Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/747DF14EB0FF11EEB5FA0C5E775412E6.roa
File:                     747DF14EB0FF11EEB5FA0C5E775412E6.roa (raw, json)
Hash identifier:          mm5qMD7m/EKtmXiKNUG4BfBIoHsMcO2xX/XZOok2J1M=
Subject key identifier:   0B:54:0D:3F:92:F8:D7:26:63:43:C4:03:68:F9:DC:F7:5A:92:3D:42
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7485
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/747DF14EB0FF11EEB5FA0C5E775412E6.roa
Signing time:             Fri 12 Jan 2024 04:02:51 +0000
ROA not before:           Fri 12 Jan 2024 04:02:48 +0000
ROA not after:            Fri 13 Dec 2024 04:02:48 +0000
asID:                     140224
IP address blocks:        154.205.205.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29829 (0x7485)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 12 04:02:48 2024 GMT
            Not After : Dec 13 04:02:48 2024 GMT
        Subject: CN=65a0b9eb-0291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f9:7d:7f:1a:1e:30:9c:e5:d6:34:7a:2d:59:
                    f7:c9:e7:ff:45:8e:66:06:74:0e:18:e0:ba:1d:d0:
                    bd:72:18:89:9e:26:c6:b6:fd:6c:07:9f:d7:64:2f:
                    bc:fb:9d:f5:b3:be:03:1b:99:91:91:7d:7a:6b:48:
                    2b:18:bd:2a:4c:90:d0:60:c8:91:42:e2:7a:1b:e3:
                    60:6d:c6:07:e3:9c:d6:22:24:13:9c:c4:af:b9:b6:
                    f0:66:67:02:25:e1:6c:5d:73:dc:d7:a4:6b:9c:db:
                    08:38:92:a6:54:da:2f:a6:51:f7:d4:a0:49:c0:3a:
                    7d:26:41:ad:3a:82:e4:4c:7e:46:6c:e5:84:9a:c5:
                    d2:03:24:f8:23:6d:7b:43:97:57:af:f6:50:64:c0:
                    5c:e4:03:4b:d1:47:86:43:38:b3:3f:46:8c:b5:c3:
                    36:7f:9c:93:5f:45:2c:53:59:2c:70:ff:94:0a:c2:
                    e0:89:d8:2e:97:14:2a:a4:9c:e9:83:76:16:88:3e:
                    cc:58:9f:a8:38:3b:ba:6d:ce:42:a2:37:08:5b:54:
                    c7:a5:7b:41:ee:ae:6c:be:fa:5a:1d:33:4b:a2:f3:
                    2f:00:63:e9:53:75:0d:ee:c4:08:16:2b:99:e1:82:
                    69:41:3b:1f:67:13:37:69:c8:44:a4:90:4f:25:b6:
                    a2:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:54:0D:3F:92:F8:D7:26:63:43:C4:03:68:F9:DC:F7:5A:92:3D:42
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/747DF14EB0FF11EEB5FA0C5E775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:bd:41:7a:10:0f:9b:76:14:0b:ed:00:a9:20:f4:81:6f:ce:
         d5:4f:96:be:27:29:b4:22:6d:e2:09:33:d9:25:dd:2b:4e:a4:
         be:2e:86:13:7d:41:16:bb:52:38:60:ca:45:68:e3:f7:e3:5d:
         40:67:3d:96:55:54:83:54:1d:81:a2:c0:a4:6e:32:f0:d8:d7:
         e4:12:c8:c2:ac:5b:b5:89:b1:45:24:a4:67:8b:8f:28:21:de:
         c9:a7:f4:9f:d7:a9:27:73:4a:d9:13:3c:1f:43:38:22:69:46:
         99:4f:48:ce:fd:35:a0:aa:fa:1e:26:a3:e4:ce:f0:2f:0f:95:
         c9:39:09:77:22:69:5b:da:74:1a:aa:a7:39:bf:7c:c4:7a:ae:
         f2:a0:62:f7:a9:ca:78:60:93:c1:8b:73:50:f6:5d:34:40:37:
         48:51:96:d9:f1:c5:6b:73:24:72:e3:6a:b7:94:d7:4c:fa:1f:
         72:28:90:4e:b6:2f:b2:58:32:53:5b:6f:e0:4d:25:9b:d5:0e:
         5b:28:23:34:a8:2b:77:65:82:89:d2:f4:03:13:ed:45:a3:54:
         7a:c8:b4:83:03:66:03:70:7b:92:eb:8a:66:54:0f:9e:f9:2e:
         39:a0:1f:b8:65:e2:32:38:db:64:44:12:ff:58:f9:0c:21:4c:
         71:a0:04:e4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdIUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTIwNDAyNDhaFw0yNDEyMTMwNDAyNDhaMBgxFjAU
BgNVBAMTDTY1YTBiOWViLTAyOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7+X1/Gh4wnOXWNHotWffJ5/9FjmYGdA4Y4Lod0L1yGImeJsa2/WwHn9dk
L7z7nfWzvgMbmZGRfXprSCsYvSpMkNBgyJFC4nob42BtxgfjnNYiJBOcxK+5tvBm
ZwIl4Wxdc9zXpGuc2wg4kqZU2i+mUffUoEnAOn0mQa06guRMfkZs5YSaxdIDJPgj
bXtDl1ev9lBkwFzkA0vRR4ZDOLM/Roy1wzZ/nJNfRSxTWSxw/5QKwuCJ2C6XFCqk
nOmDdhaIPsxYn6g4O7ptzkKiNwhbVMele0Hurmy++lodM0ui8y8AY+lTdQ3uxAgW
K5nhgmlBOx9nEzdpyESkkE8ltqI7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUC1QN
P5L41yZjQ8QDaPnc91qSPUIwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4Lzc0N0RGMTRFQjBGRjExRUVCNUZBMEM1RTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazc0wDQYJKoZIhvcNAQEL
BQADggEBAAe9QXoQD5t2FAvtAKkg9IFvztVPlr4nKbQibeIJM9kl3StOpL4uhhN9
QRa7UjhgykVo4/fjXUBnPZZVVINUHYGiwKRuMvDY1+QSyMKsW7WJsUUkpGeLjygh
3smn9J/XqSdzStkTPB9DOCJpRplPSM79NaCq+h4mo+TO8C8Plck5CXciaVvadBqq
pzm/fMR6rvKgYvepynhgk8GLc1D2XTRAN0hRltnxxWtzJHLjareU10z6H3IokE62
L7JYMlNbb+BNJZvVDlsoIzSoK3dlgonS9AMT7UWjVHrItIMDZgNwe5LrimZUD575
LjmgH7hl4jI422REEv9Y+QwhTHGgBOQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:11 2024 by rpki-client on console-fra.rpki-client.org