Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2ED2D652A30B11EE9C199E29D25BE465.roa
File:                     2ED2D652A30B11EE9C199E29D25BE465.roa (raw, json)
Hash identifier:          6rm4TBaTKRAZIW/yjKEW+yz6VqYc8oVby7A0F0YGef0=
Subject key identifier:   78:47:69:00:6D:3F:86:E2:20:83:60:AC:0C:31:AD:62:42:25:B9:88
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       6729
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2ED2D652A30B11EE9C199E29D25BE465.roa
Signing time:             Mon 25 Dec 2023 09:51:32 +0000
ROA not before:           Mon 25 Dec 2023 09:51:29 +0000
ROA not after:            Tue 07 Jan 2025 09:51:29 +0000
asID:                     139057
IP address blocks:        154.85.78.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26409 (0x6729)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Dec 25 09:51:29 2023 GMT
            Not After : Jan  7 09:51:29 2025 GMT
        Subject: CN=658950a4-2205
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:04:14:87:e7:65:91:3c:ae:f0:66:97:2a:2f:
                    65:6f:24:4f:b2:fc:5c:dc:b5:ce:ac:36:f6:12:ff:
                    ff:fc:eb:c6:0e:0b:82:38:15:88:f6:a1:21:d2:ba:
                    e8:b2:66:fa:5e:a2:ea:2a:28:16:51:db:ad:2a:8a:
                    6e:c4:28:63:03:94:5f:23:4a:ed:49:60:a2:01:57:
                    b5:05:b8:f3:20:a4:63:da:da:26:ac:8e:8c:65:fb:
                    dd:8f:0f:61:7c:73:4f:c1:b8:6a:78:cf:ea:d4:b0:
                    76:99:42:31:86:72:98:d6:a2:cb:c6:1b:32:90:de:
                    5f:9d:4d:5a:20:76:76:1b:94:cf:06:dc:00:c0:e9:
                    48:34:2f:56:e7:d4:74:d9:59:49:13:20:76:a4:3f:
                    ac:1b:d4:88:d7:02:8e:d9:3d:c7:27:0b:ea:2a:c2:
                    09:22:21:60:50:a8:54:33:0b:eb:ac:a8:ed:2b:d1:
                    f5:6c:ec:62:f3:b3:5b:38:d6:85:68:b8:6f:11:51:
                    ec:08:e8:82:6d:b3:95:a1:5e:e1:33:c6:9b:fa:f2:
                    e8:64:a7:ef:b0:e4:14:7d:b1:e7:b2:3e:23:89:e0:
                    99:35:3f:8f:a9:5b:d6:1d:be:96:28:55:f1:c3:17:
                    0d:56:c9:e2:56:3c:ac:e6:c2:9a:4e:40:3d:98:57:
                    9e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:47:69:00:6D:3F:86:E2:20:83:60:AC:0C:31:AD:62:42:25:B9:88
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2ED2D652A30B11EE9C199E29D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.85.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:5a:91:77:c9:ce:8d:04:31:88:7b:57:c5:af:45:9b:47:0d:
         d7:c5:98:f5:83:0c:d8:79:54:a5:f4:29:e2:1b:41:dc:06:ed:
         a4:cf:79:4d:5f:7a:e6:06:cf:f5:60:71:56:5c:b4:91:7d:96:
         61:6b:43:3a:57:fa:e8:86:c1:de:89:52:e4:ce:76:6a:63:b3:
         8a:d6:ff:bf:44:2e:c3:82:a1:90:bb:d9:27:d5:0c:2d:45:57:
         a8:ea:1b:b3:13:a9:48:c9:70:6f:26:2e:84:4a:c7:d1:50:57:
         f0:55:fd:9b:1e:f7:d6:c1:d7:a0:eb:00:40:60:04:62:69:6c:
         c3:e3:82:23:72:da:d4:74:22:d4:19:1c:ff:7d:47:ae:d6:34:
         b5:f6:fc:d1:e3:99:52:73:74:ab:0b:f8:e7:18:5a:af:2e:27:
         f3:f2:cf:97:78:c4:ec:ee:e0:13:a5:ed:ca:28:fc:11:55:53:
         34:9e:d9:f1:ab:45:b8:ca:1d:ec:ad:47:5f:d0:a8:1d:e8:48:
         3f:c2:dc:eb:2d:00:61:bb:df:41:00:00:78:00:3e:fa:6d:6a:
         01:cd:4c:0f:1a:8d:40:b0:55:be:87:ac:e3:f2:87:42:25:f6:
         4f:8f:d5:52:4a:bd:3d:58:f7:bc:3f:af:96:a6:df:95:4f:80:
         05:8f:fe:e7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICZykwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzEyMjUwOTUxMjlaFw0yNTAxMDcwOTUxMjlaMBgxFjAU
BgNVBAMTDTY1ODk1MGE0LTIyMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWBBSH52WRPK7wZpcqL2VvJE+y/Fzctc6sNvYS///868YOC4I4FYj2oSHS
uuiyZvpeouoqKBZR260qim7EKGMDlF8jSu1JYKIBV7UFuPMgpGPa2iasjoxl+92P
D2F8c0/BuGp4z+rUsHaZQjGGcpjWosvGGzKQ3l+dTVogdnYblM8G3ADA6Ug0L1bn
1HTZWUkTIHakP6wb1IjXAo7ZPccnC+oqwgkiIWBQqFQzC+usqO0r0fVs7GLzs1s4
1oVouG8RUewI6IJts5WhXuEzxpv68uhkp++w5BR9seeyPiOJ4Jk1P4+pW9YdvpYo
VfHDFw1WyeJWPKzmwppOQD2YV54PAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUeEdp
AG0/huIgg2CsDDGtYkIluYgwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzJFRDJENjUyQTMwQjExRUU5QzE5OUUyOUQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVU4wDQYJKoZIhvcNAQEL
BQADggEBALhakXfJzo0EMYh7V8WvRZtHDdfFmPWDDNh5VKX0KeIbQdwG7aTPeU1f
euYGz/VgcVZctJF9lmFrQzpX+uiGwd6JUuTOdmpjs4rW/79ELsOCoZC72SfVDC1F
V6jqG7MTqUjJcG8mLoRKx9FQV/BV/Zse99bB16DrAEBgBGJpbMPjgiNy2tR0ItQZ
HP99R67WNLX2/NHjmVJzdKsL+OcYWq8uJ/Pyz5d4xOzu4BOl7coo/BFVUzSe2fGr
RbjKHeytR1/QqB3oSD/C3OstAGG730EAAHgAPvptagHNTA8ajUCwVb6HrOPyh0Il
9k+P1VJKvT1Y97w/r5am35VPgAWP/uc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:58 2024 by rpki-client on console-ams.rpki-client.org