Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/013EB6404A9411EEA90CF7804AD9E6FC.roa
File:                     013EB6404A9411EEA90CF7804AD9E6FC.roa (raw, json)
Hash identifier:          pQcoR3YRmRscrqHBzKXHLQZx2MD1uAGqwdTHv198PjQ=
Subject key identifier:   75:44:41:C5:B5:B8:5C:49:57:5B:66:73:59:32:BD:69:29:E1:37:10
Certificate issuer:       /CN=F36D7FB7AF/serialNumber=A58A6D29114C881E005877279D95ABAA39EE141C
Certificate serial:       81
Authority key identifier: A5:8A:6D:29:11:4C:88:1E:00:58:77:27:9D:95:AB:AA:39:EE:14:1C
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/pYptKRFMiB4AWHcnnZWrqjnuFBw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/013EB6404A9411EEA90CF7804AD9E6FC.roa
Signing time:             Sun 03 Sep 2023 19:56:43 +0000
ROA not before:           Sun 03 Sep 2023 19:56:40 +0000
ROA not after:            Wed 15 Sep 2027 19:56:40 +0000
asID:                     328344
IP address blocks:        102.135.176.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/pYptKRFMiB4AWHcnnZWrqjnuFBw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/pYptKRFMiB4AWHcnnZWrqjnuFBw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/pYptKRFMiB4AWHcnnZWrqjnuFBw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129 (0x81)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D7FB7AF/serialNumber=A58A6D29114C881E005877279D95ABAA39EE141C
        Validity
            Not Before: Sep  3 19:56:40 2023 GMT
            Not After : Sep 15 19:56:40 2027 GMT
        Subject: CN=64f4e4fb-e57d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:1a:b1:c2:ac:88:d7:f8:21:de:4c:d1:43:00:
                    c3:94:44:20:30:f3:a0:c6:9f:ea:54:9d:15:34:45:
                    cc:04:47:7b:34:6c:93:4e:38:45:b5:8f:8f:a3:33:
                    7a:99:66:2b:8b:c3:dc:52:15:03:39:fc:4a:02:85:
                    af:10:3a:b7:19:84:96:74:36:63:53:78:43:bb:32:
                    a4:9b:58:65:08:ba:7d:7e:ab:5b:3d:1b:b2:6d:76:
                    a6:c0:a6:26:83:fe:96:43:52:6d:2a:bb:2b:a4:c8:
                    7f:07:1e:90:2a:06:db:38:52:d1:ee:cb:83:34:b4:
                    ea:b7:28:10:47:38:b0:87:58:a0:37:3d:db:fc:53:
                    25:c7:49:1a:e6:c4:7a:4b:2f:5a:7d:c8:61:49:76:
                    a5:09:18:6a:e4:7a:ba:53:34:25:08:19:49:50:d9:
                    d7:9c:44:05:7c:0d:bb:b0:1e:50:9d:f9:45:0a:3b:
                    4f:64:00:48:a1:4a:58:57:73:5b:c9:e4:34:e7:b3:
                    83:d1:aa:d0:17:b4:e3:d0:3f:a8:2b:95:0a:67:6e:
                    7c:18:fe:36:94:81:de:3e:9e:8b:4f:d9:fe:69:0a:
                    e1:46:74:72:a4:01:97:8e:32:2d:d2:e7:ed:40:69:
                    41:5b:dc:2f:58:e4:bc:cb:a7:6b:ee:d8:9c:b7:7b:
                    04:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:44:41:C5:B5:B8:5C:49:57:5B:66:73:59:32:BD:69:29:E1:37:10
            X509v3 Authority Key Identifier:
                keyid:A5:8A:6D:29:11:4C:88:1E:00:58:77:27:9D:95:AB:AA:39:EE:14:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/pYptKRFMiB4AWHcnnZWrqjnuFBw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/pYptKRFMiB4AWHcnnZWrqjnuFBw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D7FB7/8AC1C572F62C11EDA10D3B3A4AD9E6FC/013EB6404A9411EEA90CF7804AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.135.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:b8:0b:ab:00:85:0e:be:01:22:1b:8b:21:a5:3c:c8:3a:ed:
         64:02:06:96:ee:37:13:a5:a3:b0:dc:fe:1a:e8:cf:44:6d:13:
         71:19:22:18:3e:00:c3:fd:92:6f:3d:32:e6:ce:fe:83:7e:5b:
         b2:07:58:48:51:06:1e:df:77:c9:b2:3a:3b:58:ad:96:39:82:
         88:20:20:11:cd:1d:e9:4d:dc:22:61:b3:92:31:a5:47:41:2e:
         de:23:93:de:2e:b2:07:46:9e:42:e2:b6:35:e4:61:fb:af:7a:
         4c:77:72:c6:a7:37:39:7b:ca:10:d8:34:8e:ea:dd:9b:f9:00:
         ea:12:c9:32:e4:0f:6f:fc:dd:61:14:12:6e:e6:f6:9c:67:d7:
         0d:d7:a4:7a:0d:b6:52:09:cf:10:93:e4:42:57:62:07:86:ff:
         e7:e3:00:24:81:07:cd:e2:ca:75:68:ee:7d:76:dc:67:43:f8:
         7d:d2:2c:fe:44:75:ac:68:b8:ad:79:20:ed:95:c1:35:4b:0f:
         e2:17:44:0d:c4:a4:f0:a0:77:36:76:84:c5:7e:bd:79:07:da:
         c6:18:7d:50:37:d2:1f:1a:37:1f:dd:9b:d0:e7:86:d7:9a:85:
         25:37:6a:e0:2e:ce:d7:45:81:1e:6b:ee:60:0c:dc:e4:e0:a9:
         e2:62:a7:61
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAIEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDdGQjdBRjExMC8GA1UEBRMoQTU4QTZEMjkxMTRDODgxRTAwNTg3NzI3OUQ5NUFC
QUEzOUVFMTQxQzAeFw0yMzA5MDMxOTU2NDBaFw0yNzA5MTUxOTU2NDBaMBgxFjAU
BgNVBAMTDTY0ZjRlNGZiLWU1N2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDrGrHCrIjX+CHeTNFDAMOURCAw86DGn+pUnRU0RcwER3s0bJNOOEW1j4+j
M3qZZiuLw9xSFQM5/EoCha8QOrcZhJZ0NmNTeEO7MqSbWGUIun1+q1s9G7JtdqbA
piaD/pZDUm0quyukyH8HHpAqBts4UtHuy4M0tOq3KBBHOLCHWKA3Pdv8UyXHSRrm
xHpLL1p9yGFJdqUJGGrkerpTNCUIGUlQ2decRAV8DbuwHlCd+UUKO09kAEihSlhX
c1vJ5DTns4PRqtAXtOPQP6grlQpnbnwY/jaUgd4+notP2f5pCuFGdHKkAZeOMi3S
5+1AaUFb3C9Y5LzLp2vu2Jy3ewThAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdURB
xbW4XElXW2ZzWTK9aSnhNxAwHwYDVR0jBBgwFoAUpYptKRFMiB4AWHcnnZWrqjnu
FBwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQ3RkI3LzhBQzFDNTcyRjYyQzExRURBMTBEM0IzQTRBRDlFNkZDL3BZcHRL
UkZNaUI0QVdIY25uWldycWpudUZCdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3BZcHRLUkZNaUI0QVdIY25uWldycWpudUZCdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQ3RkI3LzhBQzFDNTcyRjYyQzExRURBMTBEM0IzQTRB
RDlFNkZDLzAxM0VCNjQwNEE5NDExRUVBOTBDRjc4MDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmh7AwDQYJKoZIhvcNAQEL
BQADggEBACm4C6sAhQ6+ASIbiyGlPMg67WQCBpbuNxOlo7Dc/hroz0RtE3EZIhg+
AMP9km89MubO/oN+W7IHWEhRBh7fd8myOjtYrZY5goggIBHNHelN3CJhs5IxpUdB
Lt4jk94usgdGnkLitjXkYfuvekx3csanNzl7yhDYNI7q3Zv5AOoSyTLkD2/83WEU
Em7m9pxn1w3XpHoNtlIJzxCT5EJXYgeG/+fjACSBB83iynVo7n123GdD+H3SLP5E
daxouK15IO2VwTVLD+IXRA3EpPCgdzZ2hMV+vXkH2sYYfVA30h8aNx/dm9Dnhtea
hSU3auAuztdFgR5r7mAM3OTgqeJip2E=
-----END CERTIFICATE-----
Generated at Mon Jun 17 03:47:44 2024 by rpki-client on console-ams.rpki-client.org