Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/A44B31E6A6DA11EDA97A419AF1222468.roa
File:                     A44B31E6A6DA11EDA97A419AF1222468.roa (raw, json)
Hash identifier:          KNv3kGqVBk2ibNykWE3UgixjRGloqbHBAOBpTcknmTY=
Subject key identifier:   93:76:74:50:EA:B1:8A:20:9F:8A:89:86:22:87:7E:43:5A:D4:71:CB
Certificate issuer:       /CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
Certificate serial:       86
Authority key identifier: F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/A44B31E6A6DA11EDA97A419AF1222468.roa
Signing time:             Tue 07 Feb 2023 11:29:11 +0000
ROA not before:           Tue 07 Feb 2023 11:29:06 +0000
ROA not after:            Tue 04 Feb 2025 11:29:06 +0000
asID:                     23764
IP address blocks:        2c0f:f7a8:47::/48 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 134 (0x86)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
        Validity
            Not Before: Feb  7 11:29:06 2023 GMT
            Not After : Feb  4 11:29:06 2025 GMT
        Subject: CN=63e23607-d6b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:01:82:4c:ac:d1:1a:35:13:c2:8b:13:ce:40:
                    a5:58:8c:93:15:10:a5:8b:c4:20:b5:dc:16:bb:76:
                    ab:0c:06:f9:61:8b:14:af:16:f3:9c:a4:43:50:76:
                    82:9a:de:3c:9c:8c:21:47:03:fd:19:1c:d0:b7:61:
                    82:12:23:44:2c:ea:47:8d:8d:a4:1b:d6:74:97:e4:
                    80:f5:2b:23:06:f9:6a:16:2b:36:d9:23:b2:a1:0b:
                    db:06:e3:35:8d:3b:25:d7:44:12:ad:fc:f4:0d:8f:
                    f2:14:fe:10:bb:9b:5b:80:4f:b9:d7:6a:ab:5f:83:
                    99:7c:28:90:20:04:35:a0:cb:e8:1a:e5:de:5c:c1:
                    2b:13:bc:4e:5e:c4:f7:f8:fe:23:5e:2d:5e:e2:90:
                    37:9e:54:47:05:13:f9:96:5e:e0:e0:44:45:02:75:
                    a6:93:9e:e6:68:ae:40:bb:2f:59:5a:58:09:6b:9a:
                    22:e0:f0:47:77:a8:99:fc:63:f2:16:29:4a:a1:14:
                    6f:e0:55:db:5e:26:ce:d7:7b:ea:a5:02:ff:f6:7c:
                    9f:b6:76:39:5c:40:7c:d1:46:23:33:c1:cd:a1:29:
                    78:61:de:fb:92:1d:51:e5:b1:6d:fb:33:e2:bb:4c:
                    29:89:f0:65:06:da:7b:f4:c4:1f:7c:e9:01:65:23:
                    7a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:76:74:50:EA:B1:8A:20:9F:8A:89:86:22:87:7E:43:5A:D4:71:CB
            X509v3 Authority Key Identifier:
                keyid:F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/A44B31E6A6DA11EDA97A419AF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f7a8:47::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:21:21:01:5c:f1:c2:06:ac:ca:ca:74:0b:84:10:44:69:f0:
         2b:f5:17:27:9a:80:35:96:0c:14:09:29:58:cf:17:e4:ea:09:
         75:8b:48:22:13:38:ce:a5:02:5d:c6:07:58:3d:ae:b4:04:2f:
         d6:8d:ef:70:ce:10:d4:01:2c:b3:4e:ca:8c:14:d7:25:38:ae:
         7e:51:d8:33:45:99:03:d2:d3:b5:95:c0:22:f3:ff:e7:c5:81:
         c4:19:f2:27:f3:32:ea:21:cc:ca:eb:c3:1d:db:1d:34:36:ea:
         f5:eb:b8:fb:c8:2e:c7:05:da:d9:50:0c:1d:f0:0e:42:8f:2b:
         8f:dd:e9:0c:95:54:3c:cc:ff:93:53:a6:cd:93:56:e6:a2:d1:
         43:d7:a4:97:b6:83:75:5b:bd:e2:ca:eb:fe:bb:fd:f3:46:af:
         37:ee:3c:1b:cb:d8:72:c3:08:34:7a:70:c1:00:76:b6:ab:34:
         35:99:f1:d1:ef:3c:c8:71:9e:72:1d:f1:57:e6:b1:8b:6a:de:
         32:4e:3c:33:b5:e7:1d:b3:bf:5b:22:d8:34:dc:fc:09:24:37:
         72:18:42:e4:bc:8f:58:5f:c1:b9:45:7a:c8:ab:a5:76:90:5f:
         23:30:1b:06:2b:e7:78:79:e2:be:18:db:56:cf:c2:14:3b:22:
         28:e6:9b:e5
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAIYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
REI0OTJBRjExMC8GA1UEBRMoRjQzRTA2NjhFRjcyQkQ4N0ZBNTM2OEJFMkI2ODE1
QzBCQ0I0MDE0OTAeFw0yMzAyMDcxMTI5MDZaFw0yNTAyMDQxMTI5MDZaMBgxFjAU
BgNVBAMMDTYzZTIzNjA3LWQ2YjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFAYJMrNEaNRPCixPOQKVYjJMVEKWLxCC13Ba7dqsMBvlhixSvFvOcpENQ
doKa3jycjCFHA/0ZHNC3YYISI0Qs6keNjaQb1nSX5ID1KyMG+WoWKzbZI7KhC9sG
4zWNOyXXRBKt/PQNj/IU/hC7m1uAT7nXaqtfg5l8KJAgBDWgy+ga5d5cwSsTvE5e
xPf4/iNeLV7ikDeeVEcFE/mWXuDgREUCdaaTnuZorkC7L1laWAlrmiLg8Ed3qJn8
Y/IWKUqhFG/gVdteJs7Xe+qlAv/2fJ+2djlcQHzRRiMzwc2hKXhh3vuSHVHlsW37
M+K7TCmJ8GUG2nv0xB986QFlI3rtAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUk3Z0
UOqxiiCfiomGIod+Q1rUccswHwYDVR0jBBgwFoAU9D4GaO9yvYf6U2i+K2gVwLy0
AUkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYxMjIyNDY4LzlENEdh
Tzl5dllmNlUyaS1LMmdWd0x5MEFVay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzlENEdhTzl5dllmNlUyaS1LMmdWd0x5MEFVay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkRCNDkyLzEwREE5OTc2NEEwMzExRUQ4RjU5RDg5RUYx
MjIyNDY4L0E0NEIzMUU2QTZEQTExRURBOTdBNDE5QUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAsD/eoAEcwDQYJKoZIhvcN
AQELBQADggEBAAshIQFc8cIGrMrKdAuEEERp8Cv1FyeagDWWDBQJKVjPF+TqCXWL
SCITOM6lAl3GB1g9rrQEL9aN73DOENQBLLNOyowU1yU4rn5R2DNFmQPS07WVwCLz
/+fFgcQZ8ifzMuohzMrrwx3bHTQ26vXruPvILscF2tlQDB3wDkKPK4/d6QyVVDzM
/5NTps2TVuai0UPXpJe2g3VbveLK6/67/fNGrzfuPBvL2HLDCDR6cMEAdrarNDWZ
8dHvPMhxnnId8VfmsYtq3jJOPDO15x2zv1si2DTc/AkkN3IYQuS8j1hfwblFesir
pXaQXyMwGwYr53h54r4Y21bPwhQ7Iijmm+U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org