Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BA80D/C705D8725A2411EAB8E9DC09F8AEA228/43AF9CACC23211EBB3CE6515F8AEA228.roa
File:                     43AF9CACC23211EBB3CE6515F8AEA228.roa (raw, json)
Hash identifier:          c/Soa/93EsLQFmmPICHZAj3dDNjPlQJOplH1/UOW0ac=
Subject key identifier:   66:F1:C9:9B:0D:CA:64:8D:EB:1C:16:60:9A:36:94:F9:27:4D:3C:0D
Certificate issuer:       /CN=F36BA80DAF/serialNumber=AC2E52EE92BBC205A230FF77A19041DDD514D8F0
Certificate serial:       01E5
Authority key identifier: AC:2E:52:EE:92:BB:C2:05:A2:30:FF:77:A1:90:41:DD:D5:14:D8:F0
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rC5S7pK7wgWiMP93oZBB3dUU2PA.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BA80D/C705D8725A2411EAB8E9DC09F8AEA228/43AF9CACC23211EBB3CE6515F8AEA228.roa
Signing time:             Mon 31 May 2021 17:04:30 +0000
ROA not before:           Mon 31 May 2021 17:04:24 +0000
ROA not after:            Thu 31 May 2035 17:04:24 +0000
asID:                     327926
IP address blocks:        2c0f:e8e0:4000::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BA80D/C705D8725A2411EAB8E9DC09F8AEA228/rC5S7pK7wgWiMP93oZBB3dUU2PA.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BA80D/C705D8725A2411EAB8E9DC09F8AEA228/rC5S7pK7wgWiMP93oZBB3dUU2PA.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rC5S7pK7wgWiMP93oZBB3dUU2PA.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 485 (0x1e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BA80DAF/serialNumber=AC2E52EE92BBC205A230FF77A19041DDD514D8F0
        Validity
            Not Before: May 31 17:04:24 2021 GMT
            Not After : May 31 17:04:24 2035 GMT
        Subject: CN=60b5171e-bf28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d2:65:cf:f2:a5:e7:94:46:37:a3:23:34:c2:
                    36:6d:f6:01:c4:fc:69:9e:28:80:71:3d:8f:c9:62:
                    64:0d:04:15:fa:08:80:34:ed:99:b9:fc:75:52:8d:
                    ea:e8:c6:8c:99:ab:21:33:a9:b2:b3:2f:63:2a:ea:
                    fa:5a:c1:5f:c3:6c:9d:8f:52:bb:86:e3:c3:be:77:
                    95:7c:12:62:6c:a8:f8:67:0c:16:87:d2:77:73:93:
                    ad:3d:a1:aa:6a:89:39:63:6d:50:54:39:3f:49:a7:
                    2f:5e:31:34:ef:98:9e:c7:10:4c:d1:c3:bf:f2:03:
                    10:df:39:60:42:36:08:e7:fc:67:3e:af:1e:70:d9:
                    23:eb:aa:8f:eb:e6:a7:3b:d0:e1:9c:42:e9:b6:6c:
                    49:c9:94:e8:b7:1d:d3:58:83:c2:fd:42:60:22:f7:
                    24:e8:62:9c:b5:a6:fe:02:ff:77:fc:a9:cb:04:86:
                    7d:6c:a7:5d:4e:46:d4:bc:ad:ce:2d:c8:c9:a6:bf:
                    9c:07:e0:2b:fb:88:94:61:26:7e:2f:6a:ba:30:90:
                    a7:2b:1d:27:ae:84:a6:4a:3c:9f:94:e3:e8:1c:83:
                    1e:1c:62:b9:55:fb:57:ae:e1:a6:8d:4c:35:40:4b:
                    24:8f:54:03:d7:a9:f9:7d:46:57:02:8a:7b:04:53:
                    b4:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:F1:C9:9B:0D:CA:64:8D:EB:1C:16:60:9A:36:94:F9:27:4D:3C:0D
            X509v3 Authority Key Identifier:
                keyid:AC:2E:52:EE:92:BB:C2:05:A2:30:FF:77:A1:90:41:DD:D5:14:D8:F0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BA80D/C705D8725A2411EAB8E9DC09F8AEA228/rC5S7pK7wgWiMP93oZBB3dUU2PA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rC5S7pK7wgWiMP93oZBB3dUU2PA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BA80D/C705D8725A2411EAB8E9DC09F8AEA228/43AF9CACC23211EBB3CE6515F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:e8e0:4000::/44

    Signature Algorithm: sha256WithRSAEncryption
         29:22:a8:b1:5c:7d:93:08:bc:fb:3b:7b:63:df:6d:71:15:4e:
         5c:56:64:b9:6b:d2:20:d0:59:7b:7d:4d:5c:cb:73:8a:74:fc:
         2b:13:8e:2d:2f:cd:da:a4:0c:0a:a7:ce:1d:a2:92:de:3b:b7:
         e4:3e:3b:c7:29:65:5a:9d:aa:4f:38:1d:4d:bd:7c:61:fc:c8:
         e1:67:d6:d4:bf:72:ea:5b:06:50:76:00:79:4c:0e:2a:f6:70:
         d9:0f:8e:3b:1b:14:e2:6b:e7:53:dc:4b:c4:6d:6f:f2:4c:39:
         9e:20:b7:e1:1b:93:f7:40:0c:d5:de:ad:c7:2d:53:d7:7a:90:
         36:07:a2:6e:08:3b:4a:56:6e:d1:b7:ce:bd:ac:c4:c2:1e:c4:
         dc:cd:d4:1f:31:98:c8:d0:41:fa:f5:f0:4b:82:b1:ce:b4:ea:
         5b:07:c9:b0:9b:a0:0a:a7:96:dd:05:e3:71:f8:69:f8:24:85:
         5f:d9:e5:a7:76:87:76:57:97:09:92:f4:9e:c7:19:ad:f5:82:
         d0:69:86:98:d6:03:f9:74:e9:17:62:52:03:af:e8:b4:2e:dd:
         b2:6e:42:84:a4:43:19:dd:57:26:02:7c:4c:e2:7a:00:5d:ff:
         7f:6d:ab:46:0d:7c:87:93:bb:54:1e:13:68:31:86:f2:7e:6e:
         a0:dc:f1:35
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAeUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkE4MERBRjExMC8GA1UEBRMoQUMyRTUyRUU5MkJCQzIwNUEyMzBGRjc3QTE5MDQx
RERENTE0RDhGMDAeFw0yMTA1MzExNzA0MjRaFw0zNTA1MzExNzA0MjRaMBgxFjAU
BgNVBAMTDTYwYjUxNzFlLWJmMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC00mXP8qXnlEY3oyM0wjZt9gHE/GmeKIBxPY/JYmQNBBX6CIA07Zm5/HVS
jeroxoyZqyEzqbKzL2Mq6vpawV/DbJ2PUruG48O+d5V8EmJsqPhnDBaH0ndzk609
oapqiTljbVBUOT9Jpy9eMTTvmJ7HEEzRw7/yAxDfOWBCNgjn/Gc+rx5w2SPrqo/r
5qc70OGcQum2bEnJlOi3HdNYg8L9QmAi9yToYpy1pv4C/3f8qcsEhn1sp11ORtS8
rc4tyMmmv5wH4Cv7iJRhJn4varowkKcrHSeuhKZKPJ+U4+gcgx4cYrlV+1eu4aaN
TDVASySPVAPXqfl9RlcCinsEU7SdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZvHJ
mw3KZI3rHBZgmjaU+SdNPA0wHwYDVR0jBBgwFoAUrC5S7pK7wgWiMP93oZBB3dUU
2PAwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJBODBEL0M3MDVEODcyNUEyNDExRUFCOEU5REMwOUY4QUVBMjI4L3JDNVM3
cEs3d2dXaU1QOTNvWkJCM2RVVTJQQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JDNVM3cEs3d2dXaU1QOTNvWkJCM2RVVTJQQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJBODBEL0M3MDVEODcyNUEyNDExRUFCOEU5REMwOUY4
QUVBMjI4LzQzQUY5Q0FDQzIzMjExRUJCM0NFNjUxNUY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQsD+jgQAAwDQYJKoZIhvcN
AQELBQADggEBACkiqLFcfZMIvPs7e2PfbXEVTlxWZLlr0iDQWXt9TVzLc4p0/CsT
ji0vzdqkDAqnzh2ikt47t+Q+O8cpZVqdqk84HU29fGH8yOFn1tS/cupbBlB2AHlM
Dir2cNkPjjsbFOJr51PcS8Rtb/JMOZ4gt+Ebk/dADNXercctU9d6kDYHom4IO0pW
btG3zr2sxMIexNzN1B8xmMjQQfr18EuCsc606lsHybCboAqnlt0F43H4afgkhV/Z
5ad2h3ZXlwmS9J7HGa31gtBphpjWA/l06RdiUgOv6LQu3bJuQoSkQxndVyYCfEzi
egBd/39tq0YNfIeTu1QeE2gxhvJ+bqDc8TU=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:40 2024 by rpki-client on console-ams.rpki-client.org