Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/21E6535ECEF511EEA509BBA6775412E6.roa
File:                     21E6535ECEF511EEA509BBA6775412E6.roa (raw, json)
Hash identifier:          oMhlzbXJlyQ3cUF9v9iPbgaQzhmJ4cOLIQKu83OVqd0=
Subject key identifier:   02:19:E2:73:7A:B0:B6:EE:7A:D6:19:FB:43:38:7A:AF:A0:66:62:CC
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0F54
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/21E6535ECEF511EEA509BBA6775412E6.roa
Signing time:             Mon 19 Feb 2024 07:04:33 +0000
ROA not before:           Mon 19 Feb 2024 07:04:29 +0000
ROA not after:            Thu 19 Feb 2026 07:04:29 +0000
asID:                     62390
IP address blocks:        102.129.246.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3924 (0xf54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Feb 19 07:04:29 2024 GMT
            Not After : Feb 19 07:04:29 2026 GMT
        Subject: CN=65d2fd81-d3ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4f:b3:91:f9:a9:f7:05:d0:b7:2f:ca:05:89:
                    29:dd:b8:a0:8e:41:d3:d2:56:61:5b:4b:82:15:01:
                    a3:86:34:c5:a8:20:a3:96:bf:47:98:40:3f:ba:d4:
                    f1:a3:cc:87:9c:23:ae:6b:d7:14:26:10:49:df:8f:
                    97:54:9d:7f:98:df:f0:b6:67:09:2f:ff:a3:f3:00:
                    80:a5:93:6b:89:fa:f0:e1:60:72:7c:ca:91:04:4a:
                    c4:65:98:b6:b8:39:6f:9c:05:12:45:bb:eb:55:c8:
                    3e:d6:38:55:f7:7d:c6:c2:3b:9d:01:4d:45:b0:da:
                    86:8c:2f:3a:1b:23:0d:5d:d2:7b:57:17:0e:c0:e2:
                    4e:6e:c0:5c:31:32:e8:50:32:43:ea:5d:36:ee:f9:
                    27:33:24:11:2e:8b:e6:8c:2d:94:99:38:67:37:2a:
                    f4:6a:34:08:69:8d:fa:15:1e:ac:aa:f9:60:80:2e:
                    49:18:f6:5a:e6:ca:2d:a3:7b:be:35:ae:fc:d4:3e:
                    6a:96:16:58:dc:aa:b2:58:0f:d5:ed:0d:20:c7:76:
                    62:15:15:97:ce:85:12:83:cd:99:cb:b5:26:5d:a3:
                    6d:20:43:c2:ee:a5:fa:09:64:91:02:64:64:58:60:
                    85:9c:79:8b:01:cf:d9:d0:af:7e:41:2c:69:84:5f:
                    5d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:19:E2:73:7A:B0:B6:EE:7A:D6:19:FB:43:38:7A:AF:A0:66:62:CC
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/21E6535ECEF511EEA509BBA6775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:c5:1c:12:0e:4d:96:af:b0:e9:4d:6a:c6:f4:62:44:dd:4c:
         83:1f:27:66:09:4b:2b:95:97:3e:65:39:ce:a5:2a:93:f7:53:
         e8:ea:7e:e2:82:a9:87:fd:96:b5:77:21:8a:b5:71:3e:ab:3c:
         24:7f:23:db:7b:ce:57:b9:52:ce:eb:51:6f:ba:04:c5:f4:f4:
         b8:46:94:66:90:78:3f:05:23:4f:2e:1e:14:35:0f:7a:86:e3:
         d7:25:4f:85:1e:73:e7:41:cb:98:a0:64:55:fe:11:2a:68:51:
         c6:4c:55:47:03:30:62:85:94:b0:4b:0f:d2:47:fc:52:b8:c8:
         cc:52:a0:6d:e4:78:a7:cc:db:6c:90:78:84:b1:59:a9:c7:00:
         fe:9b:ac:d8:10:35:38:de:d7:60:c5:a3:0e:5e:d9:0e:a0:3e:
         12:73:e0:96:a8:67:4e:8a:40:09:3f:a5:73:ba:f9:bf:18:68:
         1b:48:48:7c:2b:e9:5a:35:79:8d:50:0c:a7:80:19:cb:40:cc:
         c2:15:44:aa:21:4d:f0:d3:01:5f:82:2e:42:dc:37:28:a4:a3:
         16:b0:2f:ec:80:6e:9f:38:5a:13:54:11:c8:41:31:68:7b:a2:
         31:30:dc:d5:1c:a8:39:fc:85:cb:73:68:ee:e9:95:35:75:92:
         f0:59:64:7e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD1QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDAyMTkwNzA0MjlaFw0yNjAyMTkwNzA0MjlaMBgxFjAU
BgNVBAMTDTY1ZDJmZDgxLWQzZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3T7OR+an3BdC3L8oFiSnduKCOQdPSVmFbS4IVAaOGNMWoIKOWv0eYQD+6
1PGjzIecI65r1xQmEEnfj5dUnX+Y3/C2Zwkv/6PzAIClk2uJ+vDhYHJ8ypEESsRl
mLa4OW+cBRJFu+tVyD7WOFX3fcbCO50BTUWw2oaMLzobIw1d0ntXFw7A4k5uwFwx
MuhQMkPqXTbu+SczJBEui+aMLZSZOGc3KvRqNAhpjfoVHqyq+WCALkkY9lrmyi2j
e741rvzUPmqWFljcqrJYD9XtDSDHdmIVFZfOhRKDzZnLtSZdo20gQ8LupfoJZJEC
ZGRYYIWceYsBz9nQr35BLGmEX12fAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUAhni
c3qwtu561hn7Qzh6r6BmYswwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzIxRTY1MzVFQ0VGNTExRUVBNTA5QkJBNjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgfYwDQYJKoZIhvcNAQEL
BQADggEBAH7FHBIOTZavsOlNasb0YkTdTIMfJ2YJSyuVlz5lOc6lKpP3U+jqfuKC
qYf9lrV3IYq1cT6rPCR/I9t7zle5Us7rUW+6BMX09LhGlGaQeD8FI08uHhQ1D3qG
49clT4Uec+dBy5igZFX+ESpoUcZMVUcDMGKFlLBLD9JH/FK4yMxSoG3keKfM22yQ
eISxWanHAP6brNgQNTje12DFow5e2Q6gPhJz4JaoZ06KQAk/pXO6+b8YaBtISHwr
6Vo1eY1QDKeAGctAzMIVRKohTfDTAV+CLkLcNyikoxawL+yAbp84WhNUEchBMWh7
ojEw3NUcqDn8hctzaO7plTV1kvBZZH4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:24 2024 by rpki-client on console-ams.rpki-client.org