Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/CF5C62DC1EC211EE9E05E6604AD9E6FC.roa
File:                     CF5C62DC1EC211EE9E05E6604AD9E6FC.roa (raw, json)
Hash identifier:          lmYTTjdLHApGXdJty0OWvyZrvpViKBQA96MeQio2pwU=
Subject key identifier:   63:CE:18:59:CD:CC:D0:8A:3C:02:8C:33:67:D0:AF:00:E0:93:BE:F8
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0C65
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/CF5C62DC1EC211EE9E05E6604AD9E6FC.roa
Signing time:             Mon 10 Jul 2023 01:40:55 +0000
ROA not before:           Mon 10 Jul 2023 01:40:51 +0000
ROA not after:            Sat 12 Jul 2025 01:40:51 +0000
asID:                     62390
IP address blocks:        102.129.189.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3173 (0xc65)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Jul 10 01:40:51 2023 GMT
            Not After : Jul 12 01:40:51 2025 GMT
        Subject: CN=64ab61a7-804b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5c:0e:f6:ef:6a:5b:ea:a5:c2:ec:6e:03:b1:
                    a3:c6:87:e4:0d:fd:78:89:0e:56:a1:79:cb:8d:7d:
                    e9:e2:4c:b3:91:df:bb:0d:4c:76:5e:4e:19:5d:83:
                    bd:57:94:9d:ab:5b:68:df:f6:19:30:88:d1:74:0f:
                    6c:51:d2:13:a0:6b:5c:13:ab:b7:57:41:51:43:c8:
                    d4:f6:27:e1:5e:14:d2:db:d8:dc:20:d9:aa:e4:0c:
                    13:3e:31:87:e9:be:09:d9:b7:d1:97:d9:4e:bd:94:
                    b4:c2:7c:ea:d1:74:6d:da:b5:9a:f1:c8:4f:ff:96:
                    66:92:f2:f5:a5:d9:2f:bc:cb:22:12:b3:1a:f5:6f:
                    5e:67:97:49:53:27:04:c0:5c:1e:80:8e:c5:38:7e:
                    76:8d:6d:9b:72:ff:c7:ca:d7:e3:8c:35:5a:3d:20:
                    a9:90:16:89:f2:5e:5d:a6:4e:83:d5:02:35:af:7b:
                    78:c2:a7:ca:81:1a:61:46:97:58:0e:6e:58:b5:5d:
                    4b:e5:06:33:18:c3:d8:cb:69:12:a1:eb:71:43:64:
                    f5:39:e3:bf:69:eb:a6:23:83:76:cc:89:fb:d9:e7:
                    b4:6c:f2:6d:b2:f8:ca:9f:1e:8b:fa:dc:50:da:fa:
                    d5:18:a9:ce:94:b5:be:58:e3:37:99:06:ed:18:f0:
                    d6:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:CE:18:59:CD:CC:D0:8A:3C:02:8C:33:67:D0:AF:00:E0:93:BE:F8
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/CF5C62DC1EC211EE9E05E6604AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d7:9a:d4:21:a1:c1:c9:91:ee:fb:95:0b:b4:94:9f:6b:f1:d5:
         a3:20:94:c6:af:5c:34:50:b4:3e:2d:1d:94:a8:b4:82:82:23:
         46:90:d8:39:ae:ac:81:d4:b7:cc:a9:07:70:a3:40:1b:61:28:
         38:b5:18:36:d8:44:04:07:2c:0c:fd:59:47:41:10:17:f5:78:
         3b:3c:22:34:20:ce:9d:0e:36:65:8d:db:af:ce:15:ad:d1:5f:
         3f:f6:de:69:32:c2:54:6c:99:f4:e0:f9:2b:d5:93:5e:74:35:
         17:cc:08:80:87:c8:7a:f7:d6:f8:d3:5b:78:03:0b:3e:cb:dc:
         db:8e:42:29:bc:9a:91:9b:a8:cc:53:e1:ac:87:46:26:8c:4c:
         1a:d0:98:89:43:fd:e6:07:2b:3f:47:ea:15:ed:60:ef:d1:71:
         9e:37:f8:0f:67:45:87:4c:93:6c:8b:5c:2d:70:66:d3:f0:ff:
         ba:1c:52:19:40:92:75:c1:d8:f2:42:e7:90:43:d7:da:28:26:
         25:5d:96:cf:f2:a3:36:ff:6d:89:14:66:d8:42:99:b6:99:80:
         c9:e6:c3:bd:a3:ea:1a:69:eb:5e:4a:50:5d:dc:6a:07:5b:1a:
         b3:6a:d1:07:62:c1:3b:69:2f:b3:09:ec:b3:89:a3:03:17:4f:
         c6:8f:07:5e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDGUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzA3MTAwMTQwNTFaFw0yNTA3MTIwMTQwNTFaMBgxFjAU
BgNVBAMTDTY0YWI2MWE3LTgwNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzXA7272pb6qXC7G4DsaPGh+QN/XiJDlahecuNfeniTLOR37sNTHZeThld
g71XlJ2rW2jf9hkwiNF0D2xR0hOga1wTq7dXQVFDyNT2J+FeFNLb2Nwg2arkDBM+
MYfpvgnZt9GX2U69lLTCfOrRdG3atZrxyE//lmaS8vWl2S+8yyISsxr1b15nl0lT
JwTAXB6AjsU4fnaNbZty/8fK1+OMNVo9IKmQFonyXl2mToPVAjWve3jCp8qBGmFG
l1gObli1XUvlBjMYw9jLaRKh63FDZPU5479p66Yjg3bMifvZ57Rs8m2y+MqfHov6
3FDa+tUYqc6Utb5Y4zeZBu0Y8NY1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUY84Y
Wc3M0Io8AowzZ9CvAOCTvvgwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0NGNUM2MkRDMUVDMjExRUU5RTA1RTY2MDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgb0wDQYJKoZIhvcNAQEL
BQADggEBANea1CGhwcmR7vuVC7SUn2vx1aMglMavXDRQtD4tHZSotIKCI0aQ2Dmu
rIHUt8ypB3CjQBthKDi1GDbYRAQHLAz9WUdBEBf1eDs8IjQgzp0ONmWN26/OFa3R
Xz/23mkywlRsmfTg+SvVk150NRfMCICHyHr31vjTW3gDCz7L3NuOQim8mpGbqMxT
4ayHRiaMTBrQmIlD/eYHKz9H6hXtYO/RcZ43+A9nRYdMk2yLXC1wZtPw/7ocUhlA
knXB2PJC55BD19ooJiVdls/yozb/bYkUZthCmbaZgMnmw72j6hpp615KUF3cagdb
GrNq0QdiwTtpL7MJ7LOJowMXT8aPB14=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:17 2024 by rpki-client on console-fra.rpki-client.org