Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DA96D/790A042C66CD11EE953ED1704AD9E6FC/0A3BE84E8DD311EE96812E734AD9E6FC.roa
File:                     0A3BE84E8DD311EE96812E734AD9E6FC.roa (raw, json)
Hash identifier:          APSYYxkbAjZeVc8hXXW5gICMrcCIVhnd+QByY7bLoUg=
Subject key identifier:   7A:7D:34:17:7F:C1:49:2E:3D:04:E1:14:58:16:26:F4:24:E0:21:EE
Certificate issuer:       /CN=F36DA96DAF/serialNumber=8030777C74D1AF1289810E44F5FECC9CF0973A0E
Certificate serial:       39
Authority key identifier: 80:30:77:7C:74:D1:AF:12:89:81:0E:44:F5:FE:CC:9C:F0:97:3A:0E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gDB3fHTRrxKJgQ5E9f7MnPCXOg4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DA96D/790A042C66CD11EE953ED1704AD9E6FC/0A3BE84E8DD311EE96812E734AD9E6FC.roa
Signing time:             Tue 28 Nov 2023 09:46:44 +0000
ROA not before:           Tue 28 Nov 2023 09:46:41 +0000
ROA not after:            Wed 27 Nov 2024 09:46:41 +0000
asID:                     328619
IP address blocks:        2c0f:1f40::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36DA96D/790A042C66CD11EE953ED1704AD9E6FC/gDB3fHTRrxKJgQ5E9f7MnPCXOg4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36DA96D/790A042C66CD11EE953ED1704AD9E6FC/gDB3fHTRrxKJgQ5E9f7MnPCXOg4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gDB3fHTRrxKJgQ5E9f7MnPCXOg4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 57 (0x39)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DA96DAF/serialNumber=8030777C74D1AF1289810E44F5FECC9CF0973A0E
        Validity
            Not Before: Nov 28 09:46:41 2023 GMT
            Not After : Nov 27 09:46:41 2024 GMT
        Subject: CN=6565b704-2ca1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:33:9e:2d:9b:ef:ea:ae:77:44:65:99:ee:86:
                    b2:09:9f:d8:1a:af:36:98:ab:39:d6:8c:56:24:0a:
                    80:97:d2:99:00:8b:1c:3e:d8:9f:fd:66:23:f6:e4:
                    cf:25:c0:88:97:7d:f9:cf:fe:bc:36:05:ef:ad:9a:
                    d2:6d:4b:fa:99:30:06:f7:cb:67:ec:41:45:65:ea:
                    44:c2:0b:da:8d:41:82:3a:ae:a8:d0:4a:ca:1b:19:
                    f3:e5:05:26:ac:9c:99:7c:2c:45:3c:f8:63:cf:85:
                    44:31:e1:a2:3e:e3:88:f6:63:46:33:fb:2e:06:02:
                    09:7a:07:ed:5d:47:60:a9:4c:c5:c0:59:c4:c4:49:
                    07:39:36:83:e0:f3:66:91:0f:0f:22:5e:c7:27:4d:
                    3c:d1:42:06:d9:e8:4e:0f:65:84:97:c9:3f:a0:78:
                    ed:ce:b2:ac:a2:38:88:26:3c:f0:88:09:59:98:a9:
                    79:01:ae:df:36:1e:8c:72:8c:19:65:d8:21:31:1e:
                    55:f9:e7:23:f1:4e:82:de:e6:86:d8:ff:c4:0a:36:
                    12:2b:9c:81:60:2e:b1:a1:fe:69:1f:74:cc:3b:cb:
                    e3:78:48:10:84:11:f0:d4:d0:db:ca:21:d7:d2:8e:
                    ff:eb:92:94:39:29:45:c6:c4:e4:3f:5d:e8:06:da:
                    53:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:7D:34:17:7F:C1:49:2E:3D:04:E1:14:58:16:26:F4:24:E0:21:EE
            X509v3 Authority Key Identifier:
                keyid:80:30:77:7C:74:D1:AF:12:89:81:0E:44:F5:FE:CC:9C:F0:97:3A:0E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DA96D/790A042C66CD11EE953ED1704AD9E6FC/gDB3fHTRrxKJgQ5E9f7MnPCXOg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gDB3fHTRrxKJgQ5E9f7MnPCXOg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DA96D/790A042C66CD11EE953ED1704AD9E6FC/0A3BE84E8DD311EE96812E734AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:1f40::/32

    Signature Algorithm: sha256WithRSAEncryption
         c1:06:95:b8:d0:d4:e1:4c:7d:3f:0f:16:36:89:f0:48:f2:a9:
         11:a1:6b:b7:d6:4e:01:8a:52:d2:50:80:4b:e4:54:51:4d:f9:
         ca:57:08:ee:83:d4:06:25:68:41:ea:56:4c:91:0c:0d:bb:eb:
         3b:4d:c9:48:84:b0:df:d3:1f:49:78:d7:78:93:9c:ac:48:e4:
         95:d4:99:b5:9e:80:77:ee:b9:86:e6:5a:ea:97:f5:ab:b1:93:
         5b:4c:d4:75:4d:e8:1f:9c:38:ca:09:9f:e6:3c:9c:4b:c4:10:
         45:4c:70:b3:72:1e:b8:34:e3:02:4a:dd:1c:f7:81:c0:f3:b7:
         88:43:17:fe:a5:fe:e2:17:a7:39:31:5f:94:de:ab:98:ba:88:
         b6:a8:f8:4c:6a:eb:06:db:e7:af:d6:a7:b6:df:62:af:86:be:
         5e:6f:96:52:48:3c:9b:65:48:41:f0:67:69:7d:e3:1e:b8:79:
         ff:e5:68:d4:ba:09:2c:b5:1d:ec:a7:13:1b:f1:79:eb:34:67:
         f2:23:14:ca:e5:2d:e8:5e:a0:7e:a4:f5:64:a7:86:0c:d1:e5:
         17:84:b5:26:ce:a3:3a:8d:ac:36:76:a5:38:c5:7d:94:1c:bb:
         0c:72:10:5f:05:7a:63:76:b7:57:64:86:1c:5f:44:1e:6a:d0:
         1a:65:f8:08
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBOTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
QTk2REFGMTEwLwYDVQQFEyg4MDMwNzc3Qzc0RDFBRjEyODk4MTBFNDRGNUZFQ0M5
Q0YwOTczQTBFMB4XDTIzMTEyODA5NDY0MVoXDTI0MTEyNzA5NDY0MVowGDEWMBQG
A1UEAxMNNjU2NWI3MDQtMmNhMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQzni2b7+qud0Rlme6Gsgmf2BqvNpirOdaMViQKgJfSmQCLHD7Yn/1mI/bk
zyXAiJd9+c/+vDYF762a0m1L+pkwBvfLZ+xBRWXqRMIL2o1BgjquqNBKyhsZ8+UF
JqycmXwsRTz4Y8+FRDHhoj7jiPZjRjP7LgYCCXoH7V1HYKlMxcBZxMRJBzk2g+Dz
ZpEPDyJexydNPNFCBtnoTg9lhJfJP6B47c6yrKI4iCY88IgJWZipeQGu3zYejHKM
GWXYITEeVfnnI/FOgt7mhtj/xAo2EiucgWAusaH+aR90zDvL43hIEIQR8NTQ28oh
19KO/+uSlDkpRcbE5D9d6AbaU3MCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBR6fTQX
f8FJLj0E4RRYFib0JOAh7jAfBgNVHSMEGDAWgBSAMHd8dNGvEomBDkT1/syc8Jc6
DjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REE5NkQvNzkwQTA0MkM2NkNEMTFFRTk1M0VEMTcwNEFEOUU2RkMvZ0RCM2ZI
VFJyeEtKZ1E1RTlmN01uUENYT2c0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ0RCM2ZIVFJyeEtKZ1E1RTlmN01uUENYT2c0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REE5NkQvNzkwQTA0MkM2NkNEMTFFRTk1M0VEMTcwNEFE
OUU2RkMvMEEzQkU4NEU4REQzMTFFRTk2ODEyRTczNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPH0AwDQYJKoZIhvcNAQEL
BQADggEBAMEGlbjQ1OFMfT8PFjaJ8EjyqRGha7fWTgGKUtJQgEvkVFFN+cpXCO6D
1AYlaEHqVkyRDA276ztNyUiEsN/TH0l413iTnKxI5JXUmbWegHfuuYbmWuqX9aux
k1tM1HVN6B+cOMoJn+Y8nEvEEEVMcLNyHrg04wJK3Rz3gcDzt4hDF/6l/uIXpzkx
X5Teq5i6iLao+Exq6wbb56/Wp7bfYq+Gvl5vllJIPJtlSEHwZ2l94x64ef/laNS6
CSy1HeynExvxees0Z/IjFMrlLeheoH6k9WSnhgzR5ReEtSbOozqNrDZ2pTjFfZQc
uwxyEF8FemN2t1dkhhxfRB5q0Bpl+Ag=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:12 2024 by rpki-client on console-ams.rpki-client.org