Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/64E0346870A411EE8FD38E6A4AD9E6FC.roa
File:                     64E0346870A411EE8FD38E6A4AD9E6FC.roa (raw, json)
Hash identifier:          XdHYaC5wwN4BPKULUX/bRwWsIZMFXW+r6Gi4ly9IHfM=
Subject key identifier:   E3:EB:7F:C3:ED:BE:1F:2D:E7:7D:B1:BA:F8:D3:17:58:22:20:62:2C
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0E00
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/64E0346870A411EE8FD38E6A4AD9E6FC.roa
Signing time:             Sun 22 Oct 2023 06:29:47 +0000
ROA not before:           Sun 22 Oct 2023 06:29:42 +0000
ROA not after:            Wed 22 Oct 2025 06:29:42 +0000
asID:                     20473
IP address blocks:        102.129.136.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3584 (0xe00)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Oct 22 06:29:42 2023 GMT
            Not After : Oct 22 06:29:42 2025 GMT
        Subject: CN=6534c15a-aede
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ae:c4:b3:ee:c5:3c:54:cf:0b:97:32:26:1a:
                    fa:74:0b:e6:9e:9f:e7:6c:0a:c4:bd:07:42:5f:b8:
                    0f:0f:b7:9c:5c:3a:08:0f:49:22:7e:c1:6f:47:11:
                    1b:ba:f8:62:5d:7a:99:fa:f6:e9:b5:7e:5d:38:7f:
                    bd:47:47:a3:95:2c:47:f7:d2:7f:49:3d:66:19:73:
                    09:50:a1:60:e4:4a:ca:68:1f:2f:4f:d4:68:61:32:
                    1b:50:24:75:0e:ce:63:e0:39:fd:30:a5:bf:85:6c:
                    69:fb:fd:85:fa:5e:a5:79:9a:47:ed:77:be:99:25:
                    30:06:a9:49:bb:f5:a3:ac:25:47:0b:e2:1a:0c:7c:
                    c9:d9:fc:52:fe:93:37:bc:c6:ba:0c:43:11:68:7c:
                    d7:60:04:16:96:12:80:93:d3:4a:c1:ab:9e:0d:05:
                    0b:b7:00:1e:f9:6a:6e:c2:63:5d:ec:b3:cc:5b:b2:
                    b5:00:98:82:88:1d:5e:9d:06:92:5b:cc:df:08:90:
                    64:19:10:2b:ca:5c:13:c1:9e:07:12:45:53:4c:40:
                    e4:3d:b0:f3:4c:9c:39:2c:4e:eb:01:2f:a6:91:90:
                    ce:4c:a1:5c:90:6b:95:d1:bb:d4:7f:4d:b2:da:21:
                    e3:2d:10:07:54:2c:d0:d2:df:10:09:d8:4e:86:94:
                    0d:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:EB:7F:C3:ED:BE:1F:2D:E7:7D:B1:BA:F8:D3:17:58:22:20:62:2C
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/64E0346870A411EE8FD38E6A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:3e:91:7f:6d:4a:ab:6f:c5:1d:3e:39:52:6d:af:0d:fa:24:
         23:39:c9:4a:41:b1:15:92:4f:4d:0f:4f:df:de:2f:0b:2e:cf:
         1c:7d:3f:8b:7f:fa:38:fb:a9:5e:34:f1:46:a4:b9:27:71:f3:
         6a:0b:a4:5c:c7:ec:ff:3f:78:d2:44:2f:59:e2:d8:c9:e1:d1:
         11:df:dd:1a:f8:e8:a5:6c:07:ef:5f:bf:8a:e2:48:e9:35:6b:
         7e:d9:3c:a3:9a:ab:d3:f0:a6:6e:4b:ed:79:ff:88:ca:ea:09:
         fb:b3:98:28:70:8c:50:e0:da:0a:7f:2c:b4:4e:f5:eb:30:11:
         98:a8:05:71:14:8b:a1:ef:99:60:82:2a:c8:0e:bf:95:de:9d:
         8e:8d:95:4c:5e:28:93:6b:36:d0:3c:be:c8:ab:ef:d8:fc:1a:
         fa:ad:6c:f1:bc:f6:a5:a1:93:48:ed:6b:da:b3:00:6b:21:db:
         16:7e:b5:db:c4:34:2e:ef:1b:fa:87:3f:18:5e:e3:8b:9a:1a:
         47:ae:c0:9a:1b:22:9f:de:9c:0f:a6:64:32:e3:f1:bb:1e:b7:
         88:cb:e9:fe:7a:ff:e0:88:89:c0:a3:86:93:dd:6b:7e:71:a4:
         03:39:46:22:04:f4:26:f6:97:1a:e4:95:36:3c:5b:8f:0e:b5:
         73:a2:68:cc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDgAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzEwMjIwNjI5NDJaFw0yNTEwMjIwNjI5NDJaMBgxFjAU
BgNVBAMTDTY1MzRjMTVhLWFlZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+rsSz7sU8VM8LlzImGvp0C+aen+dsCsS9B0JfuA8Pt5xcOggPSSJ+wW9H
ERu6+GJdepn69um1fl04f71HR6OVLEf30n9JPWYZcwlQoWDkSspoHy9P1GhhMhtQ
JHUOzmPgOf0wpb+FbGn7/YX6XqV5mkftd76ZJTAGqUm79aOsJUcL4hoMfMnZ/FL+
kze8xroMQxFofNdgBBaWEoCT00rBq54NBQu3AB75am7CY13ss8xbsrUAmIKIHV6d
BpJbzN8IkGQZECvKXBPBngcSRVNMQOQ9sPNMnDksTusBL6aRkM5MoVyQa5XRu9R/
TbLaIeMtEAdULNDS3xAJ2E6GlA3LAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4+t/
w+2+Hy3nfbG6+NMXWCIgYiwwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzY0RTAzNDY4NzBBNDExRUU4RkQzOEU2QTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgYgwDQYJKoZIhvcNAQEL
BQADggEBALI+kX9tSqtvxR0+OVJtrw36JCM5yUpBsRWST00PT9/eLwsuzxx9P4t/
+jj7qV408UakuSdx82oLpFzH7P8/eNJEL1ni2Mnh0RHf3Rr46KVsB+9fv4riSOk1
a37ZPKOaq9Pwpm5L7Xn/iMrqCfuzmChwjFDg2gp/LLRO9eswEZioBXEUi6HvmWCC
KsgOv5XenY6NlUxeKJNrNtA8vsir79j8GvqtbPG89qWhk0jta9qzAGsh2xZ+tdvE
NC7vG/qHPxhe44uaGkeuwJobIp/enA+mZDLj8bset4jL6f56/+CIicCjhpPda35x
pAM5RiIE9Cb2lxrklTY8W48OtXOiaMw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:16 2024 by rpki-client on console-fra.rpki-client.org