Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A3A898AB34311EEA0EFA566775412E6.roa
File:                     2A3A898AB34311EEA0EFA566775412E6.roa (raw, json)
Hash identifier:          ZQsZ6M2xgQjiL8o/pCi9ILaR7LK8GxkKgZhmCR8zyBQ=
Subject key identifier:   B4:52:75:3F:F5:ED:D3:97:28:8A:EB:30:AB:B0:8B:4B:C2:B4:CC:1E
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7518
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A3A898AB34311EEA0EFA566775412E6.roa
Signing time:             Mon 15 Jan 2024 01:12:35 +0000
ROA not before:           Mon 15 Jan 2024 01:12:32 +0000
ROA not after:            Fri 13 Dec 2024 01:12:32 +0000
asID:                     140227
IP address blocks:        154.205.206.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29976 (0x7518)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 15 01:12:32 2024 GMT
            Not After : Dec 13 01:12:32 2024 GMT
        Subject: CN=65a48683-c871
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:3d:ae:f4:10:30:eb:16:3d:b3:93:89:11:bd:
                    96:6d:37:1a:8d:0a:4a:62:bb:c8:89:a3:a3:d7:82:
                    11:77:75:ad:e2:bd:29:70:36:dd:46:28:13:de:fd:
                    bc:4a:f5:9c:d1:45:b7:49:05:89:d9:61:a6:88:14:
                    35:09:57:a4:0b:f4:b0:11:e6:00:fb:48:e3:43:6d:
                    a6:f2:1c:d2:61:42:8e:55:7c:b4:08:e5:a0:96:9a:
                    67:49:fd:a7:62:d0:43:47:6d:bc:e9:96:71:76:ab:
                    f1:c1:b6:db:c2:35:74:c1:7a:50:3d:86:22:b1:37:
                    6e:8b:9f:5f:d4:cb:36:0f:72:93:ff:ea:3a:6e:48:
                    e6:b1:71:e9:83:49:0b:13:7a:17:5d:aa:6f:ca:e0:
                    85:5c:2b:de:8a:27:0d:ff:f0:56:9f:e8:ce:2f:13:
                    14:76:3f:f9:d5:62:d8:57:4b:bd:25:e9:0d:1b:c7:
                    54:8b:c4:75:53:99:21:5a:dc:21:a9:3d:34:ef:d0:
                    81:51:bb:fb:e4:6d:db:b2:52:a3:71:46:38:52:a7:
                    45:fb:48:fb:be:8f:e6:ea:e8:ac:78:13:a8:dc:53:
                    de:90:1a:f8:01:94:41:64:5a:6e:41:4b:b5:68:d4:
                    91:c2:e3:5a:a1:10:03:97:cc:17:3f:f8:1a:2f:35:
                    96:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:52:75:3F:F5:ED:D3:97:28:8A:EB:30:AB:B0:8B:4B:C2:B4:CC:1E
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A3A898AB34311EEA0EFA566775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:f3:3d:c6:07:6c:f7:70:00:20:0b:e3:b9:9d:13:33:63:f2:
         e4:c7:db:24:4b:48:23:19:e3:4e:4d:42:ee:4d:32:99:d1:ef:
         8e:78:16:03:c1:24:c8:c4:94:74:ac:ae:da:10:bb:80:63:20:
         60:e4:00:8e:87:f2:23:37:29:dd:ce:f6:03:7e:08:2d:f4:5f:
         59:29:6e:7c:2c:72:5f:e6:45:56:1d:47:7b:eb:ef:09:df:ff:
         7f:9e:88:48:56:c9:5e:9f:0c:a6:c3:72:3d:9b:35:73:5d:e6:
         55:f8:73:f9:26:9a:7d:2b:38:42:90:b8:21:1e:35:70:ee:9a:
         96:bc:9e:bf:ce:c7:e2:e5:86:f3:22:5f:2d:95:69:6e:17:99:
         a6:d0:45:42:0a:15:d7:9c:c8:f7:8b:7a:18:0a:50:20:fe:41:
         04:5a:21:13:05:fa:26:84:87:c2:7f:69:4c:ab:c8:9b:41:51:
         8e:7e:6c:c8:0c:b9:f1:cb:37:5c:01:cf:8e:83:f3:75:6c:fb:
         a1:2c:fb:0d:1e:ae:ac:59:c6:c4:4b:2d:3c:61:ab:7e:ee:56:
         24:d7:04:19:48:1d:e2:7f:e6:0c:88:40:91:4d:33:27:13:7f:
         08:60:2c:18:ad:2d:dc:a2:37:e9:7f:39:a9:47:30:9b:57:ec:
         da:f0:b8:6e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdRgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTUwMTEyMzJaFw0yNDEyMTMwMTEyMzJaMBgxFjAU
BgNVBAMTDTY1YTQ4NjgzLWM4NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkPa70EDDrFj2zk4kRvZZtNxqNCkpiu8iJo6PXghF3da3ivSlwNt1GKBPe
/bxK9ZzRRbdJBYnZYaaIFDUJV6QL9LAR5gD7SONDbabyHNJhQo5VfLQI5aCWmmdJ
/adi0ENHbbzplnF2q/HBttvCNXTBelA9hiKxN26Ln1/UyzYPcpP/6jpuSOaxcemD
SQsTehddqm/K4IVcK96KJw3/8Faf6M4vExR2P/nVYthXS70l6Q0bx1SLxHVTmSFa
3CGpPTTv0IFRu/vkbduyUqNxRjhSp0X7SPu+j+bq6Kx4E6jcU96QGvgBlEFkWm5B
S7Vo1JHC41qhEAOXzBc/+BovNZbxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUtFJ1
P/Xt05coiuswq7CLS8K0zB4wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzJBM0E4OThBQjM0MzExRUVBMEVGQTU2Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazc4wDQYJKoZIhvcNAQEL
BQADggEBAJrzPcYHbPdwACAL47mdEzNj8uTH2yRLSCMZ405NQu5NMpnR7454FgPB
JMjElHSsrtoQu4BjIGDkAI6H8iM3Kd3O9gN+CC30X1kpbnwscl/mRVYdR3vr7wnf
/3+eiEhWyV6fDKbDcj2bNXNd5lX4c/kmmn0rOEKQuCEeNXDumpa8nr/Ox+LlhvMi
Xy2VaW4XmabQRUIKFdecyPeLehgKUCD+QQRaIRMF+iaEh8J/aUyryJtBUY5+bMgM
ufHLN1wBz46D83Vs+6Es+w0erqxZxsRLLTxhq37uViTXBBlIHeJ/5gyIQJFNMycT
fwhgLBitLdyiN+l/OalHMJtX7NrwuG4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:57 2024 by rpki-client on console-ams.rpki-client.org