Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A839FA4A71D11EFBB5D9363762E951A.roa
File:                     5A839FA4A71D11EFBB5D9363762E951A.roa (raw, json)
Hash identifier:          OacEpHSdYeBAjBmzBoZDKY6NLjtP6qRPbduD0PNs09Y=
Subject key identifier:   79:8E:CD:81:07:A9:7C:31:79:DB:30:C7:BA:D5:AA:49:7A:7F:C5:28
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       010F45
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A839FA4A71D11EFBB5D9363762E951A.roa
Signing time:             Wed 20 Nov 2024 08:56:39 +0000
ROA not before:           Wed 20 Nov 2024 08:56:35 +0000
ROA not after:            Thu 05 Dec 2024 08:56:35 +0000
asID:                     5065
IP address blocks:        154.94.43.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69445 (0x10f45)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Nov 20 08:56:35 2024 GMT
            Not After : Dec  5 08:56:35 2024 GMT
        Subject: CN=673da446-db52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:bc:51:5c:b6:a8:ea:b9:58:c9:b7:3d:d2:de:
                    96:a7:f7:30:e9:ed:1b:47:45:17:ef:dc:4a:7a:20:
                    da:a6:41:e9:8c:b1:80:e6:76:aa:6a:ef:67:de:7f:
                    cf:ff:35:01:9d:87:ec:ca:05:6d:29:bb:9e:cf:3b:
                    4d:db:f6:a8:74:20:b3:ea:3f:9b:11:ee:30:60:30:
                    0d:8f:a0:a4:5d:d9:bd:c2:24:d1:e7:ce:f4:9a:88:
                    34:00:90:57:9d:38:04:62:3e:84:6c:f1:b3:ab:50:
                    1c:34:c8:6f:c7:91:9d:44:bf:fa:e4:c3:0a:a0:83:
                    56:d4:1d:41:b6:1e:d1:2e:46:87:ae:df:26:bf:23:
                    53:25:07:a5:38:59:75:18:c9:59:3d:2f:2f:bf:12:
                    56:27:df:9c:6e:e3:30:16:b5:83:ba:1f:a0:ff:f2:
                    f1:65:52:8d:bc:96:19:25:34:4c:bd:04:a2:ef:e6:
                    1d:0e:53:da:00:5a:a1:7c:38:01:f3:4a:1e:33:dd:
                    dd:24:4b:25:3b:a8:42:ae:c1:2b:be:6e:f8:50:e4:
                    b0:7e:90:c6:eb:6c:28:7c:d5:a7:99:ca:b3:1f:d4:
                    75:15:c9:4c:50:e9:03:41:e5:d1:6c:d6:98:6d:76:
                    16:c7:9f:3d:96:51:10:4f:ef:93:c0:eb:9a:d8:8d:
                    81:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:8E:CD:81:07:A9:7C:31:79:DB:30:C7:BA:D5:AA:49:7A:7F:C5:28
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A839FA4A71D11EFBB5D9363762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.94.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c8:7f:95:54:eb:7f:c5:14:e5:7b:25:60:8d:08:64:9b:58:08:
         f8:f5:11:2d:c4:0f:26:85:e0:b2:5e:1f:a8:0c:4e:96:f2:a7:
         f8:a2:37:14:41:b3:b0:7c:a4:ad:fd:9a:13:55:9a:a4:54:d7:
         09:7b:a8:23:b6:22:72:a6:9e:c8:df:eb:cf:af:73:56:3e:c7:
         38:95:33:c7:23:3c:be:bd:fc:31:d3:99:ed:c1:3d:83:9f:f7:
         30:15:b1:3a:e8:ad:48:59:24:8c:b0:d1:fc:81:ac:48:8c:4d:
         83:af:3c:f0:c7:e5:7e:7a:24:2f:36:7d:25:ec:d6:65:09:d3:
         f5:a0:1b:ab:64:4b:d5:c1:38:55:f4:44:67:e9:9a:21:09:a1:
         ee:6f:ae:49:56:50:58:a3:8c:e8:49:db:31:52:aa:ed:b4:cf:
         04:ac:69:e3:4b:bf:c0:99:df:d9:47:61:d8:62:80:69:28:f0:
         0d:e2:bf:66:51:28:12:c4:f2:86:ff:58:64:eb:78:ff:2f:29:
         28:b5:ec:d2:ab:87:8a:1a:f1:f2:ce:61:53:3f:7d:21:96:d1:
         67:9c:69:a9:51:f5:59:c4:04:76:1d:4e:1e:b5:6e:25:c5:04:
         e3:80:25:52:c7:42:b8:20:6f:a8:42:0c:47:26:96:47:92:dc:
         8c:77:7a:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ9FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIwMDg1NjM1WhcNMjQxMjA1MDg1NjM1WjAYMRYw
FAYDVQQDEw02NzNkYTQ0Ni1kYjUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo7xRXLao6rlYybc90t6Wp/cw6e0bR0UX79xKeiDapkHpjLGA5naqau9n
3n/P/zUBnYfsygVtKbuezztN2/aodCCz6j+bEe4wYDANj6CkXdm9wiTR5870mog0
AJBXnTgEYj6EbPGzq1AcNMhvx5GdRL/65MMKoINW1B1Bth7RLkaHrt8mvyNTJQel
OFl1GMlZPS8vvxJWJ9+cbuMwFrWDuh+g//LxZVKNvJYZJTRMvQSi7+YdDlPaAFqh
fDgB80oeM93dJEslO6hCrsErvm74UOSwfpDG62wofNWnmcqzH9R1FclMUOkDQeXR
bNaYbXYWx589llEQT++TwOua2I2BpwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHmO
zYEHqXwxedswx7rVqkl6f8UoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QTgzOUZBNEE3MUQxMUVGQkI1RDkzNjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4rMA0GCSqGSIb3DQEB
CwUAA4IBAQDIf5VU63/FFOV7JWCNCGSbWAj49REtxA8mheCyXh+oDE6W8qf4ojcU
QbOwfKSt/ZoTVZqkVNcJe6gjtiJypp7I3+vPr3NWPsc4lTPHIzy+vfwx05ntwT2D
n/cwFbE66K1IWSSMsNH8gaxIjE2Drzzwx+V+eiQvNn0l7NZlCdP1oBurZEvVwThV
9ERn6ZohCaHub65JVlBYo4zoSdsxUqrttM8ErGnjS7/Amd/ZR2HYYoBpKPAN4r9m
USgSxPKG/1hk63j/LykotezSq4eKGvHyzmFTP30hltFnnGmpUfVZxAR2HU4etW4l
xQTjgCVSx0K4IG+oQgxHJpZHktyMd3rS
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:40 2024 by rpki-client on console-ams.rpki-client.org