Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/710390D0AE1D11EEB0A9089E775412E6.roa
File:                     710390D0AE1D11EEB0A9089E775412E6.roa (raw, json)
Hash identifier:          Q45f7Z1Z5R7neAfgLeSAE1ilaO/1jzePeUhjNmMIJ+M=
Subject key identifier:   77:6A:FB:E7:D9:0A:8F:5A:32:41:4A:3E:57:53:3F:92:D4:12:13:C0
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       72BA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/710390D0AE1D11EEB0A9089E775412E6.roa
Signing time:             Mon 08 Jan 2024 11:59:57 +0000
ROA not before:           Mon 08 Jan 2024 11:59:53 +0000
ROA not after:            Tue 14 Jan 2025 11:59:53 +0000
asID:                     138965
IP address blocks:        154.222.62.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29370 (0x72ba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan  8 11:59:53 2024 GMT
            Not After : Jan 14 11:59:53 2025 GMT
        Subject: CN=659be3bd-ed78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:17:6d:a1:c5:fa:f8:62:d2:53:22:5a:3c:d3:
                    ab:b6:27:67:1c:9f:a5:4d:a7:7e:f8:bb:17:28:39:
                    53:fe:ef:22:0f:36:ef:b6:d0:00:58:54:df:9e:a1:
                    22:ff:24:0f:a2:24:25:32:8e:f6:46:5c:06:72:2b:
                    a9:06:3e:e9:b9:3f:f6:a7:82:cf:26:32:8e:96:15:
                    5e:77:10:2c:32:18:08:12:24:00:85:50:c9:e6:55:
                    3d:c1:e8:29:b9:4e:37:68:ec:24:c6:f4:88:fc:65:
                    de:4c:46:d8:a6:bd:12:92:e5:f4:9f:d8:c7:bb:dd:
                    63:1d:5d:29:bf:f5:f5:17:21:6c:3e:97:83:07:4b:
                    b1:65:c0:9b:00:aa:8e:25:75:fc:1d:b3:5d:6e:0d:
                    2c:ea:35:f0:99:c4:24:c3:5a:a5:a8:cb:77:5b:80:
                    e8:b6:cb:75:6a:4a:30:02:e3:ad:cc:b9:d3:01:2c:
                    ee:0c:82:e4:51:ec:b7:35:4f:cf:2b:93:b4:a7:9f:
                    45:81:ab:4c:df:7e:d7:ca:d4:22:c3:19:9a:ce:38:
                    f6:a6:10:76:38:f4:3e:bc:fd:06:04:5d:9e:14:58:
                    32:36:d6:95:86:2b:1e:c9:53:ae:bc:4d:34:d1:ab:
                    9f:b9:a8:36:da:06:a4:c3:87:a3:21:5b:5c:25:8d:
                    08:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:6A:FB:E7:D9:0A:8F:5A:32:41:4A:3E:57:53:3F:92:D4:12:13:C0
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/710390D0AE1D11EEB0A9089E775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.222.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:2d:68:43:81:e0:9c:56:44:ce:94:bd:6a:47:d3:20:85:a8:
         a0:b1:9c:83:5f:ff:52:36:47:d6:96:2f:78:d7:b2:cf:ee:a7:
         56:54:e2:4c:dd:e2:c4:9b:a9:a8:7f:9e:fc:1a:72:42:5e:5c:
         5e:36:e1:05:bb:35:fe:1d:51:60:28:93:7d:56:8c:71:f2:b5:
         3a:a0:5a:df:1d:a9:91:09:8f:f6:02:c7:b9:7c:75:9f:5b:71:
         91:72:2b:e7:56:52:34:c8:03:13:80:c1:9d:4d:eb:7a:05:6e:
         b1:65:ca:ed:8b:bb:07:81:20:87:df:f7:54:8b:25:d4:d9:01:
         cf:4a:55:b5:0b:34:25:7c:1c:6c:f5:37:6b:83:1a:4e:49:17:
         3a:1b:5a:69:68:d9:1e:73:32:2c:bf:e1:5f:a8:6a:30:e2:04:
         ac:8f:be:1d:2a:a8:58:b4:f4:b2:72:95:b4:59:74:21:e6:7a:
         97:e0:55:dd:d5:a9:00:1a:45:e1:4d:e9:d7:12:e2:bf:b9:a4:
         07:77:6f:72:d0:74:90:e2:8c:9a:bf:6e:67:e0:99:4d:00:c1:
         51:ea:a6:3d:65:5f:cf:ec:3b:a8:da:c8:23:77:bd:a6:28:da:
         77:a8:9d:39:81:67:c9:37:99:29:1e:a4:db:26:17:a9:b0:9b:
         e9:c1:c0:d3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICcrowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMDgxMTU5NTNaFw0yNTAxMTQxMTU5NTNaMBgxFjAU
BgNVBAMTDTY1OWJlM2JkLWVkNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDOF22hxfr4YtJTIlo806u2J2ccn6VNp374uxcoOVP+7yIPNu+20ABYVN+e
oSL/JA+iJCUyjvZGXAZyK6kGPum5P/angs8mMo6WFV53ECwyGAgSJACFUMnmVT3B
6Cm5Tjdo7CTG9Ij8Zd5MRtimvRKS5fSf2Me73WMdXSm/9fUXIWw+l4MHS7FlwJsA
qo4ldfwds11uDSzqNfCZxCTDWqWoy3dbgOi2y3VqSjAC463MudMBLO4MguRR7Lc1
T88rk7Snn0WBq0zfftfK1CLDGZrOOPamEHY49D68/QYEXZ4UWDI21pWGKx7JU668
TTTRq5+5qDbaBqTDh6MhW1wljQgVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUd2r7
59kKj1oyQUo+V1M/ktQSE8AwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzcxMDM5MEQwQUUxRDExRUVCMEE5MDg5RTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa3j4wDQYJKoZIhvcNAQEL
BQADggEBAKotaEOB4JxWRM6UvWpH0yCFqKCxnINf/1I2R9aWL3jXss/up1ZU4kzd
4sSbqah/nvwackJeXF424QW7Nf4dUWAok31WjHHytTqgWt8dqZEJj/YCx7l8dZ9b
cZFyK+dWUjTIAxOAwZ1N63oFbrFlyu2LuweBIIff91SLJdTZAc9KVbULNCV8HGz1
N2uDGk5JFzobWmlo2R5zMiy/4V+oajDiBKyPvh0qqFi09LJylbRZdCHmepfgVd3V
qQAaReFN6dcS4r+5pAd3b3LQdJDijJq/bmfgmU0AwVHqpj1lX8/sO6jayCN3vaYo
2neonTmBZ8k3mSkepNsmF6mwm+nBwNM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:10 2024 by rpki-client on console-fra.rpki-client.org