Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/269FEAC86AA311EFB7A73179762E951A.roa
File:                     269FEAC86AA311EFB7A73179762E951A.roa (raw, json)
Hash identifier:          WQs7+uekL92unFxQiX1zXcbQqzSPRUPZQgulGFqQ2vs=
Subject key identifier:   43:79:DC:44:0E:06:82:52:E4:CE:37:AA:C1:39:D4:72:03:EE:7F:8F
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       EA43
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/269FEAC86AA311EFB7A73179762E951A.roa
Signing time:             Wed 04 Sep 2024 09:50:43 +0000
ROA not before:           Wed 04 Sep 2024 09:50:40 +0000
ROA not after:            Thu 24 Apr 2025 09:50:40 +0000
asID:                     63888
IP address blocks:        154.209.70.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59971 (0xea43)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Sep  4 09:50:40 2024 GMT
            Not After : Apr 24 09:50:40 2025 GMT
        Subject: CN=66d82d73-6b07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:8f:5f:bd:4b:98:4e:dc:24:27:38:ab:c3:0a:
                    19:76:7f:8d:c1:18:88:94:09:63:aa:3f:4f:be:cf:
                    2f:f0:50:cd:df:3c:50:d0:1d:43:bc:31:fa:fc:11:
                    e3:68:b8:33:e4:40:62:ea:f0:8c:e5:cc:0c:ad:26:
                    13:cb:27:cc:5a:04:0a:a5:84:ba:be:ee:c0:55:4a:
                    86:4c:f0:74:95:c3:16:e2:67:8e:db:d1:d4:0d:ce:
                    df:4c:4f:45:e4:9c:c9:05:0d:d3:eb:c7:70:84:9b:
                    5b:61:c6:ff:aa:0e:ad:05:96:d5:a3:65:9f:12:3a:
                    10:fe:ce:67:ec:44:3a:9d:63:37:ba:e4:27:00:c5:
                    d3:ae:94:21:9a:a8:83:c8:a3:7e:3f:08:22:ab:04:
                    16:7a:50:7a:f3:92:2d:b9:79:a0:3d:4a:da:9b:24:
                    72:ed:45:e9:c7:54:57:ef:13:24:e9:d8:fe:d7:1b:
                    49:f4:cb:23:8d:06:a3:55:ff:46:62:24:a6:55:87:
                    8c:0f:54:1d:c6:83:5f:f1:9f:69:72:8e:c4:56:b8:
                    eb:d4:52:99:cb:31:d5:2c:bd:98:57:fe:91:b7:99:
                    33:e2:3f:5b:ef:20:ce:19:8d:bb:5c:49:87:58:e9:
                    19:26:92:a2:76:76:16:7a:b0:e1:87:7a:d5:e6:8b:
                    d1:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:79:DC:44:0E:06:82:52:E4:CE:37:AA:C1:39:D4:72:03:EE:7F:8F
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/269FEAC86AA311EFB7A73179762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.209.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:30:2d:0a:f0:55:df:d6:a2:d6:f9:ce:1a:1d:3b:c3:40:e7:
         1d:26:1c:f8:92:7c:0c:ca:aa:8f:0a:ee:db:16:7f:de:39:18:
         92:34:9d:28:9b:b3:4e:5a:01:58:f1:eb:13:de:3a:01:74:71:
         44:0b:94:96:c4:5d:6a:58:1d:be:4c:89:a9:f6:cb:ee:09:3d:
         57:06:a4:1f:57:f0:e6:c4:9d:05:14:90:09:7d:64:ae:57:c3:
         aa:3e:4b:14:9c:db:1c:82:3d:37:8a:8b:02:16:0f:86:a6:ac:
         68:d8:b5:65:88:13:ca:2f:42:a3:16:7f:da:65:5b:6e:5c:b6:
         64:ed:e9:e8:17:23:88:10:f7:9b:a1:77:47:40:07:43:f8:b2:
         24:9e:80:6e:f2:bd:02:5d:49:e5:0d:e5:f5:0b:88:b5:28:20:
         67:74:9b:5e:15:12:6a:7e:d4:5d:45:e0:f4:07:7e:0c:23:a1:
         63:23:8a:70:01:ab:ab:a8:32:cf:36:15:4b:5d:c5:d3:35:24:
         f6:e9:98:7e:ce:45:7c:67:4f:87:6a:d0:83:82:c1:42:90:0c:
         16:3a:a6:c8:f5:55:b4:fd:a4:a0:6d:a2:d7:87:e2:10:27:1b:
         f9:72:09:44:5b:19:2c:8f:22:eb:4f:1e:41:9c:5b:a1:73:fe:
         8a:4f:76:47
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAOpDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTA0MDk1MDQwWhcNMjUwNDI0MDk1MDQwWjAYMRYw
FAYDVQQDEw02NmQ4MmQ3My02YjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA149fvUuYTtwkJzirwwoZdn+NwRiIlAljqj9Pvs8v8FDN3zxQ0B1DvDH6
/BHjaLgz5EBi6vCM5cwMrSYTyyfMWgQKpYS6vu7AVUqGTPB0lcMW4meO29HUDc7f
TE9F5JzJBQ3T68dwhJtbYcb/qg6tBZbVo2WfEjoQ/s5n7EQ6nWM3uuQnAMXTrpQh
mqiDyKN+PwgiqwQWelB685ItuXmgPUramyRy7UXpx1RX7xMk6dj+1xtJ9MsjjQaj
Vf9GYiSmVYeMD1QdxoNf8Z9pco7EVrjr1FKZyzHVLL2YV/6Rt5kz4j9b7yDOGY27
XEmHWOkZJpKidnYWerDhh3rV5ovRqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEN5
3EQOBoJS5M43qsE51HID7n+PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNjlGRUFDODZBQTMxMUVGQjdBNzMxNzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtFGMA0GCSqGSIb3DQEB
CwUAA4IBAQBQMC0K8FXf1qLW+c4aHTvDQOcdJhz4knwMyqqPCu7bFn/eORiSNJ0o
m7NOWgFY8esT3joBdHFEC5SWxF1qWB2+TImp9svuCT1XBqQfV/DmxJ0FFJAJfWSu
V8OqPksUnNscgj03iosCFg+Gpqxo2LVliBPKL0KjFn/aZVtuXLZk7enoFyOIEPeb
oXdHQAdD+LIknoBu8r0CXUnlDeX1C4i1KCBndJteFRJqftRdReD0B34MI6FjI4pw
AaurqDLPNhVLXcXTNST26Zh+zkV8Z0+HatCDgsFCkAwWOqbI9VW0/aSgbaLXh+IQ
Jxv5cglEWxksjyLrTx5BnFuhc/6KT3ZH
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:01 2024 by rpki-client on console-fra.rpki-client.org