Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/856C69CC9A9211EF90C90A48762E951A.roa
File:                     856C69CC9A9211EF90C90A48762E951A.roa (raw, json)
Hash identifier:          Bl7dS1x6zTdSQInPEsjJPnnZlN3tjeyPfpc4zppTd4E=
Subject key identifier:   56:80:47:21:17:72:04:A7:2F:F4:F0:02:DF:CF:43:25:EB:B7:AA:A6
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01067C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/856C69CC9A9211EF90C90A48762E951A.roa
Signing time:             Mon 04 Nov 2024 09:52:37 +0000
ROA not before:           Mon 04 Nov 2024 09:52:33 +0000
ROA not after:            Thu 05 Dec 2024 09:52:33 +0000
asID:                     397423
IP address blocks:        154.93.27.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67196 (0x1067c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Nov  4 09:52:33 2024 GMT
            Not After : Dec  5 09:52:33 2024 GMT
        Subject: CN=67289964-1af0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:36:b4:f2:98:54:04:09:2a:7f:04:68:1b:bd:
                    b3:13:9c:c0:85:38:cf:18:7b:e5:ac:8c:16:35:0a:
                    0b:f0:59:cd:31:86:85:f0:ff:6c:46:c6:3c:11:11:
                    cc:58:00:c4:3a:40:65:cf:2f:6a:24:99:80:72:07:
                    4a:30:a7:d1:c0:68:d5:ae:60:61:b3:89:b6:bc:ce:
                    1e:a2:83:5e:3e:de:14:f4:1b:8f:31:32:6e:8d:b5:
                    14:ab:37:33:d9:e9:4c:19:e2:58:28:72:92:45:3f:
                    e3:4f:68:a8:3e:1a:d1:c1:ed:d2:c4:46:60:7a:ee:
                    ca:74:39:55:ab:f9:f1:b0:db:d3:f1:aa:d1:eb:ec:
                    28:35:52:dd:21:a9:37:48:be:62:45:1a:91:f9:66:
                    3e:3b:9c:e9:54:fe:83:00:80:1e:b7:a9:5e:49:f8:
                    47:c6:41:fd:b6:2d:04:a8:49:8f:37:d0:2a:a1:23:
                    55:d1:7f:20:9f:e3:09:8d:fb:7f:bb:b3:49:13:6a:
                    45:cf:a9:83:f3:76:99:5a:e4:3a:7f:10:20:fe:78:
                    51:2c:5c:26:00:4d:da:3c:d9:8e:e8:07:5c:60:ae:
                    a8:2c:d1:3d:67:b0:3d:7f:d8:17:a9:4d:cd:d2:1e:
                    53:37:49:31:00:9f:e8:6f:94:bd:4d:1f:51:6b:ca:
                    6b:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:80:47:21:17:72:04:A7:2F:F4:F0:02:DF:CF:43:25:EB:B7:AA:A6
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/856C69CC9A9211EF90C90A48762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.93.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:26:0b:36:f6:37:96:2f:b5:a6:5b:df:a2:a5:12:dc:d1:10:
         6f:b2:44:ef:5d:60:c3:e1:8d:3d:67:ce:5c:2f:23:01:71:5a:
         ee:ce:4c:aa:e3:30:56:99:77:92:d0:e7:cc:ec:2c:b6:c7:00:
         e0:28:30:61:00:46:92:f5:46:d0:9a:17:5f:74:f8:21:c2:1a:
         a1:a3:c0:63:4d:51:f7:2d:03:a0:b9:56:a7:df:75:ab:47:a2:
         d0:22:b8:b1:1c:52:cb:52:26:55:cb:31:99:c5:de:af:0e:15:
         1f:4f:a7:77:36:b4:33:98:2e:64:2f:f7:f8:87:9c:e0:52:0d:
         3b:c1:fa:18:2d:c4:f1:c3:b5:6c:8c:e3:d1:d8:e6:f4:31:fc:
         60:17:1a:d1:2f:96:7e:61:c8:2b:6f:3d:8d:fc:bd:ab:58:3b:
         7b:82:85:da:a5:b6:43:fb:6b:85:13:f1:7d:a8:4b:89:95:7d:
         54:3c:ca:a7:49:07:3b:a8:4f:8a:3a:26:4b:ed:f3:20:23:fc:
         a5:5d:79:e6:a6:c4:98:2d:c6:47:68:d0:0f:bc:33:cc:5e:70:
         8c:11:3a:ec:7c:a6:62:25:f7:4a:3a:eb:23:95:8c:38:4f:18:
         fc:87:9b:e3:bf:08:18:68:5e:7b:2e:ac:50:d6:3b:da:59:57:
         17:1a:ff:7b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQZ8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA0MDk1MjMzWhcNMjQxMjA1MDk1MjMzWjAYMRYw
FAYDVQQDEw02NzI4OTk2NC0xYWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsza08phUBAkqfwRoG72zE5zAhTjPGHvlrIwWNQoL8FnNMYaF8P9sRsY8
ERHMWADEOkBlzy9qJJmAcgdKMKfRwGjVrmBhs4m2vM4eooNePt4U9BuPMTJujbUU
qzcz2elMGeJYKHKSRT/jT2ioPhrRwe3SxEZgeu7KdDlVq/nxsNvT8arR6+woNVLd
Iak3SL5iRRqR+WY+O5zpVP6DAIAet6leSfhHxkH9ti0EqEmPN9AqoSNV0X8gn+MJ
jft/u7NJE2pFz6mD83aZWuQ6fxAg/nhRLFwmAE3aPNmO6AdcYK6oLNE9Z7A9f9gX
qU3N0h5TN0kxAJ/ob5S9TR9Ra8pr6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFaA
RyEXcgSnL/TwAt/PQyXrt6qmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NTZDNjlDQzlBOTIxMUVGOTBDOTBBNDg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml0bMA0GCSqGSIb3DQEB
CwUAA4IBAQC5Jgs29jeWL7WmW9+ipRLc0RBvskTvXWDD4Y09Z85cLyMBcVruzkyq
4zBWmXeS0OfM7Cy2xwDgKDBhAEaS9UbQmhdfdPghwhqho8BjTVH3LQOguVan33Wr
R6LQIrixHFLLUiZVyzGZxd6vDhUfT6d3NrQzmC5kL/f4h5zgUg07wfoYLcTxw7Vs
jOPR2Ob0MfxgFxrRL5Z+Ycgrbz2N/L2rWDt7goXapbZD+2uFE/F9qEuJlX1UPMqn
SQc7qE+KOiZL7fMgI/ylXXnmpsSYLcZHaNAPvDPMXnCMETrsfKZiJfdKOusjlYw4
Txj8h5vjvwgYaF57LqxQ1jvaWVcXGv97
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:13 2024 by rpki-client on console-fra.rpki-client.org