Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/4577EBD2124811ECB3765C5ED8A014CE.roa
File:                     4577EBD2124811ECB3765C5ED8A014CE.roa (raw, json)
Hash identifier:          C6keONk5pX9vxi2GbZolDI5QMW6KdyBmAMv7Kf4uGPQ=
Subject key identifier:   58:ED:B2:42:1A:A5:20:F3:D1:2C:44:A5:EB:7B:C9:F9:C1:0D:66:F0
Certificate issuer:       /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial:       38
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/4577EBD2124811ECB3765C5ED8A014CE.roa
Signing time:             Fri 10 Sep 2021 15:03:35 +0000
ROA not before:           Fri 10 Sep 2021 15:03:29 +0000
ROA not after:            Tue 09 Sep 2031 15:03:29 +0000
asID:                     37645
IP address blocks:        2c0f:f280::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56 (0x38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
        Validity
            Not Before: Sep 10 15:03:29 2021 GMT
            Not After : Sep  9 15:03:29 2031 GMT
        Subject: CN=613b73c7-819b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b1:b9:f8:b8:73:37:7e:13:08:17:08:29:88:
                    2d:36:c0:1a:3f:92:7d:50:72:84:0a:d3:b7:2e:45:
                    4b:a1:e0:ba:e1:9c:5e:f9:78:46:19:55:c1:58:3e:
                    41:65:79:73:65:4e:74:60:e5:46:de:b3:98:9e:fc:
                    23:38:c3:01:b8:24:5d:a7:14:50:57:80:b1:f3:63:
                    d6:77:62:2a:76:e8:d4:ac:3e:ea:b1:35:13:30:6d:
                    76:01:fa:96:ae:ec:71:bc:3c:17:bd:68:8b:a8:d1:
                    02:83:c7:e2:a5:39:8e:83:e7:ab:50:bc:46:5e:a0:
                    b7:d8:9d:db:1f:3d:ad:a9:ec:4f:b4:4d:ab:16:29:
                    c6:af:fb:d0:37:18:52:27:c2:9a:38:af:6a:b6:ee:
                    84:b9:2f:7c:ba:30:82:96:37:cf:39:7c:18:ff:9b:
                    61:0d:5d:31:c7:e3:e5:60:1f:31:e0:19:ec:fd:59:
                    de:da:63:07:f3:6f:60:c8:6d:e2:5d:ab:22:d5:bc:
                    3c:68:07:ce:61:fc:30:40:76:0b:78:9f:d8:7c:bd:
                    31:eb:9d:fe:43:d8:95:b5:0f:fe:6a:50:94:d4:32:
                    03:93:2c:40:1b:f2:ba:35:c2:ae:5e:7e:d4:9e:97:
                    cd:33:a9:26:55:b3:f1:79:77:8f:29:ff:ae:c8:c3:
                    f9:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:ED:B2:42:1A:A5:20:F3:D1:2C:44:A5:EB:7B:C9:F9:C1:0D:66:F0
            X509v3 Authority Key Identifier:
                keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/4577EBD2124811ECB3765C5ED8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f280::/32

    Signature Algorithm: sha256WithRSAEncryption
         93:a2:e3:12:9e:be:28:7c:bc:83:53:3f:ea:18:cd:5c:39:c2:
         50:06:07:a5:6f:9f:5e:2c:fc:44:ee:cb:80:22:10:70:9e:a1:
         45:98:c9:96:64:c2:96:90:74:2a:ab:45:fb:c0:ec:df:2b:63:
         46:cb:37:86:92:6e:04:da:57:b8:95:73:56:a4:29:5e:eb:0f:
         55:ed:7a:bd:42:f5:3c:bf:7a:3a:28:2a:c4:61:e1:ac:25:c3:
         5c:72:df:31:51:a3:42:84:f9:f1:ad:d7:7f:b2:48:ee:49:06:
         29:30:9c:05:5f:19:8f:5f:f5:53:d0:53:ab:07:f3:63:94:6b:
         65:57:df:af:08:24:06:49:39:6f:67:ae:59:c7:61:fa:4d:c7:
         b2:83:85:0f:7a:36:18:7e:92:37:36:c8:b3:37:de:27:fe:e4:
         2a:f1:e1:d0:c1:c9:1b:9c:0f:4f:46:41:51:1e:e4:73:0e:44:
         07:da:4a:47:03:f9:60:e5:14:a4:94:73:72:58:ab:76:b5:7a:
         0f:a7:97:69:09:63:17:67:3e:8d:a0:94:93:6e:d0:67:6e:fa:
         8d:7e:3c:b1:52:c6:a7:28:d7:9a:99:35:04:55:f9:52:e5:e4:
         a4:59:27:5f:6f:b3:0d:8f:8d:a1:28:72:14:45:9b:51:91:b2:
         08:79:56:d9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBODANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZB
MUNFRkFGMTEwLwYDVQQFEyg4MkYxQzY2MTFBM0ExNDY3REIzRDc4QTRBNUZFRDUw
QTA4QTU3QjEzMB4XDTIxMDkxMDE1MDMyOVoXDTMxMDkwOTE1MDMyOVowGDEWMBQG
A1UEAwwNNjEzYjczYzctODE5YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWxufi4czd+EwgXCCmILTbAGj+SfVByhArTty5FS6HguuGcXvl4RhlVwVg+
QWV5c2VOdGDlRt6zmJ78IzjDAbgkXacUUFeAsfNj1ndiKnbo1Kw+6rE1EzBtdgH6
lq7scbw8F71oi6jRAoPH4qU5joPnq1C8Rl6gt9id2x89ransT7RNqxYpxq/70DcY
UifCmjivarbuhLkvfLowgpY3zzl8GP+bYQ1dMcfj5WAfMeAZ7P1Z3tpjB/NvYMht
4l2rItW8PGgHzmH8MEB2C3if2Hy9Meud/kPYlbUP/mpQlNQyA5MsQBvyujXCrl5+
1J6XzTOpJlWz8Xl3jyn/rsjD+YMCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBRY7bJC
GqUg89EsRKXre8n5wQ1m8DAfBgNVHSMEGDAWgBSC8cZhGjoUZ9s9eKSl/tUKCKV7
EzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTFDRUYvN0YzODhERTRGMTM4MTFFQjkxN0ZENzE3RDhBMDE0Q0UvZ3ZIR1lS
bzZGR2ZiUFhpa3BmN1ZDZ2lsZXhNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ3ZIR1lSbzZGR2ZiUFhpa3BmN1ZDZ2lsZXhNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTFDRUYvN0YzODhERTRGMTM4MTFFQjkxN0ZENzE3RDhB
MDE0Q0UvNDU3N0VCRDIxMjQ4MTFFQ0IzNzY1QzVFRDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP8oAwDQYJKoZIhvcNAQEL
BQADggEBAJOi4xKevih8vINTP+oYzVw5wlAGB6Vvn14s/ETuy4AiEHCeoUWYyZZk
wpaQdCqrRfvA7N8rY0bLN4aSbgTaV7iVc1akKV7rD1Xter1C9Ty/ejooKsRh4awl
w1xy3zFRo0KE+fGt13+ySO5JBikwnAVfGY9f9VPQU6sH82OUa2VX368IJAZJOW9n
rlnHYfpNx7KDhQ96Nhh+kjc2yLM33if+5Crx4dDByRucD09GQVEe5HMORAfaSkcD
+WDlFKSUc3JYq3a1eg+nl2kJYxdnPo2glJNu0Gdu+o1+PLFSxqco15qZNQRV+VLl
5KRZJ19vsw2PjaEochRFm1GRsgh5Vtk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:18 2024 by rpki-client on console-ams.rpki-client.org