Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/CE4362D8A69B11ECA8EEAEB05A40D577.roa
File:                     CE4362D8A69B11ECA8EEAEB05A40D577.roa (raw, json)
Hash identifier:          hdiGYUj5DdwiNg2uYLGutZuLRZZyytcq+KgqbIZukz4=
Subject key identifier:   EA:BD:74:9C:B8:DD:1F:BD:D2:1B:4B:42:F0:DD:D0:BF:6D:92:A3:DF
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       060C
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/CE4362D8A69B11ECA8EEAEB05A40D577.roa
Signing time:             Fri 18 Mar 2022 09:14:25 +0000
ROA not before:           Fri 18 Mar 2022 09:14:21 +0000
ROA not after:            Tue 18 Mar 2025 09:14:21 +0000
asID:                     9009
IP address blocks:        102.129.146.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1548 (0x60c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Mar 18 09:14:21 2022 GMT
            Not After : Mar 18 09:14:21 2025 GMT
        Subject: CN=62344d71-c98d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6d:1e:48:e8:4b:ac:b9:f2:a2:c0:6f:42:e8:
                    5f:f4:8f:7d:a2:49:e1:5b:a2:bb:c8:99:9a:b8:96:
                    60:12:cb:2a:cd:b1:ba:22:0e:03:71:66:f8:88:77:
                    c4:34:a9:78:f6:da:50:ed:f8:20:b6:3a:a1:69:22:
                    5a:f8:8a:28:eb:63:0e:b4:06:41:39:8d:61:f0:f1:
                    8b:c4:cf:c2:78:7e:c7:df:00:7e:1a:c9:95:86:30:
                    6c:fb:1b:ba:ad:e7:5f:10:8d:76:50:92:85:f7:aa:
                    f8:73:94:60:37:f8:f0:b1:a1:6e:a1:c7:2e:18:06:
                    19:c1:b9:ba:5a:a1:bc:4b:fd:be:52:a1:eb:c5:6d:
                    61:98:fa:2e:05:f6:c3:fb:64:23:b6:b0:b3:27:00:
                    b9:ab:80:01:9b:92:b4:2e:03:6a:42:c5:ba:8b:a1:
                    2a:5d:9b:fb:35:e7:bd:43:91:5c:9a:fb:0b:3e:d4:
                    33:dd:be:32:c3:fd:8e:3d:85:58:ff:ce:a5:fd:6b:
                    f3:40:d3:f8:99:2f:43:57:c2:a1:d7:f6:59:51:c6:
                    4b:89:a4:e6:eb:6d:23:90:aa:b5:83:4b:a1:3f:06:
                    74:f7:b2:8b:02:01:1e:0f:4c:3e:77:e0:42:be:d5:
                    ac:4d:d7:ab:95:d1:3b:ba:ad:e2:60:42:56:8d:c3:
                    66:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:BD:74:9C:B8:DD:1F:BD:D2:1B:4B:42:F0:DD:D0:BF:6D:92:A3:DF
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/CE4362D8A69B11ECA8EEAEB05A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:64:4f:a2:57:1b:61:1f:72:35:67:ed:38:1a:47:ac:b2:e6:
         d2:f1:bf:10:86:5f:1a:49:59:42:89:93:2e:19:68:ba:a9:1c:
         d2:03:dc:4e:45:8f:4e:11:e0:cb:ea:df:27:3f:2b:34:3a:6b:
         5a:13:5e:7b:a4:13:34:ec:2e:dd:5c:2f:96:6f:30:b9:0f:1e:
         d3:a3:c5:c9:42:3a:05:7d:bc:68:49:69:5c:81:52:aa:b7:ae:
         11:3a:71:d2:05:b3:74:12:35:9e:e3:bb:96:9d:ee:89:84:20:
         c6:7e:51:90:18:9b:5c:9f:85:9f:50:da:7e:77:e4:a7:07:25:
         28:0d:65:f8:de:ef:de:8e:38:9a:d7:5a:f4:38:64:95:46:86:
         2e:e6:4f:70:7d:46:1f:c3:99:06:80:f7:a9:59:84:35:28:48:
         54:50:28:90:ef:e5:94:bb:7e:b5:c6:58:e4:70:42:aa:72:22:
         22:57:0d:fc:95:0f:1e:3a:f2:d1:30:68:73:43:14:50:70:c6:
         7f:c9:48:a2:bc:f8:80:a6:04:d9:a5:d0:a5:7c:05:f8:c1:a9:
         17:3f:d9:15:70:5c:80:be:29:ae:fe:88:00:d5:f9:13:d2:8d:
         47:bd:33:8a:47:65:a8:85:db:e9:70:a2:dd:ba:f9:14:f1:25:
         52:a2:11:fb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBgwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMjAzMTgwOTE0MjFaFw0yNTAzMTgwOTE0MjFaMBgxFjAU
BgNVBAMMDTYyMzQ0ZDcxLWM5OGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCgbR5I6EusufKiwG9C6F/0j32iSeFborvImZq4lmASyyrNsboiDgNxZviI
d8Q0qXj22lDt+CC2OqFpIlr4iijrYw60BkE5jWHw8YvEz8J4fsffAH4ayZWGMGz7
G7qt518QjXZQkoX3qvhzlGA3+PCxoW6hxy4YBhnBubpaobxL/b5SoevFbWGY+i4F
9sP7ZCO2sLMnALmrgAGbkrQuA2pCxbqLoSpdm/s1571DkVya+ws+1DPdvjLD/Y49
hVj/zqX9a/NA0/iZL0NXwqHX9llRxkuJpObrbSOQqrWDS6E/BnT3sosCAR4PTD53
4EK+1axN16uV0Tu6reJgQlaNw2ZhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6r10
nLjdH73SG0tC8N3Qv22So98wHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0NFNDM2MkQ4QTY5QjExRUNBOEVFQUVCMDVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgZIwDQYJKoZIhvcNAQEL
BQADggEBALpkT6JXG2EfcjVn7TgaR6yy5tLxvxCGXxpJWUKJky4ZaLqpHNID3E5F
j04R4Mvq3yc/KzQ6a1oTXnukEzTsLt1cL5ZvMLkPHtOjxclCOgV9vGhJaVyBUqq3
rhE6cdIFs3QSNZ7ju5ad7omEIMZ+UZAYm1yfhZ9Q2n535KcHJSgNZfje796OOJrX
WvQ4ZJVGhi7mT3B9Rh/DmQaA96lZhDUoSFRQKJDv5ZS7frXGWORwQqpyIiJXDfyV
Dx468tEwaHNDFFBwxn/JSKK8+ICmBNml0KV8BfjBqRc/2RVwXIC+Ka7+iADV+RPS
jUe9M4pHZaiF2+lwot26+RTxJVKiEfs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:59 2024 by rpki-client on console-fra.rpki-client.org