Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A7D74101C1B11EFB481EB237DDC24C2.roa
File:                     8A7D74101C1B11EFB481EB237DDC24C2.roa (raw, json)
Hash identifier:          EejtwXLXS+3mThcRqHuox7OAfRvk/1sQrXgs3+LXhWY=
Subject key identifier:   84:0A:0A:20:6F:82:A4:44:B7:C3:07:C8:81:57:00:62:B4:15:86:13
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       BAB3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A7D74101C1B11EFB481EB237DDC24C2.roa
Signing time:             Mon 27 May 2024 11:23:29 +0000
ROA not before:           Mon 27 May 2024 11:23:25 +0000
ROA not after:            Fri 30 May 2025 11:23:25 +0000
asID:                     140659
IP address blocks:        154.197.63.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Nov 2024 00:05:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47795 (0xbab3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 27 11:23:25 2024 GMT
            Not After : May 30 11:23:25 2025 GMT
        Subject: CN=66546d30-b9fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:e2:7a:cc:fe:c3:f3:90:6e:36:d7:da:30:0c:
                    0a:8e:14:bf:bb:db:7e:36:e6:9e:e3:b9:5c:e6:03:
                    04:6a:3c:2b:5e:33:d2:f8:b7:02:22:b0:c3:4a:d1:
                    03:26:34:5a:70:c7:23:a5:b5:c2:9b:15:ef:39:f2:
                    1e:73:59:5b:01:b2:1a:19:ed:40:6b:d0:58:8c:9d:
                    e0:db:4b:44:0b:8d:d0:62:d3:f6:c4:34:61:5a:40:
                    08:00:7f:a3:d4:76:cf:d1:19:fe:70:18:54:ff:bb:
                    92:56:e1:a5:43:a3:58:05:08:a0:cf:34:51:9d:5a:
                    81:ca:74:24:26:1d:82:bb:f7:69:96:53:28:21:34:
                    25:a5:3e:c0:3f:28:99:e3:b7:78:71:41:c2:f9:ab:
                    63:58:ca:04:73:14:2b:4f:e5:f4:c5:f1:1d:23:e1:
                    2b:74:87:fb:1a:ca:74:65:f0:58:03:a5:4c:b0:eb:
                    f4:65:b9:a1:f3:c5:8d:a3:05:d4:70:a4:a0:2c:af:
                    78:b8:60:82:b3:17:09:41:94:a2:2a:3c:25:37:a5:
                    7d:50:1a:e8:e9:5e:97:ee:01:19:00:df:f5:61:f8:
                    36:63:0f:33:6e:cd:47:7c:78:28:e2:12:67:26:a8:
                    39:4d:bd:ff:34:ed:65:af:62:8d:ca:a0:a1:1f:a0:
                    b6:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:0A:0A:20:6F:82:A4:44:B7:C3:07:C8:81:57:00:62:B4:15:86:13
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A7D74101C1B11EFB481EB237DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.197.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:ee:0e:99:e3:31:ff:c1:54:53:51:0e:31:d2:c4:be:90:71:
         2a:dc:a3:01:0e:1e:b4:db:78:bb:9b:04:4b:47:a2:74:c0:2a:
         c1:0e:f2:3b:24:75:d2:ea:87:ac:94:8c:54:8c:67:a8:ad:f2:
         a6:b1:47:23:68:2d:b7:60:5f:7a:92:5f:85:a8:61:af:ee:0e:
         dc:57:a6:1f:f7:c1:57:2a:a0:bc:55:0a:d9:58:02:46:f1:da:
         b8:90:39:27:a5:37:e1:bc:28:76:67:10:8d:ac:85:5e:24:5c:
         58:75:1d:7b:31:aa:45:19:21:0e:f6:6c:c2:03:0e:3a:88:db:
         62:40:56:c8:66:80:a1:6c:27:6a:9e:d5:67:1f:5f:e1:75:62:
         bf:e4:22:ae:6e:1d:4f:78:0b:3e:5e:4d:ec:10:65:00:b3:95:
         e0:e7:d7:80:db:cf:b6:b7:52:95:0c:a3:1f:ba:60:af:72:77:
         7b:b7:29:3f:5b:5e:7d:4a:1e:12:6c:25:23:c4:e2:ce:72:a0:
         5c:2f:33:e6:b1:c2:04:e6:de:67:56:df:39:e6:02:46:4c:cd:
         41:5b:d2:20:14:d8:fa:d2:19:b5:83:f5:7c:90:e9:53:eb:80:
         d1:c4:e7:92:73:71:13:53:17:8d:b6:d5:5f:d2:99:2d:b7:7e:
         1c:1f:4b:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALqzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTI3MTEyMzI1WhcNMjUwNTMwMTEyMzI1WjAYMRYw
FAYDVQQDEw02NjU0NmQzMC1iOWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3+J6zP7D85BuNtfaMAwKjhS/u9t+Nuae47lc5gMEajwrXjPS+LcCIrDD
StEDJjRacMcjpbXCmxXvOfIec1lbAbIaGe1Aa9BYjJ3g20tEC43QYtP2xDRhWkAI
AH+j1HbP0Rn+cBhU/7uSVuGlQ6NYBQigzzRRnVqBynQkJh2Cu/dpllMoITQlpT7A
PyiZ47d4cUHC+atjWMoEcxQrT+X0xfEdI+ErdIf7Gsp0ZfBYA6VMsOv0Zbmh88WN
owXUcKSgLK94uGCCsxcJQZSiKjwlN6V9UBro6V6X7gEZAN/1Yfg2Yw8zbs1HfHgo
4hJnJqg5Tb3/NO1lr2KNyqChH6C29QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIQK
CiBvgqREt8MHyIFXAGK0FYYTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QTdENzQxMDFDMUIxMUVGQjQ4MUVCMjM3RERDMjRDMi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsU/MA0GCSqGSIb3DQEB
CwUAA4IBAQCy7g6Z4zH/wVRTUQ4x0sS+kHEq3KMBDh6023i7mwRLR6J0wCrBDvI7
JHXS6oeslIxUjGeorfKmsUcjaC23YF96kl+FqGGv7g7cV6Yf98FXKqC8VQrZWAJG
8dq4kDknpTfhvCh2ZxCNrIVeJFxYdR17MapFGSEO9mzCAw46iNtiQFbIZoChbCdq
ntVnH1/hdWK/5CKubh1PeAs+Xk3sEGUAs5Xg59eA28+2t1KVDKMfumCvcnd7tyk/
W159Sh4SbCUjxOLOcqBcLzPmscIE5t5nVt855gJGTM1BW9IgFNj60hm1g/V8kOlT
64DRxOeSc3ETUxeNttVf0pktt34cH0uE
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:33:34 2024 by rpki-client on console-fra.rpki-client.org