Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367C1FC/802083BCB56411EAAC13465EF8AEA228/DFF59CB6015811EFA0548F5D017001B1.roa
File:                     DFF59CB6015811EFA0548F5D017001B1.roa (raw, json)
Hash identifier:          ad0ZLY1g7kmBztnFK6luNNN+TT29RE29LZBJIZEritM=
Subject key identifier:   FD:20:49:44:50:A8:46:14:BF:79:A4:68:05:94:3D:ED:96:FF:8F:30
Certificate issuer:       /CN=F367C1FCAF/serialNumber=0BC2EE66136228036D3360299B4A83195EAD87C5
Certificate serial:       05A2
Authority key identifier: 0B:C2:EE:66:13:62:28:03:6D:33:60:29:9B:4A:83:19:5E:AD:87:C5
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/C8LuZhNiKANtM2Apm0qDGV6th8U.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367C1FC/802083BCB56411EAAC13465EF8AEA228/DFF59CB6015811EFA0548F5D017001B1.roa
Signing time:             Tue 23 Apr 2024 10:04:30 +0000
ROA not before:           Tue 23 Apr 2024 10:04:25 +0000
ROA not after:            Mon 24 Apr 2028 10:04:25 +0000
asID:                     328160
IP address blocks:        2c0f:e888::/32 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367C1FC/802083BCB56411EAAC13465EF8AEA228/C8LuZhNiKANtM2Apm0qDGV6th8U.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367C1FC/802083BCB56411EAAC13465EF8AEA228/C8LuZhNiKANtM2Apm0qDGV6th8U.mft
                          rsync://rpki.afrinic.net/repository/afrinic/C8LuZhNiKANtM2Apm0qDGV6th8U.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1442 (0x5a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367C1FCAF/serialNumber=0BC2EE66136228036D3360299B4A83195EAD87C5
        Validity
            Not Before: Apr 23 10:04:25 2024 GMT
            Not After : Apr 24 10:04:25 2028 GMT
        Subject: CN=662787ae-a4c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:17:17:62:e7:69:8b:3c:4a:a8:ba:ba:9a:5f:
                    ba:d9:c0:09:29:e9:0b:65:0f:43:bd:a7:cc:8e:a5:
                    64:c4:11:ee:5f:45:29:0a:b7:20:eb:7c:be:ce:b9:
                    02:6d:2a:ee:9d:6e:c8:5f:94:bf:0a:13:7e:83:16:
                    d1:3b:6f:c8:b6:f2:d9:8e:5b:5d:76:aa:ce:ae:51:
                    25:73:d1:d2:74:be:3d:9d:1e:64:44:d3:f5:65:5a:
                    2b:3d:6d:9e:df:eb:a7:3e:e2:a3:12:f4:e8:e8:3c:
                    f8:a3:f8:7f:b8:2d:95:87:6a:ef:51:d6:3f:29:ab:
                    47:da:f7:c0:bc:09:36:51:5f:95:f8:e6:30:f5:2d:
                    5b:16:e8:dc:95:91:d0:26:60:b4:ed:d1:da:12:4e:
                    b1:d2:f9:f9:1f:4a:9d:48:d7:a9:24:7e:82:7e:c8:
                    11:14:a3:7a:f3:1c:ef:5e:18:97:58:39:96:72:84:
                    cb:80:4f:c8:7c:e8:06:c6:50:aa:c5:4b:b4:bf:04:
                    50:5f:4c:05:74:63:20:e8:77:a4:84:b0:c5:13:fb:
                    9f:54:d3:ed:3b:f5:5f:51:5f:3a:d4:55:66:e5:4f:
                    36:27:3b:16:d0:d5:19:4d:9e:26:1b:81:99:d5:41:
                    52:d8:d2:47:65:c2:81:56:38:bd:0f:cc:91:71:20:
                    bf:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:20:49:44:50:A8:46:14:BF:79:A4:68:05:94:3D:ED:96:FF:8F:30
            X509v3 Authority Key Identifier:
                keyid:0B:C2:EE:66:13:62:28:03:6D:33:60:29:9B:4A:83:19:5E:AD:87:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367C1FC/802083BCB56411EAAC13465EF8AEA228/C8LuZhNiKANtM2Apm0qDGV6th8U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/C8LuZhNiKANtM2Apm0qDGV6th8U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367C1FC/802083BCB56411EAAC13465EF8AEA228/DFF59CB6015811EFA0548F5D017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:e888::/32

    Signature Algorithm: sha256WithRSAEncryption
         9b:eb:aa:17:7a:e8:78:2e:e9:63:53:15:4d:73:ee:0b:bd:17:
         c8:6e:b0:7f:5e:86:1e:f0:87:12:22:68:52:e1:52:4c:0b:35:
         c2:c4:8e:ad:7c:9f:00:2b:31:79:7a:d3:91:d6:89:0e:33:fe:
         f1:fa:76:7a:e2:2c:02:33:d3:3b:ce:c5:ea:ea:a8:80:df:74:
         96:a4:8a:3a:c2:09:e9:65:91:2d:d3:9f:58:0a:86:5f:a1:21:
         9f:5a:a7:40:99:09:58:9a:d0:b0:54:c5:05:c5:dd:13:1d:98:
         87:66:52:e6:d4:59:c6:31:65:9d:b2:cf:2f:c1:ea:6d:0b:8a:
         db:ec:08:80:cf:eb:f4:80:38:23:af:f9:84:80:be:09:07:0b:
         68:bd:87:a1:4d:7c:ac:f1:05:f0:43:a3:be:80:ef:79:3f:e8:
         e4:c4:90:95:3f:d8:fc:c2:54:98:12:be:b4:13:c0:17:c1:df:
         9b:72:21:d8:30:70:91:7b:cf:16:bc:16:77:d1:62:1a:c3:68:
         81:cc:43:9e:f1:c0:04:b2:a9:cb:b2:dc:a8:73:5b:e9:cf:1e:
         77:d1:b3:c9:f6:df:a5:47:79:92:75:40:2f:5d:f9:2d:3a:bb:
         0d:75:a2:3e:f4:8b:b6:64:75:0d:7f:7c:a3:0f:ac:67:dd:19:
         ba:0d:28:d0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBaIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0MxRkNBRjExMC8GA1UEBRMoMEJDMkVFNjYxMzYyMjgwMzZEMzM2MDI5OUI0QTgz
MTk1RUFEODdDNTAeFw0yNDA0MjMxMDA0MjVaFw0yODA0MjQxMDA0MjVaMBgxFjAU
BgNVBAMTDTY2Mjc4N2FlLWE0YzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDbFxdi52mLPEqourqaX7rZwAkp6QtlD0O9p8yOpWTEEe5fRSkKtyDrfL7O
uQJtKu6dbshflL8KE36DFtE7b8i28tmOW112qs6uUSVz0dJ0vj2dHmRE0/VlWis9
bZ7f66c+4qMS9OjoPPij+H+4LZWHau9R1j8pq0fa98C8CTZRX5X45jD1LVsW6NyV
kdAmYLTt0doSTrHS+fkfSp1I16kkfoJ+yBEUo3rzHO9eGJdYOZZyhMuAT8h86AbG
UKrFS7S/BFBfTAV0YyDod6SEsMUT+59U0+079V9RXzrUVWblTzYnOxbQ1RlNniYb
gZnVQVLY0kdlwoFWOL0PzJFxIL+pAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU/SBJ
RFCoRhS/eaRoBZQ97Zb/jzAwHwYDVR0jBBgwFoAUC8LuZhNiKANtM2Apm0qDGV6t
h8UwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdDMUZDLzgwMjA4M0JDQjU2NDExRUFBQzEzNDY1RUY4QUVBMjI4L0M4THVa
aE5pS0FOdE0yQXBtMHFER1Y2dGg4VS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0M4THVaaE5pS0FOdE0yQXBtMHFER1Y2dGg4VS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdDMUZDLzgwMjA4M0JDQjU2NDExRUFBQzEzNDY1RUY4
QUVBMjI4L0RGRjU5Q0I2MDE1ODExRUZBMDU0OEY1RDAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD+iIMA0GCSqGSIb3DQEB
CwUAA4IBAQCb66oXeuh4LuljUxVNc+4LvRfIbrB/XoYe8IcSImhS4VJMCzXCxI6t
fJ8AKzF5etOR1okOM/7x+nZ64iwCM9M7zsXq6qiA33SWpIo6wgnpZZEt059YCoZf
oSGfWqdAmQlYmtCwVMUFxd0THZiHZlLm1FnGMWWdss8vweptC4rb7AiAz+v0gDgj
r/mEgL4JBwtovYehTXys8QXwQ6O+gO95P+jkxJCVP9j8wlSYEr60E8AXwd+bciHY
MHCRe88WvBZ30WIaw2iBzEOe8cAEsqnLstyoc1vpzx530bPJ9t+lR3mSdUAvXfkt
OrsNdaI+9Iu2ZHUNf3yjD6xn3Rm6DSjQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:45 2024 by rpki-client on console-ams.rpki-client.org