Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4502A7A4B22E11EE8ED49E75775412E6.roa
File:                     4502A7A4B22E11EE8ED49E75775412E6.roa (raw, json)
Hash identifier:          CnzcaAG9W24V2jEH9FwzFiFoQQ494K6a3hxAf6YIAYk=
Subject key identifier:   3A:B8:41:01:99:46:62:C9:17:3F:E3:A9:C1:89:76:FC:2D:53:2A:D6
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7504
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4502A7A4B22E11EE8ED49E75775412E6.roa
Signing time:             Sat 13 Jan 2024 16:10:29 +0000
ROA not before:           Sat 13 Jan 2024 16:10:26 +0000
ROA not after:            Fri 13 Dec 2024 16:10:26 +0000
asID:                     140227
IP address blocks:        154.205.215.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29956 (0x7504)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 13 16:10:26 2024 GMT
            Not After : Dec 13 16:10:26 2024 GMT
        Subject: CN=65a2b5f5-0e3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:50:b4:8a:af:bb:7b:f6:0b:66:d6:75:d0:32:
                    51:18:0b:e0:1a:c3:7b:ae:d7:07:82:b1:14:2a:dc:
                    15:be:be:7d:a5:a5:19:e5:eb:eb:a9:7f:6f:e9:f9:
                    04:92:e9:19:6d:6c:e7:2a:aa:fa:a4:51:a4:57:c9:
                    56:9c:f4:2f:30:ac:c0:85:31:dd:49:46:1b:10:0d:
                    e3:e0:e9:67:2c:8d:21:10:9a:89:39:9b:01:dd:00:
                    14:7e:9b:69:96:ee:19:ea:49:9b:97:0a:12:7d:24:
                    5c:42:68:aa:27:b4:ea:a5:c5:60:c1:cc:40:db:32:
                    36:72:dc:7b:5e:b2:24:d8:84:b9:22:60:30:17:3e:
                    2c:8d:38:8c:0d:b9:20:a3:2c:cf:17:64:e4:bc:e9:
                    a4:fd:d1:87:e3:29:bf:f7:1c:0e:1c:a9:39:31:64:
                    7d:03:16:13:42:a7:09:ad:7c:fd:2f:43:04:94:e7:
                    ca:0b:66:96:38:2d:70:ac:1a:da:f1:f0:b5:87:d9:
                    66:30:d0:ec:58:05:fc:f3:59:b3:68:2c:39:af:a9:
                    20:8d:64:76:cb:9c:91:d7:65:9d:19:f3:3f:72:6f:
                    3d:34:dd:d4:ae:c3:76:95:43:b7:c6:82:f6:3d:bb:
                    f6:de:ec:3c:41:3d:42:bf:41:86:c4:c2:40:16:65:
                    7e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B8:41:01:99:46:62:C9:17:3F:E3:A9:C1:89:76:FC:2D:53:2A:D6
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4502A7A4B22E11EE8ED49E75775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:74:e3:a4:f4:dc:b7:f6:a5:f7:d6:81:eb:3a:f5:12:f1:5f:
         8e:c0:02:f3:e9:0a:54:05:36:ee:f6:4e:e0:b6:f4:97:3a:65:
         e0:14:c9:4a:34:6d:03:b8:1d:af:71:a6:23:31:9b:2a:f8:11:
         17:8d:bc:88:83:e9:7d:e2:79:ce:47:34:40:b0:02:ea:77:92:
         59:5d:c4:b2:06:75:09:90:8b:4d:81:03:63:a0:4e:90:23:dc:
         5b:d9:3e:c7:25:93:01:9f:e9:ba:df:8f:87:a6:5d:46:8d:af:
         19:33:5b:75:23:0e:3f:fd:49:f3:f6:31:dd:aa:e3:b6:6b:4a:
         74:d2:56:53:ed:f4:84:11:dc:a6:63:95:31:25:4c:81:a0:ca:
         3f:72:ad:57:c1:18:6c:58:40:df:92:7e:8d:43:d5:99:a9:31:
         43:ec:68:73:c8:64:44:09:99:7a:28:67:49:d0:64:98:db:d4:
         ce:f2:03:bc:30:26:53:c0:c4:fb:88:48:4f:6d:23:b2:4a:f6:
         bb:f0:02:ab:ae:96:46:f2:59:bf:48:8b:3a:85:1a:a2:e6:a8:
         e4:65:ba:c8:80:44:14:83:dc:43:bd:02:d7:36:c8:49:95:0e:
         b9:09:d8:29:93:a4:77:63:3e:3f:91:ce:03:c8:fa:d5:d0:5a:
         97:ee:9b:f4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdQQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTMxNjEwMjZaFw0yNDEyMTMxNjEwMjZaMBgxFjAU
BgNVBAMTDTY1YTJiNWY1LTBlM2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDmULSKr7t79gtm1nXQMlEYC+Aaw3uu1weCsRQq3BW+vn2lpRnl6+upf2/p
+QSS6RltbOcqqvqkUaRXyVac9C8wrMCFMd1JRhsQDePg6WcsjSEQmok5mwHdABR+
m2mW7hnqSZuXChJ9JFxCaKontOqlxWDBzEDbMjZy3HtesiTYhLkiYDAXPiyNOIwN
uSCjLM8XZOS86aT90YfjKb/3HA4cqTkxZH0DFhNCpwmtfP0vQwSU58oLZpY4LXCs
Gtrx8LWH2WYw0OxYBfzzWbNoLDmvqSCNZHbLnJHXZZ0Z8z9ybz003dSuw3aVQ7fG
gvY9u/be7DxBPUK/QYbEwkAWZX6BAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUOrhB
AZlGYskXP+OpwYl2/C1TKtYwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzQ1MDJBN0E0QjIyRTExRUU4RUQ0OUU3NTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazdcwDQYJKoZIhvcNAQEL
BQADggEBAHV046T03Lf2pffWges69RLxX47AAvPpClQFNu72TuC29Jc6ZeAUyUo0
bQO4Ha9xpiMxmyr4EReNvIiD6X3iec5HNECwAup3klldxLIGdQmQi02BA2OgTpAj
3FvZPsclkwGf6brfj4emXUaNrxkzW3UjDj/9SfP2Md2q47ZrSnTSVlPt9IQR3KZj
lTElTIGgyj9yrVfBGGxYQN+Sfo1D1ZmpMUPsaHPIZEQJmXooZ0nQZJjb1M7yA7ww
JlPAxPuISE9tI7JK9rvwAquulkbyWb9IizqFGqLmqORlusiARBSD3EO9Atc2yEmV
DrkJ2CmTpHdjPj+RzgPI+tXQWpfum/Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:02 2024 by rpki-client on console-ams.rpki-client.org