Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C349700017211EF9F734229017001B1.roa
File:                     5C349700017211EF9F734229017001B1.roa (raw, json)
Hash identifier:          eLhYbspOEXxlNXXVcZEWd2q3aFN77fIpELYWjGWVaYw=
Subject key identifier:   BF:7F:8B:3B:82:1E:BB:E3:56:6B:F8:90:92:0F:B6:22:52:7B:B5:82
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       AF42
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C349700017211EF9F734229017001B1.roa
Signing time:             Tue 23 Apr 2024 13:06:56 +0000
ROA not before:           Tue 23 Apr 2024 13:06:52 +0000
ROA not after:            Fri 25 Apr 2025 13:06:52 +0000
asID:                     28458
IP address blocks:        154.94.0.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44866 (0xaf42)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Apr 23 13:06:52 2024 GMT
            Not After : Apr 25 13:06:52 2025 GMT
        Subject: CN=6627b270-51e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:68:f6:d4:5c:39:e1:c6:15:8a:4f:e0:e8:71:
                    bc:d5:58:a9:fb:6b:e6:66:57:c9:94:7b:6e:41:9f:
                    7b:13:a3:41:1f:19:e2:b0:c6:63:4b:62:19:bb:22:
                    d4:2e:f8:6e:6c:c8:0a:39:bd:b1:21:e0:f5:47:21:
                    33:79:9e:a1:44:0b:5d:bb:14:b3:74:7a:f7:fa:48:
                    4e:a3:e7:74:e3:2f:db:9c:1a:62:53:29:47:3c:47:
                    fe:90:59:09:c5:ee:f9:12:29:60:09:73:1c:59:77:
                    67:60:e9:ff:8d:b5:43:15:10:f4:c1:b2:95:71:0d:
                    6e:85:d9:bf:a5:1f:af:42:60:30:f2:19:11:68:d9:
                    f7:86:9b:e0:ea:05:63:3c:19:3f:95:30:54:4e:2d:
                    ab:72:0d:92:af:48:b5:9f:ed:e2:b0:5c:39:a6:61:
                    de:e8:4e:f1:25:22:95:5a:c2:d2:9a:eb:42:1f:d9:
                    24:e7:8f:8f:e9:c4:66:bc:15:43:68:03:57:cc:ca:
                    c6:eb:95:f4:ca:af:27:8a:4d:64:1b:d6:da:fc:17:
                    cc:d7:8a:4d:a7:14:50:36:36:b5:bc:3a:91:9b:9d:
                    6c:b9:8d:79:be:5e:11:66:c6:3d:ff:00:0c:a3:0e:
                    7b:4a:9f:65:0d:42:7e:c5:19:17:6f:dd:c9:ba:c6:
                    26:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:7F:8B:3B:82:1E:BB:E3:56:6B:F8:90:92:0F:B6:22:52:7B:B5:82
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C349700017211EF9F734229017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.94.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:b2:df:75:81:b3:be:91:06:e2:ea:7e:1c:06:07:72:17:d8:
         af:dc:13:f9:5b:7f:29:8f:2d:a0:ee:a8:0c:2e:d6:2c:48:be:
         2f:a1:3b:fd:7a:82:b0:d2:cc:52:60:c2:6a:d6:11:aa:e2:81:
         53:8e:54:9f:e9:ac:0b:aa:32:a5:6c:ef:ce:0d:74:e4:f1:03:
         63:31:42:a0:a0:7f:2b:70:f9:bb:fc:99:88:f1:d6:a9:7f:64:
         62:45:73:f3:6f:b2:f0:8c:e7:0c:bc:97:a5:48:cb:fd:9b:83:
         56:af:e5:1a:0d:b8:6e:ca:15:01:9c:e1:14:6f:ef:2e:4d:71:
         3a:97:f1:82:3f:3c:d9:aa:fc:5c:1f:d0:4c:27:7b:55:69:d4:
         d7:3a:30:e1:ac:14:1e:19:f9:ba:0e:5a:71:67:5b:8b:45:68:
         fa:5a:a6:10:a6:37:ff:6e:f1:77:52:87:c2:15:9f:66:62:ee:
         4e:d9:a6:08:bc:5f:99:b3:98:d4:4c:c8:49:2d:93:be:14:41:
         83:a0:b4:fe:8d:e5:79:54:d2:27:5c:e7:0f:b2:72:89:03:01:
         02:fa:30:68:00:df:bc:d4:90:23:b1:da:05:81:1c:dd:1e:ee:
         f4:eb:90:aa:ad:ec:4d:f0:3b:c1:9a:74:b8:a8:69:30:74:90:
         5e:bf:37:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK9CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDIzMTMwNjUyWhcNMjUwNDI1MTMwNjUyWjAYMRYw
FAYDVQQDEw02NjI3YjI3MC01MWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4Gj21Fw54cYVik/g6HG81Vip+2vmZlfJlHtuQZ97E6NBHxnisMZjS2IZ
uyLULvhubMgKOb2xIeD1RyEzeZ6hRAtduxSzdHr3+khOo+d04y/bnBpiUylHPEf+
kFkJxe75EilgCXMcWXdnYOn/jbVDFRD0wbKVcQ1uhdm/pR+vQmAw8hkRaNn3hpvg
6gVjPBk/lTBUTi2rcg2Sr0i1n+3isFw5pmHe6E7xJSKVWsLSmutCH9kk54+P6cRm
vBVDaANXzMrG65X0yq8nik1kG9ba/BfM14pNpxRQNja1vDqRm51suY15vl4RZsY9
/wAMow57Sp9lDUJ+xRkXb93JusYmowIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL9/
izuCHrvjVmv4kJIPtiJSe7WCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QzM0OTcwMDAxNzIxMUVGOUY3MzQyMjkwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4AMA0GCSqGSIb3DQEB
CwUAA4IBAQCzst91gbO+kQbi6n4cBgdyF9iv3BP5W38pjy2g7qgMLtYsSL4voTv9
eoKw0sxSYMJq1hGq4oFTjlSf6awLqjKlbO/ODXTk8QNjMUKgoH8rcPm7/JmI8dap
f2RiRXPzb7LwjOcMvJelSMv9m4NWr+UaDbhuyhUBnOEUb+8uTXE6l/GCPzzZqvxc
H9BMJ3tVadTXOjDhrBQeGfm6DlpxZ1uLRWj6WqYQpjf/bvF3UofCFZ9mYu5O2aYI
vF+Zs5jUTMhJLZO+FEGDoLT+jeV5VNInXOcPsnKJAwEC+jBoAN+81JAjsdoFgRzd
Hu7065CqrexN8DvBmnS4qGkwdJBevzcE
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:41 2024 by rpki-client on console-ams.rpki-client.org