Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/2027B3FCBEA911EE992A65BC775412E6.roa
File:                     2027B3FCBEA911EE992A65BC775412E6.roa (raw, json)
Hash identifier:          govcD5sR2yJWCYrEozEBzG6TFJptEd6fxcH+UyxA72c=
Subject key identifier:   F1:25:46:1B:B4:F3:BA:79:75:DF:BD:80:83:D3:2F:9D:95:1E:02:DA
Certificate issuer:       /CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Certificate serial:       26
Authority key identifier: CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/2027B3FCBEA911EE992A65BC775412E6.roa
Signing time:             Mon 29 Jan 2024 13:20:09 +0000
ROA not before:           Mon 29 Jan 2024 13:20:06 +0000
ROA not after:            Thu 29 Jan 2026 13:20:06 +0000
asID:                     21003
IP address blocks:        102.68.128.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38 (0x26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
        Validity
            Not Before: Jan 29 13:20:06 2024 GMT
            Not After : Jan 29 13:20:06 2026 GMT
        Subject: CN=65b7a609-00cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:4e:8e:c3:95:6d:ba:2d:8e:5b:1d:bf:60:cb:
                    10:67:d4:fd:df:5b:a0:4b:85:89:46:90:65:59:f9:
                    98:1b:50:03:50:66:37:fb:5d:f5:fc:23:bc:c3:f6:
                    6d:0d:a5:61:1a:87:52:5f:fb:d9:99:18:5b:7f:0a:
                    d6:95:a7:c7:61:71:3d:09:3a:f0:71:fb:0b:07:63:
                    eb:25:c8:c9:a0:c1:78:6a:32:88:af:ae:73:4f:0a:
                    10:f5:90:9d:38:5b:11:52:18:13:64:1e:3c:e8:14:
                    85:1f:9f:96:77:69:81:55:f1:fe:e0:ba:df:8d:d3:
                    f4:db:b9:d9:8e:de:47:69:53:5b:95:e1:5b:b5:24:
                    ff:ae:40:70:89:2f:9d:77:51:58:3c:da:38:68:a5:
                    6f:07:c5:5a:8e:ae:2c:93:c9:33:ba:61:fc:13:07:
                    0c:0e:3e:c2:56:f0:1c:37:c5:4a:38:e6:da:08:61:
                    8f:b2:32:17:05:e2:c1:06:61:86:65:f4:db:37:ea:
                    bc:0b:7d:7f:fc:3c:d2:56:6c:af:70:ba:1a:e5:c4:
                    ec:5f:74:2d:f0:38:ca:72:80:fa:f0:e3:03:86:a2:
                    60:40:10:12:2b:f5:14:fc:86:cc:e6:dd:11:95:bb:
                    d9:4f:ca:ce:81:8c:9e:a9:8a:e0:af:71:bf:dd:ea:
                    28:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:25:46:1B:B4:F3:BA:79:75:DF:BD:80:83:D3:2F:9D:95:1E:02:DA
            X509v3 Authority Key Identifier:
                keyid:CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/2027B3FCBEA911EE992A65BC775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.68.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:81:91:48:b7:6e:9d:29:f6:d2:a4:8a:58:da:b7:00:a7:69:
         a1:5a:79:3a:a9:d2:79:91:f4:6f:37:a9:a2:59:b9:fb:6a:0a:
         6e:c4:6a:82:34:b9:11:23:10:97:1d:2b:7b:48:b3:f9:74:62:
         5b:e8:f3:34:61:7c:9e:2f:9e:8f:3e:a1:51:5b:85:70:db:ae:
         73:aa:a7:b5:eb:d8:68:ce:c8:e1:29:df:38:a5:d6:18:ee:79:
         18:02:bf:af:05:5e:25:eb:b7:6e:b1:ae:79:9d:64:6a:41:f9:
         3e:68:ea:ec:f3:7c:bf:47:a7:a9:2b:90:5f:1d:2e:2d:6f:e3:
         e6:a0:58:71:d7:f7:b0:e1:e9:3f:c3:b4:e1:2c:1c:62:15:82:
         25:ff:a8:fd:92:ae:fb:c2:9e:74:bc:e6:3d:ff:00:b6:38:92:
         71:bc:67:43:78:48:e1:9a:92:14:7b:6f:10:86:01:08:d8:9a:
         03:8c:9e:86:db:d1:2e:4a:b6:82:74:03:bd:d0:7c:97:56:28:
         a5:8f:e3:b1:20:68:bb:5a:ef:80:c5:a6:e7:aa:e1:73:fb:42:
         33:cf:84:56:fc:ac:59:1a:91:be:bf:81:89:59:5d:98:8a:b0:
         5b:e0:cf:a8:df:60:29:73:2a:53:40:e1:7f:ed:40:2c:09:53:
         19:ce:95:e5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MTRBQUFGMTEwLwYDVQQFEyhDRDUyMzJCNjNDNkE4MzI5OTBDODY3MDdDQjczOUJE
QzA0REI5QTU5MB4XDTI0MDEyOTEzMjAwNloXDTI2MDEyOTEzMjAwNlowGDEWMBQG
A1UEAxMNNjViN2E2MDktMDBjZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO1OjsOVbbotjlsdv2DLEGfU/d9boEuFiUaQZVn5mBtQA1BmN/td9fwjvMP2
bQ2lYRqHUl/72ZkYW38K1pWnx2FxPQk68HH7Cwdj6yXIyaDBeGoyiK+uc08KEPWQ
nThbEVIYE2QePOgUhR+flndpgVXx/uC6343T9Nu52Y7eR2lTW5XhW7Uk/65AcIkv
nXdRWDzaOGilbwfFWo6uLJPJM7ph/BMHDA4+wlbwHDfFSjjm2ghhj7IyFwXiwQZh
hmX02zfqvAt9f/w80lZsr3C6GuXE7F90LfA4ynKA+vDjA4aiYEAQEiv1FPyGzObd
EZW72U/KzoGMnqmK4K9xv93qKJMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTxJUYb
tPO6eXXfvYCD0y+dlR4C2jAfBgNVHSMEGDAWgBTNUjK2PGqDKZDIZwfLc5vcBNua
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1NDEyRTYvelZJeXRq
eHFneW1ReUdjSHkzT2IzQVRibWxrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvelZJeXRqeHFneW1ReUdjSHkzT2IzQVRibWxrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1
NDEyRTYvMjAyN0IzRkNCRUE5MTFFRTk5MkE2NUJDNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGZEgDANBgkqhkiG9w0BAQsF
AAOCAQEAN4GRSLdunSn20qSKWNq3AKdpoVp5OqnSeZH0bzepolm5+2oKbsRqgjS5
ESMQlx0re0iz+XRiW+jzNGF8ni+ejz6hUVuFcNuuc6qntevYaM7I4SnfOKXWGO55
GAK/rwVeJeu3brGueZ1kakH5Pmjq7PN8v0enqSuQXx0uLW/j5qBYcdf3sOHpP8O0
4SwcYhWCJf+o/ZKu+8KedLzmPf8AtjiScbxnQ3hI4ZqSFHtvEIYBCNiaA4yehtvR
Lkq2gnQDvdB8l1YopY/jsSBou1rvgMWm56rhc/tCM8+EVvysWRqRvr+BiVldmIqw
W+DPqN9gKXMqU0Dhf+1ALAlTGc6V5Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org