Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/A71676B2B16911EDA8C6FC90F1222468.roa
File:                     A71676B2B16911EDA8C6FC90F1222468.roa (raw, json)
Hash identifier:          XL3BIgR90Fy1XxYlha3ZvlOECgIzObjNHkGH1e+DBEA=
Subject key identifier:   B0:75:36:57:E2:08:77:9F:FA:F1:80:60:9E:E5:F7:EA:F3:C0:30:BB
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0A26
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/A71676B2B16911EDA8C6FC90F1222468.roa
Signing time:             Mon 20 Feb 2023 21:58:05 +0000
ROA not before:           Mon 20 Feb 2023 21:58:02 +0000
ROA not after:            Fri 21 Feb 2025 21:58:02 +0000
asID:                     64267
IP address blocks:        102.129.191.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2598 (0xa26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Feb 20 21:58:02 2023 GMT
            Not After : Feb 21 21:58:02 2025 GMT
        Subject: CN=63f3eced-c52b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:1f:51:9e:5f:9f:ea:73:4d:de:7d:b6:47:f4:
                    15:6c:71:d8:4c:ec:2f:99:d5:62:77:f4:16:34:51:
                    44:44:55:63:4a:57:b9:0c:be:e2:17:88:88:90:42:
                    6c:c6:43:d9:63:3c:62:63:e7:0f:b1:98:d5:8c:6e:
                    68:57:10:6e:8f:74:dc:52:6a:ac:a6:01:b7:19:df:
                    49:5c:78:56:62:d4:b6:c7:dc:36:29:d5:b2:d2:1f:
                    58:69:2f:e7:9c:2c:7d:1b:c2:be:d3:e6:54:88:6f:
                    5b:38:96:db:10:97:ef:b4:6d:07:0e:5c:15:4d:24:
                    0d:53:38:6e:cd:04:af:9c:92:89:ec:e4:e7:e9:c1:
                    24:69:55:00:60:3f:f2:84:08:c9:b1:19:fd:62:6e:
                    96:46:6b:dc:ab:16:43:cc:bb:5e:0f:8b:ac:8d:30:
                    16:52:69:d0:ab:ec:03:73:7a:93:78:52:3e:42:e1:
                    42:c3:94:f0:a5:1d:33:76:c9:14:04:fd:86:1d:66:
                    a0:8d:1e:17:59:a5:fd:b3:bd:70:0c:49:a5:cf:19:
                    11:f6:8d:84:d8:93:bc:4b:b5:63:68:c2:b0:ac:43:
                    a4:ea:2a:46:e3:86:9c:fb:cc:e0:d0:2c:90:c1:b7:
                    95:ae:40:a1:fc:bb:75:e6:86:27:24:43:59:26:b7:
                    25:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:75:36:57:E2:08:77:9F:FA:F1:80:60:9E:E5:F7:EA:F3:C0:30:BB
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/A71676B2B16911EDA8C6FC90F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:29:90:84:a5:90:f5:1f:85:bd:ba:0a:1c:48:96:67:07:55:
         26:b0:f4:bb:b5:b2:b8:6c:be:f6:71:c1:12:74:b2:a8:81:04:
         35:42:42:ad:43:9d:78:94:30:22:41:b8:fa:02:f2:48:ec:b0:
         d7:58:ef:40:c2:e2:46:92:5c:f6:2e:7e:f4:f3:a4:4a:45:ab:
         35:27:28:81:ba:09:8b:5f:72:6e:31:58:52:19:5d:f4:f2:ae:
         0e:2b:8d:60:6b:28:22:6f:2b:e1:1c:e6:02:27:0b:45:b9:4a:
         8c:45:5d:73:c4:f7:9a:96:e0:68:b1:58:6a:6d:e4:d8:d3:45:
         69:fc:d4:65:6d:15:5e:90:b9:fd:26:c5:b5:33:3a:a4:63:5a:
         b7:a5:de:65:e4:aa:d3:ee:cc:b0:35:72:f1:f9:c6:42:a5:83:
         2d:a6:56:df:37:7e:7d:64:89:ff:99:6c:1f:28:4a:ab:9b:71:
         ad:d0:38:41:8a:c0:bc:ef:bb:44:b4:75:a3:47:07:77:4f:ee:
         4e:60:3f:78:13:54:9e:92:f2:c1:97:04:69:ab:cb:2c:ed:82:
         2b:d4:93:fc:65:d3:dc:cb:13:bf:9b:5b:a6:dc:d3:dd:fd:a8:
         eb:5e:71:a5:5b:34:73:2a:b0:b6:62:d1:62:44:77:ec:c4:d7:
         15:cb:35:bb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCiYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzAyMjAyMTU4MDJaFw0yNTAyMjEyMTU4MDJaMBgxFjAU
BgNVBAMMDTYzZjNlY2VkLWM1MmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD3H1GeX5/qc03efbZH9BVscdhM7C+Z1WJ39BY0UUREVWNKV7kMvuIXiIiQ
QmzGQ9ljPGJj5w+xmNWMbmhXEG6PdNxSaqymAbcZ30lceFZi1LbH3DYp1bLSH1hp
L+ecLH0bwr7T5lSIb1s4ltsQl++0bQcOXBVNJA1TOG7NBK+ckons5OfpwSRpVQBg
P/KECMmxGf1ibpZGa9yrFkPMu14Pi6yNMBZSadCr7ANzepN4Uj5C4ULDlPClHTN2
yRQE/YYdZqCNHhdZpf2zvXAMSaXPGRH2jYTYk7xLtWNowrCsQ6TqKkbjhpz7zODQ
LJDBt5WuQKH8u3XmhickQ1kmtyWhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUsHU2
V+IId5/68YBgnuX36vPAMLswHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0E3MTY3NkIyQjE2OTExRURBOEM2RkM5MEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgb8wDQYJKoZIhvcNAQEL
BQADggEBAL0pkISlkPUfhb26ChxIlmcHVSaw9Lu1srhsvvZxwRJ0sqiBBDVCQq1D
nXiUMCJBuPoC8kjssNdY70DC4kaSXPYufvTzpEpFqzUnKIG6CYtfcm4xWFIZXfTy
rg4rjWBrKCJvK+Ec5gInC0W5SoxFXXPE95qW4GixWGpt5NjTRWn81GVtFV6Quf0m
xbUzOqRjWrel3mXkqtPuzLA1cvH5xkKlgy2mVt83fn1kif+ZbB8oSqubca3QOEGK
wLzvu0S0daNHB3dP7k5gP3gTVJ6S8sGXBGmryyztgivUk/xl09zLE7+bW6bc0939
qOtecaVbNHMqsLZi0WJEd+zE1xXLNbs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:16 2024 by rpki-client on console-fra.rpki-client.org