Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/30BF9EB42F0711EE87B2EC6B4AD9E6FC.roa
File:                     30BF9EB42F0711EE87B2EC6B4AD9E6FC.roa (raw, json)
Hash identifier:          oHs0uE/Si8A05cFbwTQ/9NZhrcWEiGndSl6A1a/QU3M=
Subject key identifier:   93:D0:56:4B:8F:06:0F:DB:33:1A:B6:6E:88:82:F7:BE:D4:6E:26:9C
Certificate issuer:       /CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
Certificate serial:       04F2
Authority key identifier: AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/30BF9EB42F0711EE87B2EC6B4AD9E6FC.roa
Signing time:             Sun 30 Jul 2023 18:30:43 +0000
ROA not before:           Sun 30 Jul 2023 18:30:36 +0000
ROA not after:            Sat 30 Jul 2033 18:30:36 +0000
asID:                     37119
IP address blocks:        2c0f:f888:8000::/33 maxlen: 33

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1266 (0x4f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
        Validity
            Not Before: Jul 30 18:30:36 2023 GMT
            Not After : Jul 30 18:30:36 2033 GMT
        Subject: CN=64c6ac52-1278
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:d5:c1:9e:a2:c0:60:46:86:6e:ec:37:69:45:
                    ad:2b:c7:e2:b2:fd:72:ec:5b:32:ec:c9:63:ca:fb:
                    05:f9:4e:1e:78:6a:11:e3:cf:7e:d0:bd:ce:92:ca:
                    0f:0c:66:f7:5c:5a:70:5a:c4:e1:18:a7:20:2e:0e:
                    18:ba:6e:03:ec:f1:fb:e3:f3:36:a2:b3:01:b9:4f:
                    69:05:d7:52:ee:9c:a6:71:bb:3d:a5:a6:99:2d:17:
                    40:30:b9:5e:f6:97:d3:93:9b:b3:55:4d:a7:b3:fc:
                    6a:31:66:77:57:e6:ff:b4:25:32:e1:e2:b4:d6:6f:
                    ac:65:5f:4f:8c:17:60:56:73:fb:03:0a:f3:e9:25:
                    b1:05:85:07:16:da:11:72:79:b7:bf:54:af:e7:79:
                    1d:aa:0f:66:d0:06:9e:02:7a:fd:7a:d4:e0:2e:ca:
                    b0:4f:bf:7c:a2:22:85:d4:77:91:f0:25:36:75:4d:
                    64:f5:e5:34:7b:82:3a:a0:9f:6a:c6:dc:19:e9:6c:
                    bc:71:df:21:8a:9a:49:25:9e:e8:39:3e:63:48:48:
                    31:29:37:73:a2:4c:08:84:67:69:92:37:2e:25:b8:
                    4c:ae:11:94:cf:8b:88:10:24:4e:6f:78:64:99:07:
                    ef:41:c0:a2:c9:47:d9:b1:91:f6:c8:7d:7c:98:ea:
                    0d:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:D0:56:4B:8F:06:0F:DB:33:1A:B6:6E:88:82:F7:BE:D4:6E:26:9C
            X509v3 Authority Key Identifier:
                keyid:AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/30BF9EB42F0711EE87B2EC6B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f888:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         c9:74:24:2c:01:72:2f:d3:dd:b5:58:84:24:32:67:62:7a:5e:
         0e:ac:21:a6:b0:1d:2f:70:0f:21:d3:d6:37:d6:a6:36:ed:93:
         c5:8c:0d:ca:e5:3b:12:a3:a6:6f:cf:a0:8a:e5:cf:26:ea:30:
         80:bf:6d:0b:f9:5b:bc:fb:0a:1f:71:58:a0:51:9d:96:4c:35:
         f0:5c:60:7d:e6:73:0c:fc:15:49:75:26:f7:c3:a3:bf:0c:fd:
         1d:0d:c1:8b:62:5b:47:41:e9:76:42:5a:cd:31:6d:c6:22:4e:
         d1:09:da:89:3f:b8:55:ed:0c:50:35:22:0e:17:bf:d8:62:e5:
         a6:75:cb:bd:27:d3:0c:08:4e:2b:96:b9:7c:fb:6e:51:fa:40:
         4a:1d:08:52:3a:a9:46:29:61:f3:78:da:a3:c7:78:bb:d5:12:
         e7:0f:f1:4e:5e:f1:63:36:92:a9:42:c2:cc:b5:6c:86:ad:4e:
         51:6c:01:80:aa:ec:63:fa:1e:1d:9a:75:f9:70:3f:97:e0:67:
         70:ad:32:e5:c0:1b:d7:b0:39:32:4e:c0:05:82:26:2e:62:3a:
         ea:ce:c4:59:5e:8d:34:b1:b1:13:0f:46:b7:75:97:25:5e:0c:
         d2:52:98:00:15:32:62:47:f2:0c:1f:00:6f:be:e8:36:20:a2:
         8c:41:c9:b3
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICBPIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RDBGNTBBRjExMC8GA1UEBRMoQUU5OEE1RkRBRDJEQzlGNEZDMUJFNDdGNjY4NTdB
OEM0Nzk4ODEwMjAeFw0yMzA3MzAxODMwMzZaFw0zMzA3MzAxODMwMzZaMBgxFjAU
BgNVBAMTDTY0YzZhYzUyLTEyNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDU1cGeosBgRoZu7DdpRa0rx+Ky/XLsWzLsyWPK+wX5Th54ahHjz37Qvc6S
yg8MZvdcWnBaxOEYpyAuDhi6bgPs8fvj8zaiswG5T2kF11LunKZxuz2lppktF0Aw
uV72l9OTm7NVTaez/GoxZndX5v+0JTLh4rTWb6xlX0+MF2BWc/sDCvPpJbEFhQcW
2hFyebe/VK/neR2qD2bQBp4Cev161OAuyrBPv3yiIoXUd5HwJTZ1TWT15TR7gjqg
n2rG3BnpbLxx3yGKmkklnug5PmNISDEpN3OiTAiEZ2mSNy4luEyuEZTPi4gQJE5v
eGSZB+9BwKLJR9mxkfbIfXyY6g0JAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUk9BW
S48GD9szGrZuiIL3vtRuJpwwHwYDVR0jBBgwFoAUrpil/a0tyfT8G+R/ZoV6jEeY
gQIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4QUVBMjI4L3JwaWxf
YTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JwaWxfYTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4
QUVBMjI4LzMwQkY5RUI0MkYwNzExRUU4N0IyRUM2QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgcsD/iIgDANBgkqhkiG9w0B
AQsFAAOCAQEAyXQkLAFyL9PdtViEJDJnYnpeDqwhprAdL3APIdPWN9amNu2TxYwN
yuU7EqOmb8+giuXPJuowgL9tC/lbvPsKH3FYoFGdlkw18FxgfeZzDPwVSXUm98Oj
vwz9HQ3Bi2JbR0HpdkJazTFtxiJO0QnaiT+4Ve0MUDUiDhe/2GLlpnXLvSfTDAhO
K5a5fPtuUfpASh0IUjqpRilh83jao8d4u9US5w/xTl7xYzaSqULCzLVshq1OUWwB
gKrsY/oeHZp1+XA/l+BncK0y5cAb17A5Mk7ABYImLmI66s7EWV6NNLGxEw9Gt3WX
JV4M0lKYABUyYkfyDB8Ab77oNiCijEHJsw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:17 2024 by rpki-client on console-fra.rpki-client.org