Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/593ED270B49D11EA9B256E11F8AEA228.roa
File:                     593ED270B49D11EA9B256E11F8AEA228.roa (raw, json)
Hash identifier:          raqsrh/hwYX8p2YBJuBFt0I5htQVCTXZHNv6JWkB1z0=
Subject key identifier:   44:58:09:86:74:16:9B:04:61:E5:D4:3D:A9:9F:9D:35:8D:36:50:AE
Certificate issuer:       /CN=F36FDDEEAF/serialNumber=2CD31C3C251F5EDA183F938E7FCB3A4A1DBA89DD
Certificate serial:       08
Authority key identifier: 2C:D3:1C:3C:25:1F:5E:DA:18:3F:93:8E:7F:CB:3A:4A:1D:BA:89:DD
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/593ED270B49D11EA9B256E11F8AEA228.roa
Signing time:             Mon 22 Jun 2020 15:30:49 +0000
ROA not before:           Mon 22 Jun 2020 15:30:44 +0000
ROA not after:            Sun 22 Jun 2025 15:30:44 +0000
asID:                     29465
IP address blocks:        102.88.0.0/13 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FDDEEAF/serialNumber=2CD31C3C251F5EDA183F938E7FCB3A4A1DBA89DD
        Validity
            Not Before: Jun 22 15:30:44 2020 GMT
            Not After : Jun 22 15:30:44 2025 GMT
        Subject: CN=5ef0cea9-a9a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9e:ae:ad:e6:d3:26:16:e6:b9:cf:19:6c:e5:
                    18:46:ef:c2:5c:0f:f7:36:2a:ff:dd:37:ff:3b:f9:
                    d0:4b:d0:b5:50:15:97:bd:19:ce:83:b6:7a:39:d8:
                    f0:dd:bb:4c:85:58:72:13:7f:e8:e6:4e:33:b7:8b:
                    ed:c4:70:50:99:a8:52:53:4a:b5:94:32:ec:5b:cd:
                    71:b7:2a:9d:a0:35:72:91:02:ef:17:1d:d3:74:e7:
                    28:60:30:e1:ab:94:98:ff:47:2b:69:43:bb:75:42:
                    b1:41:11:15:36:36:d6:4a:47:3d:68:7b:aa:6b:c1:
                    98:b4:ad:fd:d3:c2:f6:a2:6d:a8:15:bc:df:cd:d2:
                    23:dd:f5:e5:28:48:7b:cf:ac:d4:96:4f:81:ec:0a:
                    d3:60:04:41:b8:59:06:4a:79:e4:62:3a:86:39:30:
                    bc:32:a7:64:d0:05:6c:94:bb:99:9f:04:b1:98:9c:
                    70:c5:88:5e:56:d8:a0:2c:66:8f:e5:01:05:b1:82:
                    89:77:ee:fc:35:5b:b8:3f:00:6f:c3:41:a6:ff:4a:
                    7c:df:b9:22:61:01:67:45:ee:2e:d7:13:03:dd:06:
                    58:f3:ea:cc:60:4b:ab:65:2e:2d:d6:3b:07:d3:1a:
                    a0:b9:fb:7c:7e:40:30:25:07:a8:75:6e:5a:fa:37:
                    41:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:58:09:86:74:16:9B:04:61:E5:D4:3D:A9:9F:9D:35:8D:36:50:AE
            X509v3 Authority Key Identifier:
                keyid:2C:D3:1C:3C:25:1F:5E:DA:18:3F:93:8E:7F:CB:3A:4A:1D:BA:89:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/593ED270B49D11EA9B256E11F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.88.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         76:cd:74:d3:46:e4:93:59:bf:73:e7:f6:a3:d4:f4:86:92:ea:
         06:0f:b2:e2:3d:bc:20:1f:4e:bc:e8:c1:3c:54:ba:af:c8:f8:
         8c:b8:70:b8:03:8f:a1:c6:85:b9:47:c1:fe:16:d7:a3:0f:2d:
         cc:c8:68:4a:9a:8a:bc:81:68:2e:e4:33:88:30:7c:b4:88:ce:
         f3:b2:19:36:92:b9:9f:05:97:6b:70:a1:da:73:7f:98:71:d4:
         ad:40:44:72:9e:0f:bc:d7:6a:9d:3f:34:88:e7:4c:f9:42:56:
         d9:cf:fd:ee:d5:09:ac:04:5e:34:35:0e:44:90:1e:7e:43:0a:
         c9:06:40:42:e8:36:92:67:bb:0c:6b:e1:9c:d2:c7:1d:7f:42:
         f3:c4:e5:1e:e1:39:48:3d:9a:1b:3b:5c:ca:53:98:5d:a4:90:
         b7:f6:23:98:6f:dd:d9:17:67:49:d9:66:38:bf:43:09:fa:db:
         01:98:de:3a:9d:ff:14:86:b9:ea:85:82:5e:ba:53:71:5d:98:
         f8:e7:98:e2:77:9a:a4:af:8a:99:e5:10:97:73:b1:f4:51:56:
         cf:3d:e7:ce:09:01:47:1b:56:7a:5d:16:98:c6:dc:64:4d:23:
         5f:ba:26:c6:3c:5e:fc:f0:8f:80:b7:5e:12:3e:1b:12:9c:b6:
         43:e7:18:e3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
RERFRUFGMTEwLwYDVQQFEygyQ0QzMUMzQzI1MUY1RURBMTgzRjkzOEU3RkNCM0E0
QTFEQkE4OUREMB4XDTIwMDYyMjE1MzA0NFoXDTI1MDYyMjE1MzA0NFowGDEWMBQG
A1UEAxMNNWVmMGNlYTktYTlhMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOerq3m0yYW5rnPGWzlGEbvwlwP9zYq/903/zv50EvQtVAVl70ZzoO2ejnY
8N27TIVYchN/6OZOM7eL7cRwUJmoUlNKtZQy7FvNcbcqnaA1cpEC7xcd03TnKGAw
4auUmP9HK2lDu3VCsUERFTY21kpHPWh7qmvBmLSt/dPC9qJtqBW8383SI9315ShI
e8+s1JZPgewK02AEQbhZBkp55GI6hjkwvDKnZNAFbJS7mZ8EsZiccMWIXlbYoCxm
j+UBBbGCiXfu/DVbuD8Ab8NBpv9KfN+5ImEBZ0XuLtcTA90GWPPqzGBLq2UuLdY7
B9MaoLn7fH5AMCUHqHVuWvo3QaUCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBREWAmG
dBabBGHl1D2pn501jTZQrjAfBgNVHSMEGDAWgBQs0xw8JR9e2hg/k45/yzpKHbqJ
3TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkRERUUvMjE0QzVBRUNCNDlCMTFFQUEzRjYxRjBGRjhBRUEyMjgvTE5NY1BD
VWZYdG9ZUDVPT2Y4czZTaDI2aWQwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTE5NY1BDVWZYdG9ZUDVPT2Y4czZTaDI2aWQwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkRERUUvMjE0QzVBRUNCNDlCMTFFQUEzRjYxRjBGRjhB
RUEyMjgvNTkzRUQyNzBCNDlEMTFFQTlCMjU2RTExRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDA2ZYMA0GCSqGSIb3DQEBCwUA
A4IBAQB2zXTTRuSTWb9z5/aj1PSGkuoGD7LiPbwgH0686ME8VLqvyPiMuHC4A4+h
xoW5R8H+FtejDy3MyGhKmoq8gWgu5DOIMHy0iM7zshk2krmfBZdrcKHac3+YcdSt
QERyng+812qdPzSI50z5QlbZz/3u1QmsBF40NQ5EkB5+QwrJBkBC6DaSZ7sMa+Gc
0scdf0LzxOUe4TlIPZobO1zKU5hdpJC39iOYb93ZF2dJ2WY4v0MJ+tsBmN46nf8U
hrnqhYJeulNxXZj455jid5qkr4qZ5RCXc7H0UVbPPefOCQFHG1Z6XRaYxtxkTSNf
uibGPF788I+At14SPhsSnLZD5xjj
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:20 2024 by rpki-client on console-fra.rpki-client.org