Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B1B2F643AAB11EF8AFA2249762E951A.roa
File:                     6B1B2F643AAB11EF8AFA2249762E951A.roa (raw, json)
Hash identifier:          qxzgtbFdSp4S57rmLZvFw1HZToi86QmxDjdpf47TTGw=
Subject key identifier:   C6:A1:99:29:57:6B:01:D5:82:CE:B6:8F:18:4F:0C:70:B8:C3:18:6C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       CDB0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B1B2F643AAB11EF8AFA2249762E951A.roa
Signing time:             Fri 05 Jul 2024 08:48:58 +0000
ROA not before:           Fri 05 Jul 2024 08:48:55 +0000
ROA not after:            Fri 13 Jun 2025 08:48:55 +0000
asID:                     150150
IP address blocks:        154.89.0.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Nov 2024 00:05:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52656 (0xcdb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul  5 08:48:55 2024 GMT
            Not After : Jun 13 08:48:55 2025 GMT
        Subject: CN=6687b37a-d13b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:14:1e:6c:8d:64:54:f7:14:9e:a3:56:4e:8e:
                    10:c3:df:70:42:55:85:8d:ef:97:0b:b5:10:96:3a:
                    b7:f2:e5:0c:a5:0f:8f:cd:56:8b:5f:f2:a2:53:3f:
                    2f:a8:c2:59:66:31:66:58:ad:79:fd:8c:ce:45:eb:
                    2c:1e:e6:f2:fb:43:d4:e6:21:d3:68:8a:7f:84:68:
                    9e:22:ac:ae:6a:48:2e:3a:5e:a6:a9:e5:8f:1d:33:
                    93:ee:5d:89:ba:8f:8a:a0:1d:31:9e:9c:dd:88:2e:
                    9f:c0:72:66:a3:63:57:3c:66:e3:a7:c0:32:57:f2:
                    8d:1b:96:40:6b:43:6d:6f:1d:22:86:bf:24:ef:f5:
                    f6:44:3e:0d:07:ad:3e:97:e9:7f:34:67:c3:22:20:
                    54:c5:64:71:d6:9c:89:ee:e8:b1:6b:3a:b5:d7:73:
                    fa:60:c1:b9:af:78:c0:a3:19:fa:8b:70:25:e5:54:
                    1c:ea:21:ec:a4:3d:06:67:0a:6a:e3:4a:1a:de:f0:
                    9d:16:62:9a:09:24:68:5e:34:0b:16:96:8d:74:32:
                    0d:b0:d6:a8:62:d3:66:4f:14:4d:a3:96:13:a2:2f:
                    e9:0a:2a:4d:f8:54:e2:26:0f:f0:9f:ef:24:20:44:
                    f8:ba:85:d0:2e:d3:9f:b3:63:27:5d:b3:01:9c:e9:
                    18:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:A1:99:29:57:6B:01:D5:82:CE:B6:8F:18:4F:0C:70:B8:C3:18:6C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B1B2F643AAB11EF8AFA2249762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.89.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:2a:07:4c:3d:db:41:2b:da:34:b0:ea:50:87:d0:05:ae:8b:
         e0:a1:0d:d0:fe:e7:38:12:99:f5:81:0a:96:78:cb:2f:24:a7:
         ff:ed:30:08:d2:4f:1d:d7:1f:e9:93:69:f3:f5:16:5c:4b:28:
         66:73:e1:6b:df:e3:1b:a4:49:4c:8d:57:ca:9a:b1:5a:98:10:
         5e:49:f0:1e:2b:d3:3e:bc:15:9e:0c:7f:aa:5a:b6:7b:6c:fe:
         c0:e1:c6:f2:c1:66:47:05:87:75:fc:53:46:9c:35:f1:7a:5a:
         3d:39:3a:d8:16:93:34:ae:98:fd:37:4a:a8:b5:58:b9:0a:45:
         0c:27:09:18:80:3e:f9:6e:cc:ec:a8:47:1c:ca:df:67:df:93:
         6a:76:4d:06:8b:fb:13:d4:11:e9:cb:64:65:53:a7:2d:d3:60:
         97:a9:c1:90:17:13:1d:f9:76:76:e2:20:73:27:9d:69:43:a7:
         47:a3:8a:3a:e9:40:25:72:0e:f2:2e:ed:0f:1c:60:c5:28:b8:
         96:72:bd:e7:e2:ac:69:56:d0:7a:ea:b2:4a:57:e7:ba:70:e7:
         34:d1:6f:cb:23:b0:f6:e9:cd:44:9e:76:43:fb:58:67:21:03:
         94:ed:40:53:49:47:f2:6a:c8:89:f5:c2:ee:c6:26:60:4c:df:
         db:fd:a3:29
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAM2wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNzA1MDg0ODU1WhcNMjUwNjEzMDg0ODU1WjAYMRYw
FAYDVQQDEw02Njg3YjM3YS1kMTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqxQebI1kVPcUnqNWTo4Qw99wQlWFje+XC7UQljq38uUMpQ+PzVaLX/Ki
Uz8vqMJZZjFmWK15/YzORessHuby+0PU5iHTaIp/hGieIqyuakguOl6mqeWPHTOT
7l2Juo+KoB0xnpzdiC6fwHJmo2NXPGbjp8AyV/KNG5ZAa0Ntbx0ihr8k7/X2RD4N
B60+l+l/NGfDIiBUxWRx1pyJ7uixazq113P6YMG5r3jAoxn6i3Al5VQc6iHspD0G
Zwpq40oa3vCdFmKaCSRoXjQLFpaNdDINsNaoYtNmTxRNo5YToi/pCipN+FTiJg/w
n+8kIET4uoXQLtOfs2MnXbMBnOkY6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMah
mSlXawHVgs62jxhPDHC4wxhsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QjFCMkY2NDNBQUIxMUVGOEFGQTIyNDk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkAMA0GCSqGSIb3DQEB
CwUAA4IBAQCuKgdMPdtBK9o0sOpQh9AFrovgoQ3Q/uc4Epn1gQqWeMsvJKf/7TAI
0k8d1x/pk2nz9RZcSyhmc+Fr3+MbpElMjVfKmrFamBBeSfAeK9M+vBWeDH+qWrZ7
bP7A4cbywWZHBYd1/FNGnDXxelo9OTrYFpM0rpj9N0qotVi5CkUMJwkYgD75bszs
qEccyt9n35Nqdk0Gi/sT1BHpy2RlU6ct02CXqcGQFxMd+XZ24iBzJ51pQ6dHo4o6
6UAlcg7yLu0PHGDFKLiWcr3n4qxpVtB66rJKV+e6cOc00W/LI7D26c1EnnZD+1hn
IQOU7UBTSUfyasiJ9cLuxiZgTN/b/aMp
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:15 2024 by rpki-client on console-ams.rpki-client.org