Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/679813A8850B11EEA85652154AD9E6FC.roa
File:                     679813A8850B11EEA85652154AD9E6FC.roa (raw, json)
Hash identifier:          61q48K0XhshGRpgu/YljAxth1Q/7FKAN7HLPRqEmdPE=
Subject key identifier:   1A:33:BF:ED:82:FF:3B:B9:43:F8:17:0A:4D:EA:F7:CC:51:32:91:69
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       50DB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/679813A8850B11EEA85652154AD9E6FC.roa
Signing time:             Fri 17 Nov 2023 05:37:32 +0000
ROA not before:           Fri 17 Nov 2023 05:37:29 +0000
ROA not after:            Mon 30 Dec 2024 05:37:29 +0000
asID:                     328608
IP address blocks:        154.88.8.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20699 (0x50db)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Nov 17 05:37:29 2023 GMT
            Not After : Dec 30 05:37:29 2024 GMT
        Subject: CN=6556fc1c-166a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:8c:25:40:4d:2d:21:4e:9b:f4:ee:fd:a6:f1:
                    91:bf:c7:01:ca:f1:b6:98:0a:06:42:d2:94:52:81:
                    87:9d:c9:f1:63:e5:02:82:bd:dd:12:9d:f3:bf:e1:
                    2e:86:85:48:f9:77:b7:00:d8:e0:47:8c:a9:e7:ec:
                    a6:1e:29:3c:a1:8b:4b:f2:a2:ae:a7:53:a4:b1:50:
                    49:eb:75:a0:70:5b:93:11:90:af:03:bf:1b:3c:20:
                    7e:8d:cd:68:37:48:f9:6a:ed:db:4f:94:86:e3:df:
                    b6:9e:66:06:8b:18:50:4b:06:37:07:ae:59:36:5c:
                    3b:37:b2:67:7d:1c:75:0c:1c:84:6b:b6:2e:60:ba:
                    29:b8:27:54:5a:8e:b3:c5:8a:e8:20:22:b9:26:aa:
                    89:41:0f:31:9d:0f:63:39:46:07:95:66:89:36:88:
                    73:52:c6:2d:81:5a:a6:3f:e8:72:75:d8:85:a8:d7:
                    c5:d2:47:f3:00:5f:56:d5:d2:69:1d:48:6d:12:e9:
                    29:13:b8:f1:a5:00:f3:a3:e3:85:ab:7a:fc:91:1b:
                    f7:59:87:e8:c6:fa:42:3b:24:52:f4:9a:69:c6:a2:
                    89:97:80:0e:cc:dc:b7:81:36:27:fb:ec:ca:79:8e:
                    33:2c:cc:64:de:93:90:67:15:1d:15:6b:30:ac:12:
                    e2:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:33:BF:ED:82:FF:3B:B9:43:F8:17:0A:4D:EA:F7:CC:51:32:91:69
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/679813A8850B11EEA85652154AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.88.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:0f:b2:fa:93:82:e2:a3:f4:83:ba:f2:74:75:2a:45:1b:3e:
         d4:65:72:6a:b3:1d:00:87:f0:18:22:7b:41:41:38:d7:29:ef:
         16:cd:ea:a3:44:f5:31:07:ae:87:77:4a:a2:5d:bc:70:08:22:
         25:f6:fa:54:1b:34:b0:11:7b:dc:64:76:80:ad:24:5d:5b:68:
         7e:f0:5c:72:d5:d9:c9:e1:74:5a:a6:d9:37:fb:1d:c6:f7:27:
         d3:c7:a1:11:e1:57:73:a1:9a:5e:e6:be:ef:8f:9a:19:75:81:
         91:81:90:22:72:d8:8d:83:bd:0c:99:96:70:70:03:7e:c1:16:
         56:42:58:d9:b3:8c:ba:49:fa:1b:6b:97:21:b6:6a:a9:ec:fe:
         1c:bd:88:93:6a:c3:c8:88:1f:bd:ab:8b:d0:e1:db:13:41:36:
         0c:57:f3:27:62:62:bb:af:e0:ba:eb:b4:aa:a5:9e:3e:8f:c6:
         86:46:6b:d9:30:71:ec:11:f9:4f:f7:0e:23:26:00:9c:10:65:
         5d:58:e9:f3:8c:05:54:f3:69:2e:37:16:8a:aa:58:38:04:70:
         a0:a0:11:14:4d:22:3e:fe:a7:87:4a:8d:6d:e9:39:ae:7b:b9:
         5f:7f:e4:0c:92:da:c4:09:ee:e8:27:b8:04:30:20:3c:02:d9:
         c2:d0:01:38
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICUNswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMTcwNTM3MjlaFw0yNDEyMzAwNTM3MjlaMBgxFjAU
BgNVBAMTDTY1NTZmYzFjLTE2NmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPjCVATS0hTpv07v2m8ZG/xwHK8baYCgZC0pRSgYedyfFj5QKCvd0SnfO/
4S6GhUj5d7cA2OBHjKnn7KYeKTyhi0vyoq6nU6SxUEnrdaBwW5MRkK8Dvxs8IH6N
zWg3SPlq7dtPlIbj37aeZgaLGFBLBjcHrlk2XDs3smd9HHUMHIRrti5guim4J1Ra
jrPFiuggIrkmqolBDzGdD2M5RgeVZok2iHNSxi2BWqY/6HJ12IWo18XSR/MAX1bV
0mkdSG0S6SkTuPGlAPOj44WrevyRG/dZh+jG+kI7JFL0mmnGoomXgA7M3LeBNif7
7Mp5jjMszGTek5BnFR0VazCsEuJrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGjO/
7YL/O7lD+BcKTer3zFEykWkwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzY3OTgxM0E4ODUwQjExRUVBODU2NTIxNTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaWAgwDQYJKoZIhvcNAQEL
BQADggEBAH8PsvqTguKj9IO68nR1KkUbPtRlcmqzHQCH8Bgie0FBONcp7xbN6qNE
9TEHrod3SqJdvHAIIiX2+lQbNLARe9xkdoCtJF1baH7wXHLV2cnhdFqm2Tf7Hcb3
J9PHoRHhV3Ohml7mvu+Pmhl1gZGBkCJy2I2DvQyZlnBwA37BFlZCWNmzjLpJ+htr
lyG2aqns/hy9iJNqw8iIH72ri9Dh2xNBNgxX8ydiYruv4LrrtKqlnj6PxoZGa9kw
cewR+U/3DiMmAJwQZV1Y6fOMBVTzaS43FoqqWDgEcKCgERRNIj7+p4dKjW3pOa57
uV9/5AyS2sQJ7ugnuAQwIDwC2cLQATg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:08 2024 by rpki-client on console-ams.rpki-client.org