Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/B8FFF5DC1C0811EF9443864E7DDC24C2.roa
File:                     B8FFF5DC1C0811EF9443864E7DDC24C2.roa (raw, json)
Hash identifier:          kKgd5Qkvzf5AyabluyjsNW5oVkI06jwHjsBbdSGfGQY=
Subject key identifier:   80:15:09:14:C6:38:87:88:97:ED:54:E9:2B:DE:0B:71:93:9E:87:B2
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       109A
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/B8FFF5DC1C0811EF9443864E7DDC24C2.roa
Signing time:             Mon 27 May 2024 09:08:46 +0000
ROA not before:           Mon 27 May 2024 09:08:43 +0000
ROA not after:            Sat 30 May 2026 09:08:43 +0000
asID:                     6939
IP address blocks:        102.129.226.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 16 Jun 2024 00:05:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4250 (0x109a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: May 27 09:08:43 2024 GMT
            Not After : May 30 09:08:43 2026 GMT
        Subject: CN=66544d9e-416b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3d:ac:b6:ed:18:87:63:a2:ae:d0:17:6c:cf:
                    53:33:5b:14:39:64:2d:67:d6:22:28:e8:db:93:a7:
                    4d:17:ec:4a:e0:7a:7a:62:af:5f:e5:6b:71:55:dc:
                    3b:2e:b2:38:e0:7c:7e:d4:2c:67:f5:78:3b:80:0d:
                    00:14:51:e0:ca:a5:73:33:44:c5:67:31:a1:e0:42:
                    6f:f5:7c:95:b7:d1:7d:56:c3:43:f4:39:74:7b:c9:
                    56:39:29:26:89:77:5e:96:73:a3:77:41:21:02:0d:
                    be:56:08:39:cc:32:9b:99:70:66:4c:c5:f7:f4:ad:
                    ea:02:dd:4b:1c:3f:b6:07:99:65:37:ba:cf:e2:7e:
                    87:6e:ce:06:a2:c8:86:aa:2e:8e:8c:90:fb:ec:03:
                    e9:49:e3:11:f8:b8:9b:f5:a8:93:41:8a:08:a1:9b:
                    29:c4:99:01:54:5a:3c:b6:da:9b:d3:1d:d2:f4:d3:
                    b2:f4:06:4c:cc:00:e3:85:af:33:aa:20:c2:ee:db:
                    07:93:28:5f:63:71:70:ab:71:68:1d:5b:ca:9b:a9:
                    e3:75:4d:a6:10:59:4c:79:57:98:80:f6:11:de:1e:
                    d1:f7:eb:0a:2c:e6:2a:d3:aa:03:61:6e:4f:e1:76:
                    21:a3:d7:6b:4a:45:f7:1c:ee:b4:d7:40:c9:79:f7:
                    cf:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:15:09:14:C6:38:87:88:97:ED:54:E9:2B:DE:0B:71:93:9E:87:B2
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/B8FFF5DC1C0811EF9443864E7DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:8c:3d:ad:45:cd:3d:86:55:11:b0:23:f0:d8:7c:5b:c9:7a:
         ae:4e:00:71:ad:2e:d8:e1:2f:fb:69:19:37:f9:1e:00:03:fd:
         30:5d:5f:e3:59:e9:e5:94:c4:0f:a6:87:74:a1:91:e2:ce:54:
         3e:e2:21:20:d8:50:59:33:b4:77:aa:f2:12:97:03:79:ba:54:
         92:be:29:50:bd:10:7b:db:ba:1e:bf:9c:38:21:9e:96:d2:8c:
         8d:74:98:a1:e5:f8:02:5b:c7:19:0f:99:33:af:ca:01:4b:86:
         72:81:12:5f:a0:f9:96:14:2c:e2:9c:0f:6f:12:1d:1f:3e:ae:
         a8:76:ba:38:96:36:40:98:06:c3:fd:06:13:9f:ca:2b:fc:1c:
         ff:9b:d5:6a:0a:e1:4a:31:2b:20:cd:54:25:57:a3:c1:7b:74:
         b3:7b:a4:bf:c7:f5:db:a2:4e:26:87:52:8e:d3:6d:79:de:a5:
         a3:ff:b3:f4:bc:9d:19:c8:90:36:4e:b6:86:8a:a5:8d:36:99:
         8d:b6:d0:73:e5:e1:6e:d8:b5:dc:fd:07:ff:3f:bd:f3:c0:27:
         b4:40:43:93:5e:65:46:ff:67:fe:65:2e:56:5f:6f:8a:59:e2:
         6a:36:d7:a6:a5:b3:c9:f6:8f:58:bb:a6:02:94:28:e5:59:41:
         8f:a3:06:a9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEJowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDA1MjcwOTA4NDNaFw0yNjA1MzAwOTA4NDNaMBgxFjAU
BgNVBAMTDTY2NTQ0ZDllLTQxNmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCnPay27RiHY6Ku0Bdsz1MzWxQ5ZC1n1iIo6NuTp00X7Ergenpir1/la3FV
3DsusjjgfH7ULGf1eDuADQAUUeDKpXMzRMVnMaHgQm/1fJW30X1Ww0P0OXR7yVY5
KSaJd16Wc6N3QSECDb5WCDnMMpuZcGZMxff0reoC3UscP7YHmWU3us/ifoduzgai
yIaqLo6MkPvsA+lJ4xH4uJv1qJNBigihmynEmQFUWjy22pvTHdL007L0BkzMAOOF
rzOqIMLu2weTKF9jcXCrcWgdW8qbqeN1TaYQWUx5V5iA9hHeHtH36wos5irTqgNh
bk/hdiGj12tKRfcc7rTXQMl5989TAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUgBUJ
FMY4h4iX7VTpK94LcZOeh7IwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0I4RkZGNURDMUMwODExRUY5NDQzODY0RTdEREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgeIwDQYJKoZIhvcNAQEL
BQADggEBALiMPa1FzT2GVRGwI/DYfFvJeq5OAHGtLtjhL/tpGTf5HgAD/TBdX+NZ
6eWUxA+mh3ShkeLOVD7iISDYUFkztHeq8hKXA3m6VJK+KVC9EHvbuh6/nDghnpbS
jI10mKHl+AJbxxkPmTOvygFLhnKBEl+g+ZYULOKcD28SHR8+rqh2ujiWNkCYBsP9
BhOfyiv8HP+b1WoK4UoxKyDNVCVXo8F7dLN7pL/H9duiTiaHUo7TbXnepaP/s/S8
nRnIkDZOtoaKpY02mY220HPl4W7Ytdz9B/8/vfPAJ7RAQ5NeZUb/Z/5lLlZfb4pZ
4mo216als8n2j1i7pgKUKOVZQY+jBqk=
-----END CERTIFICATE-----
Generated at Fri Jun 14 01:55:03 2024 by rpki-client on console-fra.rpki-client.org