Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A19AF40A64E11EFB8585151762E951A.roa
File:                     2A19AF40A64E11EFB8585151762E951A.roa (raw, json)
Hash identifier:          kyrRmYrj+8wLm/6xoyCX9mHQdJxujBlm8c9lcTV79c0=
Subject key identifier:   95:DD:60:15:0C:F9:24:72:59:63:2D:1B:8E:54:55:90:F1:1A:8B:BE
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       010F1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A19AF40A64E11EFB8585151762E951A.roa
Signing time:             Tue 19 Nov 2024 08:13:32 +0000
ROA not before:           Tue 19 Nov 2024 08:13:28 +0000
ROA not after:            Sun 15 Dec 2024 08:13:28 +0000
asID:                     214472
IP address blocks:        154.82.16.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 29 Nov 2024 00:06:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69404 (0x10f1c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Nov 19 08:13:28 2024 GMT
            Not After : Dec 15 08:13:28 2024 GMT
        Subject: CN=673c48ab-d1a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:86:d3:48:fb:2a:1e:ce:36:1b:52:4b:db:68:
                    da:30:dc:c5:73:76:7e:c6:6e:74:62:8b:c7:c8:89:
                    c9:63:23:3c:0c:bd:ca:4b:92:be:d4:ab:18:59:de:
                    a1:85:29:55:66:25:0e:8e:bb:33:df:ff:ee:84:da:
                    c7:8a:48:ae:af:5d:4a:a2:74:b8:14:d2:2e:c8:9e:
                    75:9e:41:90:43:e1:15:71:4b:14:e8:b1:54:0b:57:
                    f0:f8:f4:d8:e6:af:ee:30:16:de:6e:16:cb:a3:a8:
                    47:4d:53:f5:c9:47:ad:f4:f5:57:59:08:17:c5:7d:
                    3c:21:06:e8:74:ba:91:d2:98:75:bc:33:1c:62:4b:
                    48:88:ed:5f:a9:c6:c2:e0:3a:ff:8b:cf:08:2f:76:
                    03:da:09:4f:8a:92:3c:24:bd:4a:16:07:6a:3a:19:
                    20:9a:8f:0c:96:7c:3e:f6:fb:0e:b0:28:90:51:f9:
                    da:82:85:ff:cb:10:07:33:b4:5a:1c:2d:54:9d:3a:
                    da:c5:9e:62:d6:d0:c6:b4:db:bd:9b:62:b4:d6:47:
                    5a:61:b2:ba:5a:9c:9e:83:0e:51:11:52:d4:e8:c9:
                    a6:77:5d:2d:3a:28:61:46:8c:bf:9e:ef:8a:f3:44:
                    e0:99:02:9d:82:48:d0:d6:f3:b7:71:aa:ac:fe:80:
                    41:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:DD:60:15:0C:F9:24:72:59:63:2D:1B:8E:54:55:90:F1:1A:8B:BE
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A19AF40A64E11EFB8585151762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.82.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:b0:0c:a5:9f:c4:73:72:f7:92:c4:32:c4:a1:65:ef:65:28:
         42:67:f1:83:27:13:ae:44:5c:13:f2:e7:19:41:39:a2:75:3a:
         80:77:32:24:06:2b:71:26:75:a8:19:e7:51:46:81:aa:ea:78:
         6e:4c:05:13:0a:21:7a:c9:87:d3:bc:8a:7e:1a:b7:23:1e:a0:
         ff:db:fb:38:f9:03:87:78:b1:ab:35:84:df:44:23:c5:ad:f3:
         f7:9a:72:4b:ab:ea:fb:50:26:43:8f:07:a2:b6:df:d6:3f:e1:
         5b:50:6c:e5:12:27:b0:db:15:04:70:00:99:74:14:80:f3:45:
         c5:6d:46:62:fb:08:17:a1:aa:59:d0:33:b4:00:5f:cb:9a:99:
         92:20:de:58:e7:43:d8:d8:75:25:19:a4:93:fe:cf:f2:56:0a:
         1f:ad:59:95:22:fa:38:3c:84:c5:8b:59:0a:35:be:86:49:dc:
         0c:c4:2b:f9:34:f3:06:3c:0c:81:79:ac:9d:bb:10:a2:1e:e3:
         ad:33:36:45:45:19:1f:de:45:6d:d9:bc:88:7f:81:80:52:b9:
         74:2c:af:f2:3a:0c:81:f8:a3:7c:09:ab:01:8f:2d:09:e8:38:
         5a:d6:be:c0:9e:24:33:f9:9c:55:d0:ac:92:44:c7:0c:e3:b1:
         01:50:99:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ8cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE5MDgxMzI4WhcNMjQxMjE1MDgxMzI4WjAYMRYw
FAYDVQQDEw02NzNjNDhhYi1kMWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwobTSPsqHs42G1JL22jaMNzFc3Z+xm50YovHyInJYyM8DL3KS5K+1KsY
Wd6hhSlVZiUOjrsz3//uhNrHikiur11KonS4FNIuyJ51nkGQQ+EVcUsU6LFUC1fw
+PTY5q/uMBbebhbLo6hHTVP1yUet9PVXWQgXxX08IQbodLqR0ph1vDMcYktIiO1f
qcbC4Dr/i88IL3YD2glPipI8JL1KFgdqOhkgmo8Mlnw+9vsOsCiQUfnagoX/yxAH
M7RaHC1UnTraxZ5i1tDGtNu9m2K01kdaYbK6Wpyegw5REVLU6Mmmd10tOihhRoy/
nu+K80TgmQKdgkjQ1vO3caqs/oBBZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJXd
YBUM+SRyWWMtG45UVZDxGou+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQTE5QUY0MEE2NEUxMUVGQjg1ODUxNTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlIQMA0GCSqGSIb3DQEB
CwUAA4IBAQAtsAyln8RzcveSxDLEoWXvZShCZ/GDJxOuRFwT8ucZQTmidTqAdzIk
BitxJnWoGedRRoGq6nhuTAUTCiF6yYfTvIp+GrcjHqD/2/s4+QOHeLGrNYTfRCPF
rfP3mnJLq+r7UCZDjweitt/WP+FbUGzlEiew2xUEcACZdBSA80XFbUZi+wgXoapZ
0DO0AF/LmpmSIN5Y50PY2HUlGaST/s/yVgofrVmVIvo4PITFi1kKNb6GSdwMxCv5
NPMGPAyBeayduxCiHuOtMzZFRRkf3kVt2byIf4GAUrl0LK/yOgyB+KN8CasBjy0J
6Dha1r7AniQz+ZxV0KySRMcM47EBUJlv
-----END CERTIFICATE-----
Generated at Wed Nov 27 16:09:22 2024 by rpki-client on console-fra.rpki-client.org