Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/02CDCE42E6C011EEB705499D775412E6.roa
File:                     02CDCE42E6C011EEB705499D775412E6.roa (raw, json)
Hash identifier:          yXJAJoa6s/DhCcBI+fHo+Er2WrRdt2+rFEEWwABc+1c=
Subject key identifier:   2A:1E:DA:FF:EC:1A:96:DB:00:BD:79:F5:28:F8:5D:98:EA:FC:CB:1B
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0FE2
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/02CDCE42E6C011EEB705499D775412E6.roa
Signing time:             Wed 20 Mar 2024 13:44:45 +0000
ROA not before:           Wed 20 Mar 2024 13:44:40 +0000
ROA not after:            Fri 20 Mar 2026 13:44:40 +0000
asID:                     133337
IP address blocks:        102.129.168.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4066 (0xfe2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Mar 20 13:44:40 2024 GMT
            Not After : Mar 20 13:44:40 2026 GMT
        Subject: CN=65fae84d-4433
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0f:ba:58:4b:45:1c:1d:b0:b8:67:ae:20:2f:
                    1a:12:05:98:fa:1e:09:5f:1e:04:fa:56:93:12:33:
                    70:ca:f4:40:f2:53:24:e9:ef:b1:6b:bc:6b:35:1f:
                    32:4b:6b:9c:7e:57:a2:63:9c:9d:d8:13:75:98:70:
                    9a:e0:5d:d6:79:6c:47:42:90:6e:03:f0:c2:10:79:
                    43:f4:60:b8:3e:e8:42:0e:d2:fb:5c:e5:6c:35:a3:
                    1d:72:00:43:f5:97:d3:8a:df:95:4b:75:c9:6d:ec:
                    c0:82:9c:58:53:ba:0f:82:1a:c5:f5:fd:d3:a6:e1:
                    55:9c:f1:6f:ca:9d:3f:e0:fc:e4:85:02:79:3f:cf:
                    d5:03:fa:ed:61:e1:e3:fb:f4:94:bf:a9:40:09:e9:
                    23:ad:35:45:3f:8d:49:26:5c:69:e8:a1:ae:0f:a5:
                    db:a8:8c:ba:c5:4e:09:c5:50:e8:55:e1:d2:10:88:
                    df:e9:48:e9:c6:83:17:9e:08:e2:2f:47:4b:80:8b:
                    45:d8:16:ca:a0:8e:0b:2c:75:6c:53:b2:50:0d:0c:
                    29:a2:1f:4a:62:fb:02:7b:c2:cf:93:19:99:b6:5a:
                    64:81:d2:e6:2f:b3:21:10:5a:3e:7b:53:85:12:bd:
                    6e:e6:93:d1:84:f9:da:95:1a:2e:94:df:de:3d:b8:
                    c5:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:1E:DA:FF:EC:1A:96:DB:00:BD:79:F5:28:F8:5D:98:EA:FC:CB:1B
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/02CDCE42E6C011EEB705499D775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:82:f7:a1:a4:88:8d:8a:38:cb:ce:24:8d:0e:26:cb:9f:b0:
         07:a9:78:89:42:a4:82:f1:40:66:bb:b0:22:1d:72:55:81:81:
         b0:4c:51:e0:9f:fb:93:01:53:34:52:0b:2f:1d:99:5c:29:59:
         d6:00:ef:9c:6d:5e:7d:58:72:52:ed:28:4c:85:3d:35:74:1c:
         3a:cd:42:fd:88:c9:e2:6d:db:8e:ca:9b:f5:4b:60:6c:de:a2:
         e6:0b:42:6b:cc:99:97:82:63:cc:a5:fb:90:78:33:e5:8a:7d:
         8a:2f:7b:bf:2b:8c:fe:bc:89:d4:d6:bb:3f:56:8d:8a:e4:8a:
         e3:c8:ed:cd:36:dc:26:a2:ec:38:34:fe:76:db:fd:f7:f6:43:
         22:d7:cc:c2:be:96:11:90:92:45:57:6c:55:dc:13:30:53:b3:
         8c:38:b8:a2:f6:31:fb:29:98:1d:b8:36:fb:62:57:87:65:99:
         b6:8e:6d:91:cc:d2:40:ab:7a:c4:3c:bc:97:1b:dc:b5:0b:c7:
         a1:0b:ca:87:82:d8:4e:bd:52:b1:78:1b:34:d1:73:84:4f:9d:
         4d:13:5d:58:3a:a8:27:97:55:73:2e:e0:6c:cc:56:fa:30:f8:
         c1:af:9c:93:91:80:e1:b3:ba:3c:b9:60:e5:37:e8:69:62:89:
         6e:ca:7b:fc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD+IwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDAzMjAxMzQ0NDBaFw0yNjAzMjAxMzQ0NDBaMBgxFjAU
BgNVBAMTDTY1ZmFlODRkLTQ0MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5D7pYS0UcHbC4Z64gLxoSBZj6HglfHgT6VpMSM3DK9EDyUyTp77FrvGs1
HzJLa5x+V6JjnJ3YE3WYcJrgXdZ5bEdCkG4D8MIQeUP0YLg+6EIO0vtc5Ww1ox1y
AEP1l9OK35VLdclt7MCCnFhTug+CGsX1/dOm4VWc8W/KnT/g/OSFAnk/z9UD+u1h
4eP79JS/qUAJ6SOtNUU/jUkmXGnooa4PpduojLrFTgnFUOhV4dIQiN/pSOnGgxee
COIvR0uAi0XYFsqgjgssdWxTslANDCmiH0pi+wJ7ws+TGZm2WmSB0uYvsyEQWj57
U4USvW7mk9GE+dqVGi6U3949uMXlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKh7a
/+waltsAvXn1KPhdmOr8yxswHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzAyQ0RDRTQyRTZDMDExRUVCNzA1NDk5RDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgagwDQYJKoZIhvcNAQEL
BQADggEBAFCC96GkiI2KOMvOJI0OJsufsAepeIlCpILxQGa7sCIdclWBgbBMUeCf
+5MBUzRSCy8dmVwpWdYA75xtXn1YclLtKEyFPTV0HDrNQv2IyeJt247Km/VLYGze
ouYLQmvMmZeCY8yl+5B4M+WKfYove78rjP68idTWuz9WjYrkiuPI7c023Cai7Dg0
/nbb/ff2QyLXzMK+lhGQkkVXbFXcEzBTs4w4uKL2MfspmB24NvtiV4dlmbaObZHM
0kCresQ8vJcb3LULx6ELyoeC2E69UrF4GzTRc4RPnU0TXVg6qCeXVXMu4GzMVvow
+MGvnJORgOGzujy5YOU36GliiW7Ke/w=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:15 2024 by rpki-client on console-fra.rpki-client.org