Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D81C5B2B0FD11EEABE6535A775412E6.roa
File:                     5D81C5B2B0FD11EEABE6535A775412E6.roa (raw, json)
Hash identifier:          2pk084iBYn3SDucbPrzB3p6I4Ot7YnKf+FxVc9dtt4w=
Subject key identifier:   AB:B7:25:3A:82:BA:5E:1A:5F:D0:B0:91:4F:34:E6:81:A6:7A:7C:87
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7475
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D81C5B2B0FD11EEABE6535A775412E6.roa
Signing time:             Fri 12 Jan 2024 03:47:54 +0000
ROA not before:           Fri 12 Jan 2024 03:47:50 +0000
ROA not after:            Fri 13 Dec 2024 03:47:50 +0000
asID:                     140224
IP address blocks:        154.205.195.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29813 (0x7475)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 12 03:47:50 2024 GMT
            Not After : Dec 13 03:47:50 2024 GMT
        Subject: CN=65a0b66a-5906
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:17:a0:cd:e5:1b:22:e8:26:0c:f1:5f:74:40:
                    b2:b4:3b:93:44:4c:84:57:79:2c:13:0e:8c:fc:6d:
                    23:35:74:8a:c0:10:1d:28:6e:21:4a:e3:e3:9a:81:
                    d9:44:a9:7a:79:35:d5:28:e5:2a:39:e8:f6:69:aa:
                    95:27:e2:cc:66:24:0b:95:60:ea:13:86:0c:ff:f4:
                    d5:b7:ae:a7:fa:b7:63:49:67:d9:8b:bd:53:12:ad:
                    e4:eb:2f:4a:78:b1:ff:af:fc:9d:29:de:1d:13:70:
                    96:f8:7a:98:d4:74:23:a4:24:12:59:41:a7:f6:42:
                    2f:e0:72:8a:ff:ad:2e:06:01:5a:6f:ba:2a:86:82:
                    d8:b0:75:82:08:ca:c7:d2:84:c5:78:88:61:90:b6:
                    66:14:5c:48:6e:c1:0b:be:1b:c4:bc:ab:73:58:3c:
                    75:a8:46:a5:fb:9b:52:f6:2a:da:50:2b:d8:97:f4:
                    6a:a3:a0:cc:83:08:40:29:89:60:57:5e:6e:32:56:
                    85:bc:95:c4:bb:83:e1:dd:df:6f:25:6f:79:a7:3f:
                    aa:64:ad:da:2a:70:ae:08:a0:5f:4f:ca:e8:89:88:
                    45:ef:6f:8a:32:f7:ff:87:c2:f3:6e:2b:85:14:4b:
                    62:08:ca:8e:05:ac:00:7f:85:63:a7:e4:e5:eb:7c:
                    16:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:B7:25:3A:82:BA:5E:1A:5F:D0:B0:91:4F:34:E6:81:A6:7A:7C:87
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D81C5B2B0FD11EEABE6535A775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:52:0a:f6:0a:85:d2:16:d1:be:67:29:09:84:97:4c:99:84:
         f1:1f:de:6e:e1:25:be:cb:d3:19:41:74:6b:44:8b:b8:1e:fd:
         bc:a4:06:cb:c5:e8:2e:91:61:fb:46:10:73:a9:63:87:c8:0a:
         54:ea:4f:9a:d0:71:36:cd:fc:63:f6:4b:3b:a0:06:70:8a:d9:
         11:a5:58:2b:70:05:23:a3:f8:23:3b:b3:b9:71:06:75:0f:b4:
         e3:7f:31:24:c8:c4:1e:8c:1f:70:00:e1:54:dc:6c:33:d4:e2:
         87:4d:f4:a9:dc:8f:ba:c8:0f:bc:76:f4:49:d7:13:bf:38:0a:
         01:c3:f4:92:98:48:0d:1c:e8:a9:98:7c:93:70:e9:a6:5c:14:
         66:95:9f:73:fa:ac:7b:29:ad:61:12:3b:ac:5d:ce:6a:f4:0a:
         6a:97:5b:ce:f7:15:14:f2:82:03:65:7f:4b:f6:ca:87:c1:9a:
         71:e8:8a:21:17:a5:4f:12:23:92:d5:7b:76:25:30:f1:b7:de:
         1a:60:dd:5d:8f:9e:78:ac:13:d6:68:c1:59:10:45:c7:c1:a6:
         7d:cf:00:bd:7b:95:e3:91:9d:42:a4:f0:34:d0:c8:f4:7c:ac:
         b9:c7:1d:e0:08:fd:e7:5a:1f:00:62:06:2c:b9:48:32:fc:04:
         7a:6e:9d:fa
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdHUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTIwMzQ3NTBaFw0yNDEyMTMwMzQ3NTBaMBgxFjAU
BgNVBAMTDTY1YTBiNjZhLTU5MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4F6DN5Rsi6CYM8V90QLK0O5NETIRXeSwTDoz8bSM1dIrAEB0obiFK4+Oa
gdlEqXp5NdUo5So56PZpqpUn4sxmJAuVYOoThgz/9NW3rqf6t2NJZ9mLvVMSreTr
L0p4sf+v/J0p3h0TcJb4epjUdCOkJBJZQaf2Qi/gcor/rS4GAVpvuiqGgtiwdYII
ysfShMV4iGGQtmYUXEhuwQu+G8S8q3NYPHWoRqX7m1L2KtpQK9iX9GqjoMyDCEAp
iWBXXm4yVoW8lcS7g+Hd328lb3mnP6pkrdoqcK4IoF9PyuiJiEXvb4oy9/+HwvNu
K4UUS2IIyo4FrAB/hWOn5OXrfBYxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUq7cl
OoK6Xhpf0LCRTzTmgaZ6fIcwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzVEODFDNUIyQjBGRDExRUVBQkU2NTM1QTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazcMwDQYJKoZIhvcNAQEL
BQADggEBAApSCvYKhdIW0b5nKQmEl0yZhPEf3m7hJb7L0xlBdGtEi7ge/bykBsvF
6C6RYftGEHOpY4fIClTqT5rQcTbN/GP2SzugBnCK2RGlWCtwBSOj+CM7s7lxBnUP
tON/MSTIxB6MH3AA4VTcbDPU4odN9Kncj7rID7x29EnXE784CgHD9JKYSA0c6KmY
fJNw6aZcFGaVn3P6rHsprWESO6xdzmr0CmqXW873FRTyggNlf0v2yofBmnHoiiEX
pU8SI5LVe3YlMPG33hpg3V2PnnisE9ZowVkQRcfBpn3PAL17leORnUKk8DTQyPR8
rLnHHeAI/edaHwBiBiy5SDL8BHpunfo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:08 2024 by rpki-client on console-fra.rpki-client.org