Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6A2B2E60A91F11EE9330338A775412E6.roa
File:                     6A2B2E60A91F11EE9330338A775412E6.roa (raw, json)
Hash identifier:          ntAIbTqDHINQAWTkrryjuIrwQ/ntlC1brrAPlhveKes=
Subject key identifier:   C8:4F:69:8B:0C:B5:25:DF:66:CC:76:DD:FF:2A:F8:87:C7:DC:96:5B
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       6CDC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6A2B2E60A91F11EE9330338A775412E6.roa
Signing time:             Tue 02 Jan 2024 03:31:29 +0000
ROA not before:           Tue 02 Jan 2024 03:31:25 +0000
ROA not after:            Mon 30 Dec 2024 03:31:25 +0000
asID:                     328608
IP address blocks:        154.197.67.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27868 (0x6cdc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan  2 03:31:25 2024 GMT
            Not After : Dec 30 03:31:25 2024 GMT
        Subject: CN=65938390-734b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:b4:a1:15:f9:bf:38:e2:fb:06:59:10:21:41:
                    74:64:77:8f:5b:85:69:0b:c6:cb:ac:9b:d8:d5:84:
                    86:a9:39:a9:e0:28:eb:65:47:97:30:f2:4e:9a:9f:
                    71:cc:30:7d:f4:24:84:02:2e:94:c6:30:10:60:f0:
                    60:72:aa:86:85:e3:79:c4:d5:ec:27:f6:b4:ec:18:
                    02:6f:f8:4b:aa:0e:05:39:1d:2b:0a:c7:39:4d:a8:
                    38:3f:bb:43:f8:e2:90:8a:cd:f5:b6:f3:17:e1:10:
                    35:90:65:56:51:52:11:27:91:01:a0:e1:f8:06:3f:
                    46:69:a1:51:03:8c:90:90:b5:6f:42:71:dc:88:02:
                    e3:51:86:a4:39:72:c9:09:38:d4:ef:b9:fd:dc:6e:
                    b5:2b:36:e4:4e:6a:76:66:fd:7b:4b:9e:ef:52:ee:
                    aa:6a:c5:9b:39:31:5b:5e:dd:b5:8c:c9:fe:c1:51:
                    55:c2:8b:8d:7f:3e:1a:be:7a:b1:d2:b3:4c:37:a1:
                    46:7b:2d:b4:57:9c:65:60:b6:57:6b:9d:7c:5e:4c:
                    a3:e3:8a:29:57:b4:8c:f4:d5:1e:20:be:b3:9b:3a:
                    94:2b:42:00:af:8a:35:94:be:1f:51:14:7d:1d:d4:
                    8d:39:3c:93:38:62:2c:f8:45:64:0c:ea:01:44:8d:
                    26:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:4F:69:8B:0C:B5:25:DF:66:CC:76:DD:FF:2A:F8:87:C7:DC:96:5B
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6A2B2E60A91F11EE9330338A775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.197.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:d6:90:b6:f1:38:2b:39:5d:cd:56:3f:8f:e9:a2:5c:14:b1:
         65:d2:2e:55:2e:51:03:76:75:34:92:bb:eb:82:de:58:e1:5b:
         f1:03:72:1a:25:13:a0:dc:a5:0a:c3:8d:70:b2:e9:1c:dd:51:
         7c:9b:d2:77:f2:c0:9f:d3:67:cf:f9:9f:81:bb:6c:ee:c5:44:
         74:42:f4:63:bc:d6:6c:d4:59:5f:31:97:bd:f7:8e:93:a0:39:
         22:40:87:8a:0e:c4:77:b6:20:1c:a7:c7:32:b2:9d:78:db:d2:
         69:8d:a4:8d:d4:13:88:9b:34:30:d0:85:ec:9a:2b:da:80:a5:
         0c:86:75:a6:59:9a:42:ae:1b:b2:e5:6b:da:7e:75:b1:8a:3c:
         7b:2d:ae:b7:35:52:89:48:0d:f7:9e:6c:5e:99:5e:70:85:a9:
         c7:b2:b1:ae:f3:77:ac:0f:b9:39:62:25:6e:2f:25:2e:d5:bd:
         86:72:ff:1c:b4:e8:60:26:35:6c:ea:fc:4d:45:45:71:85:cc:
         d5:17:4d:68:66:2a:5b:03:e2:d9:0f:7f:d6:3a:d8:a0:c0:a1:
         58:34:c9:03:1c:eb:41:49:aa:ab:09:e8:6a:6f:54:88:e0:2b:
         82:25:dc:42:c2:f7:5a:8c:03:89:12:c3:09:3a:d8:08:e7:66:
         6b:e3:3d:a7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICbNwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMDIwMzMxMjVaFw0yNDEyMzAwMzMxMjVaMBgxFjAU
BgNVBAMTDTY1OTM4MzkwLTczNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQtKEV+b844vsGWRAhQXRkd49bhWkLxsusm9jVhIapOangKOtlR5cw8k6a
n3HMMH30JIQCLpTGMBBg8GByqoaF43nE1ewn9rTsGAJv+EuqDgU5HSsKxzlNqDg/
u0P44pCKzfW28xfhEDWQZVZRUhEnkQGg4fgGP0ZpoVEDjJCQtW9CcdyIAuNRhqQ5
cskJONTvuf3cbrUrNuROanZm/XtLnu9S7qpqxZs5MVte3bWMyf7BUVXCi41/Phq+
erHSs0w3oUZ7LbRXnGVgtldrnXxeTKPjiilXtIz01R4gvrObOpQrQgCvijWUvh9R
FH0d1I05PJM4Yiz4RWQM6gFEjSafAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUyE9p
iwy1Jd9mzHbd/yr4h8fcllswHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzZBMkIyRTYwQTkxRjExRUU5MzMwMzM4QTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxUMwDQYJKoZIhvcNAQEL
BQADggEBACfWkLbxOCs5Xc1WP4/polwUsWXSLlUuUQN2dTSSu+uC3ljhW/EDchol
E6DcpQrDjXCy6RzdUXyb0nfywJ/TZ8/5n4G7bO7FRHRC9GO81mzUWV8xl733jpOg
OSJAh4oOxHe2IBynxzKynXjb0mmNpI3UE4ibNDDQheyaK9qApQyGdaZZmkKuG7Ll
a9p+dbGKPHstrrc1UolIDfeebF6ZXnCFqceysa7zd6wPuTliJW4vJS7VvYZy/xy0
6GAmNWzq/E1FRXGFzNUXTWhmKlsD4tkPf9Y62KDAoVg0yQMc60FJqqsJ6GpvVIjg
K4Il3ELC91qMA4kSwwk62AjnZmvjPac=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:08 2024 by rpki-client on console-ams.rpki-client.org