Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/024A45047E3711EF9B3F9782762E951A.roa
File:                     024A45047E3711EF9B3F9782762E951A.roa (raw, json)
Hash identifier:          7JWDlYUrKnyi/D4O8hbhXrylpYB8Zc7mlOEZY1ppfFw=
Subject key identifier:   C4:5F:DE:D3:3A:A3:F0:E7:D4:0A:53:88:90:F6:A9:CD:E0:62:0F:A1
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       F46C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/024A45047E3711EF9B3F9782762E951A.roa
Signing time:             Sun 29 Sep 2024 07:47:00 +0000
ROA not before:           Sun 29 Sep 2024 07:46:56 +0000
ROA not after:            Mon 30 Dec 2024 07:46:56 +0000
asID:                     17561
IP address blocks:        154.198.37.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62572 (0xf46c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Sep 29 07:46:56 2024 GMT
            Not After : Dec 30 07:46:56 2024 GMT
        Subject: CN=66f905f4-4e6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:83:a8:a6:29:65:64:89:b0:50:b6:55:e3:80:
                    57:da:32:28:21:6c:ef:5c:3b:62:11:2d:33:0b:2c:
                    07:3b:5d:ae:ed:6b:d5:0e:8b:bf:84:3b:07:bf:2c:
                    b8:52:99:ff:ba:13:3d:ce:05:e0:e6:de:cb:8c:92:
                    0d:64:bc:85:12:af:d4:a6:67:bf:cb:3c:22:07:ca:
                    d0:75:4a:8b:df:78:6f:9b:d5:4f:ca:30:d6:6c:92:
                    1f:ad:cf:c3:a1:3d:6b:ef:52:1a:ed:40:ad:52:27:
                    d2:9d:20:8b:46:74:79:7a:a4:3b:1b:01:41:86:9a:
                    04:0e:4f:08:48:e6:db:27:b2:3e:01:99:46:3d:5d:
                    20:8e:5d:7d:28:8d:ca:24:02:fd:a8:90:4f:d4:46:
                    f9:08:0c:70:8c:5c:08:91:0f:bf:79:ae:7b:ca:86:
                    57:89:f6:08:57:1f:34:ee:8d:89:06:a5:82:b8:6f:
                    41:e9:73:b4:1e:46:45:87:1d:07:40:cb:87:68:42:
                    e8:11:b0:a2:b1:50:91:78:d5:0e:83:d4:39:77:36:
                    42:fa:bd:e6:9c:d9:59:d0:59:2b:3f:95:f8:87:4b:
                    84:3d:44:0a:a3:8d:ae:59:14:63:28:0f:9f:24:35:
                    b7:cb:bb:e7:a9:f2:0c:af:48:28:c4:93:b3:cd:72:
                    78:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:5F:DE:D3:3A:A3:F0:E7:D4:0A:53:88:90:F6:A9:CD:E0:62:0F:A1
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/024A45047E3711EF9B3F9782762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.198.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:89:76:80:db:04:23:79:07:db:76:a4:2d:90:c3:44:17:26:
         c9:a1:7c:d2:be:16:c5:04:38:eb:ae:55:14:b1:4b:d8:b2:05:
         b0:e3:85:2e:bd:10:59:17:e9:3d:2c:87:a2:49:1a:e4:fa:35:
         65:ce:81:5f:d6:a1:b2:cb:47:1b:7c:74:0f:03:7f:12:05:4f:
         6a:16:19:86:ba:ca:76:e4:72:78:6e:6e:a4:4f:f5:19:19:1f:
         e7:44:e6:33:41:b1:dd:f6:1c:b5:e3:d9:58:fc:99:1b:fd:18:
         64:80:83:fa:c9:6e:9d:72:d2:7e:4f:67:be:2a:4b:1c:5b:93:
         30:c7:88:5b:7c:ee:83:88:f7:4b:19:0d:a4:4e:85:7a:94:8a:
         b8:25:88:db:c0:af:df:1b:08:aa:03:d6:89:67:bd:73:98:70:
         43:a0:88:8c:07:e9:b3:3e:2d:c1:8f:63:96:09:8e:9f:bc:60:
         5c:69:89:7a:14:29:95:82:07:f5:ee:4f:49:27:50:81:9f:16:
         da:d8:ac:ea:62:bf:2a:82:1e:0b:f2:f2:c8:c0:54:8f:0f:16:
         a0:1f:9b:5c:87:c5:c1:9d:e0:a6:19:a3:f3:0b:f0:c4:72:cf:
         d2:0a:61:10:b0:b3:77:84:7f:47:18:d3:1f:a8:83:52:b8:f6:
         e6:cb:83:22
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAPRsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTI5MDc0NjU2WhcNMjQxMjMwMDc0NjU2WjAYMRYw
FAYDVQQDEw02NmY5MDVmNC00ZTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt4OopillZImwULZV44BX2jIoIWzvXDtiES0zCywHO12u7WvVDou/hDsH
vyy4Upn/uhM9zgXg5t7LjJINZLyFEq/Upme/yzwiB8rQdUqL33hvm9VPyjDWbJIf
rc/DoT1r71Ia7UCtUifSnSCLRnR5eqQ7GwFBhpoEDk8ISObbJ7I+AZlGPV0gjl19
KI3KJAL9qJBP1Eb5CAxwjFwIkQ+/ea57yoZXifYIVx807o2JBqWCuG9B6XO0HkZF
hx0HQMuHaELoEbCisVCReNUOg9Q5dzZC+r3mnNlZ0FkrP5X4h0uEPUQKo42uWRRj
KA+fJDW3y7vnqfIMr0goxJOzzXJ4zQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMRf
3tM6o/Dn1ApTiJD2qc3gYg+hMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMjRBNDUwNDdFMzcxMUVGOUIzRjk3ODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYlMA0GCSqGSIb3DQEB
CwUAA4IBAQCriXaA2wQjeQfbdqQtkMNEFybJoXzSvhbFBDjrrlUUsUvYsgWw44Uu
vRBZF+k9LIeiSRrk+jVlzoFf1qGyy0cbfHQPA38SBU9qFhmGusp25HJ4bm6kT/UZ
GR/nROYzQbHd9hy149lY/Jkb/RhkgIP6yW6dctJ+T2e+KkscW5Mwx4hbfO6DiPdL
GQ2kToV6lIq4JYjbwK/fGwiqA9aJZ71zmHBDoIiMB+mzPi3Bj2OWCY6fvGBcaYl6
FCmVggf17k9JJ1CBnxba2KzqYr8qgh4L8vLIwFSPDxagH5tch8XBneCmGaPzC/DE
cs/SCmEQsLN3hH9HGNMfqINSuPbmy4Mi
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:57 2024 by rpki-client on console-fra.rpki-client.org