Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DEEDB984A5111EFBD4D9DA9762E951A.roa
File:                     3DEEDB984A5111EFBD4D9DA9762E951A.roa (raw, json)
Hash identifier:          D+yyedyKUHGL2FpBmeHYG1WBdbE15+zF16lw/Cbo0Yg=
Subject key identifier:   3D:40:17:B1:01:43:FC:33:E9:10:11:9D:0A:77:A0:42:A2:A1:DB:FD
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       D698
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DEEDB984A5111EFBD4D9DA9762E951A.roa
Signing time:             Thu 25 Jul 2024 06:43:46 +0000
ROA not before:           Thu 25 Jul 2024 06:43:43 +0000
ROA not after:            Sun 23 Feb 2025 06:43:43 +0000
asID:                     152920
IP address blocks:        154.208.144.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54936 (0xd698)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 25 06:43:43 2024 GMT
            Not After : Feb 23 06:43:43 2025 GMT
        Subject: CN=66a1f422-fdef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8c:ab:1b:7e:91:dd:0b:4b:39:f3:ba:94:1f:
                    6a:9b:c0:d9:03:dc:ba:66:fc:d7:de:06:63:cb:dd:
                    fc:1a:69:62:bd:04:a3:a6:bb:d9:45:16:39:73:99:
                    df:3e:95:07:1f:db:29:e2:97:6d:3f:3e:c3:70:93:
                    8b:60:fb:ef:be:ef:0e:10:12:f8:ba:4d:a7:96:dd:
                    5e:20:a3:2c:d9:88:65:16:b0:4e:67:5b:22:38:95:
                    3f:71:fb:c0:de:a0:df:7d:2e:77:97:00:b7:b7:13:
                    58:75:3a:d7:51:5a:ce:49:72:8e:a2:51:30:12:9a:
                    1b:fe:67:ab:94:21:90:95:c9:e9:88:5b:36:d1:e9:
                    db:b7:4c:38:3e:c1:f2:ad:84:fd:c7:8d:31:08:d9:
                    86:46:46:64:8f:7a:61:21:f1:17:87:c4:5f:a8:28:
                    f6:07:f6:c9:c0:f2:af:2b:b8:11:06:a8:8e:61:3d:
                    59:22:52:19:ae:a9:62:8b:ef:9c:ad:fc:50:9d:32:
                    d0:cd:be:22:5b:4e:2e:65:52:32:8d:ac:58:f6:d0:
                    fc:89:1a:6d:e1:d1:f5:85:79:16:79:c6:ed:17:02:
                    1b:68:73:8a:fa:42:4d:a3:82:fd:92:1f:06:3e:4e:
                    84:10:cf:9c:63:21:02:3d:6f:97:ee:63:a2:0a:5e:
                    3e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:40:17:B1:01:43:FC:33:E9:10:11:9D:0A:77:A0:42:A2:A1:DB:FD
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DEEDB984A5111EFBD4D9DA9762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.208.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a0:73:27:a0:61:a5:1e:ee:3a:cf:1e:ce:aa:28:76:c7:c1:db:
         70:de:34:19:48:e3:d6:93:ba:b9:4d:3c:17:ef:43:56:c7:77:
         17:b1:c6:af:a2:d7:d6:24:b4:5c:f6:9c:c2:3b:8d:10:49:47:
         11:34:e7:a2:d9:dc:48:27:44:11:cb:29:34:77:69:71:fd:23:
         33:33:aa:8d:7b:0a:a7:dd:25:d7:21:1f:9f:7f:0c:1b:7f:a0:
         91:bb:85:95:59:ec:d9:b3:4d:1d:2e:53:9d:e3:e9:1e:a7:d7:
         61:d9:b5:c4:a3:eb:69:7c:eb:a4:01:b5:7b:a7:b6:a4:a8:c0:
         46:65:c5:22:50:36:d4:6b:66:b7:94:6d:7c:67:c6:82:df:79:
         5c:f5:35:a2:10:d9:e9:ac:2c:b9:57:3c:5a:fe:5b:1c:02:07:
         e3:86:e5:0d:c3:71:c9:34:79:98:c6:ed:ea:1d:a3:fc:75:7d:
         a4:c4:9e:41:b8:c6:6a:61:dd:f8:d3:4c:b5:80:80:3b:46:85:
         28:52:d4:c0:6a:af:8d:30:4f:ba:ce:a3:fe:9d:5c:9e:f6:23:
         30:b0:c7:74:89:51:90:b3:b6:fa:c9:3d:25:4c:f1:7a:10:b4:
         b3:21:aa:04:30:d2:d1:94:5d:e0:6b:c3:3b:ad:b2:8e:6a:b0:
         2d:31:e8:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDANaYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNzI1MDY0MzQzWhcNMjUwMjIzMDY0MzQzWjAYMRYw
FAYDVQQDEw02NmExZjQyMi1mZGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuoyrG36R3QtLOfO6lB9qm8DZA9y6ZvzX3gZjy938GmlivQSjprvZRRY5
c5nfPpUHH9sp4pdtPz7DcJOLYPvvvu8OEBL4uk2nlt1eIKMs2YhlFrBOZ1siOJU/
cfvA3qDffS53lwC3txNYdTrXUVrOSXKOolEwEpob/merlCGQlcnpiFs20enbt0w4
PsHyrYT9x40xCNmGRkZkj3phIfEXh8RfqCj2B/bJwPKvK7gRBqiOYT1ZIlIZrqli
i++crfxQnTLQzb4iW04uZVIyjaxY9tD8iRpt4dH1hXkWecbtFwIbaHOK+kJNo4L9
kh8GPk6EEM+cYyECPW+X7mOiCl4+CQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD1A
F7EBQ/wz6RARnQp3oEKiodv9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zREVFREI5ODRBNTExMUVGQkQ0RDlEQTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtCQMA0GCSqGSIb3DQEB
CwUAA4IBAQCgcyegYaUe7jrPHs6qKHbHwdtw3jQZSOPWk7q5TTwX70NWx3cXscav
otfWJLRc9pzCO40QSUcRNOei2dxIJ0QRyyk0d2lx/SMzM6qNewqn3SXXIR+ffwwb
f6CRu4WVWezZs00dLlOd4+kep9dh2bXEo+tpfOukAbV7p7akqMBGZcUiUDbUa2a3
lG18Z8aC33lc9TWiENnprCy5Vzxa/lscAgfjhuUNw3HJNHmYxu3qHaP8dX2kxJ5B
uMZqYd3400y1gIA7RoUoUtTAaq+NME+6zqP+nVye9iMwsMd0iVGQs7b6yT0lTPF6
ELSzIaoEMNLRlF3ga8M7rbKOarAtMejn
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:01 2024 by rpki-client on console-ams.rpki-client.org