Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/20EEA9507E1F11EEAD686A6B4AD9E6FC.roa
File:                     20EEA9507E1F11EEAD686A6B4AD9E6FC.roa (raw, json)
Hash identifier:          +kuN9/TLBGpI4GFRii8gvKOE9Vh3yGtX4DQwHRmVzSA=
Subject key identifier:   65:BE:81:79:FD:0C:5B:3C:38:5E:10:D9:62:86:A2:C1:F4:BD:82:A2
Certificate issuer:       /CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
Certificate serial:       01D3
Authority key identifier: F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/20EEA9507E1F11EEAD686A6B4AD9E6FC.roa
Signing time:             Wed 08 Nov 2023 10:11:06 +0000
ROA not before:           Wed 08 Nov 2023 10:11:02 +0000
ROA not after:            Wed 10 Nov 2027 10:11:02 +0000
asID:                     4809
IP address blocks:        2c0f:f7a8:9011::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 467 (0x1d3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
        Validity
            Not Before: Nov  8 10:11:02 2023 GMT
            Not After : Nov 10 10:11:02 2027 GMT
        Subject: CN=654b5eba-77f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:24:74:98:18:28:3f:0f:db:54:14:01:ef:7e:
                    cd:36:4a:45:7b:bb:1c:32:1c:ef:37:16:85:5c:41:
                    2a:44:d5:a5:f3:ac:2a:f7:86:07:de:0f:8f:bf:5f:
                    fe:7b:67:51:92:ed:d9:46:0f:a5:5c:ec:f5:34:24:
                    9c:16:1f:9e:08:ff:9b:0a:b1:74:0d:be:20:f3:a8:
                    16:23:bf:63:af:ce:41:4f:28:41:74:5f:94:92:91:
                    9d:69:51:d2:f4:a5:27:ef:d2:c0:c4:81:94:1f:54:
                    86:d4:ec:a6:54:59:93:95:73:63:1e:17:32:65:a6:
                    fb:75:cf:96:f9:f8:39:f6:8d:b4:d0:92:07:33:27:
                    2b:46:85:9a:bd:35:f0:84:6c:cb:4e:82:18:f3:6f:
                    7f:e9:98:fb:0e:f5:9d:87:00:e7:36:0f:7b:e8:a7:
                    76:81:b2:b6:2e:7d:85:ba:67:82:ab:14:ae:fc:9e:
                    ee:84:b0:98:38:da:c2:f3:0a:11:e4:c0:c6:0d:a9:
                    88:08:36:af:50:c3:5a:9b:a1:70:fe:06:99:51:42:
                    af:b9:50:f0:f4:e9:2c:c6:13:aa:3d:aa:81:9c:af:
                    79:12:e5:d5:8f:a0:1d:b7:a3:d3:1e:69:52:e8:c2:
                    30:6c:1c:c5:bb:7f:7d:ec:43:41:92:5e:d9:c1:72:
                    45:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:BE:81:79:FD:0C:5B:3C:38:5E:10:D9:62:86:A2:C1:F4:BD:82:A2
            X509v3 Authority Key Identifier:
                keyid:F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/20EEA9507E1F11EEAD686A6B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f7a8:9011::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:5c:10:3a:3d:d1:e0:6a:12:de:b0:36:03:19:50:a1:1c:ae:
         32:e1:7d:d8:c4:11:b5:01:f6:ae:dc:f1:a4:cb:e2:21:c7:0e:
         2d:54:6f:cf:66:24:9a:40:cc:d1:94:47:4b:67:3b:de:72:40:
         66:dc:cd:9a:3c:1e:ac:9d:28:91:37:68:69:d0:01:34:58:80:
         ee:fd:33:48:63:8a:e1:ef:ff:0b:72:8d:a5:fc:1d:90:85:09:
         10:70:f5:71:0d:9f:1d:f4:6d:78:9a:de:df:21:67:17:1d:bf:
         89:92:60:27:2d:c0:c2:07:a5:f3:73:3a:39:f9:92:8f:10:a5:
         30:5d:7e:e2:df:af:75:fd:d9:d8:48:01:42:3d:4d:cf:db:5f:
         ca:17:5e:a0:71:51:83:dc:50:17:a4:93:a4:fc:f1:15:65:99:
         c7:fc:8d:c5:11:bf:da:41:e7:51:9c:ab:86:96:a4:b5:be:38:
         bd:cf:57:20:e2:92:d0:39:e0:cd:24:dd:5a:bb:e1:fb:b8:4d:
         0a:7c:e6:96:9d:3b:83:02:dc:48:30:f7:52:c2:89:30:5a:92:
         4a:d6:e6:2c:d9:05:c7:bb:e7:78:75:2d:60:24:d6:4e:02:2a:
         c0:27:7e:96:5d:3a:5b:17:1a:a1:d1:ca:8f:21:23:5f:4f:f1:
         fd:a9:b6:d1
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAdMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
REI0OTJBRjExMC8GA1UEBRMoRjQzRTA2NjhFRjcyQkQ4N0ZBNTM2OEJFMkI2ODE1
QzBCQ0I0MDE0OTAeFw0yMzExMDgxMDExMDJaFw0yNzExMTAxMDExMDJaMBgxFjAU
BgNVBAMTDTY1NGI1ZWJhLTc3ZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCiJHSYGCg/D9tUFAHvfs02SkV7uxwyHO83FoVcQSpE1aXzrCr3hgfeD4+/
X/57Z1GS7dlGD6Vc7PU0JJwWH54I/5sKsXQNviDzqBYjv2OvzkFPKEF0X5SSkZ1p
UdL0pSfv0sDEgZQfVIbU7KZUWZOVc2MeFzJlpvt1z5b5+Dn2jbTQkgczJytGhZq9
NfCEbMtOghjzb3/pmPsO9Z2HAOc2D3vop3aBsrYufYW6Z4KrFK78nu6EsJg42sLz
ChHkwMYNqYgINq9Qw1qboXD+BplRQq+5UPD06SzGE6o9qoGcr3kS5dWPoB23o9Me
aVLowjBsHMW7f33sQ0GSXtnBckUdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZb6B
ef0MWzw4XhDZYoaiwfS9gqIwHwYDVR0jBBgwFoAU9D4GaO9yvYf6U2i+K2gVwLy0
AUkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYxMjIyNDY4LzlENEdh
Tzl5dllmNlUyaS1LMmdWd0x5MEFVay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzlENEdhTzl5dllmNlUyaS1LMmdWd0x5MEFVay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYx
MjIyNDY4LzIwRUVBOTUwN0UxRjExRUVBRDY4NkE2QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAsD/eokBEwDQYJKoZIhvcN
AQELBQADggEBAA9cEDo90eBqEt6wNgMZUKEcrjLhfdjEEbUB9q7c8aTL4iHHDi1U
b89mJJpAzNGUR0tnO95yQGbczZo8HqydKJE3aGnQATRYgO79M0hjiuHv/wtyjaX8
HZCFCRBw9XENnx30bXia3t8hZxcdv4mSYCctwMIHpfNzOjn5ko8QpTBdfuLfr3X9
2dhIAUI9Tc/bX8oXXqBxUYPcUBekk6T88RVlmcf8jcURv9pB51Gcq4aWpLW+OL3P
VyDiktA54M0k3Vq74fu4TQp85padO4MC3Egw91LCiTBakkrW5izZBce753h1LWAk
1k4CKsAnfpZdOlsXGqHRyo8hI19P8f2pttE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org