Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/278C409C73FB11EF89299C9D762E951A.roa
File:                     278C409C73FB11EF89299C9D762E951A.roa (raw, json)
Hash identifier:          By4ypNM47BjHoVLjp/vwutFQP3jbDhYk3VjRDIZ3wHQ=
Subject key identifier:   72:91:98:15:83:2A:CB:4E:41:D8:10:26:DD:2A:13:95:78:CD:4A:6C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       EF73
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/278C409C73FB11EF89299C9D762E951A.roa
Signing time:             Mon 16 Sep 2024 07:13:21 +0000
ROA not before:           Mon 16 Sep 2024 07:13:18 +0000
ROA not after:            Sat 30 Nov 2024 07:13:18 +0000
asID:                     142403
IP address blocks:        154.211.14.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61299 (0xef73)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Sep 16 07:13:18 2024 GMT
            Not After : Nov 30 07:13:18 2024 GMT
        Subject: CN=66e7da91-9287
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:99:30:09:e3:c9:c1:54:3b:92:64:cd:21:ce:
                    3e:db:27:78:00:85:90:49:35:49:38:35:4b:e0:c8:
                    fa:3e:65:cd:32:8c:77:06:f0:39:bd:e1:c0:24:ce:
                    16:ea:d3:f9:aa:de:18:84:7e:04:23:4d:fe:e5:bc:
                    8f:27:93:1f:df:b7:aa:0f:6c:05:42:28:b7:35:81:
                    c4:55:59:b6:31:4b:24:00:e6:4b:61:22:1f:16:77:
                    87:4b:13:66:41:78:c9:e0:72:e9:40:5e:93:4f:2e:
                    80:41:f1:fe:48:9f:42:11:c0:d4:8b:c9:56:9a:8e:
                    31:f9:87:62:89:51:4b:8a:a4:bb:d7:3c:78:cd:f4:
                    35:4c:cb:da:b1:8c:29:04:b8:ab:a2:90:3b:39:fb:
                    fe:5f:82:76:df:ea:fb:06:78:1c:e1:b3:6c:30:c1:
                    a8:ff:c3:43:c4:37:6b:ff:09:14:a4:1f:a7:46:15:
                    bb:32:39:05:65:bf:97:26:d4:38:ac:54:fb:ca:91:
                    7e:10:27:ef:08:27:ef:bb:ef:c0:b7:b6:0c:48:41:
                    9a:92:70:60:60:e9:44:84:87:d5:01:e3:0c:c7:af:
                    2c:c1:7a:bc:e2:39:84:c5:83:79:12:01:ed:4b:f9:
                    9f:92:6a:46:13:09:75:9f:bb:f0:7b:94:6a:77:14:
                    4a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:91:98:15:83:2A:CB:4E:41:D8:10:26:DD:2A:13:95:78:CD:4A:6C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/278C409C73FB11EF89299C9D762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.211.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:31:16:fd:b0:b4:d6:81:24:5a:d7:a1:68:41:70:a8:90:4d:
         1b:2b:c4:12:60:83:a9:95:bc:0a:7a:72:52:81:6e:0e:c5:1a:
         d3:12:21:ec:3c:46:a8:5c:06:d0:c1:d3:a1:0e:c5:fe:93:3f:
         47:27:d9:6f:ad:9e:4b:64:b9:9a:be:41:44:df:bf:a0:90:58:
         57:e3:0f:30:e4:f4:8c:c2:04:a1:3f:19:3f:19:b2:ff:c6:18:
         51:10:34:b4:4e:40:33:e6:2a:f3:38:13:96:77:86:5f:16:c9:
         a3:78:e9:08:97:14:c9:36:48:c6:a6:29:e6:7f:14:8a:f4:a7:
         e7:80:40:76:cb:1c:93:22:79:76:84:04:a3:c9:44:3f:c3:e5:
         a0:59:0d:98:30:3a:26:4d:89:c2:f4:69:67:c7:d4:00:12:14:
         b2:11:9a:a1:83:5e:8c:29:b5:c4:7a:b5:87:a8:89:0c:41:b9:
         af:47:18:0c:70:21:a5:b3:9e:7a:2e:47:30:ee:f3:24:60:49:
         5a:a0:4e:53:2d:8b:e1:33:74:5f:56:bf:62:d7:5e:77:b8:08:
         3e:31:26:b9:7d:60:20:37:27:47:f8:5d:72:04:d9:61:b9:9d:
         c3:ae:19:e8:dc:98:c1:81:ac:86:61:19:1d:4d:53:8f:6e:e8:
         ef:fb:f8:13
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAO9zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTE2MDcxMzE4WhcNMjQxMTMwMDcxMzE4WjAYMRYw
FAYDVQQDEw02NmU3ZGE5MS05Mjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtpkwCePJwVQ7kmTNIc4+2yd4AIWQSTVJODVL4Mj6PmXNMox3BvA5veHA
JM4W6tP5qt4YhH4EI03+5byPJ5Mf37eqD2wFQii3NYHEVVm2MUskAOZLYSIfFneH
SxNmQXjJ4HLpQF6TTy6AQfH+SJ9CEcDUi8lWmo4x+YdiiVFLiqS71zx4zfQ1TMva
sYwpBLiropA7Ofv+X4J23+r7Bngc4bNsMMGo/8NDxDdr/wkUpB+nRhW7MjkFZb+X
JtQ4rFT7ypF+ECfvCCfvu+/At7YMSEGaknBgYOlEhIfVAeMMx68swXq84jmExYN5
EgHtS/mfkmpGEwl1n7vwe5RqdxRK0wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHKR
mBWDKstOQdgQJt0qE5V4zUpsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNzhDNDA5QzczRkIxMUVGODkyOTlDOUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtMOMA0GCSqGSIb3DQEB
CwUAA4IBAQBXMRb9sLTWgSRa16FoQXCokE0bK8QSYIOplbwKenJSgW4OxRrTEiHs
PEaoXAbQwdOhDsX+kz9HJ9lvrZ5LZLmavkFE37+gkFhX4w8w5PSMwgShPxk/GbL/
xhhREDS0TkAz5irzOBOWd4ZfFsmjeOkIlxTJNkjGpinmfxSK9KfngEB2yxyTInl2
hASjyUQ/w+WgWQ2YMDomTYnC9Glnx9QAEhSyEZqhg16MKbXEerWHqIkMQbmvRxgM
cCGls556Lkcw7vMkYElaoE5TLYvhM3RfVr9i1153uAg+MSa5fWAgNydH+F1yBNlh
uZ3Drhno3JjBgayGYRkdTVOPbujv+/gT
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:01 2024 by rpki-client on console-fra.rpki-client.org