Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/39BE037EDF7A11EEB5520562775412E6.roa
File:                     39BE037EDF7A11EEB5520562775412E6.roa (raw, json)
Hash identifier:          Ub0y1H/kRKZhDwvsAbVP4XvTQCa8JUWMcVZpDRfnSQM=
Subject key identifier:   C1:82:8C:46:83:C6:8B:C9:02:BB:E9:1A:E2:99:EF:E1:DB:C4:FE:B0
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       A08E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/39BE037EDF7A11EEB5520562775412E6.roa
Signing time:             Mon 11 Mar 2024 07:37:34 +0000
ROA not before:           Mon 11 Mar 2024 07:37:31 +0000
ROA not after:            Fri 14 Mar 2025 07:37:31 +0000
asID:                     134687
IP address blocks:        154.198.15.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 41102 (0xa08e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Mar 11 07:37:31 2024 GMT
            Not After : Mar 14 07:37:31 2025 GMT
        Subject: CN=65eeb4be-2898
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0c:87:5a:bb:01:ab:a5:15:a3:46:cc:6c:d2:
                    1e:9b:58:08:24:44:12:da:fa:3b:c9:0e:b3:57:34:
                    08:5d:63:7d:62:e0:3a:48:d0:fe:57:54:de:c5:86:
                    42:87:a3:db:4c:d3:41:95:79:3a:2f:71:7e:29:f0:
                    ca:54:15:ab:23:83:b3:6b:c2:0f:31:a6:ae:34:ec:
                    d3:5b:55:27:28:e6:87:d9:db:95:d1:70:78:79:d5:
                    34:64:26:c9:95:d2:c3:d1:62:36:4d:3c:30:9e:c6:
                    9c:0d:27:35:ff:ec:cc:e8:99:fc:61:91:dd:e9:26:
                    a9:a8:62:d2:52:61:0a:86:f5:9b:57:98:37:75:ac:
                    bb:58:3c:a9:46:d2:5a:a6:27:13:07:e8:a2:78:49:
                    a8:2b:18:1c:d2:79:03:05:45:cf:a1:81:69:98:a3:
                    0c:44:46:02:68:04:e1:d2:07:f4:5e:ae:45:5b:50:
                    1f:04:a1:c6:6b:b2:0d:78:c3:b6:8b:37:c3:f4:81:
                    bb:5f:b0:e7:e0:52:b5:dd:98:82:80:6d:f8:2a:78:
                    55:70:cd:5c:3a:49:1c:e4:82:fc:a5:78:81:9d:02:
                    34:31:7f:1e:7a:53:2e:f5:f9:8a:0a:40:5f:4a:e2:
                    4a:c8:3e:52:99:18:e1:1e:9e:89:d6:ba:1a:c0:29:
                    bd:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:82:8C:46:83:C6:8B:C9:02:BB:E9:1A:E2:99:EF:E1:DB:C4:FE:B0
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/39BE037EDF7A11EEB5520562775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.198.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:68:7f:d9:0a:f9:21:41:d6:53:8e:db:64:22:2e:3a:8c:76:
         9d:e5:1e:ef:76:c9:66:5f:6b:d6:ed:20:41:49:03:42:15:c5:
         aa:30:35:9e:46:22:9b:b3:50:b6:9c:1a:27:c1:21:5b:b9:8b:
         b8:32:39:62:5c:ba:60:29:62:a3:1f:4b:4b:44:1f:79:b2:d1:
         e4:07:c2:23:f5:25:de:57:4e:ae:41:81:68:26:bf:8d:5b:d8:
         41:1d:fc:59:8b:6c:9a:9e:aa:99:33:b5:f6:f9:5b:f4:4e:ae:
         d0:ee:04:cc:63:58:51:f1:f4:5a:db:10:08:4a:de:53:7c:4b:
         2a:06:5d:f6:aa:4b:bc:bb:8b:fb:4e:83:32:bb:2a:04:59:98:
         83:05:a7:fa:16:52:18:e5:bf:da:0f:bd:96:69:08:7b:4c:fb:
         bc:8a:f1:a1:3d:25:cd:92:d8:5e:b6:0b:30:e4:55:b7:48:cf:
         55:20:9c:f6:60:d0:87:24:ac:8c:7a:ca:ec:0a:ff:3d:9d:b3:
         64:b1:27:65:32:25:f1:f9:25:47:c5:a6:71:60:4e:96:27:4e:
         c3:e7:b0:50:25:c8:6b:29:71:f4:86:09:5c:f9:41:e5:a0:8c:
         6b:af:1c:c3:6d:78:3f:01:d6:46:ec:f2:c7:69:08:e9:45:fa:
         cf:95:8b:d5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKCOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzExMDczNzMxWhcNMjUwMzE0MDczNzMxWjAYMRYw
FAYDVQQDEw02NWVlYjRiZS0yODk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQyHWrsBq6UVo0bMbNIem1gIJEQS2vo7yQ6zVzQIXWN9YuA6SND+V1Te
xYZCh6PbTNNBlXk6L3F+KfDKVBWrI4Oza8IPMaauNOzTW1UnKOaH2duV0XB4edU0
ZCbJldLD0WI2TTwwnsacDSc1/+zM6Jn8YZHd6SapqGLSUmEKhvWbV5g3day7WDyp
RtJapicTB+iieEmoKxgc0nkDBUXPoYFpmKMMREYCaATh0gf0Xq5FW1AfBKHGa7IN
eMO2izfD9IG7X7Dn4FK13ZiCgG34KnhVcM1cOkkc5IL8pXiBnQI0MX8eelMu9fmK
CkBfSuJKyD5SmRjhHp6J1roawCm9sQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMGC
jEaDxovJArvpGuKZ7+HbxP6wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOUJFMDM3RURGN0ExMUVFQjU1MjA1NjI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYPMA0GCSqGSIb3DQEB
CwUAA4IBAQAnaH/ZCvkhQdZTjttkIi46jHad5R7vdslmX2vW7SBBSQNCFcWqMDWe
RiKbs1C2nBonwSFbuYu4MjliXLpgKWKjH0tLRB95stHkB8Ij9SXeV06uQYFoJr+N
W9hBHfxZi2yanqqZM7X2+Vv0Tq7Q7gTMY1hR8fRa2xAISt5TfEsqBl32qku8u4v7
ToMyuyoEWZiDBaf6FlIY5b/aD72WaQh7TPu8ivGhPSXNkthetgsw5FW3SM9VIJz2
YNCHJKyMesrsCv89nbNksSdlMiXx+SVHxaZxYE6WJ07D57BQJchrKXH0hglc+UHl
oIxrrxzDbXg/AdZG7PLHaQjpRfrPlYvV
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:01 2024 by rpki-client on console-ams.rpki-client.org