Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36997F0/42857F08A8CA11EB877FD07CF8AEA228/B74802AEB6EC11EBA8259758F8AEA228.roa
File:                     B74802AEB6EC11EBA8259758F8AEA228.roa (raw, json)
Hash identifier:          APjLaXV6AoRKGJ3Woce92XxXLC4ufsyIkSG6DvxDn0M=
Subject key identifier:   08:18:C2:E3:98:34:E7:E6:13:2F:1B:9E:68:06:60:2A:ED:81:16:AD
Certificate issuer:       /CN=F36997F0AF/serialNumber=8CB8ABA0ECE947739B95EADB881EA1D0D2FFD3D0
Certificate serial:       17
Authority key identifier: 8C:B8:AB:A0:EC:E9:47:73:9B:95:EA:DB:88:1E:A1:D0:D2:FF:D3:D0
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/jLiroOzpR3OblerbiB6h0NL_09A.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36997F0/42857F08A8CA11EB877FD07CF8AEA228/B74802AEB6EC11EBA8259758F8AEA228.roa
Signing time:             Mon 17 May 2021 08:48:57 +0000
ROA not before:           Mon 17 May 2021 08:48:51 +0000
ROA not after:            Wed 01 May 2030 08:48:51 +0000
asID:                     328843
IP address blocks:        2c0f:5e00::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36997F0/42857F08A8CA11EB877FD07CF8AEA228/jLiroOzpR3OblerbiB6h0NL_09A.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36997F0/42857F08A8CA11EB877FD07CF8AEA228/jLiroOzpR3OblerbiB6h0NL_09A.mft
                          rsync://rpki.afrinic.net/repository/afrinic/jLiroOzpR3OblerbiB6h0NL_09A.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23 (0x17)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36997F0AF/serialNumber=8CB8ABA0ECE947739B95EADB881EA1D0D2FFD3D0
        Validity
            Not Before: May 17 08:48:51 2021 GMT
            Not After : May  1 08:48:51 2030 GMT
        Subject: CN=60a22df9-abb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:06:57:9c:50:1a:26:b7:21:07:f6:24:93:d0:
                    57:a5:d5:e1:88:5e:40:b1:53:60:07:00:ff:11:8c:
                    58:cb:3b:d4:48:9c:bc:ce:50:27:6a:57:cf:44:5b:
                    35:44:35:7c:22:71:57:c7:83:8e:f3:b8:a8:57:88:
                    5a:0a:3a:f2:b0:7d:6f:68:ee:f3:84:13:41:0e:62:
                    9a:e1:53:8e:2e:16:4b:42:aa:7a:21:95:3a:31:7b:
                    26:98:7e:53:3b:03:fb:60:f7:9a:19:93:88:e6:62:
                    33:46:26:05:e8:e3:33:aa:00:9f:ae:8f:e5:b6:b2:
                    c7:ff:38:5f:9d:b0:87:fe:63:df:af:c4:87:a0:61:
                    23:b3:92:27:25:77:bb:f3:4c:b1:fd:46:d1:b7:62:
                    b3:20:53:9f:47:9a:c9:92:f8:bb:0e:8b:29:15:0c:
                    91:f1:2c:b0:28:eb:97:4d:3a:0d:8d:69:90:1e:e7:
                    f7:75:41:2c:27:2d:8d:71:b4:6d:bc:1d:49:34:58:
                    38:7b:1e:f2:4c:1b:c1:17:29:dd:52:19:7b:56:11:
                    c7:35:ad:b7:2e:57:47:dc:04:02:77:52:f0:50:66:
                    8a:e0:94:44:47:b2:fb:27:4c:54:99:bc:8e:9a:60:
                    78:51:94:64:c5:d5:50:bd:d7:d8:6f:76:da:32:eb:
                    c9:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:18:C2:E3:98:34:E7:E6:13:2F:1B:9E:68:06:60:2A:ED:81:16:AD
            X509v3 Authority Key Identifier:
                keyid:8C:B8:AB:A0:EC:E9:47:73:9B:95:EA:DB:88:1E:A1:D0:D2:FF:D3:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36997F0/42857F08A8CA11EB877FD07CF8AEA228/jLiroOzpR3OblerbiB6h0NL_09A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jLiroOzpR3OblerbiB6h0NL_09A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36997F0/42857F08A8CA11EB877FD07CF8AEA228/B74802AEB6EC11EBA8259758F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:5e00::/32

    Signature Algorithm: sha256WithRSAEncryption
         20:8f:1e:33:bf:b2:9d:23:ce:98:b2:f7:84:75:73:ef:55:55:
         8c:16:a7:08:ff:55:5d:4d:ad:c9:71:04:16:1f:3b:d4:03:13:
         5c:07:5a:6f:f0:27:c3:0f:79:fc:ce:a8:01:63:a3:df:da:d3:
         74:43:e1:09:b8:d8:df:44:75:a4:51:c1:99:fd:8a:ff:a3:e9:
         ef:70:df:28:dd:78:33:28:ea:16:f0:a8:f9:c9:ad:15:06:07:
         50:12:c2:92:37:5d:f5:e8:50:a5:38:a1:de:1b:bb:46:88:c4:
         ec:0c:39:5f:dc:a6:71:23:da:41:53:d1:d4:b4:6a:49:db:4e:
         e4:d9:16:25:61:0a:09:c9:ac:55:21:73:2d:7d:07:03:f1:88:
         c5:47:a2:27:cd:d9:4c:7d:0b:bf:e7:f1:0e:de:73:0f:ba:47:
         14:ee:00:88:3a:b9:e2:30:c5:ef:8a:06:c6:99:0a:b6:b6:18:
         4e:79:fc:0f:84:49:e4:ac:3f:5e:dc:be:18:00:05:3d:ed:50:
         62:d3:50:79:34:d3:c0:3f:c2:06:62:29:9c:44:9b:2b:e3:48:
         6c:ac:35:01:5b:dc:90:1d:cc:f6:f3:7c:ec:74:0f:e6:bf:fd:
         59:e6:59:23:c3:0a:d2:c7:87:83:85:89:53:00:3e:a6:00:9e:
         fe:28:80:87
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBFzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
OTdGMEFGMTEwLwYDVQQFEyg4Q0I4QUJBMEVDRTk0NzczOUI5NUVBREI4ODFFQTFE
MEQyRkZEM0QwMB4XDTIxMDUxNzA4NDg1MVoXDTMwMDUwMTA4NDg1MVowGDEWMBQG
A1UEAxMNNjBhMjJkZjktYWJiMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoGV5xQGia3IQf2JJPQV6XV4YheQLFTYAcA/xGMWMs71EicvM5QJ2pXz0Rb
NUQ1fCJxV8eDjvO4qFeIWgo68rB9b2ju84QTQQ5imuFTji4WS0KqeiGVOjF7Jph+
UzsD+2D3mhmTiOZiM0YmBejjM6oAn66P5bayx/84X52wh/5j36/Eh6BhI7OSJyV3
u/NMsf1G0bdisyBTn0eayZL4uw6LKRUMkfEssCjrl006DY1pkB7n93VBLCctjXG0
bbwdSTRYOHse8kwbwRcp3VIZe1YRxzWtty5XR9wEAndS8FBmiuCUREey+ydMVJm8
jppgeFGUZMXVUL3X2G922jLrye0CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQIGMLj
mDTn5hMvG55oBmAq7YEWrTAfBgNVHSMEGDAWgBSMuKug7OlHc5uV6tuIHqHQ0v/T
0DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTk3RjAvNDI4NTdGMDhBOENBMTFFQjg3N0ZEMDdDRjhBRUEyMjgvakxpcm9P
enBSM09ibGVyYmlCNmgwTkxfMDlBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvakxpcm9PenBSM09ibGVyYmlCNmgwTkxfMDlBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTk3RjAvNDI4NTdGMDhBOENBMTFFQjg3N0ZEMDdDRjhB
RUEyMjgvQjc0ODAyQUVCNkVDMTFFQkE4MjU5NzU4RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPXgAwDQYJKoZIhvcNAQEL
BQADggEBACCPHjO/sp0jzpiy94R1c+9VVYwWpwj/VV1NrclxBBYfO9QDE1wHWm/w
J8MPefzOqAFjo9/a03RD4Qm42N9EdaRRwZn9iv+j6e9w3yjdeDMo6hbwqPnJrRUG
B1ASwpI3XfXoUKU4od4bu0aIxOwMOV/cpnEj2kFT0dS0aknbTuTZFiVhCgnJrFUh
cy19BwPxiMVHoifN2Ux9C7/n8Q7ecw+6RxTuAIg6ueIwxe+KBsaZCra2GE55/A+E
SeSsP17cvhgABT3tUGLTUHk008A/wgZiKZxEmyvjSGysNQFb3JAdzPbzfOx0D+a/
/VnmWSPDCtLHh4OFiVMAPqYAnv4ogIc=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:19:14 2024 by rpki-client on console-ams.rpki-client.org