Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/AAAD458A09B211EDB6D79EF6F1222468.roa
File:                     AAAD458A09B211EDB6D79EF6F1222468.roa (raw, json)
Hash identifier:          BidB951Ppl4rHIlEUl9v6erDQdFD3uYk8SZSKLKiU14=
Subject key identifier:   90:E2:B0:13:23:BA:FA:9D:8E:38:CA:F9:53:AA:A9:64:9E:53:6F:D2
Certificate issuer:       /CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
Certificate serial:       0490
Authority key identifier: 98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/AAAD458A09B211EDB6D79EF6F1222468.roa
Signing time:             Fri 22 Jul 2022 11:37:29 +0000
ROA not before:           Fri 22 Jul 2022 11:37:25 +0000
ROA not after:            Fri 23 Jul 2032 11:37:25 +0000
asID:                     37501
IP address blocks:        2001:4200:5000::/48 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.mft
                          rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1168 (0x490)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
        Validity
            Not Before: Jul 22 11:37:25 2022 GMT
            Not After : Jul 23 11:37:25 2032 GMT
        Subject: CN=62da8bf9-0d38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:3b:34:4b:2a:43:7c:a8:ce:3d:fd:08:44:df:
                    a0:61:e8:49:69:d3:e2:e7:c4:04:b8:84:70:2e:f9:
                    ae:44:b2:6f:2b:2c:0b:66:63:5a:dc:2b:5b:63:88:
                    c8:82:3e:86:15:53:65:04:c6:10:13:df:a4:b1:c0:
                    b0:fa:44:53:9f:d6:83:7a:8f:d9:3c:30:b6:d7:48:
                    0d:a5:7b:cf:1a:25:be:fc:37:d1:ef:ce:6b:5e:74:
                    75:62:70:c5:55:d4:34:36:19:26:d6:b6:f6:0e:d9:
                    aa:67:cf:c1:ee:d3:32:8f:62:c8:e5:ee:26:06:48:
                    b2:ea:bb:d5:fb:37:b8:84:c3:b3:d0:cf:e2:a9:26:
                    b9:98:23:a7:15:92:1d:02:1c:49:5e:83:a4:5f:8c:
                    df:99:c4:d0:58:bb:bf:30:63:81:39:c4:e6:dc:9c:
                    e3:c6:2e:13:d2:d7:91:20:a5:e8:a6:d1:38:ae:db:
                    f5:b9:11:cb:57:76:a4:5e:a9:ea:fa:55:55:dd:ba:
                    ec:31:33:78:8d:2c:fa:60:95:d6:97:6d:23:50:1d:
                    ce:af:0d:28:92:dd:83:f6:b6:bc:4a:77:58:96:dc:
                    df:a8:be:d7:0b:4a:31:63:e7:13:77:c8:3f:e7:f0:
                    68:91:24:3e:3c:95:d6:67:78:9c:42:e8:f1:e9:d8:
                    01:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:E2:B0:13:23:BA:FA:9D:8E:38:CA:F9:53:AA:A9:64:9E:53:6F:D2
            X509v3 Authority Key Identifier:
                keyid:98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/AAAD458A09B211EDB6D79EF6F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4200:5000::/48

    Signature Algorithm: sha256WithRSAEncryption
         23:df:c0:ca:ab:05:b9:72:ec:b6:7e:d2:45:a4:fa:fc:ee:c8:
         5e:53:42:bd:a6:b0:84:3e:fd:67:c1:8c:94:c7:2b:a5:be:0a:
         88:f2:3f:38:7e:da:ee:a5:b4:a6:dc:72:24:77:97:d5:70:c2:
         24:39:44:d9:4c:2e:7d:4b:60:6b:9e:12:9e:90:9f:c4:02:a0:
         2a:54:a5:7a:ab:ac:d3:09:61:53:da:96:a3:e8:80:d0:dc:83:
         a7:52:d9:64:96:38:01:5f:a4:17:9b:03:87:23:1f:a2:42:fd:
         6f:10:5a:f7:bf:22:2e:29:49:68:8a:c0:6b:ba:60:e2:d8:f4:
         ae:1b:f9:52:5d:7c:cf:f6:fa:ab:a5:9b:88:e9:b9:20:31:aa:
         d3:dd:ff:7c:e5:15:9f:e5:2a:5e:97:11:74:cb:22:a0:2b:f6:
         79:d5:eb:d7:02:03:82:ad:ba:fa:41:a4:14:59:83:f7:8f:7f:
         b5:e1:2c:7e:6a:43:81:e1:15:41:12:39:26:32:50:26:e8:2f:
         60:0c:4e:ef:9e:33:81:38:3e:d7:f5:97:97:ef:a1:70:17:1b:
         e7:32:72:ab:20:24:d9:be:e4:67:1b:3e:90:ae:27:cc:30:75:
         7c:80:ca:2f:4b:0c:d8:c2:cf:77:49:59:62:1a:0a:0e:79:cd:
         07:39:0d:a6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBJAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QjlGNEJBRjExMC8GA1UEBRMoOTgyMUM4NzIyMUQyNzBCNDJGRjlERDgyNjA0OEI5
OTJDMEUwRTNGODAeFw0yMjA3MjIxMTM3MjVaFw0zMjA3MjMxMTM3MjVaMBgxFjAU
BgNVBAMMDTYyZGE4YmY5LTBkMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQOzRLKkN8qM49/QhE36Bh6Elp0+LnxAS4hHAu+a5Esm8rLAtmY1rcK1tj
iMiCPoYVU2UExhAT36SxwLD6RFOf1oN6j9k8MLbXSA2le88aJb78N9HvzmtedHVi
cMVV1DQ2GSbWtvYO2apnz8Hu0zKPYsjl7iYGSLLqu9X7N7iEw7PQz+KpJrmYI6cV
kh0CHEleg6RfjN+ZxNBYu78wY4E5xObcnOPGLhPS15Egpeim0Tiu2/W5EctXdqRe
qer6VVXduuwxM3iNLPpgldaXbSNQHc6vDSiS3YP2trxKd1iW3N+ovtcLSjFj5xN3
yD/n8GiRJD48ldZneJxC6PHp2AG/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUkOKw
EyO6+p2OOMr5U6qpZJ5Tb9IwHwYDVR0jBBgwFoAUmCHIciHScLQv+d2CYEi5ksDg
4/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4QUVBMjI4L21DSElj
aUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL21DSEljaUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4
QUVBMjI4L0FBQUQ0NThBMDlCMjExRURCNkQ3OUVGNkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAUIAUAAwDQYJKoZIhvcN
AQELBQADggEBACPfwMqrBbly7LZ+0kWk+vzuyF5TQr2msIQ+/WfBjJTHK6W+Cojy
Pzh+2u6ltKbcciR3l9VwwiQ5RNlMLn1LYGueEp6Qn8QCoCpUpXqrrNMJYVPalqPo
gNDcg6dS2WSWOAFfpBebA4cjH6JC/W8QWve/Ii4pSWiKwGu6YOLY9K4b+VJdfM/2
+qulm4jpuSAxqtPd/3zlFZ/lKl6XEXTLIqAr9nnV69cCA4KtuvpBpBRZg/ePf7Xh
LH5qQ4HhFUESOSYyUCboL2AMTu+eM4E4Ptf1l5fvoXAXG+cycqsgJNm+5GcbPpCu
J8wwdXyAyi9LDNjCz3dJWWIaCg55zQc5DaY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:21 2024 by rpki-client on console-ams.rpki-client.org