Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/DB1C4E56F0EB11EE986729C0775412E6.roa
File:                     DB1C4E56F0EB11EE986729C0775412E6.roa (raw, json)
Hash identifier:          TRLSixyDqye4zogZqsB7p44enUckNDqZcJ1A87Rpt9o=
Subject key identifier:   60:30:A2:0E:08:3A:35:99:5B:E8:C0:ED:8B:82:C6:81:BD:61:8C:44
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       1039
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/DB1C4E56F0EB11EE986729C0775412E6.roa
Signing time:             Tue 02 Apr 2024 12:23:48 +0000
ROA not before:           Tue 02 Apr 2024 12:23:44 +0000
ROA not after:            Thu 02 Apr 2026 12:23:44 +0000
asID:                     200017
IP address blocks:        102.129.133.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4153 (0x1039)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Apr  2 12:23:44 2024 GMT
            Not After : Apr  2 12:23:44 2026 GMT
        Subject: CN=660bf8d4-6d31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:75:6f:1a:86:13:85:f3:39:3f:eb:bd:d1:5c:
                    a6:7d:cb:32:9d:7a:81:34:92:e3:8a:fb:f1:84:04:
                    94:db:cf:a7:cc:84:29:e1:3d:a2:61:1f:03:df:31:
                    be:ce:59:f3:4e:5b:96:f6:f3:2d:af:43:02:41:7a:
                    55:84:6c:56:60:89:f9:9c:b3:16:45:3b:84:dc:b0:
                    1f:00:f9:f0:1d:f6:e2:34:fb:1a:84:13:84:5f:16:
                    ab:ec:f9:94:fa:52:3b:00:09:3b:98:f7:ef:72:e6:
                    e0:54:fc:9b:12:d6:47:66:96:32:06:d6:29:42:f5:
                    83:8a:0d:6b:0c:00:c2:49:85:a8:4d:9f:78:7c:14:
                    cc:83:71:90:e7:b7:e5:75:95:d1:91:1c:13:bc:5a:
                    6d:27:81:56:e1:5f:0a:ad:9c:2d:f3:57:87:d3:08:
                    5f:a2:fa:ed:dd:9e:ca:10:22:98:bc:e1:25:e8:e3:
                    b4:d5:c4:ed:e6:d5:df:28:af:98:ba:fd:dc:7f:0f:
                    3d:54:3b:6d:66:a9:b5:80:83:99:f3:65:66:08:4a:
                    b9:38:fe:e2:93:50:ab:8c:24:82:77:78:ce:3f:93:
                    14:2a:34:6f:5e:c1:22:70:d6:b1:c0:73:15:5f:73:
                    3c:79:41:83:9e:51:d0:c9:a3:bd:62:4c:38:14:f6:
                    11:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:30:A2:0E:08:3A:35:99:5B:E8:C0:ED:8B:82:C6:81:BD:61:8C:44
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/DB1C4E56F0EB11EE986729C0775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:2c:2f:04:c7:74:2a:1d:80:49:1b:9f:1f:12:d6:b3:a1:73:
         92:d2:a3:7f:8e:f4:92:51:ea:75:51:1a:4a:bd:fe:ee:d1:14:
         74:4e:20:02:2e:c4:59:7b:74:dd:02:71:ac:20:29:27:8d:a6:
         93:ee:f5:40:da:28:bc:a6:7f:e9:cc:77:ae:b8:8f:c8:c3:a9:
         ea:1a:9e:26:51:68:47:9d:0c:6c:52:bf:f9:2b:f3:b8:16:65:
         3a:9d:e3:6d:c0:e0:74:db:41:34:f1:15:17:87:78:2f:b6:3d:
         fd:a1:47:0f:da:fb:26:d6:91:0c:96:b7:30:86:5c:68:0b:29:
         8a:95:c2:c5:cb:21:47:e0:f9:4a:84:f8:0d:6e:14:33:6d:a3:
         c3:5e:ad:7a:a3:cb:00:21:ef:b3:43:00:7c:6f:7a:d9:bc:f4:
         24:77:30:24:21:7d:c4:c7:bc:07:3d:27:39:d2:15:33:b5:a7:
         ea:3b:cc:45:d6:9d:23:92:dc:60:60:8c:65:c5:ac:af:c8:dc:
         de:45:e4:fa:31:34:0a:5a:c6:35:e0:e5:1e:d0:77:9b:76:b6:
         d0:90:0b:31:b4:f0:8c:ee:6d:b8:0f:7c:e0:85:f2:2c:61:ad:
         9d:55:11:94:70:2a:2c:00:d9:aa:3c:fa:a9:41:03:1c:27:af:
         32:f8:36:2a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEDkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDA0MDIxMjIzNDRaFw0yNjA0MDIxMjIzNDRaMBgxFjAU
BgNVBAMTDTY2MGJmOGQ0LTZkMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDxdW8ahhOF8zk/673RXKZ9yzKdeoE0kuOK+/GEBJTbz6fMhCnhPaJhHwPf
Mb7OWfNOW5b28y2vQwJBelWEbFZgifmcsxZFO4TcsB8A+fAd9uI0+xqEE4RfFqvs
+ZT6UjsACTuY9+9y5uBU/JsS1kdmljIG1ilC9YOKDWsMAMJJhahNn3h8FMyDcZDn
t+V1ldGRHBO8Wm0ngVbhXwqtnC3zV4fTCF+i+u3dnsoQIpi84SXo47TVxO3m1d8o
r5i6/dx/Dz1UO21mqbWAg5nzZWYISrk4/uKTUKuMJIJ3eM4/kxQqNG9ewSJw1rHA
cxVfczx5QYOeUdDJo71iTDgU9hGxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYDCi
Dgg6NZlb6MDti4LGgb1hjEQwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0RCMUM0RTU2RjBFQjExRUU5ODY3MjlDMDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgYUwDQYJKoZIhvcNAQEL
BQADggEBAL4sLwTHdCodgEkbnx8S1rOhc5LSo3+O9JJR6nVRGkq9/u7RFHROIAIu
xFl7dN0CcawgKSeNppPu9UDaKLymf+nMd664j8jDqeoaniZRaEedDGxSv/kr87gW
ZTqd423A4HTbQTTxFReHeC+2Pf2hRw/a+ybWkQyWtzCGXGgLKYqVwsXLIUfg+UqE
+A1uFDNto8NerXqjywAh77NDAHxvetm89CR3MCQhfcTHvAc9JznSFTO1p+o7zEXW
nSOS3GBgjGXFrK/I3N5F5PoxNApaxjXg5R7Qd5t2ttCQCzG08IzubbgPfOCF8ixh
rZ1VEZRwKiwA2ao8+qlBAxwnrzL4Nio=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:25 2024 by rpki-client on console-ams.rpki-client.org