Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/93D4B88AC1E811EEB2E1D1B1775412E6.roa
File:                     93D4B88AC1E811EEB2E1D1B1775412E6.roa (raw, json)
Hash identifier:          e8oxyFwlfCh4iSB153CjlK4O3O1Xl7VZx6hyQP5/eSU=
Subject key identifier:   81:E2:C3:79:60:E3:ED:67:91:38:F4:7B:DC:04:CE:52:94:CF:07:09
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       85BD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/93D4B88AC1E811EEB2E1D1B1775412E6.roa
Signing time:             Fri 02 Feb 2024 16:31:55 +0000
ROA not before:           Fri 02 Feb 2024 16:31:52 +0000
ROA not after:            Mon 27 Jan 2025 16:31:52 +0000
asID:                     138456
IP address blocks:        154.194.42.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34237 (0x85bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Feb  2 16:31:52 2024 GMT
            Not After : Jan 27 16:31:52 2025 GMT
        Subject: CN=65bd18fb-a994
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:2e:39:cd:e3:1f:49:6e:ec:78:50:eb:76:aa:
                    92:29:9f:af:17:5f:3e:ba:31:78:27:d7:c9:3f:33:
                    be:f1:05:e0:ca:cd:10:91:75:02:9f:df:1e:00:e9:
                    a6:b9:d0:11:d1:06:32:ae:f4:66:d3:6a:06:5a:d1:
                    bd:c9:22:86:9f:b7:d5:b0:fe:01:54:e9:e2:bb:71:
                    36:1e:64:2f:cc:68:d3:22:92:d2:ba:31:4b:2b:b1:
                    12:c0:cc:70:d7:d5:f4:fc:7b:cb:1f:9f:77:e2:f5:
                    4e:8e:d4:ca:b6:31:33:d3:e7:41:1e:ab:52:f3:41:
                    38:15:8e:95:77:02:c7:47:a0:c0:00:a5:df:b1:8b:
                    63:52:ee:c1:ec:c7:3b:20:f9:be:b1:4f:86:ee:ca:
                    6d:cc:d0:75:41:c1:8a:d6:cb:ed:22:e0:df:8e:7b:
                    ea:82:d2:fa:8d:1a:ff:56:18:8c:f0:be:cf:a9:d2:
                    6c:86:b2:e9:d3:49:fa:3a:ed:94:04:f8:a3:dd:57:
                    63:59:dc:ed:a7:e7:eb:4c:99:19:b4:2a:64:99:12:
                    c9:3c:34:ad:f2:1a:2a:d5:3a:bd:e7:4a:ca:3a:55:
                    c1:8b:aa:61:63:e5:5f:a2:07:56:4f:fa:fc:bf:a4:
                    63:e7:3d:14:95:95:8b:c6:f8:25:ce:99:99:f1:18:
                    79:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:E2:C3:79:60:E3:ED:67:91:38:F4:7B:DC:04:CE:52:94:CF:07:09
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/93D4B88AC1E811EEB2E1D1B1775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.194.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:a2:f4:63:48:d2:ef:bc:f7:a7:6b:6a:bb:3b:c5:82:c2:d9:
         20:ed:39:a3:16:cc:bd:64:a8:ed:7f:f1:70:b8:14:93:27:c8:
         31:b9:cf:59:13:d4:95:f3:48:29:d2:e0:16:df:96:af:d0:38:
         41:1f:75:b2:60:83:62:45:70:36:17:1b:15:61:92:f7:5b:97:
         59:17:4e:1c:40:a3:96:87:31:1d:88:5e:6f:90:1d:71:f5:64:
         7b:4c:01:c3:8e:ab:39:41:06:1c:9e:28:76:3f:11:89:c2:a0:
         dc:86:84:9d:52:62:45:a9:ed:ce:9f:b3:77:e6:e7:89:a8:98:
         71:11:d7:74:b0:13:47:02:bf:c4:91:57:55:58:1c:0b:20:1b:
         b5:33:4b:ca:2e:1b:04:54:de:46:cd:99:05:c9:39:bd:41:e1:
         ce:de:a6:96:36:48:04:6e:7a:94:52:00:72:18:ba:d9:8d:94:
         99:b1:d3:34:50:ee:2f:e5:f3:dd:7e:65:13:a7:ce:c3:54:a9:
         49:56:ce:af:ac:46:d4:73:a1:06:12:03:a8:60:3b:3c:bf:8f:
         8b:3b:13:c3:60:94:67:e2:d9:88:68:06:de:8d:69:99:1a:8d:
         87:cf:ba:4f:98:d5:8e:86:64:7b:b1:48:b1:50:b0:94:f4:ec:
         c1:3a:bb:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIW9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjAyMTYzMTUyWhcNMjUwMTI3MTYzMTUyWjAYMRYw
FAYDVQQDEw02NWJkMThmYi1hOTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1C45zeMfSW7seFDrdqqSKZ+vF18+ujF4J9fJPzO+8QXgys0QkXUCn98e
AOmmudAR0QYyrvRm02oGWtG9ySKGn7fVsP4BVOniu3E2HmQvzGjTIpLSujFLK7ES
wMxw19X0/HvLH5934vVOjtTKtjEz0+dBHqtS80E4FY6VdwLHR6DAAKXfsYtjUu7B
7Mc7IPm+sU+G7sptzNB1QcGK1svtIuDfjnvqgtL6jRr/VhiM8L7PqdJshrLp00n6
Ou2UBPij3VdjWdztp+frTJkZtCpkmRLJPDSt8hoq1Tq950rKOlXBi6phY+VfogdW
T/r8v6Rj5z0UlZWLxvglzpmZ8Rh5uQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIHi
w3lg4+1nkTj0e9wEzlKUzwcJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85M0Q0Qjg4QUMxRTgxMUVFQjJFMUQxQjE3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIqMA0GCSqGSIb3DQEB
CwUAA4IBAQC1ovRjSNLvvPena2q7O8WCwtkg7TmjFsy9ZKjtf/FwuBSTJ8gxuc9Z
E9SV80gp0uAW35av0DhBH3WyYINiRXA2FxsVYZL3W5dZF04cQKOWhzEdiF5vkB1x
9WR7TAHDjqs5QQYcnih2PxGJwqDchoSdUmJFqe3On7N35ueJqJhxEdd0sBNHAr/E
kVdVWBwLIBu1M0vKLhsEVN5GzZkFyTm9QeHO3qaWNkgEbnqUUgByGLrZjZSZsdM0
UO4v5fPdfmUTp87DVKlJVs6vrEbUc6EGEgOoYDs8v4+LOxPDYJRn4tmIaAbejWmZ
Go2Hz7pPmNWOhmR7sUixULCU9OzBOrtB
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:15 2024 by rpki-client on console-ams.rpki-client.org