Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91B7346EB09B11EE9885069C775412E6.roa
File:                     91B7346EB09B11EE9885069C775412E6.roa (raw, json)
Hash identifier:          UKcf90CL4dqP2wfP0xKk8GVHSCmiIrBvaaxu1y7oCbg=
Subject key identifier:   BA:0D:68:41:38:77:8B:50:8D:F4:8D:6C:F9:5B:E0:6E:DB:33:D4:8C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7428
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91B7346EB09B11EE9885069C775412E6.roa
Signing time:             Thu 11 Jan 2024 16:07:51 +0000
ROA not before:           Thu 11 Jan 2024 16:07:47 +0000
ROA not after:            Sun 22 Dec 2024 16:07:47 +0000
asID:                     137184
IP address blocks:        154.198.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29736 (0x7428)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 11 16:07:47 2024 GMT
            Not After : Dec 22 16:07:47 2024 GMT
        Subject: CN=65a01257-e181
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:07:8d:9e:71:60:2a:8a:47:24:67:75:67:39:
                    00:38:02:1e:63:ad:b2:57:6b:85:04:81:38:8f:be:
                    71:7d:56:e9:aa:3c:48:5e:5e:db:34:b8:e3:07:b5:
                    3a:e7:f3:e6:15:f5:27:c9:ba:8a:02:6e:37:43:34:
                    4c:ef:0d:53:73:b3:a3:bf:89:29:17:7b:d0:dd:52:
                    6e:5f:90:4f:7e:53:6e:7c:f5:67:1a:6e:79:ac:1c:
                    b9:20:be:f3:74:1e:b9:d5:8a:ea:91:de:e1:36:45:
                    c5:c3:85:fd:0f:9c:21:53:f5:b9:34:c0:e7:4b:6a:
                    3d:8a:1c:10:2f:8d:50:58:cd:ba:35:95:c0:fd:af:
                    a7:36:0b:5c:9a:c6:1a:d3:60:6a:2e:0c:95:56:24:
                    43:c7:8b:71:b6:de:0a:84:48:de:18:f5:6f:59:d2:
                    60:ff:e1:fa:30:fb:e5:30:1e:c2:63:7d:dd:72:79:
                    ab:67:dd:32:64:99:3c:3b:46:ae:87:83:b1:b3:3b:
                    1a:2e:a8:59:af:79:22:69:1c:96:d2:71:87:f5:d5:
                    eb:be:9a:55:dc:31:35:03:09:6a:87:29:14:61:52:
                    b5:b7:6e:49:f7:57:8d:a4:27:59:9d:98:8c:04:81:
                    b9:53:be:06:1e:ed:bd:8b:65:de:d1:30:c0:9e:db:
                    c7:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:0D:68:41:38:77:8B:50:8D:F4:8D:6C:F9:5B:E0:6E:DB:33:D4:8C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91B7346EB09B11EE9885069C775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.198.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:95:33:9e:52:4a:2b:0a:b0:c9:5c:f7:2a:7e:21:64:0a:47:
         49:e9:08:fa:81:cb:db:bf:2c:af:80:43:5e:5d:4a:23:55:22:
         ae:51:0a:ac:33:0d:84:55:7f:a3:21:c3:7c:74:f3:db:d3:4d:
         f2:b1:63:56:2b:b3:6a:59:61:5f:fe:5a:d0:8e:6d:00:d8:77:
         e3:81:89:0f:b9:1d:54:f0:78:03:2e:fa:ca:ba:61:6f:85:25:
         4c:38:ca:f2:93:a8:9e:78:40:85:35:60:4e:69:05:14:aa:8b:
         08:37:30:c4:ee:69:27:d2:ba:2b:2e:3e:da:7e:66:bc:a5:01:
         7f:16:3d:e0:b9:8e:c8:5b:38:bf:3c:3b:a5:03:0c:62:b6:b7:
         8b:17:3c:e1:42:e3:58:29:aa:35:81:49:71:4f:01:a1:78:22:
         3b:bf:ab:34:80:2d:5c:cf:8e:e7:70:fa:01:cc:76:d6:02:9d:
         f9:7d:7a:61:d6:c5:9b:df:30:0f:a3:f0:50:44:c3:a6:5b:04:
         92:f2:95:4d:5b:04:37:ad:2a:af:c3:51:fb:06:37:46:2f:41:
         d5:fc:0e:6a:a6:63:aa:26:bd:ce:f6:e7:49:b5:4e:a7:c7:62:
         58:5e:1a:64:93:d5:26:6a:d2:d5:f8:c7:3d:09:25:e4:46:a9:
         04:f0:5a:81
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdCgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTExNjA3NDdaFw0yNDEyMjIxNjA3NDdaMBgxFjAU
BgNVBAMTDTY1YTAxMjU3LWUxODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCaB42ecWAqikckZ3VnOQA4Ah5jrbJXa4UEgTiPvnF9VumqPEheXts0uOMH
tTrn8+YV9SfJuooCbjdDNEzvDVNzs6O/iSkXe9DdUm5fkE9+U2589WcabnmsHLkg
vvN0HrnViuqR3uE2RcXDhf0PnCFT9bk0wOdLaj2KHBAvjVBYzbo1lcD9r6c2C1ya
xhrTYGouDJVWJEPHi3G23gqESN4Y9W9Z0mD/4fow++UwHsJjfd1yeatn3TJkmTw7
Rq6Hg7GzOxouqFmveSJpHJbScYf11eu+mlXcMTUDCWqHKRRhUrW3bkn3V42kJ1md
mIwEgblTvgYe7b2LZd7RMMCe28e5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUug1o
QTh3i1CN9I1s+Vvgbtsz1IwwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzkxQjczNDZFQjA5QjExRUU5ODg1MDY5Qzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxgcwDQYJKoZIhvcNAQEL
BQADggEBABmVM55SSisKsMlc9yp+IWQKR0npCPqBy9u/LK+AQ15dSiNVIq5RCqwz
DYRVf6Mhw3x089vTTfKxY1Yrs2pZYV/+WtCObQDYd+OBiQ+5HVTweAMu+sq6YW+F
JUw4yvKTqJ54QIU1YE5pBRSqiwg3MMTuaSfSuisuPtp+ZrylAX8WPeC5jshbOL88
O6UDDGK2t4sXPOFC41gpqjWBSXFPAaF4Iju/qzSALVzPjudw+gHMdtYCnfl9emHW
xZvfMA+j8FBEw6ZbBJLylU1bBDetKq/DUfsGN0YvQdX8DmqmY6omvc7250m1TqfH
YlheGmST1SZq0tX4xz0JJeRGqQTwWoE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:16 2024 by rpki-client on console-fra.rpki-client.org