Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/2FE3701062BF11EE86189D1D4AD9E6FC.roa
File:                     2FE3701062BF11EE86189D1D4AD9E6FC.roa (raw, json)
Hash identifier:          4XNwqqFFojOIdWp/hX4jAaTj8rf+DAh5Jcb7vQRiPTo=
Subject key identifier:   7B:DE:88:FF:4B:48:48:AE:1E:0C:D0:E8:BE:99:01:E4:05:CB:53:92
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0DA4
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/2FE3701062BF11EE86189D1D4AD9E6FC.roa
Signing time:             Wed 04 Oct 2023 14:06:18 +0000
ROA not before:           Wed 04 Oct 2023 14:06:14 +0000
ROA not after:            Sat 04 Oct 2025 14:06:14 +0000
asID:                     212609
IP address blocks:        102.165.3.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3492 (0xda4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Oct  4 14:06:14 2023 GMT
            Not After : Oct  4 14:06:14 2025 GMT
        Subject: CN=651d715a-dbaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:bd:26:cd:37:65:91:fe:5c:f3:b9:33:ee:cc:
                    1a:ce:b8:47:8f:13:c0:1e:18:ab:46:ee:97:b7:2a:
                    35:41:a9:26:3f:51:01:85:4b:8b:6a:6e:12:ca:08:
                    f4:d5:5c:45:4d:29:0e:40:27:d2:37:53:6c:1c:4d:
                    3a:a1:c2:3d:30:5e:7a:b2:67:2c:84:04:1c:49:5b:
                    47:bf:0c:4d:f6:58:5e:21:8e:35:cd:93:65:77:cc:
                    f0:31:c7:72:30:c1:ae:3f:1b:2e:16:47:de:41:21:
                    8c:d2:ad:14:c1:46:a5:78:20:31:9d:d2:06:04:3a:
                    e9:48:de:b5:2b:33:4e:b1:f6:63:10:c9:60:21:4e:
                    0a:ad:d8:5b:29:cd:95:c0:ac:12:39:51:cd:c8:6f:
                    6a:80:43:7d:a3:d0:00:f9:2f:c4:cf:14:d1:8b:cb:
                    5c:09:33:46:9a:ed:dd:3b:5c:17:58:2f:cc:fc:16:
                    04:d0:d9:88:98:c5:63:0b:f5:79:2e:38:fc:22:cf:
                    26:e7:e8:e0:90:ad:c5:5a:7a:8d:b5:36:98:d1:00:
                    4e:0d:a6:5c:d8:91:6d:44:b0:04:a4:3e:d9:91:72:
                    87:06:53:20:24:79:65:fa:f7:9c:7d:e5:49:45:9f:
                    10:81:e5:e6:2f:6e:d1:b8:03:d2:38:83:a9:08:e2:
                    64:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:DE:88:FF:4B:48:48:AE:1E:0C:D0:E8:BE:99:01:E4:05:CB:53:92
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/2FE3701062BF11EE86189D1D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.165.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:20:e4:15:ec:a8:46:2a:71:2d:cd:ef:3f:91:90:a8:7f:da:
         1c:c3:7e:82:b1:2c:33:2c:0d:6b:a4:e1:25:30:1d:f6:e7:74:
         fe:67:4c:4d:7f:99:ba:e6:ef:57:f6:10:47:e2:06:44:f2:f1:
         da:9d:9f:bc:58:a8:4f:3d:df:51:53:8a:e8:b2:a9:0a:6b:0c:
         c5:73:60:f6:4d:09:0f:8f:61:01:85:90:12:2b:19:a4:a9:27:
         a1:8a:10:4c:38:7a:df:67:67:78:23:6e:49:7f:bd:42:82:83:
         53:ba:d8:78:df:d2:15:37:03:f0:7f:a6:d8:f5:ce:7b:c2:42:
         58:a1:bd:cc:58:d6:73:31:aa:1e:ce:63:8a:b9:32:82:07:3f:
         cd:de:27:e1:96:1a:56:a6:73:f5:72:5a:00:45:9a:22:2c:15:
         ee:74:9d:06:d2:b9:5d:4e:de:95:dd:a0:cb:bd:08:8b:0e:c1:
         79:ce:7d:22:bf:bb:86:be:7d:7d:9c:45:d9:4b:95:cb:17:44:
         0b:63:9f:b9:32:a0:87:43:93:74:71:eb:52:1b:ba:6c:cc:fa:
         c0:b2:0f:6a:dc:53:cb:19:ba:5f:d3:78:d8:6e:d9:5a:ed:71:
         fc:b1:33:70:54:7e:e3:bf:84:31:ff:19:8c:07:23:49:94:43:
         b3:41:63:31
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDaQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzEwMDQxNDA2MTRaFw0yNTEwMDQxNDA2MTRaMBgxFjAU
BgNVBAMTDTY1MWQ3MTVhLWRiYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9vSbNN2WR/lzzuTPuzBrOuEePE8AeGKtG7pe3KjVBqSY/UQGFS4tqbhLK
CPTVXEVNKQ5AJ9I3U2wcTTqhwj0wXnqyZyyEBBxJW0e/DE32WF4hjjXNk2V3zPAx
x3Iwwa4/Gy4WR95BIYzSrRTBRqV4IDGd0gYEOulI3rUrM06x9mMQyWAhTgqt2Fsp
zZXArBI5Uc3Ib2qAQ32j0AD5L8TPFNGLy1wJM0aa7d07XBdYL8z8FgTQ2YiYxWML
9XkuOPwizybn6OCQrcVaeo21NpjRAE4NplzYkW1EsASkPtmRcocGUyAkeWX695x9
5UlFnxCB5eYvbtG4A9I4g6kI4mRFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUe96I
/0tISK4eDNDovpkB5AXLU5IwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzJGRTM3MDEwNjJCRjExRUU4NjE4OUQxRDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmpQMwDQYJKoZIhvcNAQEL
BQADggEBAIsg5BXsqEYqcS3N7z+RkKh/2hzDfoKxLDMsDWuk4SUwHfbndP5nTE1/
mbrm71f2EEfiBkTy8dqdn7xYqE8931FTiuiyqQprDMVzYPZNCQ+PYQGFkBIrGaSp
J6GKEEw4et9nZ3gjbkl/vUKCg1O62Hjf0hU3A/B/ptj1znvCQlihvcxY1nMxqh7O
Y4q5MoIHP83eJ+GWGlamc/VyWgBFmiIsFe50nQbSuV1O3pXdoMu9CIsOwXnOfSK/
u4a+fX2cRdlLlcsXRAtjn7kyoIdDk3Rx61IbumzM+sCyD2rcU8sZul/TeNhu2Vrt
cfyxM3BUfuO/hDH/GYwHI0mUQ7NBYzE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:15 2024 by rpki-client on console-fra.rpki-client.org