Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/D42AC856F97011EE87AC4D69017001B1.roa
File:                     D42AC856F97011EE87AC4D69017001B1.roa (raw, json)
Hash identifier:          ZY1/5i8d/2uSx3x4dIgFydaYwwthGRONx58wX51u2JY=
Subject key identifier:   8F:FE:62:76:C4:96:98:02:9B:02:0F:F4:BA:E4:58:A2:D7:07:42:FD
Certificate issuer:       /CN=F36BF59BAF/serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
Certificate serial:       52
Authority key identifier: E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/D42AC856F97011EE87AC4D69017001B1.roa
Signing time:             Sat 13 Apr 2024 08:35:49 +0000
ROA not before:           Sat 13 Apr 2024 08:35:45 +0000
ROA not after:            Tue 01 Apr 2025 08:35:45 +0000
asID:                     37739
IP address blocks:        2c0f:2c40::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82 (0x52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BF59BAF/serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
        Validity
            Not Before: Apr 13 08:35:45 2024 GMT
            Not After : Apr  1 08:35:45 2025 GMT
        Subject: CN=661a43e5-0b8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:27:e5:f1:d7:66:0e:60:7c:b9:49:4d:78:81:
                    ba:ac:01:c7:24:5c:83:8d:28:8a:7f:ea:4d:3e:e4:
                    3a:da:78:8b:e7:0b:79:67:a3:43:fa:be:ab:c2:ad:
                    05:dc:0f:06:d8:c9:0f:28:4c:d3:2a:0b:e5:c4:af:
                    db:b6:d9:15:3e:4a:3e:6a:18:c0:c3:d3:27:84:53:
                    d3:df:66:81:50:69:34:6d:d8:97:e9:2a:1c:46:2e:
                    34:84:ff:78:b6:4a:30:ff:2b:a0:b9:c6:02:6e:08:
                    b9:bc:a2:80:20:9b:d5:96:ef:73:83:ed:ba:4a:a5:
                    dd:46:dd:0b:f4:0d:1e:d6:00:fd:e0:1f:40:ab:6c:
                    5a:5d:a0:13:58:7d:ab:be:2d:2d:e1:12:6c:15:ea:
                    0f:76:7d:c0:95:38:ba:6e:d0:ee:49:15:b7:7b:f4:
                    b8:cd:20:90:61:e1:40:f4:02:19:f3:26:0f:97:49:
                    85:5d:23:5e:db:de:e9:42:31:b1:92:b9:62:0a:23:
                    34:3f:58:2b:c8:54:45:7f:ce:02:61:a3:9a:d2:18:
                    f9:4c:f0:79:98:37:af:38:44:28:72:1e:de:7e:f1:
                    b0:fa:49:76:4b:f8:03:c2:f3:1f:61:b7:d1:60:e5:
                    ef:57:42:e3:dc:6d:22:1b:b4:99:58:e5:94:8a:ff:
                    99:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:FE:62:76:C4:96:98:02:9B:02:0F:F4:BA:E4:58:A2:D7:07:42:FD
            X509v3 Authority Key Identifier:
                keyid:E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/D42AC856F97011EE87AC4D69017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:2c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         42:da:32:84:54:c1:9b:16:d7:99:05:0a:b2:89:88:e3:d6:87:
         32:98:c3:7e:d3:66:62:37:de:22:1a:d5:6b:28:9c:40:5d:65:
         29:ed:90:ec:1e:48:4d:b9:b3:29:39:ec:d1:3b:0d:a3:e5:cc:
         5a:52:2c:87:ef:bd:b6:2f:e5:9e:17:21:7c:03:5a:7b:b4:23:
         f1:c4:74:d4:39:b9:b6:d2:10:90:c9:7d:4d:9a:cf:9a:1d:43:
         2b:27:19:6c:19:6f:b7:81:64:8e:8b:51:d3:57:91:23:30:e7:
         6b:69:28:d4:cc:c9:ea:2b:94:3f:05:eb:7e:f1:af:8e:ca:3d:
         23:35:33:c4:3f:30:28:ef:0a:af:54:a7:b9:a5:85:7c:c9:ea:
         d9:14:ee:e7:9f:69:93:38:f1:06:b2:26:65:e9:b6:7c:93:a2:
         2f:c4:11:f8:e7:40:30:28:e3:28:96:3b:58:3d:1d:ad:b8:fa:
         2d:41:e7:f9:c7:01:a0:c6:c6:87:aa:e4:00:f8:29:a9:3b:9c:
         d5:3a:f7:50:8d:e8:35:21:39:8c:9a:b8:5b:b2:4d:95:24:10:
         db:10:98:47:fd:1d:6b:79:20:c9:df:17:d8:3f:16:c4:df:12:
         01:5d:90:c7:a2:10:2f:19:8b:ff:c3:fa:c5:90:e5:b0:51:2d:
         63:8d:03:9c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBUjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
RjU5QkFGMTEwLwYDVQQFEyhFMDM2QUUwOEZFMDM0MTZGNTg4ODdBOUQxOTVEQkZE
ODZBMjU2MDNDMB4XDTI0MDQxMzA4MzU0NVoXDTI1MDQwMTA4MzU0NVowGDEWMBQG
A1UEAxMNNjYxYTQzZTUtMGI4ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8n5fHXZg5gfLlJTXiBuqwBxyRcg40oin/qTT7kOtp4i+cLeWejQ/q+q8Kt
BdwPBtjJDyhM0yoL5cSv27bZFT5KPmoYwMPTJ4RT099mgVBpNG3Yl+kqHEYuNIT/
eLZKMP8roLnGAm4IubyigCCb1Zbvc4Ptukql3UbdC/QNHtYA/eAfQKtsWl2gE1h9
q74tLeESbBXqD3Z9wJU4um7Q7kkVt3v0uM0gkGHhQPQCGfMmD5dJhV0jXtve6UIx
sZK5YgojND9YK8hURX/OAmGjmtIY+UzweZg3rzhEKHIe3n7xsPpJdkv4A8LzH2G3
0WDl71dC49xtIhu0mVjllIr/mTkCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBSP/mJ2
xJaYApsCD/S65Fii1wdC/TAfBgNVHSMEGDAWgBTgNq4I/gNBb1iIep0ZXb/YaiVg
PDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkY1OUIvNEFBQUEyMTRDNzUxMTFFRUEwMkVCMzkyNzc1NDEyRTYvNERhdUNQ
NERRVzlZaUhxZEdWMl8yR29sWUR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNERhdUNQNERRVzlZaUhxZEdWMl8yR29sWUR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkY1OUIvNEFBQUEyMTRDNzUxMTFFRUEwMkVCMzkyNzc1
NDEyRTYvRDQyQUM4NTZGOTcwMTFFRTg3QUM0RDY5MDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPLEAwDQYJKoZIhvcNAQEL
BQADggEBAELaMoRUwZsW15kFCrKJiOPWhzKYw37TZmI33iIa1WsonEBdZSntkOwe
SE25syk57NE7DaPlzFpSLIfvvbYv5Z4XIXwDWnu0I/HEdNQ5ubbSEJDJfU2az5od
QysnGWwZb7eBZI6LUdNXkSMw52tpKNTMyeorlD8F637xr47KPSM1M8Q/MCjvCq9U
p7mlhXzJ6tkU7uefaZM48QayJmXptnyToi/EEfjnQDAo4yiWO1g9Ha24+i1B5/nH
AaDGxoeq5AD4Kak7nNU691CN6DUhOYyauFuyTZUkENsQmEf9HWt5IMnfF9g/FsTf
EgFdkMeiEC8Zi//D+sWQ5bBRLWONA5w=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:10 2024 by rpki-client on console-ams.rpki-client.org