Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/734D0CA6AE1B11EEB21CCA9A775412E6.roa
File:                     734D0CA6AE1B11EEB21CCA9A775412E6.roa (raw, json)
Hash identifier:          igZpAwmUV6k+XzD3/RcMh7vXRu2dMdy5soJoNOVC/2I=
Subject key identifier:   D2:8F:82:11:1B:65:A1:D6:34:62:B7:D4:AA:DD:CC:DB:85:81:41:E7
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       72A8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/734D0CA6AE1B11EEB21CCA9A775412E6.roa
Signing time:             Mon 08 Jan 2024 11:45:42 +0000
ROA not before:           Mon 08 Jan 2024 11:45:38 +0000
ROA not after:            Tue 14 Jan 2025 11:45:38 +0000
asID:                     138965
IP address blocks:        154.223.15.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29352 (0x72a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan  8 11:45:38 2024 GMT
            Not After : Jan 14 11:45:38 2025 GMT
        Subject: CN=659be066-f83f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:d9:68:65:a5:f0:a0:2b:fe:12:6d:7d:db:5a:
                    e1:07:49:d2:01:89:b7:c3:30:7c:21:7e:c9:81:90:
                    c6:43:c0:17:d0:8e:a7:4e:e2:b3:f4:44:69:c0:6d:
                    dd:87:67:3c:8c:e3:ea:26:74:7c:f7:ec:c1:31:1c:
                    ea:65:5d:7d:f7:c9:0a:a3:f5:ee:6b:99:f0:2e:e1:
                    41:41:3d:5e:0d:b5:9a:bd:91:30:fb:a1:22:fc:53:
                    3a:fc:d6:e1:32:10:72:3f:b1:95:d1:89:9c:2f:53:
                    a6:8f:45:bc:bd:19:52:0d:dd:ba:31:d2:d9:f9:d1:
                    df:10:eb:25:b7:71:fe:bd:40:f2:38:a6:15:72:e5:
                    18:4c:50:ca:8a:0e:7c:cc:68:63:ea:23:e6:97:58:
                    aa:71:b2:dd:67:d7:88:19:ab:0f:69:38:6b:49:f5:
                    aa:ba:9c:eb:b9:5c:0c:eb:87:ef:0e:a2:a3:04:72:
                    59:27:83:0b:29:aa:36:2c:57:d7:35:91:c2:39:b4:
                    a2:3e:64:57:89:41:87:f9:17:55:41:7f:37:39:23:
                    30:b6:48:98:3b:c6:1c:a8:9b:2a:5a:9b:74:26:2c:
                    cc:37:05:a4:d6:b0:a4:a1:d5:da:b5:e7:84:16:c8:
                    a3:9f:89:41:96:3d:7e:51:73:56:7a:05:b6:bd:7a:
                    31:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:8F:82:11:1B:65:A1:D6:34:62:B7:D4:AA:DD:CC:DB:85:81:41:E7
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/734D0CA6AE1B11EEB21CCA9A775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.223.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:e4:cb:f1:5e:e9:c9:58:9b:f9:f8:19:a1:c7:37:4a:33:21:
         4d:e9:04:6d:99:4e:58:20:5e:ef:9d:f0:ef:9a:01:08:2a:fb:
         95:1a:bc:b0:29:53:a1:91:de:1b:5b:4d:ed:95:96:74:fc:ac:
         23:21:6f:c4:76:5a:73:6c:9e:8f:0f:19:9a:52:ec:ed:b5:cb:
         3e:06:6b:25:d4:19:08:db:5e:64:cb:a5:e8:e5:9f:8c:c8:98:
         c6:bd:5d:5c:da:00:0a:31:47:da:16:3e:28:79:89:72:71:da:
         7e:d4:e2:fb:fa:11:89:53:89:8f:da:6d:11:cc:35:9c:1d:2b:
         72:59:53:06:cd:9a:3e:36:74:82:78:c5:c5:e3:bb:b4:c9:b4:
         c3:3c:27:ae:31:c3:36:d4:0f:27:37:06:ab:5e:ef:2f:bb:80:
         3a:68:37:8a:c1:62:e2:27:53:ba:6c:51:c0:e9:7b:0c:2d:11:
         99:49:e7:c1:c6:24:a9:98:47:01:34:91:a9:ca:c2:ff:c3:f3:
         9f:5c:ec:9a:fb:3d:6f:1e:7f:75:9e:22:aa:4c:dd:9d:b1:c2:
         c7:62:f1:c6:d1:dc:ca:d6:f3:a9:bd:2d:30:25:c8:8d:f1:64:
         de:62:f0:13:a7:3a:fc:df:2a:70:96:b7:de:07:3e:a0:18:08:
         ed:a9:68:70
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICcqgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMDgxMTQ1MzhaFw0yNTAxMTQxMTQ1MzhaMBgxFjAU
BgNVBAMTDTY1OWJlMDY2LWY4M2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDj2WhlpfCgK/4SbX3bWuEHSdIBibfDMHwhfsmBkMZDwBfQjqdO4rP0RGnA
bd2HZzyM4+omdHz37MExHOplXX33yQqj9e5rmfAu4UFBPV4NtZq9kTD7oSL8Uzr8
1uEyEHI/sZXRiZwvU6aPRby9GVIN3box0tn50d8Q6yW3cf69QPI4phVy5RhMUMqK
DnzMaGPqI+aXWKpxst1n14gZqw9pOGtJ9aq6nOu5XAzrh+8OoqMEclkngwspqjYs
V9c1kcI5tKI+ZFeJQYf5F1VBfzc5IzC2SJg7xhyomypam3QmLMw3BaTWsKSh1dq1
54QWyKOfiUGWPX5Rc1Z6Bba9ejEJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0o+C
ERtlodY0YrfUqt3M24WBQecwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzczNEQwQ0E2QUUxQjExRUVCMjFDQ0E5QTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa3w8wDQYJKoZIhvcNAQEL
BQADggEBALTky/Fe6clYm/n4GaHHN0ozIU3pBG2ZTlggXu+d8O+aAQgq+5UavLAp
U6GR3htbTe2VlnT8rCMhb8R2WnNsno8PGZpS7O21yz4GayXUGQjbXmTLpejln4zI
mMa9XVzaAAoxR9oWPih5iXJx2n7U4vv6EYlTiY/abRHMNZwdK3JZUwbNmj42dIJ4
xcXju7TJtMM8J64xwzbUDyc3Bqte7y+7gDpoN4rBYuInU7psUcDpewwtEZlJ58HG
JKmYRwE0kanKwv/D859c7Jr7PW8ef3WeIqpM3Z2xwsdi8cbR3MrW86m9LTAlyI3x
ZN5i8BOnOvzfKnCWt94HPqAYCO2paHA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:11 2024 by rpki-client on console-fra.rpki-client.org