Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/08C544981C4811EFBA18A22B7DDC24C2.roa
File:                     08C544981C4811EFBA18A22B7DDC24C2.roa (raw, json)
Hash identifier:          tqhwIQRYgFOkg1i0m9P867NgozM8wyM/qc2l8ldhExg=
Subject key identifier:   4F:39:46:37:14:C8:06:51:E2:34:1B:B6:A3:43:17:EC:33:C8:43:7F
Certificate issuer:       /CN=F36C2BF2AF/serialNumber=FB85E08E5DBB05C95B7BD0DA7E5FE6FCE39826FF
Certificate serial:       05
Authority key identifier: FB:85:E0:8E:5D:BB:05:C9:5B:7B:D0:DA:7E:5F:E6:FC:E3:98:26:FF
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/08C544981C4811EFBA18A22B7DDC24C2.roa
Signing time:             Mon 27 May 2024 16:41:58 +0000
ROA not before:           Tue 28 May 2024 16:41:55 +0000
ROA not after:            Thu 28 May 2026 16:41:55 +0000
asID:                     37517
IP address blocks:        102.209.52.0/22 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C2BF2AF/serialNumber=FB85E08E5DBB05C95B7BD0DA7E5FE6FCE39826FF
        Validity
            Not Before: May 28 16:41:55 2024 GMT
            Not After : May 28 16:41:55 2026 GMT
        Subject: CN=6654b7d6-8d9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:fc:9f:ec:48:58:57:25:0e:f4:0c:11:c7:96:
                    a0:19:d8:41:ae:08:d2:c8:a0:4c:24:41:89:7a:aa:
                    74:d7:f7:bf:8e:d4:05:e7:5c:71:1c:90:b6:8d:b4:
                    d5:9f:95:a6:21:b4:34:8e:22:85:60:92:fd:cb:99:
                    82:f5:a2:05:c3:1b:ba:c8:6a:94:af:33:fd:b4:11:
                    45:6e:d6:ed:bd:b0:ec:21:8e:29:50:4e:db:a3:59:
                    87:d7:66:47:ae:d6:fb:40:6d:57:84:b9:0c:9c:63:
                    00:cf:ca:d0:4f:68:89:c4:c9:67:7d:b3:3f:e8:8d:
                    54:40:1c:7c:e9:94:d8:0f:79:c2:e8:1b:b3:f8:6b:
                    83:b0:0d:52:3a:ac:6b:8a:9d:6b:a4:33:c2:22:e3:
                    4b:64:94:db:cc:37:c4:2f:ce:45:bd:14:49:f6:b0:
                    e0:78:ff:1e:74:ec:a7:ca:77:1c:85:cc:f3:7a:54:
                    5a:c8:44:91:31:14:f5:27:01:42:1c:3f:d4:a9:8b:
                    7f:3a:dd:ee:02:a6:33:2d:93:66:31:0d:e3:f5:31:
                    a6:1c:97:84:00:d2:3b:7c:38:1f:9b:86:0c:e8:03:
                    4b:6b:d2:d7:a0:b0:cf:c3:f3:bd:1a:f9:a8:57:00:
                    5f:a6:c4:63:77:40:e3:26:c0:02:8a:58:e9:c4:b7:
                    2a:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:39:46:37:14:C8:06:51:E2:34:1B:B6:A3:43:17:EC:33:C8:43:7F
            X509v3 Authority Key Identifier:
                keyid:FB:85:E0:8E:5D:BB:05:C9:5B:7B:D0:DA:7E:5F:E6:FC:E3:98:26:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/-4Xgjl27Bclbe9Dafl_m_OOYJv8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/-4Xgjl27Bclbe9Dafl_m_OOYJv8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C2BF2/DABAB87E19EC11EFBCBF5E2C017001B1/08C544981C4811EFBA18A22B7DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:ba:31:35:5d:ff:a4:87:6a:59:0b:be:a9:09:06:8e:b8:91:
         d8:1c:04:48:4f:97:c5:18:ab:08:b5:cc:3f:af:8c:30:f1:9e:
         3a:0b:8a:49:d6:82:71:c9:ae:2b:d8:6c:d3:6b:13:3b:f2:d4:
         25:eb:80:8c:46:77:2d:55:99:49:3e:46:d2:64:f8:3c:43:83:
         f8:fe:78:ad:d2:fd:4c:06:ed:a4:19:78:c4:59:64:f5:10:1e:
         b4:6c:4d:cb:3c:7a:a9:3e:97:ab:8c:d7:26:b5:f3:c8:98:37:
         62:f7:08:17:cf:b1:ed:ec:38:83:f0:e9:c2:0c:26:19:25:c0:
         f1:89:3d:01:58:27:89:62:fc:f1:bb:c0:82:d2:f0:d8:be:5e:
         e7:00:2c:77:44:43:49:c6:95:40:a5:e4:30:92:2c:58:78:a9:
         82:50:80:b0:c9:65:aa:54:50:7d:45:cd:38:61:b0:92:82:08:
         4e:c0:9a:64:ac:18:fa:14:ca:69:23:ba:d3:89:84:e9:a1:4c:
         c5:96:24:24:67:60:b9:6a:b3:d9:d3:56:f9:d0:31:fb:f5:61:
         f4:10:3e:e3:13:3f:e4:d5:4e:a0:ee:70:77:00:f7:ee:4e:5e:
         80:65:9f:2a:b7:e2:20:d8:1a:27:66:e7:b0:cf:e0:09:3e:c8:
         7b:85:7a:c4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MkJGMkFGMTEwLwYDVQQFEyhGQjg1RTA4RTVEQkIwNUM5NUI3QkQwREE3RTVGRTZG
Q0UzOTgyNkZGMB4XDTI0MDUyODE2NDE1NVoXDTI2MDUyODE2NDE1NVowGDEWMBQG
A1UEAxMNNjY1NGI3ZDYtOGQ5ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMn8n+xIWFclDvQMEceWoBnYQa4I0sigTCRBiXqqdNf3v47UBedccRyQto20
1Z+VpiG0NI4ihWCS/cuZgvWiBcMbushqlK8z/bQRRW7W7b2w7CGOKVBO26NZh9dm
R67W+0BtV4S5DJxjAM/K0E9oicTJZ32zP+iNVEAcfOmU2A95wugbs/hrg7ANUjqs
a4qda6QzwiLjS2SU28w3xC/ORb0USfaw4Hj/HnTsp8p3HIXM83pUWshEkTEU9ScB
Qhw/1KmLfzrd7gKmMy2TZjEN4/UxphyXhADSO3w4H5uGDOgDS2vS16Cwz8PzvRr5
qFcAX6bEY3dA4ybAAopY6cS3KskCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRPOUY3
FMgGUeI0G7ajQxfsM8hDfzAfBgNVHSMEGDAWgBT7heCOXbsFyVt70Np+X+b845gm
/zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzJCRjIvREFCQUI4N0UxOUVDMTFFRkJDQkY1RTJDMDE3MDAxQjEvLTRYZ2ps
MjdCY2xiZTlEYWZsX21fT09ZSnY4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvLTRYZ2psMjdCY2xiZTlEYWZsX21fT09ZSnY4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzJCRjIvREFCQUI4N0UxOUVDMTFFRkJDQkY1RTJDMDE3
MDAxQjEvMDhDNTQ0OTgxQzQ4MTFFRkJBMThBMjJCN0REQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbRNDANBgkqhkiG9w0BAQsF
AAOCAQEABLoxNV3/pIdqWQu+qQkGjriR2BwESE+XxRirCLXMP6+MMPGeOguKSdaC
ccmuK9hs02sTO/LUJeuAjEZ3LVWZST5G0mT4PEOD+P54rdL9TAbtpBl4xFlk9RAe
tGxNyzx6qT6Xq4zXJrXzyJg3YvcIF8+x7ew4g/DpwgwmGSXA8Yk9AVgniWL88bvA
gtLw2L5e5wAsd0RDScaVQKXkMJIsWHipglCAsMllqlRQfUXNOGGwkoIITsCaZKwY
+hTKaSO604mE6aFMxZYkJGdguWqz2dNW+dAx+/Vh9BA+4xM/5NVOoO5wdwD37k5e
gGWfKrfiINgaJ2bnsM/gCT7Ie4V6xA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org