Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/BCAF9294702811EB8791AD25F8AEA228.roa
File:                     BCAF9294702811EB8791AD25F8AEA228.roa (raw, json)
Hash identifier:          AT0o7ug7v2ZBAyMdgUq3SD/St9P0mYCt+1mdlQ+38qg=
Subject key identifier:   C7:D7:CF:41:BC:B2:FA:E2:EF:CF:CB:E6:2C:B7:55:90:B3:A4:A7:6E
Certificate issuer:       /CN=F368A3D1AF/serialNumber=AE51D25716DDB4CCA31B2E985E0A7525F7F4B9C6
Certificate serial:       04
Authority key identifier: AE:51:D2:57:16:DD:B4:CC:A3:1B:2E:98:5E:0A:75:25:F7:F4:B9:C6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/BCAF9294702811EB8791AD25F8AEA228.roa
Signing time:             Tue 16 Feb 2021 07:29:45 +0000
ROA not before:           Tue 16 Feb 2021 07:29:38 +0000
ROA not after:            Fri 01 Feb 2030 07:29:38 +0000
asID:                     328795
IP address blocks:        2c0f:3400::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368A3D1AF/serialNumber=AE51D25716DDB4CCA31B2E985E0A7525F7F4B9C6
        Validity
            Not Before: Feb 16 07:29:38 2021 GMT
            Not After : Feb  1 07:29:38 2030 GMT
        Subject: CN=602b7469-62f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:77:a3:1a:36:00:79:58:88:71:e9:d2:92:be:
                    94:08:9c:18:5e:69:e9:cf:41:15:1d:f6:61:99:ff:
                    75:ff:f0:76:21:66:94:d0:8a:dc:43:04:30:c3:8d:
                    38:bd:a1:df:8b:9f:fc:fe:3c:40:20:53:25:50:c7:
                    69:42:8f:1c:9b:6c:6b:74:ec:4a:9f:2e:60:41:fd:
                    cc:2b:bf:ec:8c:54:37:dd:a5:a5:c1:25:28:13:21:
                    a8:ce:85:18:1e:1e:45:f0:4d:5f:a6:00:d4:06:1a:
                    21:58:23:ba:7a:81:89:f4:e6:0d:8d:29:a8:a8:44:
                    0f:51:c2:d3:1c:ab:fa:6d:ca:5f:5b:33:0b:1f:72:
                    52:f9:ba:85:4b:9c:e4:12:6c:7a:fa:32:7f:ee:ce:
                    d9:cf:d2:3b:42:a5:88:76:a5:05:9b:e8:b9:2b:17:
                    00:f2:c0:1f:20:67:17:b0:5a:10:33:31:71:5f:74:
                    4b:87:7f:9e:96:3b:ba:38:a8:00:b4:50:5c:55:51:
                    cd:b7:6f:45:57:bc:6a:83:0b:4c:c4:4b:f0:97:e0:
                    12:3b:80:8d:d9:d7:48:09:a8:0a:42:4c:fd:be:48:
                    2d:c0:69:1f:ad:7e:99:23:db:88:1a:2d:f9:42:17:
                    69:23:11:a4:88:0b:18:4f:f3:97:86:56:f6:be:36:
                    cb:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:D7:CF:41:BC:B2:FA:E2:EF:CF:CB:E6:2C:B7:55:90:B3:A4:A7:6E
            X509v3 Authority Key Identifier:
                keyid:AE:51:D2:57:16:DD:B4:CC:A3:1B:2E:98:5E:0A:75:25:F7:F4:B9:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/rlHSVxbdtMyjGy6YXgp1Jff0ucY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rlHSVxbdtMyjGy6YXgp1Jff0ucY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368A3D1/73732E56702811EBB2F96825F8AEA228/BCAF9294702811EB8791AD25F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:3400::/32

    Signature Algorithm: sha256WithRSAEncryption
         73:58:04:91:c5:55:77:03:e6:b2:71:e1:ca:a0:b9:be:18:3e:
         71:2c:e3:8d:ba:2c:7c:a4:d2:e7:20:14:1f:ea:62:26:4a:3e:
         34:4b:95:7c:94:61:69:a4:78:36:6c:79:2d:0d:57:cb:25:82:
         25:87:9f:d9:54:6f:94:e3:5a:48:e3:3e:ed:d9:44:2b:23:24:
         12:a7:f3:fe:0e:5d:68:21:53:af:ea:1d:c4:af:3f:e5:8c:aa:
         95:52:80:41:75:11:5e:3d:c2:05:7c:a0:d8:06:56:ce:81:02:
         85:ac:d5:93:ee:02:e2:55:0c:70:fa:fa:fc:f7:6c:03:1b:90:
         47:7d:ac:43:11:a6:d9:c5:20:30:46:c6:5e:ee:6e:9e:24:e3:
         09:77:7a:9c:5d:5c:4d:56:5f:82:01:8b:fe:b9:2e:8c:29:c8:
         d5:01:79:e3:af:66:46:ca:49:6b:55:ca:61:7e:66:9f:c1:3c:
         07:fc:e7:07:ec:0a:6c:1a:48:81:4b:53:d8:67:62:a4:50:b1:
         b9:b4:3d:97:c3:98:30:36:db:b3:59:84:fa:ce:94:fb:ba:62:
         2d:51:47:14:53:ac:02:0e:7b:09:1d:63:15:2f:38:62:67:20:
         01:2b:ab:16:f0:30:ae:6c:90:db:62:34:82:aa:08:56:80:8f:
         3c:92:8e:8f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
QTNEMUFGMTEwLwYDVQQFEyhBRTUxRDI1NzE2RERCNENDQTMxQjJFOTg1RTBBNzUy
NUY3RjRCOUM2MB4XDTIxMDIxNjA3MjkzOFoXDTMwMDIwMTA3MjkzOFowGDEWMBQG
A1UEAxMNNjAyYjc0NjktNjJmODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPB3oxo2AHlYiHHp0pK+lAicGF5p6c9BFR32YZn/df/wdiFmlNCK3EMEMMON
OL2h34uf/P48QCBTJVDHaUKPHJtsa3TsSp8uYEH9zCu/7IxUN92lpcElKBMhqM6F
GB4eRfBNX6YA1AYaIVgjunqBifTmDY0pqKhED1HC0xyr+m3KX1szCx9yUvm6hUuc
5BJsevoyf+7O2c/SO0KliHalBZvouSsXAPLAHyBnF7BaEDMxcV90S4d/npY7ujio
ALRQXFVRzbdvRVe8aoMLTMRL8JfgEjuAjdnXSAmoCkJM/b5ILcBpH61+mSPbiBot
+UIXaSMRpIgLGE/zl4ZW9r42yxMCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBTH189B
vLL64u/Py+Yst1WQs6SnbjAfBgNVHSMEGDAWgBSuUdJXFt20zKMbLpheCnUl9/S5
xjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OEEzRDEvNzM3MzJFNTY3MDI4MTFFQkIyRjk2ODI1RjhBRUEyMjgvcmxIU1Z4
YmR0TXlqR3k2WVhncDFKZmYwdWNZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcmxIU1Z4YmR0TXlqR3k2WVhncDFKZmYwdWNZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OEEzRDEvNzM3MzJFNTY3MDI4MTFFQkIyRjk2ODI1RjhB
RUEyMjgvQkNBRjkyOTQ3MDI4MTFFQjg3OTFBRDI1RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPNAAwDQYJKoZIhvcNAQEL
BQADggEBAHNYBJHFVXcD5rJx4cqgub4YPnEs4426LHyk0ucgFB/qYiZKPjRLlXyU
YWmkeDZseS0NV8slgiWHn9lUb5TjWkjjPu3ZRCsjJBKn8/4OXWghU6/qHcSvP+WM
qpVSgEF1EV49wgV8oNgGVs6BAoWs1ZPuAuJVDHD6+vz3bAMbkEd9rEMRptnFIDBG
xl7ubp4k4wl3epxdXE1WX4IBi/65LowpyNUBeeOvZkbKSWtVymF+Zp/BPAf85wfs
CmwaSIFLU9hnYqRQsbm0PZfDmDA227NZhPrOlPu6Yi1RRxRTrAIOewkdYxUvOGJn
IAErqxbwMK5skNtiNIKqCFaAjzySjo8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:57 2024 by rpki-client on console-fra.rpki-client.org