Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00675454726E11EF8AB54371762E951A.roa
File:                     00675454726E11EF8AB54371762E951A.roa (raw, json)
Hash identifier:          ZbSlX+Z+Gw5/Trh4B2iBK/s+3bA88MtQAajsc84l4Mo=
Subject key identifier:   5F:3C:BA:67:8E:41:AB:2A:E9:9E:D8:5E:17:B3:D2:3A:9B:42:8B:9C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       EE10
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00675454726E11EF8AB54371762E951A.roa
Signing time:             Sat 14 Sep 2024 07:50:25 +0000
ROA not before:           Sat 14 Sep 2024 07:50:22 +0000
ROA not after:            Sat 30 Nov 2024 07:50:22 +0000
asID:                     136970
IP address blocks:        154.197.4.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60944 (0xee10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Sep 14 07:50:22 2024 GMT
            Not After : Nov 30 07:50:22 2024 GMT
        Subject: CN=66e54041-ba50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:0a:a7:f7:21:d4:b1:8c:e3:53:f0:88:18:7b:
                    72:39:5e:5c:99:ed:61:86:86:14:19:84:d2:1d:16:
                    5a:23:f9:4d:c7:60:d8:23:de:c6:37:c3:ae:df:ad:
                    e5:57:17:ae:58:38:94:9f:67:5f:01:c4:d1:9f:9e:
                    9a:5e:ce:d0:b5:66:c4:d7:49:c4:39:60:de:2c:41:
                    d0:00:dc:d2:13:f9:f2:0c:7c:2a:40:79:f8:9c:75:
                    7a:ab:01:e8:43:d4:ef:0e:2b:65:77:05:d7:8d:fb:
                    c5:33:76:65:fc:b3:f2:9c:b7:01:21:0a:94:9c:4c:
                    4f:e8:48:f0:06:8c:cc:74:cb:cc:33:0c:73:57:1a:
                    a2:68:92:fe:6d:e6:e6:e0:80:fa:cb:31:9b:c1:2c:
                    8e:aa:c1:a2:e0:3a:d3:7a:92:40:6e:5a:1f:1a:64:
                    66:6b:16:0d:47:04:25:f2:7c:21:c6:fc:29:9b:02:
                    75:94:5e:85:7f:51:30:db:e5:48:42:23:5f:30:ba:
                    85:dd:6b:80:a6:9a:c3:19:52:f6:5e:22:25:1c:db:
                    1b:b7:ca:6e:89:ba:1a:59:cd:a7:b3:c6:32:27:37:
                    f3:03:ef:2b:b0:ea:b6:73:52:ce:62:fb:ec:1c:27:
                    e7:df:e8:99:04:eb:54:66:8c:ae:06:28:70:7a:cc:
                    2d:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:3C:BA:67:8E:41:AB:2A:E9:9E:D8:5E:17:B3:D2:3A:9B:42:8B:9C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00675454726E11EF8AB54371762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.197.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:bc:50:b3:c7:91:41:67:18:95:d5:3f:26:28:7c:3a:b9:ad:
         c4:b9:5c:f6:2a:10:1d:31:ac:fb:25:19:b3:09:3a:2d:e4:19:
         4b:0c:5e:c0:d8:9f:be:78:0f:85:0d:ea:41:99:af:7b:0d:29:
         30:41:88:f6:97:5f:0a:84:c4:3e:91:12:7e:92:f6:55:8a:3c:
         dc:c1:99:79:4f:0f:dc:e5:74:ec:5b:bb:a2:76:bc:a6:bc:c5:
         28:cc:cb:46:ef:76:04:18:15:a1:09:c8:e6:1a:c7:e8:3d:fa:
         20:23:13:2b:7f:af:d3:31:d9:9e:70:27:3f:4e:b3:fb:38:3c:
         35:1e:36:1e:44:d2:76:7b:87:39:29:28:a8:6e:9c:7b:fd:7e:
         32:06:34:61:4c:d2:4b:8d:70:2b:90:e9:36:cf:f3:28:af:ff:
         f2:27:f7:a3:01:f3:96:72:de:2b:3b:67:23:c2:00:5b:10:e8:
         b5:7d:d0:bb:f4:e9:1b:28:8d:31:66:8a:ce:18:ea:38:3a:21:
         fb:5e:41:a3:e0:f7:ac:11:cc:ab:d9:84:ae:75:16:53:c8:2a:
         73:98:a2:b4:ee:50:49:f3:b5:a9:98:66:e1:d3:e4:c4:e2:57:
         a0:eb:ca:19:13:77:67:c7:b7:8d:65:c7:3a:9c:d0:f6:8d:30:
         e0:aa:ab:71
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAO4QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTE0MDc1MDIyWhcNMjQxMTMwMDc1MDIyWjAYMRYw
FAYDVQQDEw02NmU1NDA0MS1iYTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3wqn9yHUsYzjU/CIGHtyOV5cme1hhoYUGYTSHRZaI/lNx2DYI97GN8Ou
363lVxeuWDiUn2dfAcTRn56aXs7QtWbE10nEOWDeLEHQANzSE/nyDHwqQHn4nHV6
qwHoQ9TvDitldwXXjfvFM3Zl/LPynLcBIQqUnExP6EjwBozMdMvMMwxzVxqiaJL+
bebm4ID6yzGbwSyOqsGi4DrTepJAblofGmRmaxYNRwQl8nwhxvwpmwJ1lF6Ff1Ew
2+VIQiNfMLqF3WuApprDGVL2XiIlHNsbt8puiboaWc2ns8YyJzfzA+8rsOq2c1LO
YvvsHCfn3+iZBOtUZoyuBihweswt/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF88
umeOQasq6Z7YXhez0jqbQoucMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMDY3NTQ1NDcyNkUxMUVGOEFCNTQzNzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsUEMA0GCSqGSIb3DQEB
CwUAA4IBAQBavFCzx5FBZxiV1T8mKHw6ua3EuVz2KhAdMaz7JRmzCTot5BlLDF7A
2J++eA+FDepBma97DSkwQYj2l18KhMQ+kRJ+kvZVijzcwZl5Tw/c5XTsW7uidrym
vMUozMtG73YEGBWhCcjmGsfoPfogIxMrf6/TMdmecCc/TrP7ODw1HjYeRNJ2e4c5
KSiobpx7/X4yBjRhTNJLjXArkOk2z/Mor//yJ/ejAfOWct4rO2cjwgBbEOi1fdC7
9OkbKI0xZorOGOo4OiH7XkGj4PesEcyr2YSudRZTyCpzmKK07lBJ87WpmGbh0+TE
4leg68oZE3dnx7eNZcc6nND2jTDgqqtx
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:57 2024 by rpki-client on console-fra.rpki-client.org