Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/B9F90030CA1C11EDBFFA0FF2F1222468.roa
File:                     B9F90030CA1C11EDBFFA0FF2F1222468.roa (raw, json)
Hash identifier:          cWcZzuvRuDq+Jmh8UmTzTr/O6HiM+9Qq3Jv7REdGofw=
Subject key identifier:   6C:7E:1F:39:25:8A:C1:F9:8E:D8:10:7D:6A:BA:82:9C:BB:CE:6F:6E
Certificate issuer:       /CN=F369BAF0AF/serialNumber=27319BFD9C6EC5953E5629599AFFE2D26A9404F2
Certificate serial:       0225
Authority key identifier: 27:31:9B:FD:9C:6E:C5:95:3E:56:29:59:9A:FF:E2:D2:6A:94:04:F2
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/B9F90030CA1C11EDBFFA0FF2F1222468.roa
Signing time:             Fri 24 Mar 2023 08:20:25 +0000
ROA not before:           Fri 24 Mar 2023 08:20:19 +0000
ROA not after:            Fri 24 Mar 2028 08:20:19 +0000
asID:                     328068
IP address blocks:        2c0f:f398::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 549 (0x225)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369BAF0AF/serialNumber=27319BFD9C6EC5953E5629599AFFE2D26A9404F2
        Validity
            Not Before: Mar 24 08:20:19 2023 GMT
            Not After : Mar 24 08:20:19 2028 GMT
        Subject: CN=641d5d49-d273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ef:07:87:29:1e:84:3c:ef:e6:b3:18:ae:6e:
                    27:3a:6a:f2:b8:61:16:6e:fd:3f:cb:5a:31:1a:53:
                    48:96:20:11:8e:52:06:8c:01:5d:72:e1:0b:5f:80:
                    8c:55:c6:02:a9:2f:67:fa:2c:61:de:1a:9c:93:d7:
                    ba:51:cc:a1:94:59:e3:cb:cf:49:79:e5:37:d2:d3:
                    32:5a:4b:ed:a7:24:7f:52:1c:b3:dc:f7:ef:87:8e:
                    20:15:25:7b:9f:0e:0b:30:f8:f4:9c:4f:ff:7e:23:
                    49:1b:82:36:c2:e7:b3:29:0a:98:78:bd:34:35:e7:
                    0a:bb:e1:6f:79:43:63:eb:a0:ba:59:5b:31:e3:25:
                    f2:e6:97:42:6f:ef:15:9f:78:2c:49:4f:87:68:0e:
                    9f:28:d1:4b:4c:d8:94:ef:e1:3c:74:2a:f0:a4:70:
                    4e:9f:7a:e8:f7:c7:04:3b:3f:5a:b5:d1:23:1b:ef:
                    0c:01:4e:d0:d8:4d:d7:8c:48:4b:e4:78:f9:5a:01:
                    46:a8:cc:97:c0:70:f7:93:f3:4d:5b:42:e5:64:b3:
                    34:8c:8d:a4:0c:01:28:dc:e2:88:d3:41:43:47:eb:
                    ac:3f:ac:18:54:dd:cb:6e:7b:8d:09:76:de:6a:7d:
                    af:42:a0:fb:ac:01:5c:e9:18:8c:c8:f3:0f:0e:3b:
                    35:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:7E:1F:39:25:8A:C1:F9:8E:D8:10:7D:6A:BA:82:9C:BB:CE:6F:6E
            X509v3 Authority Key Identifier:
                keyid:27:31:9B:FD:9C:6E:C5:95:3E:56:29:59:9A:FF:E2:D2:6A:94:04:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/B9F90030CA1C11EDBFFA0FF2F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f398::/32

    Signature Algorithm: sha256WithRSAEncryption
         4c:dd:e0:82:d8:36:f5:12:04:7a:31:c3:70:a6:3e:19:e2:4b:
         2f:f1:76:4a:bb:1f:2e:bf:6a:57:0b:9f:ed:6c:8a:05:57:a0:
         bc:bb:c3:c3:ac:da:c3:44:07:d1:22:92:3f:7c:c1:fa:19:9b:
         d2:bc:4d:8c:20:c2:98:32:61:90:5c:90:ec:e7:b0:0a:a2:71:
         8f:90:80:2e:79:6d:28:b1:0e:33:49:33:ed:93:db:77:d9:29:
         cf:5e:91:ec:a6:ac:94:49:9a:9b:cc:f6:d4:15:7c:f5:d6:ad:
         ab:07:0e:6a:8d:ff:70:d6:af:33:2b:d3:35:16:e8:d4:fb:68:
         a9:2c:3b:fe:b7:34:b5:de:61:a1:20:88:23:c0:b5:81:28:7b:
         58:4d:8b:ae:67:85:4e:5f:3d:cd:1d:c6:a4:b6:a2:6a:bf:f6:
         8b:be:86:f0:71:9c:55:c1:e2:95:2b:d0:db:dd:97:98:2b:19:
         c0:bc:da:35:13:63:00:97:dc:2d:f8:4c:03:b2:d8:57:5d:bc:
         2d:11:ba:fe:86:c1:97:69:f0:ef:8f:2d:cd:a1:77:90:b0:1c:
         eb:57:06:4a:70:a5:54:e1:8f:27:d2:44:4d:54:9c:9b:be:24:
         12:d8:90:9f:6f:49:b2:a4:24:bd:8b:d7:83:f7:e6:12:ee:38:
         87:02:78:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAiUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OUJBRjBBRjExMC8GA1UEBRMoMjczMTlCRkQ5QzZFQzU5NTNFNTYyOTU5OUFGRkUy
RDI2QTk0MDRGMjAeFw0yMzAzMjQwODIwMTlaFw0yODAzMjQwODIwMTlaMBgxFjAU
BgNVBAMMDTY0MWQ1ZDQ5LWQyNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC17weHKR6EPO/msxiubic6avK4YRZu/T/LWjEaU0iWIBGOUgaMAV1y4Qtf
gIxVxgKpL2f6LGHeGpyT17pRzKGUWePLz0l55TfS0zJaS+2nJH9SHLPc9++HjiAV
JXufDgsw+PScT/9+I0kbgjbC57MpCph4vTQ15wq74W95Q2ProLpZWzHjJfLml0Jv
7xWfeCxJT4doDp8o0UtM2JTv4Tx0KvCkcE6feuj3xwQ7P1q10SMb7wwBTtDYTdeM
SEvkePlaAUaozJfAcPeT801bQuVkszSMjaQMASjc4ojTQUNH66w/rBhU3ctue40J
dt5qfa9CoPusAVzpGIzI8w8OOzVxAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUbH4f
OSWKwfmO2BB9arqCnLvOb24wHwYDVR0jBBgwFoAUJzGb/ZxuxZU+VilZmv/i0mqU
BPIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlCQUYwLzEyOTg0NDM2MkNCQjExRUNCMkQ4MzY2RUQ4QTAxNENFL0p6R2Jf
Wnh1eFpVLVZpbFptdl9pMG1xVUJQSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0p6R2JfWnh1eFpVLVZpbFptdl9pMG1xVUJQSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlCQUYwLzEyOTg0NDM2MkNCQjExRUNCMkQ4MzY2RUQ4
QTAxNENFL0I5RjkwMDMwQ0ExQzExRURCRkZBMEZGMkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/OYMA0GCSqGSIb3DQEB
CwUAA4IBAQBM3eCC2Db1EgR6McNwpj4Z4ksv8XZKux8uv2pXC5/tbIoFV6C8u8PD
rNrDRAfRIpI/fMH6GZvSvE2MIMKYMmGQXJDs57AKonGPkIAueW0osQ4zSTPtk9t3
2SnPXpHspqyUSZqbzPbUFXz11q2rBw5qjf9w1q8zK9M1FujU+2ipLDv+tzS13mGh
IIgjwLWBKHtYTYuuZ4VOXz3NHcaktqJqv/aLvobwcZxVweKVK9Db3ZeYKxnAvNo1
E2MAl9wt+EwDsthXXbwtEbr+hsGXafDvjy3NoXeQsBzrVwZKcKVU4Y8n0kRNVJyb
viQS2JCfb0mypCS9i9eD9+YS7jiHAnjn
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:17 2024 by rpki-client on console-ams.rpki-client.org