Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AF2CB/E4ACE12C0A8E11EE909468874AD9E6FC/9CC892580A9211EE8D3ABB134AD9E6FC.roa
File:                     9CC892580A9211EE8D3ABB134AD9E6FC.roa (raw, json)
Hash identifier:          MSLuhUksLNqaKHIEFu8mRSzkhDG5Zleij605kXVWTcg=
Subject key identifier:   3E:8A:37:A3:81:5A:DB:D5:E0:F4:8B:E0:18:02:2D:52:CC:EE:38:96
Certificate issuer:       /CN=F36AF2CBAF/serialNumber=C38CDE3697B9E924341A10650FB593A3E88B4FED
Certificate serial:       02
Authority key identifier: C3:8C:DE:36:97:B9:E9:24:34:1A:10:65:0F:B5:93:A3:E8:8B:4F:ED
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/w4zeNpe56SQ0GhBlD7WTo-iLT-0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36AF2CB/E4ACE12C0A8E11EE909468874AD9E6FC/9CC892580A9211EE8D3ABB134AD9E6FC.roa
Signing time:             Wed 14 Jun 2023 09:05:31 +0000
ROA not before:           Wed 14 Jun 2023 09:05:27 +0000
ROA not after:            Tue 14 Jun 2033 09:05:27 +0000
asID:                     328829
IP address blocks:        2c0f:6a00::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36AF2CB/E4ACE12C0A8E11EE909468874AD9E6FC/w4zeNpe56SQ0GhBlD7WTo-iLT-0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36AF2CB/E4ACE12C0A8E11EE909468874AD9E6FC/w4zeNpe56SQ0GhBlD7WTo-iLT-0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/w4zeNpe56SQ0GhBlD7WTo-iLT-0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36AF2CBAF/serialNumber=C38CDE3697B9E924341A10650FB593A3E88B4FED
        Validity
            Not Before: Jun 14 09:05:27 2023 GMT
            Not After : Jun 14 09:05:27 2033 GMT
        Subject: CN=648982db-1243
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d7:07:8b:f7:47:70:f4:6b:3b:9e:2f:cb:cb:
                    84:b3:a6:1e:e0:66:f0:56:93:91:93:05:6c:e8:fe:
                    2e:ea:35:c1:ae:af:2a:c4:51:34:01:1d:43:75:db:
                    1c:3b:ed:54:df:5c:de:1f:59:af:23:9e:42:0c:48:
                    60:89:07:1d:3e:5c:cf:61:25:19:4a:e1:30:ce:d4:
                    f7:1a:67:53:6f:81:5e:c0:97:ab:2d:8c:c5:50:a4:
                    f8:f1:99:fc:8a:54:5c:f5:5a:24:e6:97:6a:80:1c:
                    74:99:82:3b:a0:36:59:95:24:12:8e:4d:76:3d:7a:
                    aa:3f:02:7b:58:7a:b1:61:9d:41:25:d2:03:31:3a:
                    7f:6d:41:4d:f3:3a:5b:16:b7:3a:b7:92:5b:dd:cb:
                    03:53:79:f5:93:ee:39:d4:57:78:90:b2:a4:b9:9d:
                    a5:18:3c:ad:f1:0a:0a:35:60:ba:91:02:61:24:7e:
                    d9:89:30:b9:2e:eb:2b:0e:af:c2:68:58:f5:bc:00:
                    53:f9:3f:f2:ef:c5:96:cc:52:47:f4:2e:d3:89:6d:
                    68:cc:9a:f6:fd:40:2d:20:ef:09:18:64:99:20:1c:
                    34:47:98:4b:c6:e8:d8:e8:86:34:21:59:05:d4:9b:
                    5a:99:6b:c1:76:6d:1e:c7:b4:6a:62:3c:c3:0c:dc:
                    d7:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:8A:37:A3:81:5A:DB:D5:E0:F4:8B:E0:18:02:2D:52:CC:EE:38:96
            X509v3 Authority Key Identifier:
                keyid:C3:8C:DE:36:97:B9:E9:24:34:1A:10:65:0F:B5:93:A3:E8:8B:4F:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36AF2CB/E4ACE12C0A8E11EE909468874AD9E6FC/w4zeNpe56SQ0GhBlD7WTo-iLT-0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/w4zeNpe56SQ0GhBlD7WTo-iLT-0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AF2CB/E4ACE12C0A8E11EE909468874AD9E6FC/9CC892580A9211EE8D3ABB134AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:6a00::/32

    Signature Algorithm: sha256WithRSAEncryption
         bf:dc:dd:0e:dc:8b:84:7d:f1:d8:44:88:76:d5:14:28:b0:06:
         15:1d:1c:96:27:1c:59:48:a2:be:bc:cc:c3:86:5f:9b:76:e0:
         14:56:a1:f0:c2:24:91:ea:62:34:23:bb:fb:78:c2:7a:e9:32:
         d1:50:cc:13:f0:0c:d5:8b:13:ec:ab:9f:e8:0e:38:7d:39:e8:
         a7:4e:6f:8f:67:de:fa:1b:36:86:de:77:60:8c:ce:d7:a7:5c:
         32:75:ac:15:0b:b9:77:3d:9b:10:d5:f7:8d:11:c4:a0:ed:b1:
         81:82:cb:03:07:cc:d2:64:c0:5e:7e:62:b5:60:f7:37:3e:32:
         8d:03:4a:b0:e2:0a:19:6f:c7:d1:4b:60:35:98:99:5b:20:21:
         ef:15:64:cc:6c:d5:c3:41:1d:44:8a:53:99:ae:7b:c0:bc:ce:
         bd:ee:f4:34:41:13:c2:df:e1:63:07:21:31:0d:65:1e:e4:e0:
         c7:5d:bf:00:1c:11:39:d1:1a:ac:c1:ef:f0:9c:c3:85:9b:7e:
         71:1b:2b:d9:2d:07:85:3b:8e:b1:1d:2f:be:51:d9:31:98:75:
         84:96:fa:3c:72:3d:24:90:34:ec:c0:80:27:f4:94:67:0c:90:
         c6:94:6a:f9:9f:27:31:0f:de:8f:bc:14:e5:96:f3:97:cb:ba:
         a8:9f:ed:e1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
RjJDQkFGMTEwLwYDVQQFEyhDMzhDREUzNjk3QjlFOTI0MzQxQTEwNjUwRkI1OTNB
M0U4OEI0RkVEMB4XDTIzMDYxNDA5MDUyN1oXDTMzMDYxNDA5MDUyN1owGDEWMBQG
A1UEAxMNNjQ4OTgyZGItMTI0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfXB4v3R3D0azueL8vLhLOmHuBm8FaTkZMFbOj+Luo1wa6vKsRRNAEdQ3Xb
HDvtVN9c3h9ZryOeQgxIYIkHHT5cz2ElGUrhMM7U9xpnU2+BXsCXqy2MxVCk+PGZ
/IpUXPVaJOaXaoAcdJmCO6A2WZUkEo5Ndj16qj8Ce1h6sWGdQSXSAzE6f21BTfM6
Wxa3OreSW93LA1N59ZPuOdRXeJCypLmdpRg8rfEKCjVgupECYSR+2YkwuS7rKw6v
wmhY9bwAU/k/8u/FlsxSR/Qu04ltaMya9v1ALSDvCRhkmSAcNEeYS8bo2OiGNCFZ
BdSbWplrwXZtHse0amI8wwzc130CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQ+ijej
gVrb1eD0i+AYAi1SzO44ljAfBgNVHSMEGDAWgBTDjN42l7npJDQaEGUPtZOj6ItP
7TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QUYyQ0IvRTRBQ0UxMkMwQThFMTFFRTkwOTQ2ODg3NEFEOUU2RkMvdzR6ZU5w
ZTU2U1EwR2hCbEQ3V1RvLWlMVC0wLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdzR6ZU5wZTU2U1EwR2hCbEQ3V1RvLWlMVC0wLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QUYyQ0IvRTRBQ0UxMkMwQThFMTFFRTkwOTQ2ODg3NEFE
OUU2RkMvOUNDODkyNTgwQTkyMTFFRThEM0FCQjEzNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPagAwDQYJKoZIhvcNAQEL
BQADggEBAL/c3Q7ci4R98dhEiHbVFCiwBhUdHJYnHFlIor68zMOGX5t24BRWofDC
JJHqYjQju/t4wnrpMtFQzBPwDNWLE+yrn+gOOH056KdOb49n3vobNobed2CMzten
XDJ1rBULuXc9mxDV940RxKDtsYGCywMHzNJkwF5+YrVg9zc+Mo0DSrDiChlvx9FL
YDWYmVsgIe8VZMxs1cNBHUSKU5mue8C8zr3u9DRBE8Lf4WMHITENZR7k4MddvwAc
ETnRGqzB7/Ccw4WbfnEbK9ktB4U7jrEdL75R2TGYdYSW+jxyPSSQNOzAgCf0lGcM
kMaUavmfJzEP3o+8FOWW85fLuqif7eE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org