Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/695C31E8651011EF846CBD73762E951A.roa
File:                     695C31E8651011EF846CBD73762E951A.roa (raw, json)
Hash identifier:          RNRuGeWc12uLG6NQjCwsZuLYeAkUMA5J0mU4z1B6n0g=
Subject key identifier:   F4:A3:77:86:8A:85:6A:F0:B3:77:78:BD:98:BC:4A:80:B0:01:8E:5F
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       E5D0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/695C31E8651011EF846CBD73762E951A.roa
Signing time:             Wed 28 Aug 2024 07:37:43 +0000
ROA not before:           Wed 28 Aug 2024 07:37:40 +0000
ROA not after:            Sun 30 Aug 2026 07:37:40 +0000
asID:                     142132
IP address blocks:        154.206.16.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Nov 2024 00:05:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58832 (0xe5d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug 28 07:37:40 2024 GMT
            Not After : Aug 30 07:37:40 2026 GMT
        Subject: CN=66ced3c7-e83a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:7f:52:6c:41:8f:43:2c:69:be:52:b5:99:92:
                    a9:0c:69:47:3f:dd:e8:db:25:13:9a:7a:ec:bc:3a:
                    d7:58:2a:be:de:4b:e7:1a:e1:15:5c:da:62:ab:e2:
                    6f:f7:bd:69:e3:69:c0:b8:57:f4:7d:97:79:f6:10:
                    5a:88:e1:2f:1b:3d:41:db:71:9c:45:07:75:24:e3:
                    aa:8b:d8:e9:15:2c:0d:80:85:d6:72:ee:29:a7:52:
                    78:75:0b:de:77:dc:f4:c5:65:cd:b9:b0:ba:4a:1d:
                    4c:1c:6c:61:eb:15:9a:e2:66:8a:c6:75:09:a9:b9:
                    9e:23:d4:fa:61:7e:a8:42:68:32:54:2a:17:69:1f:
                    57:60:25:2b:ab:93:10:14:d6:ba:be:0a:31:69:8e:
                    a1:c5:ec:6d:07:6e:38:c4:00:e7:d5:28:15:de:dd:
                    10:48:29:d2:52:05:69:b7:5a:ec:f1:f2:39:58:41:
                    72:bc:31:c3:ad:56:bb:16:3e:28:98:75:e7:eb:6b:
                    e5:81:10:48:ac:7f:dd:4b:b0:54:d1:a3:f0:0c:40:
                    fb:11:95:a4:e2:5e:b1:f8:fc:87:36:c0:9f:b5:be:
                    16:2f:fd:b0:4e:7d:77:d7:ce:ed:17:0c:22:30:91:
                    91:31:ae:06:e1:32:a3:de:48:9d:e4:fb:ec:aa:ba:
                    98:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:A3:77:86:8A:85:6A:F0:B3:77:78:BD:98:BC:4A:80:B0:01:8E:5F
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/695C31E8651011EF846CBD73762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.206.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:3b:3b:41:d1:b8:a0:65:eb:79:d4:7b:66:0c:81:76:e7:3b:
         bb:a1:d2:d3:c7:47:11:93:c9:2f:89:c0:a5:3b:b7:7d:d3:20:
         82:b6:2d:7a:dd:08:ae:59:01:c9:b8:61:f3:34:88:df:36:2f:
         26:78:97:0a:d8:3f:68:a6:a5:bc:67:c1:b1:f4:c0:2c:29:28:
         fc:b9:30:f6:83:df:58:26:b3:db:62:0b:74:20:2e:dc:16:2b:
         eb:ef:3a:67:38:67:a7:11:8d:14:36:64:75:bf:81:32:ae:ba:
         3b:7a:82:4d:61:db:5e:ca:ce:32:85:2a:43:d9:16:0f:f5:f6:
         ea:a3:d4:d6:98:d2:29:4c:68:d5:0f:94:9c:17:65:f6:1d:6b:
         80:d1:62:bd:ad:fe:95:2e:63:e6:a1:f9:08:0e:18:ab:29:69:
         2b:4d:62:bf:d5:69:02:88:39:6e:6e:a4:ce:32:14:8b:5e:ca:
         39:7b:4f:1b:1c:40:e6:34:fa:58:1e:be:4e:ee:61:de:de:c5:
         fe:cd:55:77:06:1b:0e:d1:46:f3:e0:68:32:b1:66:3a:19:af:
         93:c1:97:ce:8b:65:5f:9e:6f:8c:a8:3d:87:c4:d7:46:a2:32:
         1e:98:e8:ad:16:ae:af:60:19:9c:10:5a:c0:03:24:00:9b:6e:
         5c:0c:67:cd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAOXQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwODI4MDczNzQwWhcNMjYwODMwMDczNzQwWjAYMRYw
FAYDVQQDEw02NmNlZDNjNy1lODNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0X9SbEGPQyxpvlK1mZKpDGlHP93o2yUTmnrsvDrXWCq+3kvnGuEVXNpi
q+Jv971p42nAuFf0fZd59hBaiOEvGz1B23GcRQd1JOOqi9jpFSwNgIXWcu4pp1J4
dQved9z0xWXNubC6Sh1MHGxh6xWa4maKxnUJqbmeI9T6YX6oQmgyVCoXaR9XYCUr
q5MQFNa6vgoxaY6hxextB244xADn1SgV3t0QSCnSUgVpt1rs8fI5WEFyvDHDrVa7
Fj4omHXn62vlgRBIrH/dS7BU0aPwDED7EZWk4l6x+PyHNsCftb4WL/2wTn13187t
FwwiMJGRMa4G4TKj3kid5PvsqrqYEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPSj
d4aKhWrws3d4vZi8SoCwAY5fMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OTVDMzFFODY1MTAxMUVGODQ2Q0JENzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4QMA0GCSqGSIb3DQEB
CwUAA4IBAQAuOztB0bigZet51HtmDIF25zu7odLTx0cRk8kvicClO7d90yCCti16
3QiuWQHJuGHzNIjfNi8meJcK2D9opqW8Z8Gx9MAsKSj8uTD2g99YJrPbYgt0IC7c
Fivr7zpnOGenEY0UNmR1v4Eyrro7eoJNYdteys4yhSpD2RYP9fbqo9TWmNIpTGjV
D5ScF2X2HWuA0WK9rf6VLmPmofkIDhirKWkrTWK/1WkCiDlubqTOMhSLXso5e08b
HEDmNPpYHr5O7mHe3sX+zVV3BhsO0Ubz4GgysWY6Ga+TwZfOi2Vfnm+MqD2HxNdG
ojIemOitFq6vYBmcEFrAAyQAm25cDGfN
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:15 2024 by rpki-client on console-ams.rpki-client.org