwDQYJKoZIhvcNAQEL
BQADggEBAD6MEFg3P6/aDSRHn1JytzqacMonrUSXlS7a8dYNttK36BXjsGBLK0Uc
oCV4OJt3ncTnzMiqCXwmT2S2MEoyRXXO/wQtlGms8yDOF/GZQX8jIL838ovCBYCr
ZELvNHHh1/BS/2ndmTSIblLD3WvjukGQMhQ883R/19n2MT6rUOztfFAVrjfzvgtm
og9NdbjCoWklvLThU8mHdocfJVfYYd4zX6rPK5lXAEYB2TiamZePCJal8FHptrmV
x3gyt+WLz6C54nF+PwAVEHtuagJ/9VFtqr33oPskOq6kM07uO3zwk+6nVTu1bpxJ
YrCmY9ARRjTSMoYFwRRD7NjMRah6fXo=
-----END CERTIFICATE-----
Generated at Sun Nov 24 04:29:37 2024 by rpki-client on console-fra.rpki-client.org