Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/905B3A90D0B011EEBBF73E76775412E6.roa
File:                     905B3A90D0B011EEBBF73E76775412E6.roa (raw, json)
Hash identifier:          5fy68bHXv27BP/yRbpPou16/D4pqLYrzMUn+l2yBW+I=
Subject key identifier:   13:5D:3B:4A:DB:13:99:0A:1A:8C:38:16:75:F9:31:9B:85:22:9F:16
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0F82
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/905B3A90D0B011EEBBF73E76775412E6.roa
Signing time:             Wed 21 Feb 2024 11:58:45 +0000
ROA not before:           Wed 21 Feb 2024 11:58:42 +0000
ROA not after:            Sat 21 Feb 2026 11:58:42 +0000
asID:                     200017
IP address blocks:        102.129.187.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3970 (0xf82)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Feb 21 11:58:42 2024 GMT
            Not After : Feb 21 11:58:42 2026 GMT
        Subject: CN=65d5e575-42a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:71:40:b6:bc:ae:6f:08:ff:f9:e0:4f:37:ae:
                    50:06:02:9e:13:5f:eb:e7:96:88:dd:f0:88:65:e9:
                    06:d6:00:1e:3a:09:21:c4:48:c7:42:95:ae:b8:3d:
                    88:74:70:f9:0b:24:4f:2f:3c:48:50:d5:81:f6:4c:
                    4e:dd:c4:9d:b7:8b:93:4d:ca:06:f1:4c:c9:c6:0c:
                    6f:b5:7e:1f:f8:4d:31:53:3e:f0:24:07:fe:a0:7e:
                    00:49:c6:cf:fd:1f:82:fb:bb:4d:ef:4a:07:21:c5:
                    14:3e:a8:ac:7a:0d:92:11:ff:0c:9f:1a:55:33:92:
                    30:ea:bf:3e:1e:7e:91:fa:d1:c6:23:10:d2:a7:90:
                    4b:e6:5a:9f:17:3d:45:6b:a2:de:32:3b:48:71:78:
                    7f:c5:4d:b7:90:0c:9c:ac:ab:19:63:68:90:a3:2b:
                    f1:4a:53:55:ae:86:84:92:d3:2f:70:af:c2:26:82:
                    6e:39:e5:f2:4c:5b:64:6f:d6:3c:32:9e:e0:0c:6d:
                    1b:50:41:79:2a:46:3e:9a:cc:0d:6b:f4:a7:84:d7:
                    98:04:86:d1:6c:a6:ad:e6:b2:9a:61:40:0f:92:d6:
                    bb:48:5a:aa:77:12:fc:a1:a0:3b:75:d7:80:45:5b:
                    81:67:79:69:56:c7:99:49:80:3f:a2:53:22:c8:cc:
                    b1:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:5D:3B:4A:DB:13:99:0A:1A:8C:38:16:75:F9:31:9B:85:22:9F:16
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/905B3A90D0B011EEBBF73E76775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c2:32:9d:1e:41:0c:5c:12:23:e1:8b:e2:ab:70:be:c1:28:15:
         6e:5c:7b:57:36:68:e3:a3:aa:70:5d:87:5a:77:d7:54:8b:b9:
         7e:7b:bb:e3:31:fc:3b:df:e1:1a:33:36:66:bf:25:b3:da:68:
         3f:c3:4f:d9:23:b0:b4:0d:98:e9:48:10:c1:5a:24:aa:e6:ee:
         09:28:b9:0c:c7:6b:f5:18:89:24:79:9a:f3:cb:b0:06:f1:2b:
         4e:23:22:bd:ed:53:00:4c:d6:61:e6:16:ce:a5:34:7c:e8:f7:
         b5:d7:76:87:a1:71:48:46:91:91:76:cf:9c:06:22:15:6a:91:
         e0:3a:95:09:5f:a3:cb:d4:8f:cd:26:68:0a:2f:c2:59:66:6b:
         98:22:50:aa:66:05:86:b4:dc:34:aa:2f:16:de:b2:24:29:9d:
         4f:23:96:4b:0a:f3:9f:c2:86:c6:1e:73:8a:df:a7:79:3c:a0:
         f9:3c:e3:5f:f1:3c:63:51:ca:33:d3:a5:d7:aa:3a:a0:05:3d:
         c4:b4:9d:7f:7a:ea:54:4e:3c:3c:a5:b9:63:be:ab:d8:b1:9e:
         6b:5e:53:f9:57:f5:17:7b:b6:ef:be:58:21:8c:0f:0e:68:ab:
         75:ad:11:2a:3d:03:5e:95:ac:26:60:64:18:61:86:89:27:5f:
         8a:19:76:ad
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD4IwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDAyMjExMTU4NDJaFw0yNjAyMjExMTU4NDJaMBgxFjAU
BgNVBAMTDTY1ZDVlNTc1LTQyYTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDIcUC2vK5vCP/54E83rlAGAp4TX+vnlojd8Ihl6QbWAB46CSHESMdCla64
PYh0cPkLJE8vPEhQ1YH2TE7dxJ23i5NNygbxTMnGDG+1fh/4TTFTPvAkB/6gfgBJ
xs/9H4L7u03vSgchxRQ+qKx6DZIR/wyfGlUzkjDqvz4efpH60cYjENKnkEvmWp8X
PUVrot4yO0hxeH/FTbeQDJysqxljaJCjK/FKU1WuhoSS0y9wr8Imgm455fJMW2Rv
1jwynuAMbRtQQXkqRj6azA1r9KeE15gEhtFspq3mspphQA+S1rtIWqp3EvyhoDt1
14BFW4FneWlWx5lJgD+iUyLIzLHpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUE107
StsTmQoajDgWdfkxm4UinxYwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzkwNUIzQTkwRDBCMDExRUVCQkY3M0U3Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgbswDQYJKoZIhvcNAQEL
BQADggEBAMIynR5BDFwSI+GL4qtwvsEoFW5ce1c2aOOjqnBdh1p311SLuX57u+Mx
/Dvf4RozNma/JbPaaD/DT9kjsLQNmOlIEMFaJKrm7gkouQzHa/UYiSR5mvPLsAbx
K04jIr3tUwBM1mHmFs6lNHzo97XXdoehcUhGkZF2z5wGIhVqkeA6lQlfo8vUj80m
aAovwllma5giUKpmBYa03DSqLxbesiQpnU8jlksK85/ChsYec4rfp3k8oPk841/x
PGNRyjPTpdeqOqAFPcS0nX966lROPDyluWO+q9ixnmteU/lX9Rd7tu++WCGMDw5o
q3WtESo9A16VrCZgZBhhhoknX4oZdq0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:16 2024 by rpki-client on console-fra.rpki-client.org