Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1B7CAF2CB42F11EDBB885380F1222468.roa
File:                     1B7CAF2CB42F11EDBB885380F1222468.roa (raw, json)
Hash identifier:          DXE859YtfKZEy4c2Z+R+Gatc1p2SSVorJvmYI7d2rvY=
Subject key identifier:   EE:E5:F9:95:93:CD:30:F5:C9:EA:F2:9E:A2:8B:B7:66:E5:8E:40:C1
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0A8A
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1B7CAF2CB42F11EDBB885380F1222468.roa
Signing time:             Fri 24 Feb 2023 10:36:34 +0000
ROA not before:           Fri 24 Feb 2023 10:36:30 +0000
ROA not after:            Sat 22 Feb 2025 10:36:30 +0000
asID:                     61317
IP address blocks:        102.129.224.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2698 (0xa8a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Feb 24 10:36:30 2023 GMT
            Not After : Feb 22 10:36:30 2025 GMT
        Subject: CN=63f89332-a662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:61:86:ad:ef:c1:93:eb:7e:e2:e0:09:a2:e6:
                    da:c5:b0:26:41:33:e8:c8:e4:c7:11:83:39:98:d4:
                    a4:2b:e4:41:53:e9:a1:c8:ff:27:0d:b4:fd:e3:14:
                    6b:8d:84:28:e3:f0:c3:65:6d:70:bb:2b:98:72:cf:
                    c5:33:8b:ec:0e:15:3e:5b:15:1f:3a:21:4d:2f:3c:
                    15:97:71:5b:41:ed:ec:39:e1:3c:46:0c:f0:37:fe:
                    2a:89:7f:08:19:b2:7e:4b:6f:cc:ee:95:3f:e0:74:
                    5f:5c:87:f0:0c:6a:a4:36:94:78:9f:ad:67:53:b4:
                    87:3f:49:15:a2:b0:05:a2:31:aa:75:82:03:bd:f9:
                    9a:d7:de:94:f0:b0:02:56:82:dc:3d:b7:1b:07:27:
                    a7:9a:49:18:f4:1e:39:d5:25:d8:80:6a:d0:71:51:
                    ae:dc:5d:f9:2d:6f:08:64:54:0a:17:ec:15:30:c2:
                    4e:16:3e:47:12:ee:6b:03:f1:24:8e:c2:b8:11:eb:
                    0d:fa:df:25:99:20:fb:31:e7:d9:56:24:e6:b8:31:
                    2e:b4:06:98:db:da:d1:b7:30:d0:12:f4:b2:ec:cc:
                    4e:80:18:37:93:53:c8:05:3b:a1:c9:73:d9:3c:52:
                    86:da:33:d5:f6:c5:c6:ca:0d:b3:ae:14:5b:f6:44:
                    8b:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:E5:F9:95:93:CD:30:F5:C9:EA:F2:9E:A2:8B:B7:66:E5:8E:40:C1
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1B7CAF2CB42F11EDBB885380F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:f5:9b:d3:d8:d5:15:f2:72:c9:36:0d:e3:ea:88:f5:29:31:
         fa:d0:20:63:31:4a:cf:04:52:41:95:77:4c:eb:67:d7:fc:bd:
         5d:6e:ee:88:fc:a2:b4:e6:e1:cd:e0:43:17:5b:86:69:6b:5e:
         66:29:78:0a:ea:8e:1b:83:23:c2:41:6c:b5:df:88:e8:24:92:
         a6:d9:1d:05:41:f5:3a:c2:7e:ee:3b:2d:4a:df:d1:62:b7:4d:
         84:7f:8b:0e:19:54:89:e2:65:95:e3:ff:04:8a:59:f9:a1:71:
         4d:e7:fc:dd:d2:d0:be:49:a1:ec:2c:20:32:63:f4:08:1c:97:
         55:ba:88:5a:1a:c7:15:eb:f4:77:ab:6b:9f:0b:44:5a:05:0e:
         6f:d0:88:32:99:a2:55:7e:a8:d7:27:71:90:f2:93:72:79:a6:
         36:b6:4f:99:e2:c6:24:c1:61:f8:7f:ff:c3:95:33:47:74:c5:
         6e:8a:ba:ac:ba:3e:25:2c:af:76:68:52:a0:f5:dc:7e:58:f9:
         b1:79:61:c4:64:f9:50:2e:7f:e0:2f:43:91:d3:f5:01:6a:27:
         2d:ab:a7:2d:87:5e:3a:89:68:6a:13:c8:60:05:e6:dd:ae:78:
         e5:bc:02:23:f6:da:23:c9:81:9b:23:82:1d:ff:e4:3a:7f:f6:
         1b:c1:21:ef
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCoowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzAyMjQxMDM2MzBaFw0yNTAyMjIxMDM2MzBaMBgxFjAU
BgNVBAMMDTYzZjg5MzMyLWE2NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQChYYat78GT637i4Ami5trFsCZBM+jI5McRgzmY1KQr5EFT6aHI/ycNtP3j
FGuNhCjj8MNlbXC7K5hyz8Uzi+wOFT5bFR86IU0vPBWXcVtB7ew54TxGDPA3/iqJ
fwgZsn5Lb8zulT/gdF9ch/AMaqQ2lHifrWdTtIc/SRWisAWiMap1ggO9+ZrX3pTw
sAJWgtw9txsHJ6eaSRj0HjnVJdiAatBxUa7cXfktbwhkVAoX7BUwwk4WPkcS7msD
8SSOwrgR6w363yWZIPsx59lWJOa4MS60Bpjb2tG3MNAS9LLszE6AGDeTU8gFO6HJ
c9k8UobaM9X2xcbKDbOuFFv2RIs/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU7uX5
lZPNMPXJ6vKeoou3ZuWOQMEwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzFCN0NBRjJDQjQyRjExRURCQjg4NTM4MEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgeAwDQYJKoZIhvcNAQEL
BQADggEBAHH1m9PY1RXycsk2DePqiPUpMfrQIGMxSs8EUkGVd0zrZ9f8vV1u7oj8
orTm4c3gQxdbhmlrXmYpeArqjhuDI8JBbLXfiOgkkqbZHQVB9TrCfu47LUrf0WK3
TYR/iw4ZVIniZZXj/wSKWfmhcU3n/N3S0L5JoewsIDJj9Agcl1W6iFoaxxXr9Her
a58LRFoFDm/QiDKZolV+qNcncZDyk3J5pja2T5nixiTBYfh//8OVM0d0xW6Kuqy6
PiUsr3ZoUqD13H5Y+bF5YcRk+VAuf+AvQ5HT9QFqJy2rpy2HXjqJaGoTyGAF5t2u
eOW8AiP22iPJgZsjgh3/5Dp/9hvBIe8=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:19:15 2024 by rpki-client on console-ams.rpki-client.org