Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/4878D636D0AD11EE83841A71775412E6.roa
File:                     4878D636D0AD11EE83841A71775412E6.roa (raw, json)
Hash identifier:          teHteoMLh3MGFj3j7DZR8LzH/AUkKIkH0KASUuXnQSY=
Subject key identifier:   E4:95:7F:69:D7:27:0A:A9:6C:14:42:8A:8A:99:75:CA:4A:19:D5:9E
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0F69
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/4878D636D0AD11EE83841A71775412E6.roa
Signing time:             Wed 21 Feb 2024 11:35:16 +0000
ROA not before:           Wed 21 Feb 2024 11:35:13 +0000
ROA not after:            Sat 21 Feb 2026 11:35:13 +0000
asID:                     61317
IP address blocks:        102.165.63.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3945 (0xf69)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Feb 21 11:35:13 2024 GMT
            Not After : Feb 21 11:35:13 2026 GMT
        Subject: CN=65d5dff4-a29b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:04:5a:ef:2d:bb:11:dc:9e:ba:db:97:c3:c0:
                    9c:41:e4:5d:2a:d5:5a:b7:78:08:cb:5e:97:4f:2e:
                    74:1e:47:82:5a:3a:ed:59:88:77:89:3b:92:b3:6e:
                    85:57:a9:26:ab:65:94:58:85:92:70:8d:9c:1a:9e:
                    da:ae:83:c9:4b:55:2c:75:20:25:f4:2e:97:8c:b0:
                    98:98:67:e6:43:06:cc:05:15:fb:56:6a:8a:c7:2e:
                    07:44:e3:41:bd:65:78:f9:62:e2:e6:db:1b:a0:b9:
                    9c:cc:a0:7a:27:89:40:8d:db:a0:67:07:9a:34:20:
                    b7:e6:e7:47:7b:f2:f7:0c:e4:73:5f:0e:f8:cc:ba:
                    88:dd:92:32:4f:0f:37:f8:89:77:f3:f9:23:f8:b1:
                    0f:5d:64:a7:97:9d:01:47:11:a5:26:47:62:e1:11:
                    a3:40:de:76:8e:17:33:6e:a1:3d:06:38:72:33:e0:
                    68:f5:eb:60:11:74:38:85:77:25:0c:71:46:73:80:
                    39:e1:b8:5a:25:e4:50:80:82:c7:c3:1f:36:af:0d:
                    ea:f7:e7:b9:a2:9c:59:17:f0:1b:5a:3a:53:92:b8:
                    ab:d7:99:d6:ac:ca:0a:da:b4:c0:6b:a3:1e:42:35:
                    26:e0:cc:6d:3d:d7:37:27:69:ed:3c:16:e5:32:0d:
                    fc:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:95:7F:69:D7:27:0A:A9:6C:14:42:8A:8A:99:75:CA:4A:19:D5:9E
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/4878D636D0AD11EE83841A71775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.165.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:26:34:16:10:70:62:63:22:44:48:f4:d1:2b:38:63:3c:56:
         db:a5:e9:21:a0:c5:45:0d:7b:69:e0:4b:91:71:91:9f:8f:85:
         58:31:60:23:f4:55:e9:1f:ae:c0:fb:d0:3a:09:7d:2f:5d:ad:
         cb:25:45:b6:e3:ea:ca:ce:dc:14:cb:70:20:f6:c9:59:ec:30:
         a3:dc:71:34:22:6c:84:28:80:19:0b:eb:de:b1:c8:79:9d:e4:
         2d:0c:08:ee:6d:af:f8:85:b9:f3:1c:fb:d0:7b:17:d6:66:26:
         a9:33:44:ea:32:44:2f:44:d9:78:79:35:c5:df:f9:f7:74:36:
         a8:ea:b3:24:05:a1:1f:09:e9:c4:81:08:f1:d1:fe:b2:a1:56:
         5b:e1:c4:ba:11:a4:9b:c3:be:05:dc:1d:a4:00:9b:83:f0:b8:
         dd:d9:6e:97:94:ac:c2:f0:88:97:be:01:65:eb:a2:e6:2c:14:
         12:71:89:9f:ca:04:fe:e3:0f:1c:53:7f:7f:6a:80:70:d6:ee:
         a2:c8:58:46:a9:cd:fd:6a:82:b2:7b:69:d7:27:2a:b3:61:da:
         4b:97:c6:8d:1d:c2:a4:9b:74:4e:b8:8a:bb:da:de:d8:d8:ce:
         2a:90:f5:c2:f1:7e:04:1a:af:5e:48:1d:01:b9:05:86:07:bb:
         5b:6f:0c:4d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD2kwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDAyMjExMTM1MTNaFw0yNjAyMjExMTM1MTNaMBgxFjAU
BgNVBAMTDTY1ZDVkZmY0LWEyOWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDBBFrvLbsR3J6625fDwJxB5F0q1Vq3eAjLXpdPLnQeR4JaOu1ZiHeJO5Kz
boVXqSarZZRYhZJwjZwantqug8lLVSx1ICX0LpeMsJiYZ+ZDBswFFftWaorHLgdE
40G9ZXj5YuLm2xuguZzMoHoniUCN26BnB5o0ILfm50d78vcM5HNfDvjMuojdkjJP
Dzf4iXfz+SP4sQ9dZKeXnQFHEaUmR2LhEaNA3naOFzNuoT0GOHIz4Gj162ARdDiF
dyUMcUZzgDnhuFol5FCAgsfDHzavDer357minFkX8BtaOlOSuKvXmdasygratMBr
ox5CNSbgzG091zcnae08FuUyDfw7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU5JV/
adcnCqlsFEKKipl1ykoZ1Z4wHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzQ4NzhENjM2RDBBRDExRUU4Mzg0MUE3MTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmpT8wDQYJKoZIhvcNAQEL
BQADggEBAJMmNBYQcGJjIkRI9NErOGM8Vtul6SGgxUUNe2ngS5FxkZ+PhVgxYCP0
VekfrsD70DoJfS9drcslRbbj6srO3BTLcCD2yVnsMKPccTQibIQogBkL696xyHmd
5C0MCO5tr/iFufMc+9B7F9ZmJqkzROoyRC9E2Xh5NcXf+fd0NqjqsyQFoR8J6cSB
CPHR/rKhVlvhxLoRpJvDvgXcHaQAm4PwuN3ZbpeUrMLwiJe+AWXrouYsFBJxiZ/K
BP7jDxxTf39qgHDW7qLIWEapzf1qgrJ7adcnKrNh2kuXxo0dwqSbdE64irva3tjY
ziqQ9cLxfgQar15IHQG5BYYHu1tvDE0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:16 2024 by rpki-client on console-fra.rpki-client.org