Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/2BDA25DA2E4A11EEA3E12E2E4AD9E6FC.roa
File:                     2BDA25DA2E4A11EEA3E12E2E4AD9E6FC.roa (raw, json)
Hash identifier:          QNAStbgxlVyGHPbyt+5PsOXnpUKQVcAqhQbgrW1iIq8=
Subject key identifier:   25:A0:4C:57:EC:2A:78:73:0B:BB:46:46:B3:74:52:E6:AD:84:68:81
Certificate issuer:       /CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
Certificate serial:       049B
Authority key identifier: AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/2BDA25DA2E4A11EEA3E12E2E4AD9E6FC.roa
Signing time:             Sat 29 Jul 2023 19:57:39 +0000
ROA not before:           Sat 29 Jul 2023 19:57:35 +0000
ROA not after:            Sat 30 Jul 2033 19:57:35 +0000
asID:                     37119
IP address blocks:        105.168.128.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1179 (0x49b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
        Validity
            Not Before: Jul 29 19:57:35 2023 GMT
            Not After : Jul 30 19:57:35 2033 GMT
        Subject: CN=64c56f33-ef48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2f:7b:6b:d2:71:d4:21:6c:a5:b8:e7:a3:53:
                    1c:8a:ff:bc:5a:a7:08:68:a0:ee:6b:37:18:e7:93:
                    fa:f9:be:8e:95:8d:dc:e0:ea:9c:4c:6b:45:78:4e:
                    56:3d:f4:4c:37:6b:16:1e:52:df:5f:3c:90:45:b2:
                    70:7a:c0:61:b6:3e:cc:82:21:5c:32:d6:fb:49:04:
                    d8:e6:fd:bf:90:27:d1:8f:12:e7:47:2b:8a:9c:1f:
                    47:30:42:87:b4:fa:31:95:26:c2:a1:43:ac:36:a3:
                    42:bc:ef:a4:24:53:87:27:4c:8c:42:84:da:ef:52:
                    7d:f9:d2:be:5f:b1:75:6c:83:ef:01:af:95:8d:5e:
                    f8:fe:09:93:70:a8:93:6b:57:a1:fe:87:bf:b0:cc:
                    a2:a1:8e:fe:c6:3d:e8:33:4c:fa:e4:f3:95:9f:70:
                    ae:d6:69:0d:d1:9a:ee:d1:96:74:1d:24:41:ea:39:
                    3c:1d:61:a1:39:88:3d:5f:10:92:bc:10:52:7e:0d:
                    fa:1e:1d:12:af:f9:10:c6:13:5c:18:9c:50:0c:3a:
                    b4:2e:65:87:7d:8a:95:93:91:65:61:2d:1f:a0:a2:
                    52:8d:45:3b:79:6f:5b:aa:11:c6:6e:57:db:38:7b:
                    39:28:0b:4c:81:1a:db:e6:14:bf:a2:98:75:70:8e:
                    a2:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:A0:4C:57:EC:2A:78:73:0B:BB:46:46:B3:74:52:E6:AD:84:68:81
            X509v3 Authority Key Identifier:
                keyid:AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/2BDA25DA2E4A11EEA3E12E2E4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  105.168.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         68:c7:12:00:3a:13:2b:79:fd:af:45:ac:08:91:29:83:4e:0b:
         37:ad:d1:ca:0a:9a:5f:d0:e7:82:bb:74:b1:e9:eb:73:be:da:
         c5:ef:8d:90:39:4d:94:88:2f:7d:f9:77:17:c0:db:a2:35:9f:
         a0:61:e0:5b:4e:c6:9b:02:18:4c:84:cf:b7:b7:66:cd:81:4f:
         76:68:1d:ea:a4:c3:3a:f0:87:82:6c:f8:f9:a1:a0:4a:71:dd:
         ed:54:ce:f8:61:e6:6e:e1:7a:bd:8b:ad:a0:27:63:ad:7c:7a:
         a9:e4:53:66:23:aa:b4:42:7a:18:99:78:70:60:3e:f8:c1:80:
         e8:50:a0:f5:ae:86:58:fe:d4:69:6b:18:32:d2:92:77:aa:58:
         83:1f:23:b9:50:24:93:c0:b0:8e:45:99:e6:66:ab:35:95:81:
         24:47:89:d4:30:91:22:c8:6d:85:22:7a:53:49:3a:cc:4e:fb:
         28:be:fd:22:d9:ab:7d:6c:cf:7f:b2:11:72:f1:86:8c:2d:5a:
         9f:e7:6b:21:6c:53:48:01:44:91:8d:2e:ca:c9:bb:1d:b4:83:
         d5:d8:05:3f:fd:61:49:ff:ed:d1:46:fc:b5:7a:cd:2f:8e:0f:
         fe:f8:18:0a:f6:8a:1c:d2:9c:e6:4d:d6:f3:86:87:c7:04:63:
         19:b1:3b:e5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBJswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RDBGNTBBRjExMC8GA1UEBRMoQUU5OEE1RkRBRDJEQzlGNEZDMUJFNDdGNjY4NTdB
OEM0Nzk4ODEwMjAeFw0yMzA3MjkxOTU3MzVaFw0zMzA3MzAxOTU3MzVaMBgxFjAU
BgNVBAMTDTY0YzU2ZjMzLWVmNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGL3tr0nHUIWyluOejUxyK/7xapwhooO5rNxjnk/r5vo6Vjdzg6pxMa0V4
TlY99Ew3axYeUt9fPJBFsnB6wGG2PsyCIVwy1vtJBNjm/b+QJ9GPEudHK4qcH0cw
Qoe0+jGVJsKhQ6w2o0K876QkU4cnTIxChNrvUn350r5fsXVsg+8Br5WNXvj+CZNw
qJNrV6H+h7+wzKKhjv7GPegzTPrk85WfcK7WaQ3Rmu7RlnQdJEHqOTwdYaE5iD1f
EJK8EFJ+DfoeHRKv+RDGE1wYnFAMOrQuZYd9ipWTkWVhLR+golKNRTt5b1uqEcZu
V9s4ezkoC0yBGtvmFL+imHVwjqJFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJaBM
V+wqeHMLu0ZGs3RS5q2EaIEwHwYDVR0jBBgwFoAUrpil/a0tyfT8G+R/ZoV6jEeY
gQIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4QUVBMjI4L3JwaWxf
YTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JwaWxfYTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4
QUVBMjI4LzJCREEyNURBMkU0QTExRUVBM0UxMkUyRTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAVpqIAwDQYJKoZIhvcNAQEL
BQADggEBAGjHEgA6Eyt5/a9FrAiRKYNOCzet0coKml/Q54K7dLHp63O+2sXvjZA5
TZSIL335dxfA26I1n6Bh4FtOxpsCGEyEz7e3Zs2BT3ZoHeqkwzrwh4Js+PmhoEpx
3e1Uzvhh5m7her2LraAnY618eqnkU2YjqrRCehiZeHBgPvjBgOhQoPWuhlj+1Glr
GDLSkneqWIMfI7lQJJPAsI5FmeZmqzWVgSRHidQwkSLIbYUielNJOsxO+yi+/SLZ
q31sz3+yEXLxhowtWp/nayFsU0gBRJGNLsrJux20g9XYBT/9YUn/7dFG/LV6zS+O
D/74GAr2ihzSnOZN1vOGh8cEYxmxO+U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:17 2024 by rpki-client on console-fra.rpki-client.org