Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/1FAC5C58642B11EEB88178264AD9E6FC.roa
File:                     1FAC5C58642B11EEB88178264AD9E6FC.roa (raw, json)
Hash identifier:          ue0lR9LPzTbHOKn7vlKdSh3YCZxWA6gtEHdH+8CALYY=
Subject key identifier:   B5:FF:6F:E4:D5:27:90:B3:4B:F1:13:D8:95:9A:9D:40:CE:52:F3:79
Certificate issuer:       /CN=F369591CAF/serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Certificate serial:       E4
Authority key identifier: C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/1FAC5C58642B11EEB88178264AD9E6FC.roa
Signing time:             Fri 06 Oct 2023 09:31:27 +0000
ROA not before:           Fri 06 Oct 2023 09:31:24 +0000
ROA not after:            Mon 06 Oct 2025 09:31:24 +0000
asID:                     15964
IP address blocks:        2001:4268::/32 maxlen: 32
                          2001:4268::/48 maxlen: 48
                          2001:4268:1::/48 maxlen: 48
                          2001:4268:2::/48 maxlen: 48
                          2001:4268:110::/44 maxlen: 44
                          2001:4268:130::/44 maxlen: 44
                          2001:4268:1a0::/48 maxlen: 48
                          2001:4268:1a1::/48 maxlen: 48
                          2001:4268:1a2::/48 maxlen: 48
                          2001:4268:1a3::/48 maxlen: 48
                          2001:4268:200::/48 maxlen: 48
                          2001:4268:210::/44 maxlen: 44
                          2001:4268:220::/48 maxlen: 48
                          2001:4268:2a0::/48 maxlen: 48
                          2001:4268:600::/40 maxlen: 40
                          2001:4268:1110::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 228 (0xe4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369591CAF/serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
        Validity
            Not Before: Oct  6 09:31:24 2023 GMT
            Not After : Oct  6 09:31:24 2025 GMT
        Subject: CN=651fd3ef-cb6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:bc:09:b4:75:b7:50:eb:03:a2:f4:35:4e:ec:
                    cb:2c:b1:59:c9:ff:c7:53:d0:ae:c7:50:1d:91:73:
                    2c:75:f5:59:56:27:b1:43:27:ad:2e:2f:83:e4:6b:
                    b9:34:2d:e7:aa:e6:78:7d:6a:17:c7:96:91:18:a9:
                    5a:18:a9:70:08:36:01:31:4d:b6:50:f1:3e:79:34:
                    5a:a1:c4:95:72:81:63:61:6f:df:fd:ed:9b:67:d6:
                    a2:c0:9a:17:91:03:35:99:3f:b6:4a:09:42:4e:0c:
                    98:ee:e2:0d:68:43:a5:4e:34:ae:7f:7a:97:1a:3c:
                    5e:4e:91:73:19:ff:25:a8:b0:23:a1:87:d9:28:8b:
                    7a:27:63:a1:a0:25:d6:86:6d:ae:af:aa:1c:2c:a4:
                    07:f9:76:47:b2:df:ea:8c:af:4f:53:a7:f6:cd:8b:
                    58:19:f8:51:96:14:80:1b:98:31:84:7a:76:66:4d:
                    d3:3c:8b:6a:01:0c:89:16:52:da:6b:72:6a:07:c4:
                    fe:f3:15:c3:46:67:f6:bb:7d:79:c0:a5:d1:b5:1b:
                    73:33:10:fc:77:dc:25:3e:07:3d:08:a5:25:76:2e:
                    c9:f2:4c:05:c9:a1:38:9b:5b:af:cb:7d:c1:19:a2:
                    0c:b2:b9:98:c1:cd:cd:57:c5:30:ef:b8:fa:28:c9:
                    19:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:FF:6F:E4:D5:27:90:B3:4B:F1:13:D8:95:9A:9D:40:CE:52:F3:79
            X509v3 Authority Key Identifier:
                keyid:C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/1FAC5C58642B11EEB88178264AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4268::/32

    Signature Algorithm: sha256WithRSAEncryption
         2a:bd:54:69:b2:d5:e0:12:95:4d:fc:5b:ee:47:c3:70:24:da:
         9e:df:c3:f0:42:cf:e4:65:66:10:69:4e:71:4f:44:22:02:65:
         7e:5e:f6:de:6b:00:d8:48:28:02:bf:3b:9a:38:eb:17:37:07:
         a1:75:dc:55:8b:03:51:c4:c9:c8:3b:b5:4e:cd:fd:f8:d8:77:
         83:c6:42:c3:4d:62:04:6f:38:e3:9a:0a:53:c7:8b:98:40:9f:
         97:22:3c:3e:33:e7:5c:ae:fd:86:51:7d:8f:b0:ef:79:f2:e2:
         26:fa:e3:45:0b:03:91:25:d1:c4:12:51:94:7c:50:33:89:11:
         33:b3:75:ad:63:8d:c3:75:3f:c4:f4:a6:a6:68:36:3d:6b:8d:
         30:fa:d7:53:d2:cb:c8:02:e7:10:01:cb:24:f1:f2:06:0c:51:
         58:59:31:78:10:30:cc:2b:f8:87:a9:61:0c:6c:c1:07:07:3f:
         27:2b:3d:38:dd:00:c0:bb:92:34:5b:42:2e:d4:18:3b:af:69:
         52:d5:2c:28:7a:5b:23:a0:51:d9:5d:db:26:14:68:0c:84:b7:
         24:33:b2:84:ac:7d:08:7f:a5:fa:2f:ec:c2:dd:7e:65:1c:db:
         26:d8:a5:0f:73:4a:34:4b:f2:aa:42:86:50:5f:e3:6a:34:b1:
         dc:3d:17:d9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAOQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTU5MUNBRjExMC8GA1UEBRMoQzEwOTBEMzdEQTlGRkVFRTFBOUMyMjlCQUZGMTE5
MEJEMjJFODkzNDAeFw0yMzEwMDYwOTMxMjRaFw0yNTEwMDYwOTMxMjRaMBgxFjAU
BgNVBAMTDTY1MWZkM2VmLWNiNmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDVvAm0dbdQ6wOi9DVO7MsssVnJ/8dT0K7HUB2Rcyx19VlWJ7FDJ60uL4Pk
a7k0Leeq5nh9ahfHlpEYqVoYqXAINgExTbZQ8T55NFqhxJVygWNhb9/97Ztn1qLA
mheRAzWZP7ZKCUJODJju4g1oQ6VONK5/epcaPF5OkXMZ/yWosCOhh9koi3onY6Gg
JdaGba6vqhwspAf5dkey3+qMr09Tp/bNi1gZ+FGWFIAbmDGEenZmTdM8i2oBDIkW
UtprcmoHxP7zFcNGZ/a7fXnApdG1G3MzEPx33CU+Bz0IpSV2LsnyTAXJoTibW6/L
fcEZogyyuZjBzc1XxTDvuPooyRmVAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUtf9v
5NUnkLNL8RPYlZqdQM5S83kwHwYDVR0jBBgwFoAUwQkNN9qf/u4anCKbr/EZC9Iu
iTQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYxMjIyNDY4L3dRa05O
OXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dRa05OOXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYx
MjIyNDY4LzFGQUM1QzU4NjQyQjExRUVCODgxNzgyNjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAgAUJoMA0GCSqGSIb3DQEB
CwUAA4IBAQAqvVRpstXgEpVN/FvuR8NwJNqe38PwQs/kZWYQaU5xT0QiAmV+Xvbe
awDYSCgCvzuaOOsXNwehddxViwNRxMnIO7VOzf342HeDxkLDTWIEbzjjmgpTx4uY
QJ+XIjw+M+dcrv2GUX2PsO958uIm+uNFCwORJdHEElGUfFAziREzs3WtY43DdT/E
9KamaDY9a40w+tdT0svIAucQAcsk8fIGDFFYWTF4EDDMK/iHqWEMbMEHBz8nKz04
3QDAu5I0W0Iu1Bg7r2lS1SwoelsjoFHZXdsmFGgMhLckM7KErH0If6X6L+zC3X5l
HNsm2KUPc0o0S/KqQoZQX+NqNLHcPRfZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:14 2024 by rpki-client on console-ams.rpki-client.org