Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/DBC51F36457E11EE908E13594AD9E6FC.roa
File:                     DBC51F36457E11EE908E13594AD9E6FC.roa (raw, json)
Hash identifier:          wG1fklNUw3BCHGSUeuLWWj0NNHW82vxXaEwqwmPaDUI=
Subject key identifier:   F5:89:E6:4C:4E:2B:7E:77:83:10:43:2E:B9:3D:D6:D3:77:D2:DA:44
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0CF0
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/DBC51F36457E11EE908E13594AD9E6FC.roa
Signing time:             Mon 28 Aug 2023 08:42:45 +0000
ROA not before:           Mon 28 Aug 2023 08:42:42 +0000
ROA not after:            Thu 28 Aug 2025 08:42:42 +0000
asID:                     212238
IP address blocks:        102.129.171.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3312 (0xcf0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Aug 28 08:42:42 2023 GMT
            Not After : Aug 28 08:42:42 2025 GMT
        Subject: CN=64ec5e05-2b87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:19:78:52:44:c1:e0:d3:9f:22:bb:3d:32:6a:
                    44:68:23:82:0f:5b:0b:5a:20:bb:d0:fa:28:8b:ce:
                    19:fb:3d:11:77:64:5e:61:2e:3d:52:c9:8f:c5:f9:
                    c9:a0:c9:b4:fc:84:a6:cf:fc:b1:35:fc:e1:18:0c:
                    64:34:9d:b2:b4:79:99:f1:5e:dd:bd:a9:3b:63:2e:
                    f9:88:08:bc:f7:71:bd:d3:01:c4:41:31:30:60:1c:
                    82:e8:c7:cf:4a:3d:99:35:1f:b2:d6:1a:26:da:df:
                    4d:05:60:1c:45:58:98:97:09:b2:d5:14:aa:73:dc:
                    89:e4:0d:43:11:5d:96:c9:55:34:43:a6:04:a5:41:
                    26:fa:c8:dd:67:1c:b3:dd:17:4f:7b:2e:a4:31:04:
                    43:ae:c3:3b:df:fa:00:f0:c0:6b:05:19:7f:4b:3d:
                    6d:ad:3a:01:00:76:e0:96:48:76:c2:f0:6f:f6:43:
                    77:d3:0c:91:4c:09:92:37:f8:9e:26:c5:a5:8f:dc:
                    5d:c8:e4:0c:27:60:8b:8b:26:1c:b9:c0:94:2c:f5:
                    f9:5e:54:01:a1:20:04:3e:8a:ea:29:b8:de:16:c5:
                    be:b1:a8:1f:08:1c:c0:76:9f:d8:fa:7a:bd:96:13:
                    37:57:bb:1b:8e:2c:f8:9c:72:34:b1:35:14:dd:3c:
                    44:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:89:E6:4C:4E:2B:7E:77:83:10:43:2E:B9:3D:D6:D3:77:D2:DA:44
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/DBC51F36457E11EE908E13594AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:03:e9:5c:cc:c5:54:8d:d9:bb:c5:b7:9f:16:97:e1:bc:63:
         33:04:a1:b1:d3:07:df:28:d5:0d:a3:0d:4d:33:0e:63:74:dd:
         ed:00:d5:2e:bb:e0:11:cd:a5:98:34:1f:41:8f:8f:07:d8:48:
         e3:e1:72:2d:c7:d2:b7:1b:33:a3:a4:f0:cb:98:eb:41:10:17:
         ba:65:75:08:09:5d:e8:bb:40:dd:76:62:13:97:7f:59:56:2f:
         05:80:3c:12:7d:fe:b1:a0:16:78:74:7c:d1:ba:b3:14:22:a0:
         dd:1c:6f:d8:c6:6e:de:fe:7a:ad:cc:18:60:85:ea:d9:72:d0:
         32:fa:36:41:1b:6e:d7:a8:75:ea:f0:b0:80:4d:77:ae:3e:b1:
         b6:80:91:81:66:99:7c:b4:66:2d:40:6d:a3:ab:2c:e5:59:74:
         19:55:f9:0b:e1:02:27:b2:d8:ab:df:11:d3:07:35:cd:3f:51:
         20:9f:ef:c5:c4:b6:72:f3:87:a6:6d:e5:25:b5:99:fb:b5:78:
         e4:b3:49:77:e7:92:db:53:68:39:f7:1e:26:71:3d:47:b7:27:
         af:bc:02:91:12:a1:ab:55:4f:54:9d:c1:72:39:19:09:53:72:
         78:b9:cb:00:65:0f:66:e2:37:32:68:a0:c9:1b:f7:a9:74:a6:
         b5:ae:1a:e7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDPAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzA4MjgwODQyNDJaFw0yNTA4MjgwODQyNDJaMBgxFjAU
BgNVBAMTDTY0ZWM1ZTA1LTJiODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDbGXhSRMHg058iuz0yakRoI4IPWwtaILvQ+iiLzhn7PRF3ZF5hLj1SyY/F
+cmgybT8hKbP/LE1/OEYDGQ0nbK0eZnxXt29qTtjLvmICLz3cb3TAcRBMTBgHILo
x89KPZk1H7LWGiba300FYBxFWJiXCbLVFKpz3InkDUMRXZbJVTRDpgSlQSb6yN1n
HLPdF097LqQxBEOuwzvf+gDwwGsFGX9LPW2tOgEAduCWSHbC8G/2Q3fTDJFMCZI3
+J4mxaWP3F3I5AwnYIuLJhy5wJQs9fleVAGhIAQ+iuopuN4Wxb6xqB8IHMB2n9j6
er2WEzdXuxuOLPiccjSxNRTdPESXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9Ynm
TE4rfneDEEMuuT3W03fS2kQwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0RCQzUxRjM2NDU3RTExRUU5MDhFMTM1OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgaswDQYJKoZIhvcNAQEL
BQADggEBAKAD6VzMxVSN2bvFt58Wl+G8YzMEobHTB98o1Q2jDU0zDmN03e0A1S67
4BHNpZg0H0GPjwfYSOPhci3H0rcbM6Ok8MuY60EQF7pldQgJXei7QN12YhOXf1lW
LwWAPBJ9/rGgFnh0fNG6sxQioN0cb9jGbt7+eq3MGGCF6tly0DL6NkEbbteoderw
sIBNd64+sbaAkYFmmXy0Zi1AbaOrLOVZdBlV+QvhAiey2KvfEdMHNc0/USCf78XE
tnLzh6Zt5SW1mfu1eOSzSXfnkttTaDn3HiZxPUe3J6+8ApESoatVT1SdwXI5GQlT
cni5ywBlD2biNzJooMkb96l0prWuGuc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:17 2024 by rpki-client on console-fra.rpki-client.org