Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/9BC8C8C001EA11EDB08796BAF1222468.roa
File:                     9BC8C8C001EA11EDB08796BAF1222468.roa (raw, json)
Hash identifier:          i8+aHPPl6uhvn/Jq2NkUn53HTH09DtjcbJOz9MgQ1co=
Subject key identifier:   51:08:18:74:05:71:3F:7A:96:EA:A1:03:12:18:60:13:6B:F4:7C:30
Certificate issuer:       /CN=F36D9B5BAF/serialNumber=23F814BB47D5C3AEDD5103F36F5DB8A29BE3D71D
Certificate serial:       0A6D
Authority key identifier: 23:F8:14:BB:47:D5:C3:AE:DD:51:03:F3:6F:5D:B8:A2:9B:E3:D7:1D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/9BC8C8C001EA11EDB08796BAF1222468.roa
Signing time:             Tue 12 Jul 2022 13:57:47 +0000
ROA not before:           Tue 12 Jul 2022 13:57:41 +0000
ROA not after:            Mon 12 Jul 2032 13:57:41 +0000
asID:                     32653
IP address blocks:        2c0f:fbf0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2669 (0xa6d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D9B5BAF/serialNumber=23F814BB47D5C3AEDD5103F36F5DB8A29BE3D71D
        Validity
            Not Before: Jul 12 13:57:41 2022 GMT
            Not After : Jul 12 13:57:41 2032 GMT
        Subject: CN=62cd7dda-a7f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:a4:a4:17:8f:c7:a1:ea:96:0b:15:ad:f5:04:
                    d3:21:a0:cf:87:4e:05:cc:80:72:9a:67:5c:39:3d:
                    ed:bd:8b:83:32:18:03:58:bf:73:a8:20:8c:fe:cc:
                    3a:47:53:79:d5:72:60:be:19:94:44:c6:44:24:b8:
                    72:b3:ab:33:8e:cb:42:7f:19:e7:5a:01:c5:d8:38:
                    57:15:99:ab:43:77:da:50:44:0a:21:2f:1f:d0:77:
                    51:8c:27:52:b8:47:b7:2c:bf:c7:0e:a6:43:d6:ad:
                    c0:44:2a:6f:9f:a6:6d:9c:d2:b4:8a:af:ff:8a:75:
                    c7:b8:7c:16:66:0f:b6:c7:66:03:fc:13:5e:77:f5:
                    47:17:ba:fc:91:f9:a6:f1:48:a3:bf:12:da:c0:42:
                    c5:8a:75:d1:15:17:cd:9d:37:33:18:55:ba:10:a6:
                    b4:85:a7:ff:af:5c:9e:71:d9:bf:9c:b2:c1:11:8e:
                    ea:d4:ac:ae:8b:9b:4d:b7:4d:4d:88:c2:e4:99:1b:
                    b9:4d:64:7a:ce:c8:7d:2f:8a:2b:0b:83:71:3e:df:
                    bb:3a:7a:f7:ae:17:92:34:f9:a9:7d:d6:98:b8:fb:
                    43:8d:1a:c3:c2:88:0d:0b:74:9d:ff:5f:5e:7d:f3:
                    04:ac:8b:1a:4a:d0:c4:05:7f:b6:dc:47:c8:34:2c:
                    aa:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:08:18:74:05:71:3F:7A:96:EA:A1:03:12:18:60:13:6B:F4:7C:30
            X509v3 Authority Key Identifier:
                keyid:23:F8:14:BB:47:D5:C3:AE:DD:51:03:F3:6F:5D:B8:A2:9B:E3:D7:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/9BC8C8C001EA11EDB08796BAF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:fbf0::/48

    Signature Algorithm: sha256WithRSAEncryption
         8a:66:e6:1d:4d:be:c5:22:a2:e5:00:11:d3:25:ce:05:60:1b:
         88:5e:86:31:93:4b:46:48:5c:98:97:83:a7:cc:31:2e:95:e0:
         b3:07:3c:c5:41:02:3d:13:20:cd:40:16:b4:93:73:a4:3f:3e:
         48:56:2d:e7:d1:8f:79:eb:87:71:6c:fa:55:73:dd:a3:be:ed:
         5e:84:10:3f:77:26:db:c2:81:9a:d6:10:91:c4:dc:56:2c:26:
         55:f3:5b:d7:8b:c5:ea:84:2f:1a:32:1a:fb:0a:78:2d:7d:f2:
         5e:3d:16:47:5d:90:f6:2e:47:d7:7b:8c:51:54:ab:b9:2a:b1:
         53:bc:e3:ff:ed:07:89:45:c9:e1:1e:5a:e3:c1:2a:24:b5:4b:
         f6:47:01:95:f2:b9:95:d1:26:c2:25:8e:25:76:ed:5f:8d:61:
         f0:32:f9:49:8f:e1:2f:58:01:8e:bc:a1:c1:bf:a1:67:69:01:
         9d:5f:60:2e:54:9b:c0:e4:ff:bf:d8:f0:d6:2e:9c:3a:92:43:
         e3:da:15:1c:19:38:5b:fd:b8:d8:0f:66:d0:64:bc:3c:be:6f:
         f3:da:9d:78:35:c6:0e:66:1b:2d:54:e4:ed:1f:3c:dd:78:9d:
         c6:7a:fd:37:0b:e5:1c:4b:e6:95:64:92:b4:3f:0d:19:2f:4e:
         a2:39:68:bc
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCm0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RDlCNUJBRjExMC8GA1UEBRMoMjNGODE0QkI0N0Q1QzNBRURENTEwM0YzNkY1REI4
QTI5QkUzRDcxRDAeFw0yMjA3MTIxMzU3NDFaFw0zMjA3MTIxMzU3NDFaMBgxFjAU
BgNVBAMMDTYyY2Q3ZGRhLWE3ZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD5pKQXj8eh6pYLFa31BNMhoM+HTgXMgHKaZ1w5Pe29i4MyGANYv3OoIIz+
zDpHU3nVcmC+GZRExkQkuHKzqzOOy0J/GedaAcXYOFcVmatDd9pQRAohLx/Qd1GM
J1K4R7csv8cOpkPWrcBEKm+fpm2c0rSKr/+Kdce4fBZmD7bHZgP8E1539UcXuvyR
+abxSKO/EtrAQsWKddEVF82dNzMYVboQprSFp/+vXJ5x2b+cssERjurUrK6Lm023
TU2IwuSZG7lNZHrOyH0viisLg3E+37s6eveuF5I0+al91pi4+0ONGsPCiA0LdJ3/
X1598wSsixpK0MQFf7bcR8g0LKorAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUUQgY
dAVxP3qW6qEDEhhgE2v0fDAwHwYDVR0jBBgwFoAUI/gUu0fVw67dUQPzb124opvj
1x0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQ5QjVCLzlFMUJEMzc4MTM1QTExRTVCNjhENDI4NkY4QUVBMjI4L0lfZ1V1
MGZWdzY3ZFVRUHpiMTI0b3B2ajF4MC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0lfZ1V1MGZWdzY3ZFVRUHpiMTI0b3B2ajF4MC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQ5QjVCLzlFMUJEMzc4MTM1QTExRTVCNjhENDI4NkY4
QUVBMjI4LzlCQzhDOEMwMDFFQTExRURCMDg3OTZCQUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAsD/vwAAAwDQYJKoZIhvcN
AQELBQADggEBAIpm5h1NvsUiouUAEdMlzgVgG4hehjGTS0ZIXJiXg6fMMS6V4LMH
PMVBAj0TIM1AFrSTc6Q/PkhWLefRj3nrh3Fs+lVz3aO+7V6EED93JtvCgZrWEJHE
3FYsJlXzW9eLxeqELxoyGvsKeC198l49FkddkPYuR9d7jFFUq7kqsVO84//tB4lF
yeEeWuPBKiS1S/ZHAZXyuZXRJsIljiV27V+NYfAy+UmP4S9YAY68ocG/oWdpAZ1f
YC5Um8Dk/7/Y8NYunDqSQ+PaFRwZOFv9uNgPZtBkvDy+b/PanXg1xg5mGy1U5O0f
PN14ncZ6/TcL5RxL5pVkkrQ/DRkvTqI5aLw=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:42 2024 by rpki-client on console-ams.rpki-client.org