Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/2850010E216B11EFB3F618137DDC24C2.roa
File:                     2850010E216B11EFB3F618137DDC24C2.roa (raw, json)
Hash identifier:          0jME1ZzrI4sNnNZjfeG38v9huXsz3LZTpURGBtXzEAw=
Subject key identifier:   C5:E3:07:F3:DA:65:B3:5D:99:12:0B:62:E5:F9:21:B0:C9:7E:A6:0E
Certificate issuer:       /CN=F36E2B8CRI/serialNumber=0629C99D4760C289B84CDBECF1B6C13CF525EAAF
Certificate serial:       018B
Authority key identifier: 06:29:C9:9D:47:60:C2:89:B8:4C:DB:EC:F1:B6:C1:3C:F5:25:EA:AF
Authority info access:    rsync://rpki.afrinic.net/repository/ripe/BinJnUdgwom4TNvs8bbBPPUl6q8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/2850010E216B11EFB3F618137DDC24C2.roa
Signing time:             Mon 03 Jun 2024 05:35:59 +0000
ROA not before:           Mon 03 Jun 2024 05:35:56 +0000
ROA not after:            Tue 01 Jan 2030 05:35:56 +0000
asID:                     37684
IP address blocks:        62.12.118.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/BinJnUdgwom4TNvs8bbBPPUl6q8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/BinJnUdgwom4TNvs8bbBPPUl6q8.mft
                          rsync://rpki.afrinic.net/repository/ripe/BinJnUdgwom4TNvs8bbBPPUl6q8.cer
                          rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.crl
                          rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/ripe-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:30:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 395 (0x18b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E2B8CRI/serialNumber=0629C99D4760C289B84CDBECF1B6C13CF525EAAF
        Validity
            Not Before: Jun  3 05:35:56 2024 GMT
            Not After : Jan  1 05:35:56 2030 GMT
        Subject: CN=665d563f-28e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:98:34:06:73:a1:e7:31:ac:58:89:75:5f:16:
                    88:84:7f:d4:60:a7:d0:e8:25:3f:08:6d:af:76:b2:
                    22:ba:33:50:2e:e0:a1:c1:2c:20:66:56:c4:36:36:
                    92:03:db:f6:67:48:f9:e8:77:0a:08:be:48:36:ea:
                    70:d7:43:35:12:14:70:41:7d:78:2a:da:1a:1f:7f:
                    f7:71:0e:ab:6d:c1:1b:b5:2a:6c:d2:f1:5f:19:71:
                    d5:55:7a:c0:97:df:2a:cb:ad:72:9e:d9:cc:57:a2:
                    6b:76:80:64:e0:e7:da:55:1c:ba:b0:88:fe:26:4a:
                    32:7d:50:f1:84:75:a7:a6:be:1d:fe:c0:f0:cd:66:
                    7a:d9:c3:80:d2:0c:15:62:ea:41:ea:c9:7f:61:29:
                    5a:8e:c3:f3:0d:cb:fc:91:8c:e7:b4:26:45:6d:a0:
                    4b:b1:ac:26:e3:27:88:ca:03:1e:3e:e1:42:1e:5f:
                    5c:f9:7f:0e:09:61:f3:4d:7e:f0:fc:7f:3e:52:64:
                    7f:22:70:1e:3b:c6:1b:56:79:0b:a7:fd:a0:29:36:
                    bd:b6:65:61:c7:4f:a7:13:d6:51:94:42:86:c8:3c:
                    bb:89:bb:b5:d8:06:2f:b0:d5:92:0f:c1:b6:66:90:
                    43:9e:a2:c8:43:5e:f2:83:a9:ec:85:fe:96:7f:de:
                    71:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:E3:07:F3:DA:65:B3:5D:99:12:0B:62:E5:F9:21:B0:C9:7E:A6:0E
            X509v3 Authority Key Identifier:
                keyid:06:29:C9:9D:47:60:C2:89:B8:4C:DB:EC:F1:B6:C1:3C:F5:25:EA:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/BinJnUdgwom4TNvs8bbBPPUl6q8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/ripe/BinJnUdgwom4TNvs8bbBPPUl6q8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/2850010E216B11EFB3F618137DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.12.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:33:3b:d4:fd:2c:fc:4b:96:74:4a:00:64:b7:c1:74:ba:a0:
         33:ec:1e:e2:aa:89:86:32:7e:fe:49:30:71:c6:48:e5:d2:8e:
         5f:28:75:e2:2a:c2:eb:68:db:0c:58:8d:9f:5b:1c:25:50:e6:
         0e:d0:02:eb:7d:37:11:72:a8:fd:2f:24:24:18:8d:b3:ab:d9:
         4f:90:52:44:bc:8b:c4:20:6c:54:2d:c4:13:95:81:e5:a1:99:
         86:22:d9:4e:09:81:f0:26:4e:5b:38:4d:2c:19:32:53:5b:94:
         5b:a3:2f:af:db:c1:b3:1f:2d:f3:b4:88:c5:0c:f8:f0:7a:c4:
         d4:9e:6b:f5:cb:19:3e:fb:63:dc:36:ae:73:68:db:88:81:06:
         3c:5e:39:bb:e3:37:ba:3c:c2:95:a9:d8:a4:5c:ea:80:8e:c5:
         59:8b:06:a1:80:1a:53:23:10:99:36:81:99:d7:b6:78:e2:da:
         da:fc:3a:9d:71:f7:0e:d8:80:7c:c5:0a:6d:43:a7:05:0d:33:
         4c:08:15:99:dc:6e:86:85:42:f0:8d:b1:0e:47:fb:b6:16:75:
         02:fb:74:fe:e3:11:30:1d:b5:0a:30:b1:2e:5f:53:47:bb:e9:
         da:66:e1:78:38:f7:29:36:30:cb:85:37:e5:fb:e3:eb:99:15:
         37:88:8f:2d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAYswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTJCOENSSTExMC8GA1UEBRMoMDYyOUM5OUQ0NzYwQzI4OUI4NENEQkVDRjFCNkMx
M0NGNTI1RUFBRjAeFw0yNDA2MDMwNTM1NTZaFw0zMDAxMDEwNTM1NTZaMBgxFjAU
BgNVBAMTDTY2NWQ1NjNmLTI4ZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCumDQGc6HnMaxYiXVfFoiEf9Rgp9DoJT8Iba92siK6M1Au4KHBLCBmVsQ2
NpID2/ZnSPnodwoIvkg26nDXQzUSFHBBfXgq2hoff/dxDqttwRu1KmzS8V8ZcdVV
esCX3yrLrXKe2cxXomt2gGTg59pVHLqwiP4mSjJ9UPGEdaemvh3+wPDNZnrZw4DS
DBVi6kHqyX9hKVqOw/MNy/yRjOe0JkVtoEuxrCbjJ4jKAx4+4UIeX1z5fw4JYfNN
fvD8fz5SZH8icB47xhtWeQun/aApNr22ZWHHT6cT1lGUQobIPLuJu7XYBi+w1ZIP
wbZmkEOeoshDXvKDqeyF/pZ/3nEjAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUxeMH
89pls12ZEgti5fkhsMl+pg4wHwYDVR0jBBgwFoAUBinJnUdgwom4TNvs8bbBPPUl
6q8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUyQjhDL0I1MENBNEFBMEI2MjExRUVCMkQzNUU4QTRBRDlFNkZDL0Jpbkpu
VWRnd29tNFROdnM4YmJCUFBVbDZxOC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9yaXBl
L0JpbkpuVWRnd29tNFROdnM4YmJCUFBVbDZxOC5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkUyQjhDL0I1MENBNEFBMEI2MjExRUVCMkQzNUU4QTRBRDlF
NkZDLzI4NTAwMTBFMjE2QjExRUZCM0Y2MTgxMzdEREMyNEMyLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA+DHYwDQYJKoZIhvcNAQELBQAD
ggEBAAUzO9T9LPxLlnRKAGS3wXS6oDPsHuKqiYYyfv5JMHHGSOXSjl8odeIqwuto
2wxYjZ9bHCVQ5g7QAut9NxFyqP0vJCQYjbOr2U+QUkS8i8QgbFQtxBOVgeWhmYYi
2U4JgfAmTls4TSwZMlNblFujL6/bwbMfLfO0iMUM+PB6xNSea/XLGT77Y9w2rnNo
24iBBjxeObvjN7o8wpWp2KRc6oCOxVmLBqGAGlMjEJk2gZnXtnji2tr8Op1x9w7Y
gHzFCm1DpwUNM0wIFZncboaFQvCNsQ5H+7YWdQL7dP7jETAdtQowsS5fU0e76dpm
4Xg49yk2MMuFN+X74+uZFTeIjy0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:30 2024 by rpki-client on console-ams.rpki-client.org