Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D8D30/5697D44CA6B011ED847B379DF1222468/3049086EA6B111ED933D49A0F1222468.roa
File:                     3049086EA6B111ED933D49A0F1222468.roa (raw, json)
Hash identifier:          BeKV2NJ2k9BqOeZnEYVNNVtyyQ+PyOb9/ofU/Yofnbo=
Subject key identifier:   7D:07:E0:BC:85:AE:50:87:A7:2E:AE:82:1C:79:D7:7A:54:4D:9A:D4
Certificate issuer:       /CN=F36D8D30AF/serialNumber=86964448775B2F8F86359D54168E220C1E871BF5
Certificate serial:       02
Authority key identifier: 86:96:44:48:77:5B:2F:8F:86:35:9D:54:16:8E:22:0C:1E:87:1B:F5
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hpZESHdbL4-GNZ1UFo4iDB6HG_U.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D8D30/5697D44CA6B011ED847B379DF1222468/3049086EA6B111ED933D49A0F1222468.roa
Signing time:             Tue 07 Feb 2023 06:32:27 +0000
ROA not before:           Tue 07 Feb 2023 06:32:23 +0000
ROA not after:            Fri 07 Feb 2025 06:32:23 +0000
asID:                     328422
IP address blocks:        2c0f:5180::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D8D30/5697D44CA6B011ED847B379DF1222468/hpZESHdbL4-GNZ1UFo4iDB6HG_U.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D8D30/5697D44CA6B011ED847B379DF1222468/hpZESHdbL4-GNZ1UFo4iDB6HG_U.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hpZESHdbL4-GNZ1UFo4iDB6HG_U.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D8D30AF/serialNumber=86964448775B2F8F86359D54168E220C1E871BF5
        Validity
            Not Before: Feb  7 06:32:23 2023 GMT
            Not After : Feb  7 06:32:23 2025 GMT
        Subject: CN=63e1f07b-6a66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:f5:6d:50:a1:4c:3d:f8:83:c3:9d:f1:fe:c7:
                    17:60:4a:b2:a8:2c:b0:df:45:88:4e:7e:f4:bb:65:
                    1c:91:13:30:b6:20:6b:ca:6d:d0:d9:7b:b6:d3:5d:
                    4e:76:53:89:6f:89:cc:6a:a9:19:45:ea:b4:7d:1e:
                    28:15:44:7d:96:af:51:57:74:f9:c2:de:42:c5:97:
                    1b:7d:46:f0:c6:3a:cb:71:86:b9:31:1a:71:d1:90:
                    ae:b0:0a:99:a1:bd:17:8e:27:4b:7d:6d:e7:96:bc:
                    c1:94:c3:4b:e9:e9:5e:9e:d8:8a:d8:91:d6:29:1a:
                    f4:1e:10:2b:77:61:dc:79:fb:ab:63:74:95:b2:e9:
                    78:6f:de:0e:87:50:b4:3e:0f:ef:03:c6:a8:d9:61:
                    e3:1d:74:0a:21:0b:12:a4:f1:b8:01:02:b7:f2:f6:
                    09:76:5a:bb:50:d7:67:cd:29:73:27:e1:f1:e6:9f:
                    29:a4:9d:12:06:43:3d:b6:96:13:b1:ce:f1:56:21:
                    f1:57:16:28:95:e1:c2:f3:1b:2b:f5:9f:49:28:c0:
                    55:2a:6e:28:53:c3:c9:16:2b:42:22:5b:57:0e:56:
                    b6:c9:71:72:40:aa:09:1f:33:0f:64:70:4c:d1:77:
                    9a:03:a9:c5:26:55:f8:e3:cb:8e:fd:16:2c:fa:52:
                    5f:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:07:E0:BC:85:AE:50:87:A7:2E:AE:82:1C:79:D7:7A:54:4D:9A:D4
            X509v3 Authority Key Identifier:
                keyid:86:96:44:48:77:5B:2F:8F:86:35:9D:54:16:8E:22:0C:1E:87:1B:F5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D8D30/5697D44CA6B011ED847B379DF1222468/hpZESHdbL4-GNZ1UFo4iDB6HG_U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hpZESHdbL4-GNZ1UFo4iDB6HG_U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D8D30/5697D44CA6B011ED847B379DF1222468/3049086EA6B111ED933D49A0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:5180::/32

    Signature Algorithm: sha256WithRSAEncryption
         86:fe:b3:0e:63:f0:00:30:84:22:a2:b8:18:33:1d:c7:28:b7:
         73:ce:66:56:a9:88:3f:1c:d5:76:4b:45:a6:7a:78:20:cb:47:
         53:64:a0:01:79:c6:f5:9a:43:8b:94:d6:6f:bf:a1:45:9d:c4:
         f6:23:47:97:7d:c5:fc:bb:cc:de:1a:74:d5:70:e7:2b:68:ea:
         53:fa:91:e2:0f:7a:c4:c1:b7:a5:29:94:5f:31:dc:b6:30:e1:
         ab:1a:b3:91:c4:8b:ee:69:2f:82:76:d2:2c:da:65:71:59:0a:
         4f:d4:96:36:35:d7:69:fc:98:02:87:23:df:3c:aa:59:10:70:
         8d:62:5a:59:ab:c3:1e:93:e2:6b:01:57:c7:cc:93:18:ea:d9:
         f6:ae:06:76:fc:75:de:b8:20:fa:0a:9c:4a:ff:fa:f5:b1:38:
         c5:72:af:b1:db:99:cb:b3:4a:e2:37:95:45:30:8f:9f:c9:05:
         c8:ae:51:74:be:1e:52:a1:81:bf:15:0c:05:ce:80:d9:ae:bc:
         72:f0:10:aa:ca:f5:2d:e6:d9:90:8e:66:d6:95:66:79:b4:97:
         98:6c:65:44:96:07:59:44:7d:b5:b2:1e:81:b0:86:03:2f:fa:
         20:09:fa:07:6b:78:e7:90:ec:f0:7c:85:d2:e6:d8:50:91:61:
         f5:b7:c9:8e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZE
OEQzMEFGMTEwLwYDVQQFEyg4Njk2NDQ0ODc3NUIyRjhGODYzNTlENTQxNjhFMjIw
QzFFODcxQkY1MB4XDTIzMDIwNzA2MzIyM1oXDTI1MDIwNzA2MzIyM1owGDEWMBQG
A1UEAwwNNjNlMWYwN2ItNmE2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAML1bVChTD34g8Od8f7HF2BKsqgssN9FiE5+9LtlHJETMLYga8pt0Nl7ttNd
TnZTiW+JzGqpGUXqtH0eKBVEfZavUVd0+cLeQsWXG31G8MY6y3GGuTEacdGQrrAK
maG9F44nS31t55a8wZTDS+npXp7YitiR1ika9B4QK3dh3Hn7q2N0lbLpeG/eDodQ
tD4P7wPGqNlh4x10CiELEqTxuAECt/L2CXZau1DXZ80pcyfh8eafKaSdEgZDPbaW
E7HO8VYh8VcWKJXhwvMbK/WfSSjAVSpuKFPDyRYrQiJbVw5WtslxckCqCR8zD2Rw
TNF3mgOpxSZV+OPLjv0WLPpSX4kCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBR9B+C8
ha5Qh6curoIcedd6VE2a1DAfBgNVHSMEGDAWgBSGlkRId1svj4Y1nVQWjiIMHocb
9TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDhEMzAvNTY5N0Q0NENBNkIwMTFFRDg0N0IzNzlERjEyMjI0NjgvaHBaRVNI
ZGJMNC1HTloxVUZvNGlEQjZIR19VLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaHBaRVNIZGJMNC1HTloxVUZvNGlEQjZIR19VLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDhEMzAvNTY5N0Q0NENBNkIwMTFFRDg0N0IzNzlERjEy
MjI0NjgvMzA0OTA4NkVBNkIxMTFFRDkzM0Q0OUEwRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPUYAwDQYJKoZIhvcNAQEL
BQADggEBAIb+sw5j8AAwhCKiuBgzHccot3POZlapiD8c1XZLRaZ6eCDLR1NkoAF5
xvWaQ4uU1m+/oUWdxPYjR5d9xfy7zN4adNVw5yto6lP6keIPesTBt6UplF8x3LYw
4asas5HEi+5pL4J20izaZXFZCk/UljY112n8mAKHI988qlkQcI1iWlmrwx6T4msB
V8fMkxjq2fauBnb8dd64IPoKnEr/+vWxOMVyr7HbmcuzSuI3lUUwj5/JBciuUXS+
HlKhgb8VDAXOgNmuvHLwEKrK9S3m2ZCOZtaVZnm0l5hsZUSWB1lEfbWyHoGwhgMv
+iAJ+gdreOeQ7PB8hdLm2FCRYfW3yY4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:12 2024 by rpki-client on console-ams.rpki-client.org