Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E6B77/3CFFA38042CB11EF8B9A37AE762E951A/5B4C788042CC11EFA79C21B7762E951A.roa
File:                     5B4C788042CC11EFA79C21B7762E951A.roa (raw, json)
Hash identifier:          8MsvdpCURh5U1VeikZh21FkxiH+o3yXC4kGGOZX4kQo=
Subject key identifier:   6D:CB:D3:AF:36:63:8C:5C:A5:21:65:C8:26:DB:8B:52:18:BB:2B:69
Certificate issuer:       /CN=F36E6B77AF/serialNumber=F5DFF64A39D8007044D7671CBCAAA1E1615745A0
Certificate serial:       02
Authority key identifier: F5:DF:F6:4A:39:D8:00:70:44:D7:67:1C:BC:AA:A1:E1:61:57:45:A0
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9d_2SjnYAHBE12ccvKqh4WFXRaA.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E6B77/3CFFA38042CB11EF8B9A37AE762E951A/5B4C788042CC11EFA79C21B7762E951A.roa
Signing time:             Mon 15 Jul 2024 17:04:54 +0000
ROA not before:           Mon 15 Jul 2024 17:04:51 +0000
ROA not after:            Mon 31 Jul 2034 17:04:51 +0000
asID:                     329255
IP address blocks:        102.208.190.0/24 maxlen: 24
                          102.213.176.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E6B77/3CFFA38042CB11EF8B9A37AE762E951A/9d_2SjnYAHBE12ccvKqh4WFXRaA.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E6B77/3CFFA38042CB11EF8B9A37AE762E951A/9d_2SjnYAHBE12ccvKqh4WFXRaA.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9d_2SjnYAHBE12ccvKqh4WFXRaA.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E6B77AF/serialNumber=F5DFF64A39D8007044D7671CBCAAA1E1615745A0
        Validity
            Not Before: Jul 15 17:04:51 2024 GMT
            Not After : Jul 31 17:04:51 2034 GMT
        Subject: CN=669556b6-42de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7e:51:8f:92:55:21:ec:8c:ee:34:cf:32:41:
                    29:4d:a1:ec:b9:c2:3b:c1:f3:57:f5:a3:eb:92:af:
                    69:68:68:d2:b6:33:38:39:49:2a:bc:e2:dc:45:3a:
                    bf:93:3f:5c:2a:17:43:2b:57:0b:6e:3d:b2:5d:ad:
                    cb:29:86:92:78:01:d2:5c:4b:ea:6c:d0:8a:05:ba:
                    c6:fe:dc:78:92:05:12:03:60:9c:ec:09:3d:54:00:
                    c5:23:85:52:28:da:96:b5:89:74:af:2f:42:dd:3c:
                    9e:fb:20:4f:12:e7:ac:02:33:09:64:fd:3a:19:c3:
                    c7:3d:c2:5d:f4:7e:f2:18:a7:8a:87:8c:a0:13:02:
                    05:81:50:e9:d0:47:e9:18:f7:fe:b9:02:fc:95:ee:
                    58:9c:b7:a0:d9:79:8b:d0:d7:6f:84:f9:2a:9a:d7:
                    6e:10:83:83:7e:6e:da:1a:dd:24:5f:62:a9:96:de:
                    fd:8e:1d:89:ce:1e:18:c6:cb:b5:f0:a0:d8:d0:8b:
                    d5:72:25:0e:54:44:56:18:54:01:2c:1b:00:44:15:
                    ab:91:81:63:18:fa:21:64:d8:c8:4a:7c:c0:6d:08:
                    b3:32:86:01:44:48:cc:01:5f:23:ae:53:4c:c1:6c:
                    dd:94:7d:98:06:dc:b0:6f:39:52:6b:00:13:d7:44:
                    94:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:CB:D3:AF:36:63:8C:5C:A5:21:65:C8:26:DB:8B:52:18:BB:2B:69
            X509v3 Authority Key Identifier:
                keyid:F5:DF:F6:4A:39:D8:00:70:44:D7:67:1C:BC:AA:A1:E1:61:57:45:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E6B77/3CFFA38042CB11EF8B9A37AE762E951A/9d_2SjnYAHBE12ccvKqh4WFXRaA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9d_2SjnYAHBE12ccvKqh4WFXRaA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E6B77/3CFFA38042CB11EF8B9A37AE762E951A/5B4C788042CC11EFA79C21B7762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.208.190.0/24
                  102.213.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:8b:1f:4b:90:0a:da:36:ac:5d:21:ad:5b:e3:b6:f2:a9:46:
         19:30:c8:99:b2:5b:12:64:15:c1:7f:41:36:95:00:6f:22:ce:
         fa:e1:cb:4a:d3:60:72:24:ba:58:34:5c:f8:fb:09:bb:83:8e:
         b9:81:f3:61:b0:dc:94:a0:d1:12:41:36:92:c4:a9:70:ea:2d:
         46:54:11:3e:be:83:f3:0c:61:73:40:08:62:8b:9f:20:26:01:
         46:e3:b9:d2:96:2f:9b:c7:57:1a:e5:de:0e:6d:0b:4b:6b:54:
         8e:c3:26:29:c7:d1:a2:d4:b8:35:be:18:e8:01:97:fb:52:d2:
         4b:40:98:ba:f0:ad:76:85:51:16:2b:df:b5:16:b0:af:05:d8:
         8e:2c:79:af:da:00:29:36:ca:30:4e:10:33:fc:ad:d8:ed:64:
         73:60:8d:20:fd:32:05:25:c8:1f:b8:3c:d1:49:d1:cb:ba:20:
         41:f2:dd:96:90:2b:41:f6:99:d1:db:98:d1:39:58:09:0b:c2:
         37:b1:53:ca:df:25:75:6f:10:a7:ae:8d:9a:a3:7e:fa:3a:d4:
         6e:da:de:2c:4f:15:6a:68:4b:4c:ef:d7:6b:67:81:9d:78:57:
         89:0e:9d:93:4d:dc:c9:42:19:8a:ca:aa:f6:47:2c:04:ad:d2:
         c2:bc:c9:2e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
NkI3N0FGMTEwLwYDVQQFEyhGNURGRjY0QTM5RDgwMDcwNDRENzY3MUNCQ0FBQTFF
MTYxNTc0NUEwMB4XDTI0MDcxNTE3MDQ1MVoXDTM0MDczMTE3MDQ1MVowGDEWMBQG
A1UEAxMNNjY5NTU2YjYtNDJkZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALx+UY+SVSHsjO40zzJBKU2h7LnCO8HzV/Wj65KvaWho0rYzODlJKrzi3EU6
v5M/XCoXQytXC249sl2tyymGkngB0lxL6mzQigW6xv7ceJIFEgNgnOwJPVQAxSOF
UijalrWJdK8vQt08nvsgTxLnrAIzCWT9OhnDxz3CXfR+8hinioeMoBMCBYFQ6dBH
6Rj3/rkC/JXuWJy3oNl5i9DXb4T5KprXbhCDg35u2hrdJF9iqZbe/Y4dic4eGMbL
tfCg2NCL1XIlDlREVhhUASwbAEQVq5GBYxj6IWTYyEp8wG0IszKGAURIzAFfI65T
TMFs3ZR9mAbcsG85UmsAE9dElAECAwEAAaOCAqswggKnMB0GA1UdDgQWBBRty9Ov
NmOMXKUhZcgm24tSGLsraTAfBgNVHSMEGDAWgBT13/ZKOdgAcETXZxy8qqHhYVdF
oDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTZCNzcvM0NGRkEzODA0MkNCMTFFRjhCOUEzN0FFNzYyRTk1MUEvOWRfMlNq
bllBSEJFMTJjY3ZLcWg0V0ZYUmFBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOWRfMlNqbllBSEJFMTJjY3ZLcWg0V0ZYUmFBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTZCNzcvM0NGRkEzODA0MkNCMTFFRjhCOUEzN0FFNzYy
RTk1MUEvNUI0Qzc4ODA0MkNDMTFFRkE3OUMyMUI3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAGbQvgMEAGbVsDANBgkqhkiG
9w0BAQsFAAOCAQEAd4sfS5AK2jasXSGtW+O28qlGGTDImbJbEmQVwX9BNpUAbyLO
+uHLStNgciS6WDRc+PsJu4OOuYHzYbDclKDREkE2ksSpcOotRlQRPr6D8wxhc0AI
YoufICYBRuO50pYvm8dXGuXeDm0LS2tUjsMmKcfRotS4Nb4Y6AGX+1LSS0CYuvCt
doVRFivftRawrwXYjix5r9oAKTbKME4QM/yt2O1kc2CNIP0yBSXIH7g80UnRy7og
QfLdlpArQfaZ0duY0TlYCQvCN7FTyt8ldW8Qp66NmqN++jrUbtreLE8VamhLTO/X
a2eBnXhXiQ6dk03cyUIZisqq9kcsBK3SwrzJLg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org