Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C4F1B9AA2C711EE837A2C2BD25BE465.roa
File:                     3C4F1B9AA2C711EE837A2C2BD25BE465.roa (raw, json)
Hash identifier:          mPqWCugvFZdpVIDN7EjEG0tqghjpI9924l55jF8/9lw=
Subject key identifier:   DE:CB:CC:85:DF:AA:CC:75:A3:90:69:5A:AC:10:7F:3A:F0:45:B6:7C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       66A1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C4F1B9AA2C711EE837A2C2BD25BE465.roa
Signing time:             Mon 25 Dec 2023 01:45:09 +0000
ROA not before:           Mon 25 Dec 2023 01:45:06 +0000
ROA not after:            Tue 07 Jan 2025 01:45:06 +0000
asID:                     139057
IP address blocks:        154.85.83.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26273 (0x66a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Dec 25 01:45:06 2023 GMT
            Not After : Jan  7 01:45:06 2025 GMT
        Subject: CN=6588dea5-f1c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:ed:29:cf:d1:10:00:8a:52:35:cc:cc:05:d5:
                    47:40:77:02:61:26:67:6c:61:09:1f:67:bc:65:be:
                    03:1f:ef:25:41:20:c7:dc:7c:77:f6:89:32:85:0b:
                    81:78:36:cc:5b:a5:aa:0f:4b:9b:c4:af:76:09:1f:
                    49:27:75:94:0f:55:f8:38:20:d2:60:ee:b8:cc:d7:
                    9f:16:fe:bc:d5:46:82:56:00:84:b6:75:8a:70:8f:
                    5a:95:23:d0:c0:cd:ed:58:0e:e6:81:d8:13:13:6c:
                    c5:08:b1:37:49:d9:23:5b:87:2f:df:4a:9b:80:02:
                    ea:80:a4:d7:be:38:2d:c0:c6:a2:99:6c:72:89:82:
                    31:74:3a:cd:98:56:30:e0:12:b2:8f:c7:93:ea:62:
                    62:b2:2d:21:b8:31:02:48:22:75:df:cc:71:91:54:
                    7d:9d:09:68:02:0e:22:20:2a:71:85:68:16:02:19:
                    1a:64:f9:59:c2:76:a4:c5:b9:45:c6:ef:30:0d:24:
                    c5:e4:b7:fd:0b:f5:fb:44:ee:7a:b3:90:cb:17:0e:
                    68:02:81:8d:a0:58:b2:35:23:b9:b9:62:6d:d1:e1:
                    d7:22:cf:68:19:02:df:64:34:4c:94:91:34:20:b5:
                    d4:6e:9d:ce:50:78:69:34:a3:ed:9a:8a:bf:f7:39:
                    14:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:CB:CC:85:DF:AA:CC:75:A3:90:69:5A:AC:10:7F:3A:F0:45:B6:7C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C4F1B9AA2C711EE837A2C2BD25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.85.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:ff:0e:d2:cf:00:7b:76:7d:58:65:0f:68:fa:f1:92:d7:e1:
         4f:72:a6:68:db:e9:22:b4:26:21:25:05:38:41:b1:37:aa:d5:
         47:10:45:28:02:db:16:f2:14:58:b3:84:39:13:09:a7:16:bb:
         c1:3b:7d:94:ac:ae:de:29:55:66:4f:a9:77:bd:29:00:67:75:
         e7:d8:39:8a:d0:82:ea:c1:57:b3:b5:6b:db:ba:42:35:78:d6:
         3d:06:61:46:d9:aa:4f:ba:42:4e:7c:a9:d2:96:d2:63:8a:3a:
         8b:da:23:4f:f4:3b:9c:a4:bd:17:bf:77:18:04:08:52:b6:75:
         65:03:af:cf:72:a0:87:b0:25:44:5d:4d:ca:51:94:82:e1:4a:
         79:91:5f:4e:d9:b8:ba:4f:9b:85:a5:9b:a7:7b:0d:03:fa:cd:
         8d:0a:e6:60:29:97:b8:38:61:50:1b:e3:a8:87:e2:6b:e4:e6:
         29:93:7b:f2:ce:e7:b1:53:83:cb:ed:80:f5:0d:2c:a4:5b:5d:
         7b:49:db:85:cc:97:59:9d:bc:22:23:d6:df:9f:be:2c:cd:96:
         77:c2:49:22:7d:3a:cc:39:89:3d:e8:41:f2:6d:3c:85:41:7f:
         23:22:34:61:4f:58:78:96:82:cd:ef:33:2b:2e:a6:da:1c:fa:
         07:19:df:c1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICZqEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzEyMjUwMTQ1MDZaFw0yNTAxMDcwMTQ1MDZaMBgxFjAU
BgNVBAMTDTY1ODhkZWE1LWYxYzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCb7SnP0RAAilI1zMwF1UdAdwJhJmdsYQkfZ7xlvgMf7yVBIMfcfHf2iTKF
C4F4NsxbpaoPS5vEr3YJH0kndZQPVfg4INJg7rjM158W/rzVRoJWAIS2dYpwj1qV
I9DAze1YDuaB2BMTbMUIsTdJ2SNbhy/fSpuAAuqApNe+OC3AxqKZbHKJgjF0Os2Y
VjDgErKPx5PqYmKyLSG4MQJIInXfzHGRVH2dCWgCDiIgKnGFaBYCGRpk+VnCdqTF
uUXG7zANJMXkt/0L9ftE7nqzkMsXDmgCgY2gWLI1I7m5Ym3R4dciz2gZAt9kNEyU
kTQgtdRunc5QeGk0o+2air/3ORRjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU3svM
hd+qzHWjkGlarBB/OvBFtnwwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzNDNEYxQjlBQTJDNzExRUU4MzdBMkMyQkQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVVMwDQYJKoZIhvcNAQEL
BQADggEBAKn/DtLPAHt2fVhlD2j68ZLX4U9ypmjb6SK0JiElBThBsTeq1UcQRSgC
2xbyFFizhDkTCacWu8E7fZSsrt4pVWZPqXe9KQBndefYOYrQgurBV7O1a9u6QjV4
1j0GYUbZqk+6Qk58qdKW0mOKOovaI0/0O5ykvRe/dxgECFK2dWUDr89yoIewJURd
TcpRlILhSnmRX07ZuLpPm4Wlm6d7DQP6zY0K5mApl7g4YVAb46iH4mvk5imTe/LO
57FTg8vtgPUNLKRbXXtJ24XMl1mdvCIj1t+fvizNlnfCSSJ9Osw5iT3oQfJtPIVB
fyMiNGFPWHiWgs3vMysuptoc+gcZ38E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:01 2024 by rpki-client on console-ams.rpki-client.org