Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/82A2C32ED92511ED95B49D90F1222468.roa
File:                     82A2C32ED92511ED95B49D90F1222468.roa (raw, json)
Hash identifier:          QVafFPbXHISItUWDzYLhQk/PwK2Ar73oLh1gteOdk6g=
Subject key identifier:   1A:05:E0:6B:10:4B:3F:E3:18:67:9D:80:6D:ED:F8:C9:DD:97:7D:B0
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       1ED6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/82A2C32ED92511ED95B49D90F1222468.roa
Signing time:             Wed 12 Apr 2023 11:31:05 +0000
ROA not before:           Wed 12 Apr 2023 11:31:01 +0000
ROA not after:            Mon 30 Dec 2024 11:31:01 +0000
asID:                     328608
IP address blocks:        154.81.176.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7894 (0x1ed6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Apr 12 11:31:01 2023 GMT
            Not After : Dec 30 11:31:01 2024 GMT
        Subject: CN=64369679-6908
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:5f:a6:80:3f:ae:97:21:7e:f3:2b:12:64:5d:
                    b6:d7:fd:e3:77:36:dc:83:0d:49:73:61:53:59:a8:
                    01:32:e9:c6:39:e2:51:e0:f8:01:8c:4c:5b:f3:10:
                    95:05:d4:65:ec:5d:d1:4a:4d:52:69:62:a5:f1:3c:
                    f0:fe:c9:a7:65:c0:9a:a4:9e:09:ef:f1:64:a4:c1:
                    0d:0b:d6:89:e1:4e:18:2a:11:71:44:d4:fb:ad:d7:
                    24:cb:2a:d9:7d:b0:c0:27:1d:8a:93:af:aa:ac:1e:
                    54:75:3c:3e:6e:99:87:54:00:32:c8:a1:97:3a:77:
                    cd:92:85:6e:0c:1b:3b:b9:b8:7c:b4:ae:ec:1e:d5:
                    25:29:af:04:56:29:01:7c:60:53:14:d4:c4:60:4e:
                    c7:f7:2b:6f:4a:7e:76:df:e0:36:23:d9:ef:11:8c:
                    0a:a4:ad:b2:11:fe:54:22:a6:bc:22:65:27:ff:c7:
                    42:cf:ac:e5:14:1f:9f:ea:b5:d5:6d:3d:7d:82:09:
                    00:17:ef:18:fa:8b:5f:85:ec:9c:5e:23:03:81:b0:
                    6c:9d:47:cc:5e:71:a2:bf:98:97:9a:c8:fc:20:65:
                    c9:75:a4:8f:9a:9c:5f:72:c7:61:61:e1:32:02:cc:
                    b2:fd:42:cb:b5:60:93:91:2f:5d:47:c8:a2:8d:42:
                    45:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:05:E0:6B:10:4B:3F:E3:18:67:9D:80:6D:ED:F8:C9:DD:97:7D:B0
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/82A2C32ED92511ED95B49D90F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.81.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         36:b8:bd:e7:06:25:df:fc:96:c4:ec:e8:72:1f:72:52:fa:91:
         02:8a:e5:39:f9:b7:d8:68:20:fb:0e:9c:fb:8b:c9:ea:53:01:
         5a:bf:4f:c8:8e:09:3b:7e:66:f5:28:9a:ab:1c:bf:5c:3a:a8:
         d7:51:99:dd:96:cd:46:1f:fe:54:46:b2:ca:38:15:dc:11:30:
         35:8c:52:b1:c0:5e:5e:24:00:fa:f1:91:c6:1c:27:e1:8e:c3:
         b7:d0:5f:33:14:9b:2f:38:0b:10:a7:bf:a5:f9:08:36:a9:d6:
         e4:db:f3:7f:4f:c1:5c:c0:84:b4:e1:67:8a:2b:0a:7c:f0:eb:
         1c:08:a2:dc:87:86:a8:52:c0:aa:14:3b:38:56:ff:1e:4a:6e:
         1e:68:3a:0a:13:0c:34:91:4a:7d:03:45:6e:f6:5d:75:b9:f5:
         a5:48:50:bf:59:cf:43:c8:9c:fd:39:dd:11:88:8f:1c:d9:f6:
         95:a2:f5:34:3a:bd:a2:3c:a9:4c:fd:eb:df:63:2c:16:18:72:
         1f:0a:78:7d:8c:58:46:b2:9b:40:be:8a:68:d8:81:a0:1a:61:
         7b:1c:fe:cf:5b:4e:05:a4:0e:c4:57:66:78:ad:93:69:9a:7c:
         3d:0e:ab:1c:66:5b:99:08:cb:47:27:58:3e:62:01:cb:85:87:
         b1:b3:20:0f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHtYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA0MTIxMTMxMDFaFw0yNDEyMzAxMTMxMDFaMBgxFjAU
BgNVBAMMDTY0MzY5Njc5LTY5MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD0X6aAP66XIX7zKxJkXbbX/eN3NtyDDUlzYVNZqAEy6cY54lHg+AGMTFvz
EJUF1GXsXdFKTVJpYqXxPPD+yadlwJqkngnv8WSkwQ0L1onhThgqEXFE1Put1yTL
Ktl9sMAnHYqTr6qsHlR1PD5umYdUADLIoZc6d82ShW4MGzu5uHy0ruwe1SUprwRW
KQF8YFMU1MRgTsf3K29Kfnbf4DYj2e8RjAqkrbIR/lQiprwiZSf/x0LPrOUUH5/q
tdVtPX2CCQAX7xj6i1+F7JxeIwOBsGydR8xecaK/mJeayPwgZcl1pI+anF9yx2Fh
4TICzLL9Qsu1YJORL11HyKKNQkXjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGgXg
axBLP+MYZ52Abe34yd2XfbAwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzgyQTJDMzJFRDkyNTExRUQ5NUI0OUQ5MEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASaUbAwDQYJKoZIhvcNAQEL
BQADggEBADa4vecGJd/8lsTs6HIfclL6kQKK5Tn5t9hoIPsOnPuLyepTAVq/T8iO
CTt+ZvUomqscv1w6qNdRmd2WzUYf/lRGsso4FdwRMDWMUrHAXl4kAPrxkcYcJ+GO
w7fQXzMUmy84CxCnv6X5CDap1uTb839PwVzAhLThZ4orCnzw6xwIotyHhqhSwKoU
OzhW/x5Kbh5oOgoTDDSRSn0DRW72XXW59aVIUL9Zz0PInP053RGIjxzZ9pWi9TQ6
vaI8qUz9699jLBYYch8KeH2MWEaym0C+imjYgaAaYXsc/s9bTgWkDsRXZnitk2ma
fD0OqxxmW5kIy0cnWD5iAcuFh7GzIA8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:11 2024 by rpki-client on console-ams.rpki-client.org