Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/66B2A238101611EE8F75804E4AD9E6FC.roa
File:                     66B2A238101611EE8F75804E4AD9E6FC.roa (raw, json)
Hash identifier:          EyRMrqxh/76nwVPovZ+T7AMAWAH2bQkHE/pMryeGpU8=
Subject key identifier:   01:22:03:85:28:C1:68:44:28:AD:79:54:07:81:3D:33:00:FD:EC:5D
Certificate issuer:       /CN=F36E2B8CRI/serialNumber=0629C99D4760C289B84CDBECF1B6C13CF525EAAF
Certificate serial:       10
Authority key identifier: 06:29:C9:9D:47:60:C2:89:B8:4C:DB:EC:F1:B6:C1:3C:F5:25:EA:AF
Authority info access:    rsync://rpki.afrinic.net/repository/ripe/BinJnUdgwom4TNvs8bbBPPUl6q8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/66B2A238101611EE8F75804E4AD9E6FC.roa
Signing time:             Wed 21 Jun 2023 09:31:29 +0000
ROA not before:           Wed 21 Jun 2023 09:31:26 +0000
ROA not after:            Fri 21 Jun 2024 09:31:26 +0000
asID:                     37684
IP address blocks:        62.12.116.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/BinJnUdgwom4TNvs8bbBPPUl6q8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/BinJnUdgwom4TNvs8bbBPPUl6q8.mft
                          rsync://rpki.afrinic.net/repository/ripe/BinJnUdgwom4TNvs8bbBPPUl6q8.cer
                          rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.crl
                          rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/ripe-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:25:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16 (0x10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E2B8CRI/serialNumber=0629C99D4760C289B84CDBECF1B6C13CF525EAAF
        Validity
            Not Before: Jun 21 09:31:26 2023 GMT
            Not After : Jun 21 09:31:26 2024 GMT
        Subject: CN=6492c371-1b86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f7:e0:57:ad:49:28:05:d5:c7:2e:c2:36:67:
                    4d:25:36:95:16:97:16:41:52:1f:29:2b:3a:7f:e9:
                    81:6d:51:aa:5a:09:69:72:16:b2:05:6f:9d:c6:d8:
                    f3:b6:1d:7c:f9:03:2b:8e:2f:96:de:09:7e:80:96:
                    be:ef:68:54:f4:08:63:12:97:09:44:ca:24:d7:42:
                    aa:da:27:cf:0a:fe:80:31:e6:79:c1:4d:49:19:b4:
                    8e:81:e3:9a:da:ba:fe:e7:2e:e2:38:44:f9:d3:18:
                    6f:ee:b4:76:f9:8c:69:63:51:6c:e1:45:c9:f3:eb:
                    b5:b5:71:cf:12:86:d6:1f:e4:2a:69:de:75:82:71:
                    6d:35:bb:fb:18:9a:a1:23:82:9a:7b:dd:34:72:f6:
                    69:0f:ac:27:a9:65:20:2c:a5:d5:82:07:9c:89:9c:
                    b6:a5:ca:64:9c:7f:27:5d:f9:4d:83:2e:95:9e:6c:
                    21:5f:c6:8e:db:50:90:94:25:9b:5e:36:fc:e8:e6:
                    5c:32:69:23:7c:f9:4b:5b:a7:2b:6e:bf:61:3b:bd:
                    8a:af:67:d5:98:ae:73:8a:72:24:69:dc:f8:3e:32:
                    e0:fc:b1:b8:53:d9:92:4a:f0:43:30:2c:51:91:68:
                    21:ab:e0:40:51:39:31:12:94:15:af:10:fd:cb:ec:
                    09:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:22:03:85:28:C1:68:44:28:AD:79:54:07:81:3D:33:00:FD:EC:5D
            X509v3 Authority Key Identifier:
                keyid:06:29:C9:9D:47:60:C2:89:B8:4C:DB:EC:F1:B6:C1:3C:F5:25:EA:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/BinJnUdgwom4TNvs8bbBPPUl6q8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/ripe/BinJnUdgwom4TNvs8bbBPPUl6q8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/66B2A238101611EE8F75804E4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.12.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:61:b2:bf:a1:ad:6e:1a:37:83:b4:4d:47:1f:05:9d:24:95:
         b8:39:7b:df:46:e3:6b:2c:36:29:39:66:69:ee:b4:2c:a4:7f:
         cc:97:4b:13:e0:b5:d3:a1:a0:3f:f9:2c:71:82:9e:82:4f:7a:
         89:45:51:a5:dc:8a:70:87:27:a3:5a:61:28:ba:81:46:5e:9d:
         15:9c:c6:80:ff:b1:27:c7:7b:7c:e4:ca:ac:f1:9e:19:20:f8:
         10:3d:7e:1e:c8:5d:b5:41:96:22:4e:a1:0c:23:eb:9e:db:79:
         f8:17:28:ff:61:5b:ee:51:ea:69:df:86:c0:e8:9a:44:dc:f7:
         5f:dd:06:24:a9:be:a0:00:e7:da:24:f9:8d:47:71:f1:13:b8:
         2a:49:58:21:9d:de:d4:64:3c:1d:45:ad:3f:01:ac:37:9c:d0:
         e0:bb:c4:8e:9c:3e:60:7a:94:27:a3:ae:9c:bf:23:d8:74:47:
         43:87:70:0f:91:44:da:a4:71:43:99:42:dc:be:11:81:01:a9:
         75:5f:d1:72:c1:58:43:28:f1:fd:ce:45:54:6f:fe:48:c4:67:
         7c:9f:1a:fb:0f:4c:c5:39:8e:b4:11:80:8f:41:4c:2f:e4:f7:
         b4:d7:30:8a:57:89:43:5f:0e:14:0b:6c:47:89:a1:8b:6a:b3:
         19:4e:15:3b
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
MkI4Q1JJMTEwLwYDVQQFEygwNjI5Qzk5RDQ3NjBDMjg5Qjg0Q0RCRUNGMUI2QzEz
Q0Y1MjVFQUFGMB4XDTIzMDYyMTA5MzEyNloXDTI0MDYyMTA5MzEyNlowGDEWMBQG
A1UEAxMNNjQ5MmMzNzEtMWI4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALP34FetSSgF1ccuwjZnTSU2lRaXFkFSHykrOn/pgW1RqloJaXIWsgVvncbY
87YdfPkDK44vlt4JfoCWvu9oVPQIYxKXCUTKJNdCqtonzwr+gDHmecFNSRm0joHj
mtq6/ucu4jhE+dMYb+60dvmMaWNRbOFFyfPrtbVxzxKG1h/kKmnedYJxbTW7+xia
oSOCmnvdNHL2aQ+sJ6llICyl1YIHnImctqXKZJx/J135TYMulZ5sIV/GjttQkJQl
m142/OjmXDJpI3z5S1unK26/YTu9iq9n1Ziuc4pyJGnc+D4y4PyxuFPZkkrwQzAs
UZFoIavgQFE5MRKUFa8Q/cvsCYMCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQBIgOF
KMFoRCiteVQHgT0zAP3sXTAfBgNVHSMEGDAWgBQGKcmdR2DCibhM2+zxtsE89SXq
rzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTJCOEMvQjUwQ0E0QUEwQjYyMTFFRUIyRDM1RThBNEFEOUU2RkMvQmluSm5V
ZGd3b200VE52czhiYkJQUFVsNnE4LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L3JpcGUv
QmluSm5VZGd3b200VE52czhiYkJQUFVsNnE4LmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2RTJCOEMvQjUwQ0E0QUEwQjYyMTFFRUIyRDM1RThBNEFEOUU2
RkMvNjZCMkEyMzgxMDE2MTFFRThGNzU4MDRFNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD4MdDANBgkqhkiG9w0BAQsFAAOC
AQEAgWGyv6Gtbho3g7RNRx8FnSSVuDl730bjayw2KTlmae60LKR/zJdLE+C106Gg
P/kscYKegk96iUVRpdyKcIcno1phKLqBRl6dFZzGgP+xJ8d7fOTKrPGeGSD4ED1+
HshdtUGWIk6hDCPrntt5+Bco/2Fb7lHqad+GwOiaRNz3X90GJKm+oADn2iT5jUdx
8RO4KklYIZ3e1GQ8HUWtPwGsN5zQ4LvEjpw+YHqUJ6OunL8j2HRHQ4dwD5FE2qRx
Q5lC3L4RgQGpdV/RcsFYQyjx/c5FVG/+SMRnfJ8a+w9MxTmOtBGAj0FML+T3tNcw
ileJQ18OFAtsR4mhi2qzGU4VOw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 03:05:54 2024 by rpki-client on console-fra.rpki-client.org