Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/64DCEAF6B4AA11EA9C29961EF8AEA228.roa
File:                     64DCEAF6B4AA11EA9C29961EF8AEA228.roa (raw, json)
Hash identifier:          d/4OnBDyWSejLXwa+f/dKrVlxUkVeUHuXDdPCuQ7oCY=
Subject key identifier:   52:D6:9B:06:E2:EB:20:FF:FB:32:A5:97:A0:01:6F:0F:C6:8F:2E:C6
Certificate issuer:       /CN=F36FDDEEAF/serialNumber=2CD31C3C251F5EDA183F938E7FCB3A4A1DBA89DD
Certificate serial:       0A
Authority key identifier: 2C:D3:1C:3C:25:1F:5E:DA:18:3F:93:8E:7F:CB:3A:4A:1D:BA:89:DD
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/64DCEAF6B4AA11EA9C29961EF8AEA228.roa
Signing time:             Mon 22 Jun 2020 17:04:12 +0000
ROA not before:           Mon 22 Jun 2020 17:04:01 +0000
ROA not after:            Sun 22 Jun 2025 17:04:01 +0000
asID:                     29465
IP address blocks:        2c0f:f5c0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10 (0xa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FDDEEAF/serialNumber=2CD31C3C251F5EDA183F938E7FCB3A4A1DBA89DD
        Validity
            Not Before: Jun 22 17:04:01 2020 GMT
            Not After : Jun 22 17:04:01 2025 GMT
        Subject: CN=5ef0e48c-c73c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:94:de:d9:a2:12:8c:c6:12:90:de:75:83:7f:
                    8e:fe:1b:95:18:47:27:d5:fd:58:3d:38:6d:04:40:
                    d6:71:2a:2b:36:62:e7:f6:18:19:83:df:94:fc:ac:
                    dd:de:58:13:31:bf:87:77:af:dd:52:f1:20:73:67:
                    fd:04:c4:df:2d:31:bb:19:ed:b5:6b:a2:4e:44:10:
                    7b:57:02:8f:88:be:f0:45:3e:95:12:65:b1:28:34:
                    c5:41:bd:d0:22:73:d5:29:8a:2f:fd:c6:f9:99:77:
                    b3:0c:dd:dd:cd:3b:de:1d:6f:a0:50:0c:69:12:6d:
                    12:26:f2:83:49:4b:9b:ad:ed:88:8e:45:ef:74:57:
                    64:ea:c4:b0:a5:ce:93:26:f4:ce:2b:37:c2:68:28:
                    c9:17:d0:ef:5c:a0:e8:05:b9:5b:38:c6:92:f7:f7:
                    52:f3:70:2a:3e:c2:46:76:bf:e9:f4:03:ca:5b:0f:
                    e4:53:19:22:08:de:f6:66:47:08:57:b1:bb:02:6c:
                    57:82:7e:d8:9c:9a:18:76:cc:fa:5e:da:4b:36:12:
                    0f:53:76:af:48:1e:61:0b:52:b0:a3:04:f9:13:50:
                    7e:e3:52:31:5c:3f:7f:99:d9:bb:1c:7d:e9:40:89:
                    dd:72:51:9a:3c:84:04:e3:e8:aa:d7:c4:66:ca:f5:
                    b2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:D6:9B:06:E2:EB:20:FF:FB:32:A5:97:A0:01:6F:0F:C6:8F:2E:C6
            X509v3 Authority Key Identifier:
                keyid:2C:D3:1C:3C:25:1F:5E:DA:18:3F:93:8E:7F:CB:3A:4A:1D:BA:89:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/64DCEAF6B4AA11EA9C29961EF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f5c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         aa:40:13:80:4f:fb:1c:b8:a5:2a:fa:99:a1:57:a2:e1:8f:64:
         9f:ee:9c:40:ec:82:ac:4d:54:44:28:07:26:d5:80:03:a8:3e:
         f2:e8:11:2d:53:c8:e3:83:40:00:1a:2c:b2:1c:f6:f8:d0:f4:
         24:3b:84:70:b8:db:1f:00:77:37:c7:d4:43:b4:51:85:88:30:
         fb:cd:9d:a4:84:dd:ba:1f:3b:16:97:c6:32:b6:c3:c0:73:f7:
         a9:5f:36:0b:03:d7:ae:99:54:b7:2d:3e:e7:91:3f:59:88:d5:
         de:f9:c3:f3:15:22:db:90:e0:d4:49:60:4e:ce:06:ba:d5:43:
         c4:2f:73:46:f5:6f:c0:6c:65:d3:f4:af:06:6d:5d:4c:e0:0a:
         8a:52:8c:4c:92:92:d8:d5:0e:20:a8:b2:58:ed:19:94:08:df:
         e2:4c:09:96:de:fd:3f:85:49:ef:10:35:2d:5e:9d:9c:92:2f:
         69:20:02:62:2c:55:58:49:9a:53:8d:15:02:d0:9b:88:59:4d:
         5f:71:58:b4:f5:84:42:c5:b7:c1:12:06:1b:46:88:b3:f6:24:
         ad:a0:63:2d:e5:25:9e:b3:a5:77:27:ff:b0:b4:ff:f8:3d:76:
         fe:dc:52:f0:61:1e:fe:25:18:00:0a:6d:d6:d8:2b:e9:a5:0b:
         d6:a2:93:dc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
RERFRUFGMTEwLwYDVQQFEygyQ0QzMUMzQzI1MUY1RURBMTgzRjkzOEU3RkNCM0E0
QTFEQkE4OUREMB4XDTIwMDYyMjE3MDQwMVoXDTI1MDYyMjE3MDQwMVowGDEWMBQG
A1UEAxMNNWVmMGU0OGMtYzczYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuU3tmiEozGEpDedYN/jv4blRhHJ9X9WD04bQRA1nEqKzZi5/YYGYPflPys
3d5YEzG/h3ev3VLxIHNn/QTE3y0xuxnttWuiTkQQe1cCj4i+8EU+lRJlsSg0xUG9
0CJz1SmKL/3G+Zl3swzd3c073h1voFAMaRJtEibyg0lLm63tiI5F73RXZOrEsKXO
kyb0zis3wmgoyRfQ71yg6AW5WzjGkvf3UvNwKj7CRna/6fQDylsP5FMZIgje9mZH
CFexuwJsV4J+2JyaGHbM+l7aSzYSD1N2r0geYQtSsKME+RNQfuNSMVw/f5nZuxx9
6UCJ3XJRmjyEBOPoqtfEZsr1smUCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBRS1psG
4usg//sypZegAW8Pxo8uxjAfBgNVHSMEGDAWgBQs0xw8JR9e2hg/k45/yzpKHbqJ
3TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkRERUUvMjE0QzVBRUNCNDlCMTFFQUEzRjYxRjBGRjhBRUEyMjgvTE5NY1BD
VWZYdG9ZUDVPT2Y4czZTaDI2aWQwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTE5NY1BDVWZYdG9ZUDVPT2Y4czZTaDI2aWQwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkRERUUvMjE0QzVBRUNCNDlCMTFFQUEzRjYxRjBGRjhB
RUEyMjgvNjREQ0VBRjZCNEFBMTFFQTlDMjk5NjFFRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP9cAwDQYJKoZIhvcNAQEL
BQADggEBAKpAE4BP+xy4pSr6maFXouGPZJ/unEDsgqxNVEQoBybVgAOoPvLoES1T
yOODQAAaLLIc9vjQ9CQ7hHC42x8AdzfH1EO0UYWIMPvNnaSE3bofOxaXxjK2w8Bz
96lfNgsD166ZVLctPueRP1mI1d75w/MVItuQ4NRJYE7OBrrVQ8Qvc0b1b8BsZdP0
rwZtXUzgCopSjEySktjVDiCosljtGZQI3+JMCZbe/T+FSe8QNS1enZySL2kgAmIs
VVhJmlONFQLQm4hZTV9xWLT1hELFt8ESBhtGiLP2JK2gYy3lJZ6zpXcn/7C0//g9
dv7cUvBhHv4lGAAKbdbYK+mlC9aik9w=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:52:58 2024 by rpki-client on console-fra.rpki-client.org