Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/4533CC40B91311EDA26291C6F1222468.roa
File:                     4533CC40B91311EDA26291C6F1222468.roa (raw, json)
Hash identifier:          uGFYvGCNbxCuuh0wibkKXQKGhe4pjJXmtLBEpIrE66k=
Subject key identifier:   55:13:F3:2A:7B:08:CA:62:B6:CF:AA:FE:8D:E4:38:00:75:F4:03:BD
Certificate issuer:       /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial:       31
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/4533CC40B91311EDA26291C6F1222468.roa
Signing time:             Thu 02 Mar 2023 15:59:54 +0000
ROA not before:           Thu 02 Mar 2023 15:59:50 +0000
ROA not after:            Fri 01 Mar 2030 15:59:50 +0000
asID:                     33763
IP address blocks:        2c0f:f980:5000::/36 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 49 (0x31)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
        Validity
            Not Before: Mar  2 15:59:50 2023 GMT
            Not After : Mar  1 15:59:50 2030 GMT
        Subject: CN=6400c7f9-ae31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:77:2d:6d:1f:67:51:49:4e:30:72:0e:ce:a6:
                    6d:f7:03:2a:ff:35:6e:c5:82:a9:9a:1c:47:09:f6:
                    5c:7a:9d:ae:9a:8f:79:c0:2f:69:4c:87:fc:d7:9f:
                    e5:6d:d1:40:8e:ad:b0:ab:be:cb:3f:06:d9:ee:ab:
                    c6:27:a5:4d:0a:f2:8a:e1:d2:86:39:d5:d3:5b:cc:
                    50:64:1e:66:c3:e1:09:1c:68:6f:2b:f2:30:1c:50:
                    c3:0a:28:3c:2e:0c:3b:25:78:85:aa:53:76:11:42:
                    d4:b8:e7:09:57:a5:a7:e6:3d:17:55:3f:8b:75:4a:
                    da:c8:92:bd:55:a2:23:6a:a9:c3:1d:2e:76:25:e1:
                    85:8c:cf:b5:74:78:a9:81:45:9d:b2:ac:ba:63:8c:
                    54:1e:44:ad:94:87:85:28:9d:fe:c2:af:22:19:87:
                    71:80:84:d5:a5:f3:c4:47:8f:d8:44:31:de:89:50:
                    48:86:99:f5:ad:1e:dc:81:7f:9a:9e:ba:aa:6b:13:
                    52:76:8e:4f:f2:24:05:1e:1c:71:be:5e:0e:47:07:
                    71:8d:a1:fd:7b:73:26:d3:d8:f7:be:cd:d6:e8:5d:
                    86:07:fd:fc:b3:8d:b3:08:1c:ab:40:be:28:2e:02:
                    a1:65:3e:86:e9:fc:d1:47:33:5e:08:db:9a:00:cd:
                    09:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:13:F3:2A:7B:08:CA:62:B6:CF:AA:FE:8D:E4:38:00:75:F4:03:BD
            X509v3 Authority Key Identifier:
                keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/4533CC40B91311EDA26291C6F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f980:5000::/36

    Signature Algorithm: sha256WithRSAEncryption
         55:f0:86:96:b6:52:0c:1e:15:e8:5c:8e:f0:b6:db:88:2b:8a:
         54:1a:01:d0:02:d8:86:ec:06:48:c6:1e:48:56:50:8b:41:be:
         fe:83:75:e4:8f:99:73:41:ca:d9:c9:6d:39:bb:0b:67:d7:f2:
         72:65:11:5c:5a:7c:07:56:9b:67:68:cf:53:86:82:b1:18:d2:
         3b:79:48:89:e1:18:43:a9:f4:89:b5:8a:27:c0:35:6c:8d:67:
         28:be:ea:15:20:18:dc:64:49:82:61:28:85:21:a8:19:a4:a7:
         37:14:b0:98:fe:cd:06:e8:3e:26:83:75:29:c2:1b:07:01:9f:
         06:d4:d7:fd:25:c0:e3:ef:99:8e:69:1e:04:e2:a3:61:14:6c:
         c5:65:9d:5a:dd:9c:f1:f2:66:2b:50:60:4e:a7:f4:c7:58:3e:
         f9:27:f0:51:5b:a6:e3:8b:04:61:f4:28:cb:10:f4:af:ac:c0:
         86:47:61:9d:0f:67:f5:64:e9:56:3c:4e:d2:d5:e6:1d:ba:31:
         a1:11:7e:12:fd:40:1f:6d:cc:20:cc:e0:2c:93:58:9d:67:c9:
         c2:6a:d8:ba:6f:8b:61:80:a4:4b:e4:1a:50:6b:2a:57:17:b7:
         06:34:0f:43:3b:24:c6:4f:b9:48:87:03:37:67:94:3b:80:a0:
         87:15:14:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBMTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FGMTEwLwYDVQQFEygzRDZFRDkwNTAzN0M4M0M1NzM3ODBCMENDREM3MEQ1
RDhDRUYwMzhCMB4XDTIzMDMwMjE1NTk1MFoXDTMwMDMwMTE1NTk1MFowGDEWMBQG
A1UEAwwNNjQwMGM3ZjktYWUzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ13LW0fZ1FJTjByDs6mbfcDKv81bsWCqZocRwn2XHqdrpqPecAvaUyH/Nef
5W3RQI6tsKu+yz8G2e6rxielTQryiuHShjnV01vMUGQeZsPhCRxobyvyMBxQwwoo
PC4MOyV4hapTdhFC1LjnCVelp+Y9F1U/i3VK2siSvVWiI2qpwx0udiXhhYzPtXR4
qYFFnbKsumOMVB5ErZSHhSid/sKvIhmHcYCE1aXzxEeP2EQx3olQSIaZ9a0e3IF/
mp66qmsTUnaOT/IkBR4ccb5eDkcHcY2h/XtzJtPY977N1uhdhgf9/LONswgcq0C+
KC4CoWU+hun80UczXgjbmgDNCQMCAwEAAaOCAqcwggKjMB0GA1UdDgQWBBRVE/Mq
ewjKYrbPqv6N5DgAdfQDvTAfBgNVHSMEGDAWgBQ9btkFA3yDxXN4CwzNxw1djO8D
izAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEyMjI0NjgvUFc3WkJR
TjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFc3WkJRTjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEy
MjI0NjgvNDUzM0NDNDBCOTEzMTFFREEyNjI5MUM2RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCwP+YBQMA0GCSqGSIb3DQEB
CwUAA4IBAQBV8IaWtlIMHhXoXI7wttuIK4pUGgHQAtiG7AZIxh5IVlCLQb7+g3Xk
j5lzQcrZyW05uwtn1/JyZRFcWnwHVptnaM9ThoKxGNI7eUiJ4RhDqfSJtYonwDVs
jWcovuoVIBjcZEmCYSiFIagZpKc3FLCY/s0G6D4mg3UpwhsHAZ8G1Nf9JcDj75mO
aR4E4qNhFGzFZZ1a3Zzx8mYrUGBOp/THWD75J/BRW6bjiwRh9CjLEPSvrMCGR2Gd
D2f1ZOlWPE7S1eYdujGhEX4S/UAfbcwgzOAsk1idZ8nCati6b4thgKRL5BpQaypX
F7cGNA9DOyTGT7lIhwM3Z5Q7gKCHFRSe
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org