Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0480C412A2FD11EEB82F0012D25BE465.roa
File:                     0480C412A2FD11EEB82F0012D25BE465.roa (raw, json)
Hash identifier:          FOEjGPcnmLEuB8ge+mU9H5zMZQNIoWhjXsH4xdNYKkY=
Subject key identifier:   A8:58:CA:23:71:47:6B:5D:1B:2B:64:92:CD:52:42:A3:07:4E:63:28
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       66ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0480C412A2FD11EEB82F0012D25BE465.roa
Signing time:             Mon 25 Dec 2023 08:10:08 +0000
ROA not before:           Mon 25 Dec 2023 08:10:04 +0000
ROA not after:            Mon 23 Dec 2024 08:10:04 +0000
asID:                     133012
IP address blocks:        154.91.3.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26349 (0x66ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Dec 25 08:10:04 2023 GMT
            Not After : Dec 23 08:10:04 2024 GMT
        Subject: CN=658938e0-9547
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:7c:15:c5:be:4e:62:9d:ce:f9:8b:f8:2a:6e:
                    f0:c2:3f:78:fd:5b:9a:bd:42:ef:0f:e4:1b:02:ea:
                    ca:ba:16:40:74:15:f7:92:01:ed:e1:f0:8b:1d:34:
                    39:b5:4b:43:58:6e:55:a0:6f:d3:c3:89:8e:d7:9c:
                    41:17:66:37:b2:dc:64:de:a2:f9:a1:6e:21:3a:68:
                    a0:fd:53:52:06:cf:9b:c8:d6:05:c9:4f:bb:0e:b9:
                    c1:4e:b2:7e:16:86:e5:c4:33:3e:b9:29:90:ac:76:
                    35:97:8e:b3:8e:38:25:03:0a:0b:42:f6:cf:a2:cc:
                    70:6c:27:84:55:31:40:8f:c2:56:fe:2e:ae:b9:4c:
                    e2:75:6f:30:1f:a7:59:e4:00:a2:f9:bc:68:68:2b:
                    94:9e:99:ed:0a:67:80:84:16:28:e2:0e:9a:a3:c1:
                    73:fc:bf:c0:8d:65:a7:43:3c:1a:52:aa:f3:81:8b:
                    63:68:b8:65:55:6f:2c:4d:f9:11:95:0d:a6:6f:05:
                    5b:bc:7f:05:db:3c:0b:c3:cb:3a:b8:84:51:e4:cc:
                    b3:1e:50:21:e9:e7:82:30:87:44:8a:06:a4:b1:35:
                    95:e6:6b:c3:51:43:59:b5:1b:ef:27:1c:c0:cb:89:
                    fe:01:fb:49:8b:1e:ed:bc:29:a4:ef:17:b5:35:48:
                    a5:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:58:CA:23:71:47:6B:5D:1B:2B:64:92:CD:52:42:A3:07:4E:63:28
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0480C412A2FD11EEB82F0012D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.91.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:b1:ff:00:71:04:08:c2:85:4c:15:b0:c3:79:5b:e3:fa:14:
         1a:fd:c7:f6:e2:48:62:13:23:16:5d:20:37:39:50:eb:2e:78:
         cf:d6:5a:dd:99:ee:ef:43:2b:fb:74:1e:45:ca:35:a7:7f:1b:
         9c:5d:5c:e2:88:56:28:f5:f2:e9:13:4b:28:66:2c:7c:75:e8:
         a0:e8:8e:c6:d4:a9:3d:75:ac:2c:24:41:96:d3:86:78:c4:80:
         52:c7:2b:df:6f:2b:fd:68:b6:67:87:c3:a5:ee:c8:73:b8:f9:
         f9:a8:f8:ac:87:17:c6:28:be:ea:03:94:3f:31:f6:94:7c:fb:
         4e:45:be:db:9d:39:76:fd:83:ed:0f:65:0f:93:b7:b6:cd:40:
         cb:f0:5e:03:a8:6b:69:c2:f7:ab:d6:fa:7b:1d:ef:3f:0a:bc:
         b4:70:81:a2:1d:e2:cf:75:73:10:80:e5:19:5a:7e:9c:97:6a:
         58:a1:85:dd:ae:73:3f:86:59:2d:c0:1a:63:a6:d1:56:ba:c1:
         b3:cf:76:52:d3:86:50:04:16:94:04:86:a0:00:14:70:7d:a7:
         fa:ff:55:e6:8b:a5:9c:c2:3c:15:14:c5:ad:35:a2:29:97:1d:
         d0:37:e5:29:58:e3:8e:64:b3:30:43:ba:33:2d:03:86:af:22:
         81:98:ce:b7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICZu0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzEyMjUwODEwMDRaFw0yNDEyMjMwODEwMDRaMBgxFjAU
BgNVBAMTDTY1ODkzOGUwLTk1NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDifBXFvk5inc75i/gqbvDCP3j9W5q9Qu8P5BsC6sq6FkB0FfeSAe3h8Isd
NDm1S0NYblWgb9PDiY7XnEEXZjey3GTeovmhbiE6aKD9U1IGz5vI1gXJT7sOucFO
sn4WhuXEMz65KZCsdjWXjrOOOCUDCgtC9s+izHBsJ4RVMUCPwlb+Lq65TOJ1bzAf
p1nkAKL5vGhoK5Seme0KZ4CEFijiDpqjwXP8v8CNZadDPBpSqvOBi2NouGVVbyxN
+RGVDaZvBVu8fwXbPAvDyzq4hFHkzLMeUCHp54Iwh0SKBqSxNZXma8NRQ1m1G+8n
HMDLif4B+0mLHu28KaTvF7U1SKVVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUqFjK
I3FHa10bK2SSzVJCowdOYygwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzA0ODBDNDEyQTJGRDExRUVCODJGMDAxMkQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaWwMwDQYJKoZIhvcNAQEL
BQADggEBACex/wBxBAjChUwVsMN5W+P6FBr9x/biSGITIxZdIDc5UOsueM/WWt2Z
7u9DK/t0HkXKNad/G5xdXOKIVij18ukTSyhmLHx16KDojsbUqT11rCwkQZbThnjE
gFLHK99vK/1otmeHw6XuyHO4+fmo+KyHF8YovuoDlD8x9pR8+05FvtudOXb9g+0P
ZQ+Tt7bNQMvwXgOoa2nC96vW+nsd7z8KvLRwgaId4s91cxCA5RlafpyXalihhd2u
cz+GWS3AGmOm0Va6wbPPdlLThlAEFpQEhqAAFHB9p/r/VeaLpZzCPBUUxa01oimX
HdA35SlY445kszBDujMtA4avIoGYzrc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:58 2024 by rpki-client on console-fra.rpki-client.org