Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/570CA1FE141A11EFB442753F017001B1.roa
File:                     570CA1FE141A11EFB442753F017001B1.roa (raw, json)
Hash identifier:          gUWvVp9PpsqcLAcDoWkeSj2n6YyjwKDVGRyatnBq5QQ=
Subject key identifier:   18:52:D5:45:AB:CB:55:11:81:3D:4D:76:FE:0F:A7:05:4F:3C:4F:2C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       B82B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/570CA1FE141A11EFB442753F017001B1.roa
Signing time:             Fri 17 May 2024 06:54:43 +0000
ROA not before:           Fri 17 May 2024 06:54:40 +0000
ROA not after:            Thu 04 Jul 2024 06:54:40 +0000
asID:                     44559
IP address blocks:        154.213.160.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47147 (0xb82b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 17 06:54:40 2024 GMT
            Not After : Jul  4 06:54:40 2024 GMT
        Subject: CN=6646ff33-2a79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6b:ba:0e:60:08:e5:14:92:dc:03:49:e5:fe:
                    bf:17:c2:5a:25:bd:96:06:60:93:26:8c:23:b6:ed:
                    24:be:8b:a6:a1:62:07:72:ef:f2:65:f3:5e:3f:93:
                    a7:75:47:25:cd:ab:fb:6a:33:46:ea:7f:29:7a:11:
                    2d:6e:23:24:01:ca:11:6c:81:f5:f5:c7:c4:32:49:
                    c4:a6:0d:7f:41:71:43:09:e7:15:c2:c4:8a:04:fe:
                    a8:2d:4e:80:09:82:49:78:da:ce:80:0b:81:5a:43:
                    4a:e1:13:1c:6a:14:58:1b:91:94:b5:e3:fa:55:03:
                    0b:1f:15:f6:17:00:48:b4:31:ee:72:44:66:b0:45:
                    b0:9b:cd:6c:92:2f:58:bf:bc:de:d2:cb:d3:f5:58:
                    92:29:32:ce:69:74:0b:0b:ea:c1:2e:8b:cc:9c:e2:
                    e8:35:c7:f3:ba:f2:89:88:96:0d:9c:48:33:f1:03:
                    2e:fe:01:f2:3a:22:a0:e3:29:09:f9:7b:a1:f4:b0:
                    f5:85:2c:ef:17:b0:29:13:e3:5b:b0:d2:35:ae:36:
                    5a:1d:6b:51:2d:84:d1:4a:9d:aa:6e:9d:4b:90:f0:
                    d5:ca:d0:19:de:3e:ab:57:9c:0e:08:36:93:d6:88:
                    fb:9f:e1:48:f2:cd:06:a9:11:e1:e3:dc:5a:36:eb:
                    23:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:52:D5:45:AB:CB:55:11:81:3D:4D:76:FE:0F:A7:05:4F:3C:4F:2C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/570CA1FE141A11EFB442753F017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.213.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         23:9a:3c:51:07:5c:18:ef:a6:9d:8a:6a:ac:fa:1e:dd:8d:01:
         c6:4e:a4:96:6b:11:0f:23:8f:97:b3:b9:6a:c5:58:9c:ce:3c:
         bd:32:db:fe:d4:e8:7c:2f:2c:57:3b:ec:a6:02:33:db:d6:d0:
         d1:81:f7:93:90:2d:d9:72:13:7c:21:cf:19:fb:43:e9:24:26:
         b5:84:8b:7f:9b:22:dd:14:72:eb:04:11:52:4e:33:a1:c8:08:
         bd:a5:72:03:64:e0:0b:79:aa:4e:dc:4c:92:46:85:cf:c3:8f:
         67:b3:46:0f:87:19:5a:06:83:83:67:17:82:e7:b2:38:47:0d:
         f3:ef:73:27:b8:a9:f3:02:15:79:96:a9:c4:f5:87:37:02:71:
         2d:51:a9:a3:a4:ba:93:4c:f7:99:a1:8c:04:d3:2f:98:b3:05:
         b1:a3:55:ad:48:7c:29:aa:a9:62:1c:94:f6:c5:d9:08:9a:29:
         08:cf:de:3d:7b:03:42:2b:7f:dd:a5:55:ce:bd:22:f6:86:f0:
         3d:fb:d9:4e:9b:55:93:1f:f5:13:d5:eb:98:b4:2e:35:46:47:
         ad:50:38:33:e3:c1:8a:e2:f0:c2:e7:88:08:bb:66:11:5b:de:
         02:b1:95:53:53:b3:00:c9:00:f8:bf:23:a2:c4:70:ac:ee:54:
         f0:68:3c:6b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALgrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTE3MDY1NDQwWhcNMjQwNzA0MDY1NDQwWjAYMRYw
FAYDVQQDEw02NjQ2ZmYzMy0yYTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxWu6DmAI5RSS3ANJ5f6/F8JaJb2WBmCTJowjtu0kvoumoWIHcu/yZfNe
P5OndUclzav7ajNG6n8pehEtbiMkAcoRbIH19cfEMknEpg1/QXFDCecVwsSKBP6o
LU6ACYJJeNrOgAuBWkNK4RMcahRYG5GUteP6VQMLHxX2FwBItDHuckRmsEWwm81s
ki9Yv7ze0svT9ViSKTLOaXQLC+rBLovMnOLoNcfzuvKJiJYNnEgz8QMu/gHyOiKg
4ykJ+Xuh9LD1hSzvF7ApE+NbsNI1rjZaHWtRLYTRSp2qbp1LkPDVytAZ3j6rV5wO
CDaT1oj7n+FI8s0GqRHh49xaNusjTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBhS
1UWry1URgT1Ndv4PpwVPPE8sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NzBDQTFGRTE0MUExMUVGQjQ0Mjc1M0YwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtWgMA0GCSqGSIb3DQEB
CwUAA4IBAQAjmjxRB1wY76adimqs+h7djQHGTqSWaxEPI4+Xs7lqxViczjy9Mtv+
1Oh8LyxXO+ymAjPb1tDRgfeTkC3ZchN8Ic8Z+0PpJCa1hIt/myLdFHLrBBFSTjOh
yAi9pXIDZOALeapO3EySRoXPw49ns0YPhxlaBoODZxeC57I4Rw3z73MnuKnzAhV5
lqnE9Yc3AnEtUamjpLqTTPeZoYwE0y+YswWxo1WtSHwpqqliHJT2xdkImikIz949
ewNCK3/dpVXOvSL2hvA9+9lOm1WTH/UT1euYtC41RketUDgz48GK4vDC54gIu2YR
W94CsZVTU7MAyQD4vyOixHCs7lTwaDxr
-----END CERTIFICATE-----
Generated at Sat Jun 15 07:34:10 2024 by rpki-client on console-fra.rpki-client.org