Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/8A0596E448DE11EF82EDFA4F762E951A.roa
File:                     8A0596E448DE11EF82EDFA4F762E951A.roa (raw, json)
Hash identifier:          pTkaYfOMalP4Ac9YVOrNd/HL6aUPMLSzJ9NLjfsNk8k=
Subject key identifier:   B9:40:29:48:5E:A0:58:E2:B7:E9:B1:26:9A:62:A8:F2:2F:66:57:56
Certificate issuer:       /CN=F36EF7D0AF/serialNumber=3A553B6EF80BF922312F96B8DDC1F219A8C4121B
Certificate serial:       01F3
Authority key identifier: 3A:55:3B:6E:F8:0B:F9:22:31:2F:96:B8:DD:C1:F2:19:A8:C4:12:1B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/8A0596E448DE11EF82EDFA4F762E951A.roa
Signing time:             Tue 23 Jul 2024 10:30:11 +0000
ROA not before:           Tue 23 Jul 2024 10:30:07 +0000
ROA not after:            Tue 23 Jul 2030 10:30:07 +0000
asID:                     137235
IP address blocks:        102.211.235.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 06 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 499 (0x1f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36EF7D0AF/serialNumber=3A553B6EF80BF922312F96B8DDC1F219A8C4121B
        Validity
            Not Before: Jul 23 10:30:07 2024 GMT
            Not After : Jul 23 10:30:07 2030 GMT
        Subject: CN=669f8633-4823
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:06:92:46:01:62:65:67:cc:ff:6f:4b:70:86:
                    fc:0a:d3:a8:aa:ea:d2:6a:8a:4c:43:40:24:48:0c:
                    69:b1:b5:df:ed:9c:75:13:16:a9:9f:a8:4c:70:38:
                    01:7e:74:a9:f3:36:42:c0:13:5f:92:35:ec:21:23:
                    62:74:c2:b4:5d:ec:9f:68:8d:d2:58:3e:3b:34:28:
                    79:8c:8e:a8:d7:d1:fe:55:0d:bd:a5:01:09:af:01:
                    8f:db:7f:d7:af:3a:b0:87:12:e3:20:d4:dd:db:e0:
                    ba:8a:43:19:92:9c:41:2f:09:79:1c:b3:8a:a3:70:
                    e8:81:8f:bb:7e:b2:72:10:d4:a0:03:bf:a9:da:5b:
                    c7:63:5b:af:ac:a1:b5:7c:3f:71:54:32:41:63:5a:
                    5f:dd:14:4f:87:1b:0a:60:4b:7b:17:8a:c1:bd:09:
                    4e:d5:35:21:8e:fe:22:60:24:ec:dc:7d:17:9d:cf:
                    2d:c3:3e:63:51:e0:27:4d:25:3f:02:40:1e:42:16:
                    30:96:5d:54:dc:09:db:34:84:d5:43:8c:1b:d4:1c:
                    73:9e:43:a9:8e:d3:86:9e:0e:80:e0:d8:4f:48:97:
                    37:9f:d2:e2:ad:a9:6e:a1:ef:c4:f2:ef:2f:3d:cc:
                    7b:91:ac:be:49:d5:ce:5d:98:8b:27:e9:3f:98:08:
                    de:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:40:29:48:5E:A0:58:E2:B7:E9:B1:26:9A:62:A8:F2:2F:66:57:56
            X509v3 Authority Key Identifier:
                keyid:3A:55:3B:6E:F8:0B:F9:22:31:2F:96:B8:DD:C1:F2:19:A8:C4:12:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/8A0596E448DE11EF82EDFA4F762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.211.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:bb:15:0c:ff:3c:cb:b6:98:4c:2f:5c:a0:5d:97:25:ee:65:
         66:08:7e:33:89:f9:ee:e4:27:51:40:57:6c:c7:f7:b4:9a:4d:
         65:7d:21:35:59:f3:cb:4b:43:f9:0e:df:da:f1:5f:b2:93:03:
         5b:7d:d9:d5:ed:c7:13:a3:7b:f8:ab:76:57:3b:a6:80:7c:1c:
         51:3d:b4:1b:22:41:73:e4:93:5f:09:42:20:6c:50:01:e2:13:
         df:91:bc:1c:90:ea:19:80:ea:8b:ae:7d:64:23:e8:33:d2:9d:
         5a:c2:c4:4e:a7:71:21:b0:1f:04:22:c1:80:bc:38:9b:6c:ff:
         46:37:cc:29:5b:85:e8:86:ff:30:ae:66:74:f2:3f:30:f9:2f:
         33:cf:ec:9c:af:78:bd:e6:18:a6:3f:e1:e8:14:5f:ee:5f:fe:
         93:6d:e8:b2:b3:2e:41:45:37:d8:1e:4f:68:bd:1f:15:0f:bb:
         2f:6e:55:cf:34:95:6d:15:9b:87:87:71:10:7f:62:c2:58:06:
         66:d7:45:1e:66:59:3e:0d:3c:1f:c3:ee:66:d2:cb:86:d5:37:
         6f:db:b7:1c:c0:ed:c9:d2:cc:6d:7d:5d:bc:f7:8f:e7:f6:c0:
         e5:7a:d8:d5:46:fd:4b:33:59:7d:7f:d5:f0:e4:20:05:7e:e8:
         30:69:04:33
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAfMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RUY3RDBBRjExMC8GA1UEBRMoM0E1NTNCNkVGODBCRjkyMjMxMkY5NkI4RERDMUYy
MTlBOEM0MTIxQjAeFw0yNDA3MjMxMDMwMDdaFw0zMDA3MjMxMDMwMDdaMBgxFjAU
BgNVBAMTDTY2OWY4NjMzLTQ4MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDvBpJGAWJlZ8z/b0twhvwK06iq6tJqikxDQCRIDGmxtd/tnHUTFqmfqExw
OAF+dKnzNkLAE1+SNewhI2J0wrRd7J9ojdJYPjs0KHmMjqjX0f5VDb2lAQmvAY/b
f9evOrCHEuMg1N3b4LqKQxmSnEEvCXkcs4qjcOiBj7t+snIQ1KADv6naW8djW6+s
obV8P3FUMkFjWl/dFE+HGwpgS3sXisG9CU7VNSGO/iJgJOzcfRedzy3DPmNR4CdN
JT8CQB5CFjCWXVTcCds0hNVDjBvUHHOeQ6mO04aeDoDg2E9Ilzef0uKtqW6h78Ty
7y89zHuRrL5J1c5dmIsn6T+YCN6FAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUuUAp
SF6gWOK36bEmmmKo8i9mV1YwHwYDVR0jBBgwFoAUOlU7bvgL+SIxL5a43cHyGajE
EhswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVGN0QwLzM2RTQwQTE2RjJGQjExRUQ4MjFCOUQ4MDRBRDlFNkZDL09sVTdi
dmdMLVNJeEw1YTQzY0h5R2FqRUVocy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL09sVTdidmdMLVNJeEw1YTQzY0h5R2FqRUVocy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVGN0QwLzM2RTQwQTE2RjJGQjExRUQ4MjFCOUQ4MDRB
RDlFNkZDLzhBMDU5NkU0NDhERTExRUY4MkVERkE0Rjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm0+swDQYJKoZIhvcNAQEL
BQADggEBAGa7FQz/PMu2mEwvXKBdlyXuZWYIfjOJ+e7kJ1FAV2zH97SaTWV9ITVZ
88tLQ/kO39rxX7KTA1t92dXtxxOje/irdlc7poB8HFE9tBsiQXPkk18JQiBsUAHi
E9+RvByQ6hmA6ouufWQj6DPSnVrCxE6ncSGwHwQiwYC8OJts/0Y3zClbheiG/zCu
ZnTyPzD5LzPP7JyveL3mGKY/4egUX+5f/pNt6LKzLkFFN9geT2i9HxUPuy9uVc80
lW0Vm4eHcRB/YsJYBmbXRR5mWT4NPB/D7mbSy4bVN2/btxzA7cnSzG19Xbz3j+f2
wOV62NVG/UszWX1/1fDkIAV+6DBpBDM=
-----END CERTIFICATE-----
Generated at Mon Nov 4 03:35:51 2024 by rpki-client on console-ams.rpki-client.org