Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/75D2D8D4F97011EE859A1368017001B1.roa
File:                     75D2D8D4F97011EE859A1368017001B1.roa (raw, json)
Hash identifier:          bwc/n1hXxT4eIOnOsdAqlgts+dQ1yGrKUH/wQMpIbso=
Subject key identifier:   0A:B9:2C:06:FE:1E:34:33:6C:49:09:FC:76:9F:E4:85:89:43:10:33
Certificate issuer:       /CN=F36BF59BAF/serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
Certificate serial:       4D
Authority key identifier: E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/75D2D8D4F97011EE859A1368017001B1.roa
Signing time:             Sat 13 Apr 2024 08:33:10 +0000
ROA not before:           Sat 13 Apr 2024 08:33:07 +0000
ROA not after:            Tue 01 Apr 2025 08:33:07 +0000
asID:                     37739
IP address blocks:        102.209.242.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 77 (0x4d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BF59BAF/serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
        Validity
            Not Before: Apr 13 08:33:07 2024 GMT
            Not After : Apr  1 08:33:07 2025 GMT
        Subject: CN=661a4346-605a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:dc:65:e5:c1:5b:a5:00:7b:c4:14:51:fb:26:
                    71:68:20:4c:d9:d3:2f:74:22:3f:82:09:87:cb:8d:
                    cd:b8:be:62:7e:04:98:f5:3f:b6:77:7b:38:7b:91:
                    24:6d:31:df:a1:37:9d:7c:e2:16:c8:da:84:a8:a7:
                    4f:6e:be:f7:92:cc:5d:3a:4d:89:62:40:e3:96:d5:
                    f9:f8:f3:90:b1:c4:1b:6c:35:06:b4:f9:8c:7b:0a:
                    38:cc:4f:01:e4:bd:94:46:2f:ff:1b:a1:8d:4d:1e:
                    9d:35:73:75:fd:95:2c:2c:16:b8:e9:42:5f:7e:32:
                    39:63:73:7d:ab:3e:82:fc:79:24:8a:cd:4f:37:18:
                    bf:d3:56:41:3e:e5:cc:81:c0:29:5b:30:80:a5:d7:
                    68:6d:ed:5c:60:70:02:6e:4f:e5:b1:75:f7:0d:7f:
                    c6:5d:84:64:42:18:38:da:a8:41:4b:e7:72:e7:a5:
                    ca:3a:6b:e0:b7:70:0d:14:95:2b:b4:fb:7d:e4:5a:
                    83:3f:0d:b1:26:76:4f:8c:4c:4d:74:b6:60:ec:1a:
                    a1:2b:b6:32:2f:47:14:e9:30:45:18:5e:9b:0b:f0:
                    55:2f:11:f1:14:9a:83:cf:6b:fc:03:51:0b:2a:e3:
                    6c:7c:33:a7:44:2e:ee:b6:eb:85:54:87:06:e8:a9:
                    f1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:B9:2C:06:FE:1E:34:33:6C:49:09:FC:76:9F:E4:85:89:43:10:33
            X509v3 Authority Key Identifier:
                keyid:E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/75D2D8D4F97011EE859A1368017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c2:1b:e7:84:1f:38:4a:8a:6b:4c:55:8e:4b:93:ec:0c:dd:7c:
         09:09:9a:e6:ae:5b:21:be:63:d3:73:bb:3b:68:26:3b:0f:71:
         d2:80:ee:e6:a7:de:ae:2c:74:16:d5:f6:6a:68:59:54:41:6b:
         94:38:dd:bb:4d:a3:4f:4f:f8:51:7f:6f:a6:9a:14:9e:a8:0a:
         eb:8f:b3:1d:4e:a4:93:8c:cf:6c:90:a6:19:d3:16:a5:5b:60:
         fc:27:1e:2c:94:ca:33:b6:d1:01:6a:eb:c5:58:35:b5:32:54:
         c4:d3:d7:d7:2a:0a:0f:f0:5d:68:74:fb:09:b5:08:30:de:d6:
         cb:bf:5a:af:6f:a0:ca:64:be:bf:9d:d2:b1:ee:f2:a9:aa:0d:
         a7:a3:d8:a7:43:af:5c:48:30:cc:b4:12:7f:63:21:8b:fe:c8:
         09:6b:36:e8:89:49:94:a2:c7:aa:23:f9:6d:c2:95:71:95:b0:
         63:b9:bf:19:37:d3:3d:87:cf:2f:36:15:8f:de:89:ee:ad:3e:
         22:17:29:7e:5d:c4:86:05:b1:17:63:53:f9:22:0c:68:6c:2b:
         73:54:28:f0:82:58:6b:36:46:eb:be:4a:9a:d0:94:82:34:08:
         03:fa:7a:ee:84:d6:15:78:da:ca:68:5c:88:27:f9:c5:ff:ba:
         50:7f:4d:ee
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBTTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
RjU5QkFGMTEwLwYDVQQFEyhFMDM2QUUwOEZFMDM0MTZGNTg4ODdBOUQxOTVEQkZE
ODZBMjU2MDNDMB4XDTI0MDQxMzA4MzMwN1oXDTI1MDQwMTA4MzMwN1owGDEWMBQG
A1UEAxMNNjYxYTQzNDYtNjA1YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOjcZeXBW6UAe8QUUfsmcWggTNnTL3QiP4IJh8uNzbi+Yn4EmPU/tnd7OHuR
JG0x36E3nXziFsjahKinT26+95LMXTpNiWJA45bV+fjzkLHEG2w1BrT5jHsKOMxP
AeS9lEYv/xuhjU0enTVzdf2VLCwWuOlCX34yOWNzfas+gvx5JIrNTzcYv9NWQT7l
zIHAKVswgKXXaG3tXGBwAm5P5bF19w1/xl2EZEIYONqoQUvncuelyjpr4LdwDRSV
K7T7feRagz8NsSZ2T4xMTXS2YOwaoSu2Mi9HFOkwRRhemwvwVS8R8RSag89r/ANR
CyrjbHwzp0Qu7rbrhVSHBuip8VMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQKuSwG
/h40M2xJCfx2n+SFiUMQMzAfBgNVHSMEGDAWgBTgNq4I/gNBb1iIep0ZXb/YaiVg
PDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkY1OUIvNEFBQUEyMTRDNzUxMTFFRUEwMkVCMzkyNzc1NDEyRTYvNERhdUNQ
NERRVzlZaUhxZEdWMl8yR29sWUR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNERhdUNQNERRVzlZaUhxZEdWMl8yR29sWUR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkY1OUIvNEFBQUEyMTRDNzUxMTFFRUEwMkVCMzkyNzc1
NDEyRTYvNzVEMkQ4RDRGOTcwMTFFRTg1OUExMzY4MDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbR8jANBgkqhkiG9w0BAQsF
AAOCAQEAwhvnhB84SoprTFWOS5PsDN18CQma5q5bIb5j03O7O2gmOw9x0oDu5qfe
rix0FtX2amhZVEFrlDjdu02jT0/4UX9vppoUnqgK64+zHU6kk4zPbJCmGdMWpVtg
/CceLJTKM7bRAWrrxVg1tTJUxNPX1yoKD/BdaHT7CbUIMN7Wy79ar2+gymS+v53S
se7yqaoNp6PYp0OvXEgwzLQSf2Mhi/7ICWs26IlJlKLHqiP5bcKVcZWwY7m/GTfT
PYfPLzYVj96J7q0+Ihcpfl3EhgWxF2NT+SIMaGwrc1Qo8IJYazZG675KmtCUgjQI
A/p67oTWFXjaymhciCf5xf+6UH9N7g==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:28 2024 by rpki-client on console-fra.rpki-client.org