Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/B82002D4F14811ECAF1C02E4F1222468.roa
File:                     B82002D4F14811ECAF1C02E4F1222468.roa (raw, json)
Hash identifier:          duitgh3EHDUh0aFzVM+neWLovcHHsxs9PP1LAq5U0+w=
Subject key identifier:   B5:07:FE:9B:68:A9:5A:88:F1:89:BC:85:E1:5C:F5:40:A9:6D:56:50
Certificate issuer:       /CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
Certificate serial:       046B
Authority key identifier: 98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/B82002D4F14811ECAF1C02E4F1222468.roa
Signing time:             Tue 21 Jun 2022 09:58:37 +0000
ROA not before:           Tue 21 Jun 2022 09:58:32 +0000
ROA not after:            Fri 18 Jun 2032 09:58:32 +0000
asID:                     2018
IP address blocks:        2001:4200::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.mft
                          rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1131 (0x46b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
        Validity
            Not Before: Jun 21 09:58:32 2022 GMT
            Not After : Jun 18 09:58:32 2032 GMT
        Subject: CN=62b1964d-0d32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e1:d8:a6:80:4c:95:11:4a:96:b8:d1:2e:aa:
                    42:ab:b2:7c:62:fb:9d:d1:4b:f3:8e:83:8d:e9:ee:
                    06:da:29:a0:c9:69:11:45:e9:64:4f:73:a1:b6:67:
                    81:8b:a2:b0:10:31:65:00:53:fb:76:5d:dc:cb:47:
                    ca:c4:27:a6:b2:71:cd:b0:07:f0:04:16:aa:64:b4:
                    18:f6:98:3f:a3:06:e1:ac:94:c5:15:04:73:d9:f2:
                    8f:f6:2f:13:04:bd:1f:47:01:70:3e:86:26:28:f4:
                    f2:b7:4e:65:5c:8f:cd:35:e8:15:b7:a3:2a:08:06:
                    e7:0d:06:36:64:d0:fc:3b:9d:a9:a0:70:e7:80:8c:
                    ba:24:19:60:cc:b9:63:51:67:b7:41:97:02:02:a1:
                    80:89:4f:6c:2a:ed:92:9d:b8:5c:2c:85:76:18:44:
                    e8:a5:3c:da:96:30:92:5f:1c:a1:69:62:eb:ac:22:
                    ae:3b:d9:ec:9d:cc:25:88:d2:9e:6c:da:82:f5:93:
                    5e:ca:e4:69:61:37:f7:1e:96:b5:18:20:bd:a1:33:
                    d9:d4:86:63:1d:90:fd:e3:51:be:c3:8a:7f:33:75:
                    18:74:19:ea:9e:3a:d8:a7:c7:82:b9:03:b2:39:b5:
                    33:64:a3:5d:21:ca:ce:18:9d:89:6d:10:15:9e:6f:
                    a3:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:07:FE:9B:68:A9:5A:88:F1:89:BC:85:E1:5C:F5:40:A9:6D:56:50
            X509v3 Authority Key Identifier:
                keyid:98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/B82002D4F14811ECAF1C02E4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4200::/32

    Signature Algorithm: sha256WithRSAEncryption
         27:f8:4c:08:b7:5f:16:dc:0b:74:8e:57:c7:3d:0c:04:1e:00:
         f1:84:d4:2b:29:d7:f9:26:48:be:d1:59:19:ae:4f:5a:36:58:
         62:4e:eb:39:69:7b:45:a5:f5:8c:16:9c:b6:98:04:db:35:93:
         b5:c3:64:88:30:84:dc:3c:37:41:3f:f3:fc:ee:23:51:d7:cb:
         a3:93:4d:ff:a9:cb:de:9e:c0:37:d6:b7:16:f2:38:76:9a:be:
         72:ef:aa:2a:2a:59:9f:de:d9:1b:f1:89:83:76:53:1a:96:6f:
         82:09:06:63:84:bf:49:cb:ee:38:fc:f8:ef:6f:e2:69:90:1f:
         f1:7a:f7:db:e6:7f:10:e8:a9:f7:3e:6c:14:06:48:50:7b:cc:
         e5:cb:6e:43:7c:11:7c:99:cd:ad:56:f1:70:20:9c:26:20:cc:
         47:4d:0a:11:17:00:f3:3d:bf:3a:2d:9d:c9:fa:e7:bb:0c:05:
         01:cb:c7:d4:35:3a:8c:c4:a7:ff:42:be:c1:0e:23:01:b0:b9:
         41:a6:99:a8:f7:88:af:43:5a:c0:04:7d:75:a0:20:09:52:a4:
         49:47:db:7e:ec:2b:b8:c1:ff:d4:17:7a:8d:28:17:fd:29:81:
         64:47:72:4c:2d:1e:58:f4:da:1c:32:45:fe:86:ce:c2:52:f8:
         cd:48:63:e3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBGswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QjlGNEJBRjExMC8GA1UEBRMoOTgyMUM4NzIyMUQyNzBCNDJGRjlERDgyNjA0OEI5
OTJDMEUwRTNGODAeFw0yMjA2MjEwOTU4MzJaFw0zMjA2MTgwOTU4MzJaMBgxFjAU
BgNVBAMMDTYyYjE5NjRkLTBkMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDX4dimgEyVEUqWuNEuqkKrsnxi+53RS/OOg43p7gbaKaDJaRFF6WRPc6G2
Z4GLorAQMWUAU/t2XdzLR8rEJ6aycc2wB/AEFqpktBj2mD+jBuGslMUVBHPZ8o/2
LxMEvR9HAXA+hiYo9PK3TmVcj8016BW3oyoIBucNBjZk0Pw7namgcOeAjLokGWDM
uWNRZ7dBlwICoYCJT2wq7ZKduFwshXYYROilPNqWMJJfHKFpYuusIq472eydzCWI
0p5s2oL1k17K5GlhN/celrUYIL2hM9nUhmMdkP3jUb7Din8zdRh0GeqeOtinx4K5
A7I5tTNko10hys4YnYltEBWeb6MVAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUtQf+
m2ipWojxibyF4Vz1QKltVlAwHwYDVR0jBBgwFoAUmCHIciHScLQv+d2CYEi5ksDg
4/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4QUVBMjI4L21DSElj
aUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL21DSEljaUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4
QUVBMjI4L0I4MjAwMkQ0RjE0ODExRUNBRjFDMDJFNEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAgAUIAMA0GCSqGSIb3DQEB
CwUAA4IBAQAn+EwIt18W3At0jlfHPQwEHgDxhNQrKdf5Jki+0VkZrk9aNlhiTus5
aXtFpfWMFpy2mATbNZO1w2SIMITcPDdBP/P87iNR18ujk03/qcvensA31rcW8jh2
mr5y76oqKlmf3tkb8YmDdlMalm+CCQZjhL9Jy+44/Pjvb+JpkB/xevfb5n8Q6Kn3
PmwUBkhQe8zly25DfBF8mc2tVvFwIJwmIMxHTQoRFwDzPb86LZ3J+ue7DAUBy8fU
NTqMxKf/Qr7BDiMBsLlBppmo94ivQ1rABH11oCAJUqRJR9t+7Cu4wf/UF3qNKBf9
KYFkR3JMLR5Y9NocMkX+hs7CUvjNSGPj
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:03:14 2024 by rpki-client on console-fra.rpki-client.org