Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/98DF704CBED311EBADFD6E3BF8AEA228.roa
File:                     98DF704CBED311EBADFD6E3BF8AEA228.roa (raw, json)
Hash identifier:          HO6bf0uEEiC7m2b2OZ02yvA8O/IFCsepwz8ZKehK02k=
Subject key identifier:   A8:05:AD:27:23:31:D4:88:72:28:10:9D:E3:87:CF:E1:8D:98:1B:F1
Certificate issuer:       /CN=F36CF0F7AF/serialNumber=07EDB2AC72FAE90A00B56B3AB3365D277EA18EFD
Certificate serial:       0A
Authority key identifier: 07:ED:B2:AC:72:FA:E9:0A:00:B5:6B:3A:B3:36:5D:27:7E:A1:8E:FD
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/B-2yrHL66QoAtWs6szZdJ36hjv0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/98DF704CBED311EBADFD6E3BF8AEA228.roa
Signing time:             Thu 27 May 2021 10:09:18 +0000
ROA not before:           Thu 27 May 2021 10:09:13 +0000
ROA not after:            Wed 27 May 2026 10:09:13 +0000
asID:                     328437
IP address blocks:        2c0f:ed38::/36 maxlen: 36
                          2c0f:ed38:1000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/B-2yrHL66QoAtWs6szZdJ36hjv0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/B-2yrHL66QoAtWs6szZdJ36hjv0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/B-2yrHL66QoAtWs6szZdJ36hjv0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10 (0xa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36CF0F7AF/serialNumber=07EDB2AC72FAE90A00B56B3AB3365D277EA18EFD
        Validity
            Not Before: May 27 10:09:13 2021 GMT
            Not After : May 27 10:09:13 2026 GMT
        Subject: CN=60af6fce-265a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:57:ba:55:c6:e0:c2:0e:a5:73:0f:d2:73:c5:
                    db:ee:43:33:31:80:a3:8a:f2:57:35:b9:63:3e:a7:
                    5a:02:d9:c3:fd:0a:83:31:1a:4b:00:8b:bd:be:95:
                    34:23:31:37:17:03:c6:29:9c:36:28:b8:9d:a2:48:
                    e3:ad:2b:be:4e:0a:2c:a0:4b:7e:27:bc:bd:e3:81:
                    4b:75:ab:8f:96:fe:f0:d4:72:b8:7b:c7:ae:e7:9c:
                    b5:35:92:d4:15:12:11:c5:62:25:c1:ca:11:cf:4e:
                    a4:be:67:98:35:cf:cf:43:0e:7b:af:4b:16:1e:5c:
                    ec:f6:97:aa:42:ae:5e:a3:43:d2:4a:27:f6:a3:b6:
                    80:68:02:8d:b3:4b:8a:f3:18:09:c6:b6:96:77:8a:
                    3f:02:8d:57:06:d4:13:c3:f1:f6:db:43:1e:fe:66:
                    91:e0:cf:fb:1b:45:3b:72:54:49:31:c4:aa:29:42:
                    6f:bb:5f:42:9e:47:d7:1b:d9:21:61:7b:d1:49:6e:
                    fe:7f:67:58:b7:3f:3e:01:23:c3:f1:f8:2d:59:58:
                    a1:57:d1:1a:b4:92:0c:a9:a4:42:b5:a5:24:69:cf:
                    56:23:4e:03:39:42:31:1a:32:42:e1:28:32:a0:00:
                    26:2d:7c:5d:91:22:b2:07:dc:1a:bf:db:02:8f:d2:
                    fd:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:05:AD:27:23:31:D4:88:72:28:10:9D:E3:87:CF:E1:8D:98:1B:F1
            X509v3 Authority Key Identifier:
                keyid:07:ED:B2:AC:72:FA:E9:0A:00:B5:6B:3A:B3:36:5D:27:7E:A1:8E:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/B-2yrHL66QoAtWs6szZdJ36hjv0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/B-2yrHL66QoAtWs6szZdJ36hjv0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CF0F7/74C21A94BE0511EBAE0B5923F8AEA228/98DF704CBED311EBADFD6E3BF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:ed38::/35

    Signature Algorithm: sha256WithRSAEncryption
         97:e9:0c:7a:02:c2:f1:ed:8b:1d:4e:41:a3:f2:6f:7b:1d:d8:
         77:1e:5c:76:4e:fc:94:11:ba:ec:bb:36:45:e5:bd:26:3a:87:
         57:11:ec:53:4b:8e:ea:e0:51:ef:65:8c:3e:42:76:20:df:69:
         9f:97:30:d4:8b:6d:a9:eb:43:ff:e3:1d:cd:66:39:48:1a:f1:
         e6:ad:ab:e0:88:52:3e:d0:19:bc:0a:20:6f:7e:d3:8b:e7:f8:
         05:8b:13:a3:d0:4d:25:4d:16:87:73:59:3f:c1:8b:6c:43:b3:
         46:06:fe:27:16:d8:30:d4:0b:03:b2:57:bc:0e:0e:0a:9e:3a:
         51:2c:76:7c:c8:d4:6f:29:ce:22:2a:bc:6d:ac:0b:b9:19:5b:
         9d:ed:14:ea:55:61:b8:1a:41:3a:96:63:f9:a8:2a:59:59:dc:
         88:44:12:a6:26:0a:3a:91:bf:e9:92:92:62:57:7d:0e:36:47:
         31:f9:12:59:b5:a2:90:89:31:01:ca:ef:90:ff:da:13:ea:8e:
         d8:94:86:95:6c:24:70:b7:a7:f1:7e:b8:bf:a1:52:3b:c1:58:
         a0:af:fb:ae:c0:91:be:fd:c4:67:f0:f4:2e:c4:39:ff:d1:70:
         22:d5:03:fb:57:13:b7:3d:75:36:66:9e:7a:6a:40:fc:ba:c1:
         f0:33:cc:89
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
RjBGN0FGMTEwLwYDVQQFEygwN0VEQjJBQzcyRkFFOTBBMDBCNTZCM0FCMzM2NUQy
NzdFQTE4RUZEMB4XDTIxMDUyNzEwMDkxM1oXDTI2MDUyNzEwMDkxM1owGDEWMBQG
A1UEAxMNNjBhZjZmY2UtMjY1YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRXulXG4MIOpXMP0nPF2+5DMzGAo4ryVzW5Yz6nWgLZw/0KgzEaSwCLvb6V
NCMxNxcDximcNii4naJI460rvk4KLKBLfie8veOBS3Wrj5b+8NRyuHvHruectTWS
1BUSEcViJcHKEc9OpL5nmDXPz0MOe69LFh5c7PaXqkKuXqND0kon9qO2gGgCjbNL
ivMYCca2lneKPwKNVwbUE8Px9ttDHv5mkeDP+xtFO3JUSTHEqilCb7tfQp5H1xvZ
IWF70Ulu/n9nWLc/PgEjw/H4LVlYoVfRGrSSDKmkQrWlJGnPViNOAzlCMRoyQuEo
MqAAJi18XZEisgfcGr/bAo/S/e8CAwEAAaOCAqcwggKjMB0GA1UdDgQWBBSoBa0n
IzHUiHIoEJ3jh8/hjZgb8TAfBgNVHSMEGDAWgBQH7bKscvrpCgC1azqzNl0nfqGO
/TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0YwRjcvNzRDMjFBOTRCRTA1MTFFQkFFMEI1OTIzRjhBRUEyMjgvQi0yeXJI
TDY2UW9BdFdzNnN6WmRKMzZoanYwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQi0yeXJITDY2UW9BdFdzNnN6WmRKMzZoanYwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0YwRjcvNzRDMjFBOTRCRTA1MTFFQkFFMEI1OTIzRjhB
RUEyMjgvOThERjcwNENCRUQzMTFFQkFERkQ2RTNCRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSwP7TgAMA0GCSqGSIb3DQEB
CwUAA4IBAQCX6Qx6AsLx7YsdTkGj8m97Hdh3Hlx2TvyUEbrsuzZF5b0mOodXEexT
S47q4FHvZYw+QnYg32mflzDUi22p60P/4x3NZjlIGvHmravgiFI+0Bm8CiBvftOL
5/gFixOj0E0lTRaHc1k/wYtsQ7NGBv4nFtgw1AsDsle8Dg4KnjpRLHZ8yNRvKc4i
KrxtrAu5GVud7RTqVWG4GkE6lmP5qCpZWdyIRBKmJgo6kb/pkpJiV30ONkcx+RJZ
taKQiTEByu+Q/9oT6o7YlIaVbCRwt6fxfri/oVI7wVigr/uuwJG+/cRn8PQuxDn/
0XAi1QP7VxO3PXU2Zp56akD8usHwM8yJ
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:00:15 2024 by rpki-client on console-fra.rpki-client.org