Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/6338988EA87D11ED87EC69BCF1222468.roa
File:                     6338988EA87D11ED87EC69BCF1222468.roa (raw, json)
Hash identifier:          IZXX51uk7GT1RL3vx7pjPtZqXq+pAq50SdmhzbXOnq4=
Subject key identifier:   22:D3:D1:AC:DA:7C:4E:5E:BE:7C:B4:65:DC:84:C5:0E:B2:06:90:51
Certificate issuer:       /CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
Certificate serial:       8D
Authority key identifier: F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/6338988EA87D11ED87EC69BCF1222468.roa
Signing time:             Thu 09 Feb 2023 13:26:41 +0000
ROA not before:           Thu 09 Feb 2023 13:26:37 +0000
ROA not after:            Wed 19 Feb 2025 13:26:37 +0000
asID:                     23764
IP address blocks:        2c0f:f7a8:1::/48 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 141 (0x8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
        Validity
            Not Before: Feb  9 13:26:37 2023 GMT
            Not After : Feb 19 13:26:37 2025 GMT
        Subject: CN=63e4f491-9ec9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:ae:ac:fc:3e:64:54:6d:7a:0d:1c:0b:b6:bd:
                    8f:11:d0:e3:74:59:23:4a:75:12:e6:29:20:16:47:
                    7e:6e:18:ee:2b:12:3d:07:0d:d6:04:18:7e:34:b7:
                    e6:c4:0a:3a:e0:c4:89:f8:31:0f:e3:5e:3f:41:9a:
                    94:d6:c8:51:96:4a:06:82:64:a5:95:2b:a6:78:7f:
                    b6:61:d5:98:be:3a:d5:a8:22:31:77:d4:bc:b8:02:
                    70:d5:ab:5b:fb:83:49:a1:19:0b:33:82:01:43:41:
                    78:5f:b2:d9:ca:bb:52:f7:57:23:df:45:a1:5e:ce:
                    0e:cc:3b:5f:4a:43:35:63:d0:4b:6a:e7:69:d7:50:
                    4f:a6:78:93:ad:02:8f:23:e5:66:02:53:91:a3:c3:
                    e3:39:35:cc:83:d6:3e:3c:e2:ad:63:d5:bc:fb:ca:
                    86:9f:96:56:c7:67:69:73:be:7a:e2:41:f7:a6:7d:
                    7f:f1:c8:0b:de:ac:6e:23:13:00:2e:60:2a:91:5b:
                    2c:8f:7b:65:8b:c8:d8:8f:f5:47:3e:74:cb:c6:2f:
                    c0:93:b0:fa:28:b1:74:76:20:bf:a6:f6:f0:07:a2:
                    ba:ae:42:99:57:85:2c:bd:c6:7b:fb:d3:f7:0e:5b:
                    b4:96:d8:a2:24:b5:a8:66:35:94:b3:a0:bb:95:89:
                    a2:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:D3:D1:AC:DA:7C:4E:5E:BE:7C:B4:65:DC:84:C5:0E:B2:06:90:51
            X509v3 Authority Key Identifier:
                keyid:F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/6338988EA87D11ED87EC69BCF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f7a8:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         cd:37:f2:da:2b:2e:4e:cb:dc:fb:93:59:aa:9c:13:a5:a2:44:
         7b:b9:06:ed:6c:41:4f:c4:d2:d7:69:69:d0:b0:68:31:12:11:
         73:5d:0b:8c:bc:fd:75:83:47:ec:85:4a:6a:d1:18:f2:c0:e6:
         b7:e2:7a:e0:c0:3d:6e:7e:8a:e6:58:43:ce:aa:e3:9a:79:0d:
         51:ad:fa:22:dd:7a:97:c9:5e:02:e4:ef:24:3c:7a:89:37:12:
         f9:81:10:7b:4d:95:f6:49:9a:30:4d:db:27:b4:7e:2a:bd:e8:
         e5:54:7d:e0:c7:8b:e0:e8:f1:56:ad:6e:9a:ae:f5:46:d1:d9:
         62:83:6c:30:11:18:fb:88:20:77:bd:d9:e9:ee:11:5c:48:4a:
         a7:40:b8:2a:a9:d7:cb:82:14:a9:34:0a:c9:1e:f5:8b:bc:7a:
         0e:52:31:5d:12:1c:d7:eb:7b:f9:98:1f:1a:e1:73:a1:b1:bd:
         f5:76:b3:b3:37:0d:2e:59:de:3d:3d:d8:e6:60:a5:ab:fb:b8:
         48:d2:16:8e:b0:b6:6b:79:92:4a:9b:04:8f:b3:a8:14:a1:a9:
         22:c5:32:fd:99:24:5a:c2:31:d5:0c:ee:92:99:2f:c2:b4:4d:
         c4:61:f7:31:36:71:63:b3:42:11:5a:b0:65:52:72:bf:ff:d4:
         ec:48:c0:ba
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAI0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
REI0OTJBRjExMC8GA1UEBRMoRjQzRTA2NjhFRjcyQkQ4N0ZBNTM2OEJFMkI2ODE1
QzBCQ0I0MDE0OTAeFw0yMzAyMDkxMzI2MzdaFw0yNTAyMTkxMzI2MzdaMBgxFjAU
BgNVBAMMDTYzZTRmNDkxLTllYzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDZrqz8PmRUbXoNHAu2vY8R0ON0WSNKdRLmKSAWR35uGO4rEj0HDdYEGH40
t+bECjrgxIn4MQ/jXj9BmpTWyFGWSgaCZKWVK6Z4f7Zh1Zi+OtWoIjF31Ly4AnDV
q1v7g0mhGQszggFDQXhfstnKu1L3VyPfRaFezg7MO19KQzVj0Etq52nXUE+meJOt
Ao8j5WYCU5Gjw+M5NcyD1j484q1j1bz7yoafllbHZ2lzvnriQfemfX/xyAverG4j
EwAuYCqRWyyPe2WLyNiP9Uc+dMvGL8CTsPoosXR2IL+m9vAHorquQplXhSy9xnv7
0/cOW7SW2KIktahmNZSzoLuViaKhAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUItPR
rNp8Tl6+fLRl3ITFDrIGkFEwHwYDVR0jBBgwFoAU9D4GaO9yvYf6U2i+K2gVwLy0
AUkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYxMjIyNDY4LzlENEdh
Tzl5dllmNlUyaS1LMmdWd0x5MEFVay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzlENEdhTzl5dllmNlUyaS1LMmdWd0x5MEFVay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYx
MjIyNDY4LzYzMzg5ODhFQTg3RDExRUQ4N0VDNjlCQ0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAsD/eoAAEwDQYJKoZIhvcN
AQELBQADggEBAM038torLk7L3PuTWaqcE6WiRHu5Bu1sQU/E0tdpadCwaDESEXNd
C4y8/XWDR+yFSmrRGPLA5rfieuDAPW5+iuZYQ86q45p5DVGt+iLdepfJXgLk7yQ8
eok3EvmBEHtNlfZJmjBN2ye0fiq96OVUfeDHi+Do8Vatbpqu9UbR2WKDbDARGPuI
IHe92enuEVxISqdAuCqp18uCFKk0Cske9Yu8eg5SMV0SHNfre/mYHxrhc6GxvfV2
s7M3DS5Z3j092OZgpav7uEjSFo6wtmt5kkqbBI+zqBShqSLFMv2ZJFrCMdUM7pKZ
L8K0TcRh9zE2cWOzQhFasGVScr//1OxIwLo=
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:47 2024 by rpki-client on console-ams.rpki-client.org