Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5221E844911911EFB014E68E762E951A.roa
File:                     5221E844911911EFB014E68E762E951A.roa (raw, json)
Hash identifier:          ecgD3ROqMVgIciz+yDjS3Y3iovqQFfWHTVZyOlyDxVc=
Subject key identifier:   19:EE:3B:FC:60:82:1C:CA:CA:FB:3F:6E:BE:71:8C:29:C3:D1:5B:7B
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0100CC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5221E844911911EFB014E68E762E951A.roa
Signing time:             Wed 23 Oct 2024 08:32:21 +0000
ROA not before:           Wed 23 Oct 2024 08:32:17 +0000
ROA not after:            Fri 24 Oct 2025 08:32:17 +0000
asID:                     141196
IP address blocks:        154.90.138.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Nov 2024 00:05:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65740 (0x100cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Oct 23 08:32:17 2024 GMT
            Not After : Oct 24 08:32:17 2025 GMT
        Subject: CN=6718b495-6bd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:78:79:f0:ce:6b:dc:00:e9:96:fa:1f:bd:c2:
                    f4:e8:bf:ad:0d:ae:ec:74:e7:47:07:23:44:bd:f1:
                    9e:67:a6:ec:b7:18:87:4f:a9:60:b6:5f:11:e9:74:
                    ef:d1:f1:81:5d:68:28:51:ea:2e:09:bf:c5:33:2d:
                    c1:dc:20:c8:8e:be:fb:53:2d:9c:9f:82:5b:21:76:
                    a9:08:c8:b2:47:2b:cf:19:f0:81:97:a2:64:9e:41:
                    74:37:f6:f8:8e:ec:1e:46:61:6d:f9:88:17:a1:e4:
                    04:fc:67:38:2e:20:fb:00:75:f1:6c:26:43:82:26:
                    1b:ea:f3:65:7a:8f:24:95:2a:13:14:7f:c0:37:a8:
                    82:45:7e:2e:55:0a:07:9d:8d:ca:04:82:3d:c8:aa:
                    40:e6:b0:75:63:1d:1a:b8:09:98:44:46:98:50:43:
                    ab:68:3e:be:e9:74:4f:bc:39:26:b7:34:88:51:e6:
                    c9:c9:90:54:e8:3d:df:61:0b:a9:44:17:46:9a:c7:
                    e9:72:b8:18:48:1d:cf:5e:e2:dc:6b:2f:89:e1:b5:
                    5c:4b:26:cf:fe:fc:86:db:7e:8a:e2:c8:b5:eb:11:
                    eb:dc:76:da:7e:91:c3:50:ec:5e:53:d9:e9:5c:63:
                    41:33:c6:45:fa:85:ec:78:aa:85:bf:29:e1:c8:46:
                    46:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:EE:3B:FC:60:82:1C:CA:CA:FB:3F:6E:BE:71:8C:29:C3:D1:5B:7B
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5221E844911911EFB014E68E762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.90.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5b:2e:17:00:2f:85:0f:b9:5d:d9:4c:cd:a3:25:c4:88:51:5e:
         97:38:b7:95:b4:0f:56:a2:38:65:c5:2b:46:09:cc:38:b9:7e:
         0c:86:67:29:4d:49:7e:47:b6:3d:7a:ba:7e:3d:a4:a5:65:24:
         1b:b7:db:d3:f7:e0:24:be:19:fd:65:54:8d:32:aa:34:5f:a3:
         c5:3b:23:9d:8b:52:9d:fc:5e:c1:a0:7c:d0:73:82:54:60:e9:
         f1:52:9c:dc:45:3b:76:6a:d0:e5:81:ac:ac:d1:f9:8d:f2:27:
         1d:6b:4a:45:21:c8:4c:db:cb:64:75:8f:f8:ff:de:08:2e:b7:
         32:9e:63:73:6f:fc:1a:7a:ea:5a:49:6c:8a:a8:33:c4:fc:b4:
         d9:de:d7:7c:83:53:ad:60:a4:33:84:3f:5d:4e:69:30:d7:2d:
         c8:57:b3:e4:12:35:63:b2:98:58:54:c9:02:fc:72:86:99:50:
         73:be:a7:7b:31:dd:de:b1:9d:d2:09:10:47:6c:0e:fa:53:a5:
         f8:43:ca:59:4d:a5:ff:13:7c:37:e9:fb:28:be:20:a3:62:67:
         5a:34:5a:d4:e2:5a:88:ce:81:34:49:07:82:96:aa:fa:1e:d2:
         4f:cd:6d:8a:54:cd:29:b3:c0:09:aa:aa:c0:0f:70:f3:34:a2:
         04:18:c4:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQDMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDIzMDgzMjE3WhcNMjUxMDI0MDgzMjE3WjAYMRYw
FAYDVQQDEw02NzE4YjQ5NS02YmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwHh58M5r3ADplvofvcL06L+tDa7sdOdHByNEvfGeZ6bstxiHT6lgtl8R
6XTv0fGBXWgoUeouCb/FMy3B3CDIjr77Uy2cn4JbIXapCMiyRyvPGfCBl6JknkF0
N/b4juweRmFt+YgXoeQE/Gc4LiD7AHXxbCZDgiYb6vNleo8klSoTFH/AN6iCRX4u
VQoHnY3KBII9yKpA5rB1Yx0auAmYREaYUEOraD6+6XRPvDkmtzSIUebJyZBU6D3f
YQupRBdGmsfpcrgYSB3PXuLcay+J4bVcSybP/vyG236K4si16xHr3HbafpHDUOxe
U9npXGNBM8ZF+oXseKqFvynhyEZG1wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBnu
O/xgghzKyvs/br5xjCnD0Vt7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MjIxRTg0NDkxMTkxMUVGQjAxNEU2OEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlqKMA0GCSqGSIb3DQEB
CwUAA4IBAQBbLhcAL4UPuV3ZTM2jJcSIUV6XOLeVtA9WojhlxStGCcw4uX4Mhmcp
TUl+R7Y9erp+PaSlZSQbt9vT9+Akvhn9ZVSNMqo0X6PFOyOdi1Kd/F7BoHzQc4JU
YOnxUpzcRTt2atDlgays0fmN8icda0pFIchM28tkdY/4/94ILrcynmNzb/waeupa
SWyKqDPE/LTZ3td8g1OtYKQzhD9dTmkw1y3IV7PkEjVjsphYVMkC/HKGmVBzvqd7
Md3esZ3SCRBHbA76U6X4Q8pZTaX/E3w36fsoviCjYmdaNFrU4lqIzoE0SQeClqr6
HtJPzW2KVM0ps8AJqqrAD3DzNKIEGMTS
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:10 2024 by rpki-client on console-ams.rpki-client.org