Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/34E4248A363711ECA143FE5DD8A014CE.roa
File:                     34E4248A363711ECA143FE5DD8A014CE.roa (raw, json)
Hash identifier:          utAQECjQz/cl4ohsXb2sILmgopNjFEpZo3RDg6PRMOs=
Subject key identifier:   19:63:B6:20:40:C5:E3:ED:3C:FD:CE:75:B4:0E:04:C8:C6:F2:C0:AD
Certificate issuer:       /CN=F369BAF0AF/serialNumber=27319BFD9C6EC5953E5629599AFFE2D26A9404F2
Certificate serial:       0F
Authority key identifier: 27:31:9B:FD:9C:6E:C5:95:3E:56:29:59:9A:FF:E2:D2:6A:94:04:F2
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/34E4248A363711ECA143FE5DD8A014CE.roa
Signing time:             Tue 26 Oct 2021 08:32:08 +0000
ROA not before:           Tue 26 Oct 2021 08:32:04 +0000
ROA not after:            Mon 26 Oct 2026 08:32:04 +0000
asID:                     328068
IP address blocks:        2c0f:f398::/36 maxlen: 36
                          2c0f:f398:1000::/36 maxlen: 36
                          2c0f:f398:2000::/36 maxlen: 36
                          2c0f:f398:3000::/36 maxlen: 36
                          2c0f:f398:4000::/36 maxlen: 36
                          2c0f:f398:5000::/36 maxlen: 36
                          2c0f:f398:6000::/36 maxlen: 36
                          2c0f:f398:7000::/36 maxlen: 36
                          2c0f:f398:8000::/36 maxlen: 36
                          2c0f:f398:9000::/36 maxlen: 36
                          2c0f:f398:a000::/36 maxlen: 36
                          2c0f:f398:b000::/36 maxlen: 36
                          2c0f:f398:c000::/36 maxlen: 36
                          2c0f:f398:d000::/36 maxlen: 36
                          2c0f:f398:e000::/36 maxlen: 36
                          2c0f:f398:f000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15 (0xf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369BAF0AF/serialNumber=27319BFD9C6EC5953E5629599AFFE2D26A9404F2
        Validity
            Not Before: Oct 26 08:32:04 2021 GMT
            Not After : Oct 26 08:32:04 2026 GMT
        Subject: CN=6177bd08-61c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:23:e8:a3:51:c9:97:e3:5d:5a:69:6a:61:19:
                    ce:e1:08:44:61:ab:dc:09:83:a0:cd:d9:32:67:cf:
                    86:fb:a8:f8:c6:82:7d:de:6b:56:61:7f:fd:a2:3c:
                    0f:14:2a:0d:8e:24:f1:f9:59:60:8a:80:01:82:fd:
                    c9:38:ae:9d:ae:2d:ac:96:41:fa:56:50:65:04:a7:
                    e0:03:4d:4c:51:38:b2:3b:18:4b:5f:96:19:23:93:
                    bf:83:e2:10:a9:95:6e:ef:2b:51:6c:16:38:8a:63:
                    d4:3c:e1:3f:eb:d8:ad:5a:fd:0b:7e:0e:bd:fb:c5:
                    a1:60:9a:ca:fd:ef:83:5e:b1:45:df:8e:bd:1d:41:
                    ea:d6:be:f8:26:b3:74:b3:7b:70:52:35:e1:28:be:
                    95:d1:5d:07:ac:e1:d3:4c:63:62:90:21:25:aa:fe:
                    d3:af:70:43:08:fd:5c:0a:b8:a7:ef:b4:21:3e:7e:
                    cc:77:ea:9c:95:0c:5b:49:3e:8a:a3:51:6e:50:0e:
                    ee:a4:5b:bc:85:aa:c9:f4:b8:8f:83:41:57:07:34:
                    a4:be:68:2a:bd:62:65:e8:80:a5:04:49:ae:ff:ef:
                    7d:d3:55:04:ee:6c:6d:42:e9:bd:9d:1c:86:1e:90:
                    3b:80:bf:ff:fe:4b:b9:f4:61:a2:36:89:19:39:98:
                    86:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:63:B6:20:40:C5:E3:ED:3C:FD:CE:75:B4:0E:04:C8:C6:F2:C0:AD
            X509v3 Authority Key Identifier:
                keyid:27:31:9B:FD:9C:6E:C5:95:3E:56:29:59:9A:FF:E2:D2:6A:94:04:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/34E4248A363711ECA143FE5DD8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f398::/32

    Signature Algorithm: sha256WithRSAEncryption
         c1:52:51:27:35:2b:c7:a7:24:49:89:b4:8b:76:f2:35:0d:7d:
         22:b6:c2:e7:30:8a:26:28:16:cc:17:a2:65:9a:11:71:e0:fc:
         e3:7a:65:6e:3f:d4:c4:5d:54:46:e5:78:f0:d4:a1:11:c8:ad:
         4f:a4:88:c4:e5:7b:d6:10:3a:46:a7:13:07:f6:81:81:41:d0:
         27:3c:d3:ea:2c:bd:77:2e:b1:7e:2f:b2:09:5c:7e:69:8f:15:
         e1:ef:78:fb:b8:2d:cb:7e:85:bb:80:64:22:3e:e1:e6:3c:c3:
         17:59:c3:40:ce:3d:8b:04:c0:20:29:86:11:a7:42:dc:6e:67:
         b2:66:24:c8:9e:88:e4:d8:14:03:d9:6c:5c:96:a6:2d:05:c5:
         26:f9:12:3b:ed:c5:3b:fb:f4:ba:b1:5d:dd:eb:a5:67:9e:c8:
         fc:c5:ba:72:ca:37:82:72:3e:99:78:b0:6a:5b:99:96:e6:6d:
         bb:5c:65:d9:0f:d6:6a:69:00:7e:42:a9:d7:20:9d:1a:af:21:
         88:d9:23:dd:48:71:98:fd:f6:1f:d3:7a:cc:02:5e:be:33:10:
         1e:0a:20:0c:c7:23:3d:42:a8:94:d1:8a:76:fe:a6:f4:85:e6:
         32:1d:25:d0:7c:c0:32:c9:82:cb:72:a8:45:19:e3:04:7e:a0:
         4c:de:70:6f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBDzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY5
QkFGMEFGMTEwLwYDVQQFEygyNzMxOUJGRDlDNkVDNTk1M0U1NjI5NTk5QUZGRTJE
MjZBOTQwNEYyMB4XDTIxMTAyNjA4MzIwNFoXDTI2MTAyNjA4MzIwNFowGDEWMBQG
A1UEAwwNNjE3N2JkMDgtNjFjMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN4j6KNRyZfjXVppamEZzuEIRGGr3AmDoM3ZMmfPhvuo+MaCfd5rVmF//aI8
DxQqDY4k8flZYIqAAYL9yTiuna4trJZB+lZQZQSn4ANNTFE4sjsYS1+WGSOTv4Pi
EKmVbu8rUWwWOIpj1DzhP+vYrVr9C34OvfvFoWCayv3vg16xRd+OvR1B6ta++Caz
dLN7cFI14Si+ldFdB6zh00xjYpAhJar+069wQwj9XAq4p++0IT5+zHfqnJUMW0k+
iqNRblAO7qRbvIWqyfS4j4NBVwc0pL5oKr1iZeiApQRJrv/vfdNVBO5sbULpvZ0c
hh6QO4C///5LufRhojaJGTmYhn8CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQZY7Yg
QMXj7Tz9znW0DgTIxvLArTAfBgNVHSMEGDAWgBQnMZv9nG7FlT5WKVma/+LSapQE
8jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUJBRjAvMTI5ODQ0MzYyQ0JCMTFFQ0IyRDgzNjZFRDhBMDE0Q0UvSnpHYl9a
eHV4WlUtVmlsWm12X2kwbXFVQlBJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSnpHYl9aeHV4WlUtVmlsWm12X2kwbXFVQlBJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUJBRjAvMTI5ODQ0MzYyQ0JCMTFFQ0IyRDgzNjZFRDhB
MDE0Q0UvMzRFNDI0OEEzNjM3MTFFQ0ExNDNGRTVERDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP85gwDQYJKoZIhvcNAQEL
BQADggEBAMFSUSc1K8enJEmJtIt28jUNfSK2wucwiiYoFswXomWaEXHg/ON6ZW4/
1MRdVEblePDUoRHIrU+kiMTle9YQOkanEwf2gYFB0Cc80+osvXcusX4vsglcfmmP
FeHvePu4Lct+hbuAZCI+4eY8wxdZw0DOPYsEwCAphhGnQtxuZ7JmJMieiOTYFAPZ
bFyWpi0FxSb5EjvtxTv79LqxXd3rpWeeyPzFunLKN4JyPpl4sGpbmZbmbbtcZdkP
1mppAH5CqdcgnRqvIYjZI91IcZj99h/TeswCXr4zEB4KIAzHIz1CqJTRinb+pvSF
5jIdJdB8wDLJgstyqEUZ4wR+oEzecG8=
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:27:53 2024 by rpki-client on console-ams.rpki-client.org