Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/47DEF09E101811EE94B009544AD9E6FC.roa
File:                     47DEF09E101811EE94B009544AD9E6FC.roa (raw, json)
Hash identifier:          HjDaJKaBLSvXWmr09n5xvi3prf7lPzvnkicoXmh/pg4=
Subject key identifier:   93:AB:57:1F:53:D4:61:5A:F4:94:19:1E:BE:14:88:02:11:F6:AF:49
Certificate issuer:       /CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Certificate serial:       1A
Authority key identifier: 87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/47DEF09E101811EE94B009544AD9E6FC.roa
Signing time:             Wed 21 Jun 2023 09:44:57 +0000
ROA not before:           Wed 21 Jun 2023 09:44:53 +0000
ROA not after:            Fri 21 Jun 2024 09:44:53 +0000
asID:                     37684
IP address blocks:        2c0f:f408:2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26 (0x1a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
        Validity
            Not Before: Jun 21 09:44:53 2023 GMT
            Not After : Jun 21 09:44:53 2024 GMT
        Subject: CN=6492c699-0926
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:12:fd:3c:d0:41:79:72:fe:d9:c1:f8:9f:d4:
                    47:1e:ce:da:6d:4f:08:f8:32:b3:16:3b:e9:7a:ed:
                    df:b7:98:4e:0e:99:90:56:a9:81:e3:92:7e:0b:74:
                    9f:17:f8:20:ac:a9:cc:46:1b:a3:f2:24:55:8e:02:
                    f5:61:2d:3e:b9:1d:32:5b:0f:3e:48:93:91:3c:1c:
                    16:b2:2f:40:85:8c:19:a2:93:b6:61:74:1d:f3:64:
                    45:22:37:7b:27:c5:56:23:1a:34:16:e4:6f:4c:4f:
                    29:6d:4a:f0:c6:a8:ea:2b:77:82:80:af:3d:2d:3f:
                    73:c2:51:d0:43:03:c3:82:95:e6:cc:93:fc:18:cc:
                    8f:fb:2f:2f:d4:c3:67:c4:ac:9d:07:5b:88:ab:52:
                    7c:d2:b3:c3:3c:4c:af:ed:82:30:ca:28:40:5c:d0:
                    e2:07:6a:e0:47:79:cc:40:1e:9a:36:8a:ab:b6:7d:
                    bf:e0:05:b7:ec:4e:dc:fd:4a:9f:36:56:60:b9:fc:
                    86:6f:c9:8b:f8:54:ad:5d:a6:6b:2c:f2:ee:4b:ad:
                    05:8d:34:33:42:d7:f1:a9:bb:45:7c:73:5f:04:c3:
                    ee:a6:d2:e1:3f:fb:57:35:20:a6:75:59:12:31:b3:
                    84:79:c4:d4:bb:c8:b3:6c:45:ce:2d:f3:e9:0f:f8:
                    a3:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:AB:57:1F:53:D4:61:5A:F4:94:19:1E:BE:14:88:02:11:F6:AF:49
            X509v3 Authority Key Identifier:
                keyid:87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/47DEF09E101811EE94B009544AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f408:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:11:ff:fd:f9:c3:e8:8d:eb:b8:b1:ea:81:b9:ca:c5:ed:af:
         ba:e5:f0:03:fd:79:8d:25:f4:33:a8:8c:5a:3f:0a:6b:54:0b:
         20:7c:9b:ca:c2:c5:15:b8:98:e1:a5:f0:4c:c7:26:fb:3d:d2:
         60:3b:61:04:7a:5c:fa:64:9c:e7:2b:47:35:af:38:8b:73:69:
         54:86:d3:a3:be:bf:ec:2b:44:bc:71:4e:7d:9f:7a:88:0b:2b:
         a2:55:89:aa:52:f8:4d:8a:35:ec:82:ef:bb:45:ee:56:aa:a8:
         ac:a0:67:26:b3:b6:9f:1e:d0:2f:96:be:2d:c3:d0:f1:ae:c9:
         00:89:91:ee:6c:0d:73:c2:41:06:02:c0:b4:f7:a8:18:11:54:
         32:6b:ef:69:d1:a8:95:7f:65:ad:9a:38:0d:5d:36:5b:4e:98:
         99:d5:fe:96:01:b7:9d:9e:f4:54:79:38:03:b1:36:06:aa:87:
         44:22:89:bf:7a:ca:2d:d5:71:6f:b6:09:e7:44:de:75:e8:c2:
         f0:0e:e3:bb:a0:a2:12:a2:2e:4b:34:11:d3:b0:d0:1b:05:91:
         77:09:fa:ca:c8:34:8a:73:a0:1d:b9:ba:f7:c6:1e:15:e1:5b:
         89:60:d9:81:2b:aa:fb:9d:ee:48:be:6c:cd:ca:7b:c4:4f:70:
         18:0e:f9:89
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBGjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
MkI4Q0FGMTEwLwYDVQQFEyg4NzIxMzBFNjlCM0ZCODAzNUIxQjI1RDNGNkZCOTc0
QTJBMDc4RUNDMB4XDTIzMDYyMTA5NDQ1M1oXDTI0MDYyMTA5NDQ1M1owGDEWMBQG
A1UEAxMNNjQ5MmM2OTktMDkyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoS/TzQQXly/tnB+J/URx7O2m1PCPgysxY76Xrt37eYTg6ZkFapgeOSfgt0
nxf4IKypzEYbo/IkVY4C9WEtPrkdMlsPPkiTkTwcFrIvQIWMGaKTtmF0HfNkRSI3
eyfFViMaNBbkb0xPKW1K8Mao6it3goCvPS0/c8JR0EMDw4KV5syT/BjMj/svL9TD
Z8SsnQdbiKtSfNKzwzxMr+2CMMooQFzQ4gdq4Ed5zEAemjaKq7Z9v+AFt+xO3P1K
nzZWYLn8hm/Ji/hUrV2mayzy7kutBY00M0LX8am7RXxzXwTD7qbS4T/7VzUgpnVZ
EjGzhHnE1LvIs2xFzi3z6Q/4o2cCAwEAAaOCAqgwggKkMB0GA1UdDgQWBBSTq1cf
U9RhWvSUGR6+FIgCEfavSTAfBgNVHSMEGDAWgBSHITDmmz+4A1sbJdP2+5dKKgeO
zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTJCOEMvQzhGOURGMUUwQjYyMTFFRTg2MkQ4NjhBNEFEOUU2RkMvaHlFdzVw
c191QU5iR3lYVDl2dVhTaW9IanN3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaHlFdzVwc191QU5iR3lYVDl2dVhTaW9IanN3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTJCOEMvQzhGOURGMUUwQjYyMTFFRTg2MkQ4NjhBNEFE
OUU2RkMvNDdERUYwOUUxMDE4MTFFRTk0QjAwOTU0NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACwP9AgAAjANBgkqhkiG9w0B
AQsFAAOCAQEADBH//fnD6I3ruLHqgbnKxe2vuuXwA/15jSX0M6iMWj8Ka1QLIHyb
ysLFFbiY4aXwTMcm+z3SYDthBHpc+mSc5ytHNa84i3NpVIbTo76/7CtEvHFOfZ96
iAsrolWJqlL4TYo17ILvu0XuVqqorKBnJrO2nx7QL5a+LcPQ8a7JAImR7mwNc8JB
BgLAtPeoGBFUMmvvadGolX9lrZo4DV02W06YmdX+lgG3nZ70VHk4A7E2BqqHRCKJ
v3rKLdVxb7YJ50TedejC8A7ju6CiEqIuSzQR07DQGwWRdwn6ysg0inOgHbm698Ye
FeFbiWDZgSuq+53uSL5szcp7xE9wGA75iQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:29 2024 by rpki-client on console-fra.rpki-client.org