Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/572846F6628C11EEA2EE4B7E4AD9E6FC.roa
File:                     572846F6628C11EEA2EE4B7E4AD9E6FC.roa (raw, json)
Hash identifier:          W4OIkmJnCYDhO47G6+FTwgMtlP0ApUa3hMXcU4POZYU=
Subject key identifier:   BA:9A:DF:91:E9:72:E8:F9:D3:AC:47:D7:59:82:CA:16:A9:E2:7A:05
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0DA2
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/572846F6628C11EEA2EE4B7E4AD9E6FC.roa
Signing time:             Wed 04 Oct 2023 08:02:19 +0000
ROA not before:           Wed 04 Oct 2023 08:02:16 +0000
ROA not after:            Sat 04 Oct 2025 08:02:16 +0000
asID:                     834
IP address blocks:        102.129.206.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3490 (0xda2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Oct  4 08:02:16 2023 GMT
            Not After : Oct  4 08:02:16 2025 GMT
        Subject: CN=651d1c0b-c3f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:5e:cf:66:b8:7f:e7:0b:64:91:bd:dd:8b:da:
                    22:f5:7e:b8:91:2c:2e:55:b4:3b:8c:57:2f:21:25:
                    6d:68:9b:d8:53:1e:e3:5e:13:93:cd:1f:e4:70:e7:
                    0d:06:72:cc:1d:e6:c7:ae:a3:b8:fb:eb:62:ef:53:
                    e2:6f:ab:da:0d:fb:0c:47:52:bc:e3:17:bc:b4:69:
                    30:72:5d:49:fa:2e:d9:6d:2b:9e:8e:d0:38:3d:36:
                    ba:05:e9:47:12:9a:87:bb:ff:09:54:1c:9d:1d:24:
                    3a:31:74:ea:cb:e7:1d:ea:0d:65:09:30:7c:40:44:
                    36:87:23:cd:3e:da:57:97:52:d3:46:0d:a6:98:f3:
                    a3:1a:18:8c:8b:c2:bc:38:e9:fa:6d:1b:48:c3:69:
                    30:2d:40:96:a5:44:17:f7:4d:52:9e:c6:26:01:e3:
                    7d:fa:11:f6:d2:d4:c2:88:05:79:90:29:6f:1f:59:
                    0a:ed:46:d7:28:e4:c8:2c:8a:bf:04:dd:9d:8a:c5:
                    47:ce:f3:e8:3d:e0:15:8d:fd:9a:d4:15:95:47:10:
                    f7:b4:c5:87:78:74:d0:86:b0:e4:8d:b7:c5:9e:db:
                    da:94:a3:9f:5a:28:b4:d7:fe:1d:e1:b3:3a:62:e8:
                    68:62:a6:c8:f3:8f:1a:10:55:6e:31:72:c2:e3:ce:
                    29:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:9A:DF:91:E9:72:E8:F9:D3:AC:47:D7:59:82:CA:16:A9:E2:7A:05
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/572846F6628C11EEA2EE4B7E4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         47:a1:f4:bf:b5:f1:ad:a8:cc:51:ef:ac:ad:17:95:d2:9a:13:
         12:24:a5:30:9f:61:3c:bd:81:ab:d4:7f:50:e5:5d:86:9a:2b:
         52:c3:a0:db:18:94:e2:65:b3:01:fa:dc:28:70:43:87:37:1a:
         1e:12:a8:8d:d1:67:10:df:02:37:e6:09:ca:31:15:c5:4b:c8:
         12:f4:7f:cf:ff:97:3d:a4:f9:d0:7a:87:4a:13:75:59:91:44:
         84:01:25:68:e5:92:6d:85:51:1a:2f:92:9c:c9:fd:af:6a:9c:
         95:ac:ef:a5:89:ea:10:7b:fc:29:9d:ff:8d:85:ca:69:d9:d5:
         e4:a5:9e:e4:68:10:ef:34:8b:ce:a5:1f:e9:fe:f8:e5:63:c4:
         01:13:33:fe:f1:38:8f:07:28:ba:a6:e6:21:73:a7:4a:cd:35:
         a2:08:85:83:a6:72:4e:0c:80:02:31:3b:41:eb:76:1d:3d:8b:
         e4:ce:b2:2a:f0:fe:75:06:02:7c:2a:f7:6a:4b:f5:73:b5:3c:
         e8:50:f8:64:83:af:18:f4:68:7e:16:e7:ce:c6:00:90:11:15:
         57:96:e9:52:86:7c:63:22:ac:ca:b5:85:51:bc:50:8c:24:02:
         77:91:70:34:f2:30:90:25:a0:e6:03:fb:11:69:75:f6:e7:7a:
         ee:e9:0e:fb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDaIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzEwMDQwODAyMTZaFw0yNTEwMDQwODAyMTZaMBgxFjAU
BgNVBAMTDTY1MWQxYzBiLWMzZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLXs9muH/nC2SRvd2L2iL1friRLC5VtDuMVy8hJW1om9hTHuNeE5PNH+Rw
5w0Gcswd5seuo7j762LvU+Jvq9oN+wxHUrzjF7y0aTByXUn6LtltK56O0Dg9NroF
6UcSmoe7/wlUHJ0dJDoxdOrL5x3qDWUJMHxARDaHI80+2leXUtNGDaaY86MaGIyL
wrw46fptG0jDaTAtQJalRBf3TVKexiYB4336EfbS1MKIBXmQKW8fWQrtRtco5Mgs
ir8E3Z2KxUfO8+g94BWN/ZrUFZVHEPe0xYd4dNCGsOSNt8We29qUo59aKLTX/h3h
szpi6GhipsjzjxoQVW4xcsLjzinFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUuprf
kely6PnTrEfXWYLKFqniegUwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzU3Mjg0NkY2NjI4QzExRUVBMkVFNEI3RTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFmgc4wDQYJKoZIhvcNAQEL
BQADggEBAEeh9L+18a2ozFHvrK0XldKaExIkpTCfYTy9gavUf1DlXYaaK1LDoNsY
lOJlswH63ChwQ4c3Gh4SqI3RZxDfAjfmCcoxFcVLyBL0f8//lz2k+dB6h0oTdVmR
RIQBJWjlkm2FURovkpzJ/a9qnJWs76WJ6hB7/Cmd/42FymnZ1eSlnuRoEO80i86l
H+n++OVjxAETM/7xOI8HKLqm5iFzp0rNNaIIhYOmck4MgAIxO0Hrdh09i+TOsirw
/nUGAnwq92pL9XO1POhQ+GSDrxj0aH4W587GAJARFVeW6VKGfGMirMq1hVG8UIwk
AneRcDTyMJAloOYD+xFpdfbneu7pDvs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:59 2024 by rpki-client on console-ams.rpki-client.org