Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40F390B23F5D11EF85514183762E951A.roa
File:                     40F390B23F5D11EF85514183762E951A.roa (raw, json)
Hash identifier:          i9eJ7v/ZfF538rS3i38jFGJcZaQ/3FbN1L6h1JopfWA=
Subject key identifier:   64:B0:97:33:6D:ED:27:9E:9F:9F:6F:B4:31:78:DE:87:8C:97:65:FC
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       D0AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40F390B23F5D11EF85514183762E951A.roa
Signing time:             Thu 11 Jul 2024 08:12:03 +0000
ROA not before:           Thu 11 Jul 2024 08:11:59 +0000
ROA not after:            Thu 24 Jul 2025 08:11:59 +0000
asID:                     151196
IP address blocks:        154.212.160.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Nov 2024 00:05:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53422 (0xd0ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 11 08:11:59 2024 GMT
            Not After : Jul 24 08:11:59 2025 GMT
        Subject: CN=668f93d3-5e72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:0d:2e:06:42:2d:57:cb:60:94:d7:2a:9d:e7:
                    cc:7f:75:c5:ac:1b:8b:3c:4b:db:71:04:1b:4d:f9:
                    df:63:2c:6c:ef:e6:56:ba:1f:61:f6:51:35:13:ad:
                    ae:6c:65:00:f0:41:a5:10:bf:cf:d8:1b:3a:ad:f4:
                    69:dc:c0:16:06:8d:5d:77:3f:ce:08:6a:62:b6:8b:
                    b7:20:0f:69:bf:a6:8c:dc:6e:ca:ae:9a:1b:5f:cc:
                    9f:82:29:17:d0:6d:c3:2d:f0:fd:5d:bd:0b:b7:19:
                    e2:76:89:ac:fe:a5:8c:87:12:16:3b:40:3b:8b:87:
                    a3:8d:94:8b:ac:b3:07:06:a0:c2:bc:d9:a4:c9:54:
                    20:7e:85:2c:f3:4e:8e:0a:88:cb:3d:08:a5:fb:dd:
                    85:32:f0:b9:d2:fa:12:76:34:e8:62:0f:90:72:37:
                    29:6f:3c:b2:14:c6:14:f4:a9:b9:d9:8e:2a:b1:d3:
                    24:cd:0b:a9:15:76:eb:ae:91:50:ca:1f:d3:87:e5:
                    f9:79:cb:63:0f:63:18:a4:83:52:d6:ca:71:4a:2c:
                    0c:61:bb:9f:37:3b:37:b6:1d:c7:54:70:5d:2d:ea:
                    f6:0a:92:ab:bf:41:44:1d:32:93:6b:5e:5f:38:fc:
                    15:05:7d:98:91:66:5d:b5:b4:6e:c8:df:35:3b:c4:
                    0d:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:B0:97:33:6D:ED:27:9E:9F:9F:6F:B4:31:78:DE:87:8C:97:65:FC
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40F390B23F5D11EF85514183762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.212.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:9b:9c:31:0f:52:74:36:4a:7a:16:4f:c8:87:f2:fb:a1:40:
         25:a2:9c:a6:62:3d:8c:fe:26:7c:16:2c:cb:1e:9b:f3:00:c0:
         7b:25:3b:dc:50:1e:9a:f6:57:0d:70:fc:f5:47:3a:44:c8:f3:
         2a:1c:33:1c:d1:05:1e:cb:7e:81:af:e1:ba:84:28:60:e3:a4:
         8d:a2:dd:d9:ba:f7:4c:b7:86:04:32:b1:73:2b:fa:7c:8b:fb:
         46:da:07:75:a9:1b:93:9d:a1:4b:d6:8a:12:25:d3:85:5c:6f:
         de:2e:a0:eb:60:c9:eb:e9:3f:7d:26:0e:61:40:9e:29:b6:e3:
         ae:43:ca:a3:e7:1b:0d:83:57:20:0f:52:d0:33:4d:c8:bd:1e:
         a0:ea:11:66:95:60:b8:2e:1b:88:df:72:31:fd:04:ca:86:df:
         b3:d4:dd:46:65:03:a9:6e:5a:07:a9:fb:23:5a:41:fc:c6:36:
         4f:12:ee:25:a3:0b:c9:94:9a:58:17:a4:44:13:f1:79:01:7d:
         a6:6b:e5:5b:e4:58:37:7f:89:ed:20:6f:cd:b3:eb:dc:0e:99:
         f3:5b:91:31:b9:c1:0f:f1:f2:ab:5f:ab:fc:63:55:7e:69:07:
         6a:a4:57:28:4f:4b:f2:76:7a:60:62:10:bf:99:b8:fd:8b:3b:
         58:39:fb:ff
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDANCuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNzExMDgxMTU5WhcNMjUwNzI0MDgxMTU5WjAYMRYw
FAYDVQQDEw02NjhmOTNkMy01ZTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0w0uBkItV8tglNcqnefMf3XFrBuLPEvbcQQbTfnfYyxs7+ZWuh9h9lE1
E62ubGUA8EGlEL/P2Bs6rfRp3MAWBo1ddz/OCGpitou3IA9pv6aM3G7KrpobX8yf
gikX0G3DLfD9Xb0Ltxnidoms/qWMhxIWO0A7i4ejjZSLrLMHBqDCvNmkyVQgfoUs
806OCojLPQil+92FMvC50voSdjToYg+QcjcpbzyyFMYU9Km52Y4qsdMkzQupFXbr
rpFQyh/Th+X5ectjD2MYpINS1spxSiwMYbufNzs3th3HVHBdLer2CpKrv0FEHTKT
a15fOPwVBX2YkWZdtbRuyN81O8QNXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGSw
lzNt7Seen59vtDF43oeMl2X8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MEYzOTBCMjNGNUQxMUVGODU1MTQxODM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtSgMA0GCSqGSIb3DQEB
CwUAA4IBAQCSm5wxD1J0Nkp6Fk/Ih/L7oUAlopymYj2M/iZ8FizLHpvzAMB7JTvc
UB6a9lcNcPz1RzpEyPMqHDMc0QUey36Br+G6hChg46SNot3ZuvdMt4YEMrFzK/p8
i/tG2gd1qRuTnaFL1ooSJdOFXG/eLqDrYMnr6T99Jg5hQJ4ptuOuQ8qj5xsNg1cg
D1LQM03IvR6g6hFmlWC4LhuI33Ix/QTKht+z1N1GZQOpbloHqfsjWkH8xjZPEu4l
owvJlJpYF6REE/F5AX2ma+Vb5Fg3f4ntIG/Ns+vcDpnzW5ExucEP8fKrX6v8Y1V+
aQdqpFcoT0vydnpgYhC/mbj9iztYOfv/
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:06 2024 by rpki-client on console-ams.rpki-client.org