Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/CAEABBAC2F6811EEA09E05204AD9E6FC.roa
File:                     CAEABBAC2F6811EEA09E05204AD9E6FC.roa (raw, json)
Hash identifier:          gYLcsuXJBBh5MK+B2NEpS63FhwtQ43W0MjoToBZBbgg=
Subject key identifier:   29:CF:91:75:DD:4C:9D:17:7D:07:CB:F3:E2:58:A9:07:E5:9A:53:4A
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0CA5
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/CAEABBAC2F6811EEA09E05204AD9E6FC.roa
Signing time:             Mon 31 Jul 2023 06:09:22 +0000
ROA not before:           Mon 31 Jul 2023 06:09:19 +0000
ROA not after:            Thu 31 Jul 2025 06:09:19 +0000
asID:                     135375
IP address blocks:        102.165.58.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3237 (0xca5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Jul 31 06:09:19 2023 GMT
            Not After : Jul 31 06:09:19 2025 GMT
        Subject: CN=64c75012-e548
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:32:84:af:c1:03:e0:ef:a6:36:97:69:e5:bf:
                    b7:a2:f2:a2:c5:40:29:1a:a8:e7:33:33:4e:44:c9:
                    ec:1f:0a:75:6a:9f:2b:6a:57:ca:ab:1b:ca:14:d1:
                    db:85:84:86:6b:ec:54:33:d4:c8:fe:24:20:99:2a:
                    f0:ac:d9:02:c4:b7:46:a1:5d:76:ae:17:9f:8e:76:
                    2c:fb:ec:06:9f:74:1b:1b:3c:27:78:5a:bb:3f:f8:
                    f2:79:a4:e9:7c:fc:eb:fe:f8:f2:10:55:30:f3:f6:
                    90:0a:87:b7:56:cb:89:cc:49:19:ff:02:f2:fc:bc:
                    1b:ca:7b:26:5d:7b:1b:d1:30:0b:ed:f7:8c:f5:58:
                    5f:6f:8c:c0:e9:e9:f0:73:cd:06:09:f3:ac:cc:7d:
                    8c:19:71:f3:e2:00:33:54:d0:5b:d0:fd:c9:06:61:
                    e3:88:0c:cf:bc:43:5f:3e:e3:c7:31:ef:0e:8a:f9:
                    57:5a:c7:ff:60:c0:7a:6b:93:6c:1d:42:cb:50:1e:
                    7b:5d:34:43:41:91:c0:a1:a2:78:86:89:1d:4a:21:
                    b5:d7:2d:50:45:b9:4b:83:01:02:49:66:d8:11:cb:
                    d9:64:8e:11:bb:dc:2a:88:e7:4d:3c:9f:65:35:5b:
                    cf:2a:b6:4a:ed:22:3b:00:ed:97:72:76:14:e0:c3:
                    f1:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:CF:91:75:DD:4C:9D:17:7D:07:CB:F3:E2:58:A9:07:E5:9A:53:4A
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/CAEABBAC2F6811EEA09E05204AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.165.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:73:c6:2b:67:f2:e9:a8:61:5a:0c:35:cc:2b:46:49:3b:5b:
         28:1c:fe:5a:48:62:e4:b6:54:fe:ab:3e:48:30:0e:43:0a:b5:
         61:c3:eb:19:b5:16:ac:9a:a9:48:8c:e0:d3:b0:5d:ed:0c:08:
         95:6e:7f:1c:07:dd:e1:d9:0f:cf:72:c1:83:aa:41:46:99:b5:
         80:24:f3:02:d4:d0:23:a7:c6:d5:3b:48:ac:03:3e:e9:99:6e:
         10:97:65:b6:26:bd:40:7f:13:f9:8d:6c:0c:5d:c3:b4:45:8b:
         e6:f2:07:44:0c:4d:e6:80:25:66:4d:a4:6a:9c:95:1b:c8:c6:
         09:2a:42:8e:98:c6:e5:46:84:35:70:53:c8:00:ff:91:b3:fe:
         54:c9:93:97:83:12:2b:a6:9b:49:74:0f:c0:8b:3c:df:37:6b:
         61:cf:7b:52:a2:49:76:26:89:38:63:c7:37:3c:7d:dd:36:87:
         7d:09:9a:df:b1:01:f6:11:66:cd:74:63:f0:b9:de:f8:87:82:
         1c:d3:99:87:f2:49:54:47:fd:20:87:28:9d:76:51:c0:17:52:
         bd:bf:10:7a:10:2d:d6:03:7e:a6:5e:05:46:e3:b0:e1:f2:2a:
         75:df:17:51:ec:40:61:94:eb:e7:be:f9:c6:7b:34:f4:09:99:
         37:b4:52:91
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzA3MzEwNjA5MTlaFw0yNTA3MzEwNjA5MTlaMBgxFjAU
BgNVBAMTDTY0Yzc1MDEyLWU1NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDBMoSvwQPg76Y2l2nlv7ei8qLFQCkaqOczM05EyewfCnVqnytqV8qrG8oU
0duFhIZr7FQz1Mj+JCCZKvCs2QLEt0ahXXauF5+Odiz77AafdBsbPCd4Wrs/+PJ5
pOl8/Ov++PIQVTDz9pAKh7dWy4nMSRn/AvL8vBvKeyZdexvRMAvt94z1WF9vjMDp
6fBzzQYJ86zMfYwZcfPiADNU0FvQ/ckGYeOIDM+8Q18+48cx7w6K+Vdax/9gwHpr
k2wdQstQHntdNENBkcChoniGiR1KIbXXLVBFuUuDAQJJZtgRy9lkjhG73CqI5008
n2U1W88qtkrtIjsA7ZdydhTgw/HdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKc+R
dd1MnRd9B8vz4lipB+WaU0owHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0NBRUFCQkFDMkY2ODExRUVBMDlFMDUyMDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmpTowDQYJKoZIhvcNAQEL
BQADggEBAGZzxitn8umoYVoMNcwrRkk7Wygc/lpIYuS2VP6rPkgwDkMKtWHD6xm1
FqyaqUiM4NOwXe0MCJVufxwH3eHZD89ywYOqQUaZtYAk8wLU0COnxtU7SKwDPumZ
bhCXZbYmvUB/E/mNbAxdw7RFi+byB0QMTeaAJWZNpGqclRvIxgkqQo6YxuVGhDVw
U8gA/5Gz/lTJk5eDEiumm0l0D8CLPN83a2HPe1KiSXYmiThjxzc8fd02h30Jmt+x
AfYRZs10Y/C53viHghzTmYfySVRH/SCHKJ12UcAXUr2/EHoQLdYDfqZeBUbjsOHy
KnXfF1HsQGGU6+e++cZ7NPQJmTe0UpE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:25 2024 by rpki-client on console-ams.rpki-client.org