Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F3D4632311111EF871CF769762E951A.roa
File:                     8F3D4632311111EF871CF769762E951A.roa (raw, json)
Hash identifier:          15WcHxYFlp9y9/WbmNKg35Z+MB7ucCjxF/l1oQzt5fY=
Subject key identifier:   1D:FD:34:CB:13:B0:39:FE:B2:17:94:F0:58:A0:B1:E7:EA:08:A5:E8
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       C58D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F3D4632311111EF871CF769762E951A.roa
Signing time:             Sun 23 Jun 2024 03:34:56 +0000
ROA not before:           Sun 23 Jun 2024 03:34:53 +0000
ROA not after:            Tue 24 Dec 2024 03:34:53 +0000
asID:                     27947
IP address blocks:        154.84.160.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50573 (0xc58d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jun 23 03:34:53 2024 GMT
            Not After : Dec 24 03:34:53 2024 GMT
        Subject: CN=667797e0-3238
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:ca:6d:f2:bf:f2:51:60:ab:ec:50:b2:0c:8f:
                    94:e1:3b:a4:8f:1b:82:37:83:75:5c:3b:20:86:ff:
                    1f:0a:86:b4:e8:af:4d:f5:b8:b1:c4:45:fc:bf:24:
                    63:01:84:36:09:87:85:18:56:6e:80:00:88:d8:31:
                    37:96:79:5d:2d:a3:32:b4:ce:f5:21:a1:19:a4:0d:
                    18:e0:c1:ed:35:28:1d:80:88:df:77:8e:24:c3:26:
                    31:d8:9a:1c:65:9b:fa:5c:fb:7e:de:18:a4:2d:c9:
                    b3:dd:5f:35:d5:58:9b:e2:2e:18:0e:a6:2d:a4:be:
                    21:26:05:46:85:cd:2f:08:b2:f7:4f:ef:86:71:27:
                    6a:c3:6c:65:e0:97:ec:22:5c:9b:37:59:57:dd:c5:
                    6f:12:af:3e:40:a8:0e:18:2c:28:8c:f9:69:d6:1c:
                    75:62:d6:f2:8c:ae:19:f3:f9:c8:a1:31:ba:f8:8f:
                    33:db:7b:79:bb:d8:58:b5:90:b7:5e:64:05:48:b5:
                    38:3a:76:9a:22:8a:59:d1:2d:18:d1:64:92:f8:b9:
                    f4:b7:89:0b:79:f8:9b:14:8d:8c:0e:c4:f1:52:d0:
                    9f:5e:d0:34:17:c4:e4:b5:08:a1:84:00:cf:77:3e:
                    75:2c:cb:6b:56:f3:ee:47:f5:13:5a:a7:19:49:71:
                    af:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:FD:34:CB:13:B0:39:FE:B2:17:94:F0:58:A0:B1:E7:EA:08:A5:E8
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F3D4632311111EF871CF769762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.84.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6f:1c:0e:71:ea:9d:5d:0f:06:71:1c:40:6f:cb:e5:b0:9e:37:
         b0:b0:e6:fc:43:e0:5d:32:32:cb:32:ed:f4:d9:e4:7f:6e:cf:
         55:90:4e:b9:b9:29:93:07:86:28:23:f0:fd:89:d5:c1:f5:0c:
         c8:2d:15:f0:63:a8:f6:71:a4:03:dc:ee:4d:9b:ca:50:c3:09:
         f4:a5:25:22:45:f9:59:9d:af:bb:ad:81:f4:ea:16:fa:27:c9:
         21:04:08:69:92:1a:8d:d4:f0:f2:57:f8:ae:ab:a2:44:9e:59:
         99:7c:72:29:fb:93:8d:6a:af:80:18:c9:24:c5:bc:39:f7:92:
         2f:7b:64:9c:0d:ea:d2:d1:7c:50:4b:da:f3:fc:c2:1e:b3:5d:
         65:4b:55:e4:0b:81:c5:42:0f:4c:80:97:e3:0e:b9:cf:69:a2:
         60:58:e9:68:69:80:20:ca:cb:dd:fe:0e:64:4d:04:3f:05:b1:
         74:b6:a4:52:46:23:d7:19:7a:69:6f:ba:6a:89:4f:7b:8d:dc:
         70:31:b3:e1:79:7e:78:68:44:bb:94:cc:75:17:28:a3:66:af:
         bf:83:42:08:e8:ea:c6:2c:12:cb:23:0d:d7:cf:9d:53:be:8a:
         c6:54:06:ee:9d:46:c7:9e:a1:ce:ee:71:0f:8f:9e:8a:aa:c7:
         5b:0e:4e:27
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMWNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjIzMDMzNDUzWhcNMjQxMjI0MDMzNDUzWjAYMRYw
FAYDVQQDEw02Njc3OTdlMC0zMjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA78pt8r/yUWCr7FCyDI+U4TukjxuCN4N1XDsghv8fCoa06K9N9bixxEX8
vyRjAYQ2CYeFGFZugACI2DE3lnldLaMytM71IaEZpA0Y4MHtNSgdgIjfd44kwyYx
2JocZZv6XPt+3hikLcmz3V811Vib4i4YDqYtpL4hJgVGhc0vCLL3T++GcSdqw2xl
4JfsIlybN1lX3cVvEq8+QKgOGCwojPlp1hx1YtbyjK4Z8/nIoTG6+I8z23t5u9hY
tZC3XmQFSLU4OnaaIopZ0S0Y0WSS+Ln0t4kLefibFI2MDsTxUtCfXtA0F8TktQih
hADPdz51LMtrVvPuR/UTWqcZSXGv8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB39
NMsTsDn+sheU8FigsefqCKXoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RjNENDYzMjMxMTExMUVGODcxQ0Y3Njk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlSgMA0GCSqGSIb3DQEB
CwUAA4IBAQBvHA5x6p1dDwZxHEBvy+WwnjewsOb8Q+BdMjLLMu302eR/bs9VkE65
uSmTB4YoI/D9idXB9QzILRXwY6j2caQD3O5Nm8pQwwn0pSUiRflZna+7rYH06hb6
J8khBAhpkhqN1PDyV/iuq6JEnlmZfHIp+5ONaq+AGMkkxbw595Ive2ScDerS0XxQ
S9rz/MIes11lS1XkC4HFQg9MgJfjDrnPaaJgWOloaYAgysvd/g5kTQQ/BbF0tqRS
RiPXGXppb7pqiU97jdxwMbPheX54aES7lMx1FyijZq+/g0II6OrGLBLLIw3Xz51T
vorGVAbunUbHnqHO7nEPj56KqsdbDk4n
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:56 2024 by rpki-client on console-fra.rpki-client.org