Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/F93BA5524FEC11EF86AB5E67762E951A.roa
File:                     F93BA5524FEC11EF86AB5E67762E951A.roa (raw, json)
Hash identifier:          pnmVd4odn0OnMmiZ2FjuHU/a7vNK+yAED8VRFRC+Tts=
Subject key identifier:   05:0F:3B:9F:80:FD:FF:F0:E1:36:DC:0A:7C:72:96:C7:AF:E9:78:A6
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       1196
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/F93BA5524FEC11EF86AB5E67762E951A.roa
Signing time:             Thu 01 Aug 2024 10:01:08 +0000
ROA not before:           Thu 01 Aug 2024 10:01:05 +0000
ROA not after:            Sat 01 Aug 2026 10:01:05 +0000
asID:                     61317
IP address blocks:        102.129.184.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4502 (0x1196)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Aug  1 10:01:05 2024 GMT
            Not After : Aug  1 10:01:05 2026 GMT
        Subject: CN=66ab5ce4-b7b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:2d:3e:b4:e9:98:71:71:f5:df:24:39:2d:37:
                    bd:fb:5e:97:ef:cf:52:55:03:3c:2d:b7:8b:78:b4:
                    25:51:4b:78:de:32:d5:a9:d8:b2:0c:bb:c1:9a:c1:
                    cb:56:55:ec:b0:16:d6:62:48:8d:c1:63:91:50:47:
                    47:f0:c9:7b:f4:ad:ca:08:78:cf:52:2d:2f:5b:3c:
                    d7:02:7c:46:c8:59:14:35:1c:a0:e3:0a:fc:37:8e:
                    6d:a0:48:d7:e4:34:20:36:00:81:59:68:d0:8a:99:
                    ff:4b:f3:7a:5d:94:cc:45:65:45:e2:68:22:ec:07:
                    e7:88:12:8e:6a:ec:b8:b8:c2:60:0e:ae:3d:56:ef:
                    01:a3:3b:99:62:3a:b2:c3:72:21:3c:b2:24:a0:d1:
                    b5:6f:00:a9:62:48:a5:96:5f:01:70:70:72:c3:20:
                    cb:d6:8b:2f:67:6c:e2:da:ba:bd:19:7f:a2:82:16:
                    94:c8:ba:4a:ce:43:09:6e:94:be:ed:d3:f5:2e:64:
                    28:93:1c:fc:f6:08:43:fa:9e:69:75:38:a3:81:fc:
                    ec:39:98:32:90:00:89:9e:0e:88:c3:d7:c7:e5:6f:
                    7f:e7:3a:8c:e4:11:34:72:e9:e6:19:05:9f:64:1b:
                    60:5a:6a:6a:94:9d:96:e0:2b:41:8e:58:f9:41:25:
                    ca:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:0F:3B:9F:80:FD:FF:F0:E1:36:DC:0A:7C:72:96:C7:AF:E9:78:A6
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/F93BA5524FEC11EF86AB5E67762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:74:ef:14:af:09:e6:a8:6a:ee:ec:f9:10:7c:3b:ba:ff:d5:
         8b:ad:94:00:cf:0e:65:6f:ab:ef:81:6a:4d:09:72:82:1e:0a:
         86:39:6e:8b:b8:12:b7:27:87:a8:8d:13:b6:0a:15:72:14:d6:
         e1:42:83:81:c1:40:aa:6e:b9:90:17:12:e9:15:06:ff:7f:77:
         aa:65:95:b7:06:6d:4e:e1:83:94:1b:eb:90:bd:d1:64:86:14:
         5d:f4:1f:1f:7c:bc:e9:af:ca:ed:b6:90:13:67:6d:8c:d0:8d:
         9c:19:76:93:be:42:f8:fe:73:c3:fb:d5:cc:d7:81:5f:28:a0:
         4e:4a:f7:b2:3a:b5:64:bf:60:69:2b:e6:14:8e:dc:8d:b8:fc:
         97:b0:79:2c:cb:79:cf:65:e2:d6:e0:b3:91:87:86:f5:ba:6b:
         45:bf:da:10:81:26:02:a3:15:b0:0d:82:fc:de:34:14:3d:7f:
         3e:b6:6e:f9:4e:63:df:27:47:2a:20:ac:16:de:b4:05:29:c9:
         da:3d:8a:69:83:80:f7:73:f4:62:91:81:52:60:1e:52:99:38:
         c7:7c:09:94:e5:17:c6:dd:6f:53:43:a5:18:73:e2:cb:5a:4f:
         e7:2c:84:dd:2b:c9:ea:e0:7d:f4:70:2b:5c:a8:7b:b2:e2:91:
         68:0b:66:44
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEZYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDA4MDExMDAxMDVaFw0yNjA4MDExMDAxMDVaMBgxFjAU
BgNVBAMTDTY2YWI1Y2U0LWI3YjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDbLT606ZhxcfXfJDktN737Xpfvz1JVAzwtt4t4tCVRS3jeMtWp2LIMu8Ga
wctWVeywFtZiSI3BY5FQR0fwyXv0rcoIeM9SLS9bPNcCfEbIWRQ1HKDjCvw3jm2g
SNfkNCA2AIFZaNCKmf9L83pdlMxFZUXiaCLsB+eIEo5q7Li4wmAOrj1W7wGjO5li
OrLDciE8siSg0bVvAKliSKWWXwFwcHLDIMvWiy9nbOLaur0Zf6KCFpTIukrOQwlu
lL7t0/UuZCiTHPz2CEP6nml1OKOB/Ow5mDKQAImeDojD18flb3/nOozkETRy6eYZ
BZ9kG2BaamqUnZbgK0GOWPlBJcr1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUBQ87
n4D9//DhNtwKfHKWx6/peKYwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0Y5M0JBNTUyNEZFQzExRUY4NkFCNUU2Nzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgbgwDQYJKoZIhvcNAQEL
BQADggEBADx07xSvCeaoau7s+RB8O7r/1YutlADPDmVvq++Bak0JcoIeCoY5bou4
Ercnh6iNE7YKFXIU1uFCg4HBQKpuuZAXEukVBv9/d6pllbcGbU7hg5Qb65C90WSG
FF30Hx98vOmvyu22kBNnbYzQjZwZdpO+Qvj+c8P71czXgV8ooE5K97I6tWS/YGkr
5hSO3I24/JeweSzLec9l4tbgs5GHhvW6a0W/2hCBJgKjFbANgvzeNBQ9fz62bvlO
Y98nRyogrBbetAUpydo9immDgPdz9GKRgVJgHlKZOMd8CZTlF8bdb1NDpRhz4sta
T+cshN0ryergffRwK1yoe7LikWgLZkQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:48:46 2024 by rpki-client on console-ams.rpki-client.org