Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/01C465AC09B211EDA2B591F4F1222468.roa
File:                     01C465AC09B211EDA2B591F4F1222468.roa (raw, json)
Hash identifier:          2EpB7RaoJ24NXvT5qfIYQLCMWI8szsFSjFsm/RP0908=
Subject key identifier:   A5:9A:AF:E2:12:64:C3:9E:1B:36:46:5D:43:52:23:1A:ED:95:82:0D
Certificate issuer:       /CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
Certificate serial:       048E
Authority key identifier: 98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/01C465AC09B211EDA2B591F4F1222468.roa
Signing time:             Fri 22 Jul 2022 11:32:46 +0000
ROA not before:           Fri 22 Jul 2022 11:32:42 +0000
ROA not after:            Fri 23 Jul 2032 11:32:42 +0000
asID:                     36982
IP address blocks:        2001:4200:300::/44 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.mft
                          rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1166 (0x48e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
        Validity
            Not Before: Jul 22 11:32:42 2022 GMT
            Not After : Jul 23 11:32:42 2032 GMT
        Subject: CN=62da8ade-880b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:6f:e3:28:68:80:64:01:ad:60:91:6c:3d:f4:
                    11:4c:91:f8:1a:f0:46:9c:0b:13:09:0a:d7:61:e2:
                    01:52:11:74:99:cd:66:e8:67:78:25:79:7e:2b:06:
                    4d:af:8e:a0:b9:93:3f:15:21:56:fa:4e:17:72:53:
                    23:e5:4e:77:78:c8:2f:03:cc:77:74:a5:41:bc:8d:
                    f3:17:dd:fb:d1:be:9e:e1:87:26:7e:01:8c:44:d6:
                    c9:d1:13:6e:51:d0:bf:a6:8c:b6:68:2f:cd:ef:33:
                    49:f1:cc:8e:db:2f:3a:30:95:c1:d5:80:a0:5d:b5:
                    dd:5f:12:b6:95:ab:08:99:31:ce:1d:83:35:50:51:
                    81:c9:3f:b6:79:e9:62:cc:91:19:a8:1e:2b:64:b9:
                    35:62:32:7b:79:62:a0:06:ec:2c:1f:d3:c7:eb:df:
                    a4:7f:46:c9:51:a3:20:cf:d5:b0:56:85:a3:27:d0:
                    97:77:b5:17:e9:62:55:b5:70:fa:7f:e3:ad:d9:c6:
                    43:e6:79:c6:d4:6b:ac:17:a0:67:9f:d3:c3:27:60:
                    ae:7e:13:fe:9d:2b:7d:e5:56:a1:f7:6f:6e:ed:e9:
                    5d:a4:ec:26:de:e7:85:5b:56:52:01:af:7f:f6:ff:
                    72:c6:f3:d4:fb:34:7e:3d:b5:40:cc:47:4c:2a:46:
                    54:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:9A:AF:E2:12:64:C3:9E:1B:36:46:5D:43:52:23:1A:ED:95:82:0D
            X509v3 Authority Key Identifier:
                keyid:98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/01C465AC09B211EDA2B591F4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4200:300::/44

    Signature Algorithm: sha256WithRSAEncryption
         0a:bb:32:90:6f:b7:28:b8:22:24:71:ff:20:fa:1a:8d:27:14:
         ec:39:59:5a:03:12:48:1d:4a:a9:4f:0a:c5:78:de:ab:71:a7:
         04:1f:04:33:66:1c:ca:e5:f8:1b:88:32:2f:2e:38:85:d5:b3:
         08:b1:bd:5b:2a:9b:c4:3e:f8:41:fa:b3:5e:68:ce:0a:af:a1:
         8a:22:bc:b5:b5:ca:00:0a:88:70:73:44:4a:c9:ec:c5:f4:97:
         cf:c5:c8:93:ab:70:a2:80:f9:c4:60:5d:5a:94:57:ea:4e:52:
         bd:8e:cd:d4:47:b0:a9:42:ef:7a:cb:7e:cf:1d:17:d7:36:21:
         68:64:cc:8e:36:c7:ab:14:1c:15:86:7a:f1:32:04:fa:b3:70:
         12:fc:af:eb:63:c0:2a:60:4d:85:44:16:04:15:01:35:29:2c:
         07:a4:48:e7:51:53:a8:7a:5c:62:0b:cb:8b:3b:1e:4d:8a:42:
         f2:97:ea:dc:4a:33:cf:3d:ae:8d:7d:dd:63:fb:29:1e:b5:4d:
         00:fb:a7:c4:a7:8f:46:41:22:4f:76:a3:fd:85:77:6e:68:b5:
         b3:29:11:50:dd:b3:0d:28:a0:ff:e9:14:df:4e:bc:33:2d:90:
         42:49:8f:73:9f:38:6f:4d:36:a9:db:5b:ed:7b:48:21:f8:b1:
         d8:a6:7f:ba
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBI4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QjlGNEJBRjExMC8GA1UEBRMoOTgyMUM4NzIyMUQyNzBCNDJGRjlERDgyNjA0OEI5
OTJDMEUwRTNGODAeFw0yMjA3MjIxMTMyNDJaFw0zMjA3MjMxMTMyNDJaMBgxFjAU
BgNVBAMMDTYyZGE4YWRlLTg4MGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDbb+MoaIBkAa1gkWw99BFMkfga8EacCxMJCtdh4gFSEXSZzWboZ3gleX4r
Bk2vjqC5kz8VIVb6ThdyUyPlTnd4yC8DzHd0pUG8jfMX3fvRvp7hhyZ+AYxE1snR
E25R0L+mjLZoL83vM0nxzI7bLzowlcHVgKBdtd1fEraVqwiZMc4dgzVQUYHJP7Z5
6WLMkRmoHitkuTViMnt5YqAG7Cwf08fr36R/RslRoyDP1bBWhaMn0Jd3tRfpYlW1
cPp/463ZxkPmecbUa6wXoGef08MnYK5+E/6dK33lVqH3b27t6V2k7Cbe54VbVlIB
r3/2/3LG89T7NH49tUDMR0wqRlQNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUpZqv
4hJkw54bNkZdQ1IjGu2Vgg0wHwYDVR0jBBgwFoAUmCHIciHScLQv+d2CYEi5ksDg
4/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4QUVBMjI4L21DSElj
aUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL21DSEljaUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4
QUVBMjI4LzAxQzQ2NUFDMDlCMjExRURBMkI1OTFGNEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQgAUIAAwAwDQYJKoZIhvcN
AQELBQADggEBAAq7MpBvtyi4IiRx/yD6Go0nFOw5WVoDEkgdSqlPCsV43qtxpwQf
BDNmHMrl+BuIMi8uOIXVswixvVsqm8Q++EH6s15ozgqvoYoivLW1ygAKiHBzRErJ
7MX0l8/FyJOrcKKA+cRgXVqUV+pOUr2OzdRHsKlC73rLfs8dF9c2IWhkzI42x6sU
HBWGevEyBPqzcBL8r+tjwCpgTYVEFgQVATUpLAekSOdRU6h6XGILy4s7Hk2KQvKX
6txKM889ro193WP7KR61TQD7p8Snj0ZBIk92o/2Fd25otbMpEVDdsw0ooP/pFN9O
vDMtkEJJj3OfOG9NNqnbW+17SCH4sdimf7o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:14 2024 by rpki-client on console-fra.rpki-client.org