Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95A49BC4AA1B11EE91D50553775412E6.roa
File:                     95A49BC4AA1B11EE91D50553775412E6.roa (raw, json)
Hash identifier:          An4Fl1DdYP6gX2Zm8uQ+TPVzQ+2S8iUdqeQu0j0fCZY=
Subject key identifier:   27:6E:F8:DF:0F:69:B5:14:24:81:20:AC:FE:E0:46:DE:2D:CF:79:10
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       6DAA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95A49BC4AA1B11EE91D50553775412E6.roa
Signing time:             Wed 03 Jan 2024 09:36:35 +0000
ROA not before:           Wed 03 Jan 2024 09:36:31 +0000
ROA not after:            Thu 02 Jan 2025 09:36:31 +0000
asID:                     18233
IP address blocks:        154.197.59.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 28074 (0x6daa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan  3 09:36:31 2024 GMT
            Not After : Jan  2 09:36:31 2025 GMT
        Subject: CN=65952aa3-c111
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b8:68:4d:fc:ad:53:ca:4a:24:4d:3e:f5:ac:
                    55:7f:06:d5:67:1f:e2:a9:5e:93:68:e5:41:f1:4e:
                    d5:7d:f5:4e:f4:4c:ae:24:7d:e3:4f:a1:4e:ad:8d:
                    6e:b0:9b:a2:ef:c3:c6:01:ae:ec:3f:47:2c:8c:08:
                    d6:e7:31:ff:31:23:59:ba:f6:57:0c:70:19:cc:5b:
                    e6:ea:56:87:c0:26:b7:3a:a9:69:e5:d0:f7:d6:18:
                    a0:d6:eb:f4:fc:26:9a:27:c8:18:b7:a2:9b:de:5f:
                    14:3a:4c:89:ee:5b:e1:9d:1c:35:7d:0c:d8:62:2e:
                    83:ee:77:cb:a6:0e:72:e7:13:27:f9:ef:9c:9b:57:
                    df:20:01:c7:f1:b6:32:04:11:c0:70:55:d6:ac:6a:
                    d5:da:69:1c:54:dd:e6:85:b3:9d:17:65:49:29:e6:
                    1b:a3:60:6a:f3:3b:77:fb:a1:37:fc:fc:73:9a:b6:
                    a1:b4:41:4c:ac:cb:f2:ed:db:39:87:cc:31:ce:9f:
                    09:ed:cc:e0:41:94:ff:12:40:7d:26:84:10:c4:e1:
                    f9:dd:4b:f4:3f:21:2b:10:8d:cc:93:53:32:2d:00:
                    27:c0:d6:39:54:7a:b1:95:cf:8f:91:5e:9a:18:de:
                    76:cd:33:3f:91:02:b2:df:6c:26:10:d8:78:ea:00:
                    7d:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:6E:F8:DF:0F:69:B5:14:24:81:20:AC:FE:E0:46:DE:2D:CF:79:10
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95A49BC4AA1B11EE91D50553775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.197.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d5:60:b1:3d:4e:16:9a:c9:0c:ff:47:02:ea:1f:8d:c8:4f:2a:
         0f:52:ce:73:ab:9d:fe:18:c0:19:b7:03:c6:4d:d0:41:1a:54:
         9c:1a:77:0c:71:dc:22:1f:4d:9d:88:bc:ea:e4:2b:1c:e8:5e:
         0f:a9:ed:ec:ce:50:7c:20:3c:23:48:59:a9:83:bd:25:ef:41:
         e0:3d:90:26:ce:c4:b7:b7:ab:82:b6:f0:6a:8b:53:93:1d:0d:
         5b:c8:2f:d6:cc:e2:9f:df:b4:4b:f0:40:29:a4:ea:88:57:0c:
         13:de:79:03:04:2e:13:74:7b:64:fd:f6:ef:5b:a0:c1:c5:a4:
         c1:df:de:60:40:67:ab:1c:70:93:14:e9:9b:4c:d0:49:53:77:
         56:4f:28:e5:1b:bc:84:e6:11:65:08:88:25:9c:6d:e8:02:24:
         e4:bf:02:17:47:2d:a7:6b:ee:fe:92:fc:e4:0e:12:b5:2c:fe:
         27:f8:f9:78:d2:83:d8:f7:fd:63:1e:4f:a0:ac:42:3f:ce:30:
         ea:5f:0d:5a:2f:12:bf:de:9c:7b:4f:21:ee:27:aa:6f:87:a4:
         c5:3a:8f:c1:c3:e4:12:02:02:4f:12:61:e9:fe:2a:ce:c8:59:
         c1:bd:ef:bc:a8:68:1a:b7:59:0f:c3:b7:cb:50:b9:d4:4f:1c:
         8c:ed:82:5f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICbaowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMDMwOTM2MzFaFw0yNTAxMDIwOTM2MzFaMBgxFjAU
BgNVBAMTDTY1OTUyYWEzLWMxMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5uGhN/K1TykokTT71rFV/BtVnH+KpXpNo5UHxTtV99U70TK4kfeNPoU6t
jW6wm6Lvw8YBruw/RyyMCNbnMf8xI1m69lcMcBnMW+bqVofAJrc6qWnl0PfWGKDW
6/T8JponyBi3opveXxQ6TInuW+GdHDV9DNhiLoPud8umDnLnEyf575ybV98gAcfx
tjIEEcBwVdasatXaaRxU3eaFs50XZUkp5hujYGrzO3f7oTf8/HOatqG0QUysy/Lt
2zmHzDHOnwntzOBBlP8SQH0mhBDE4fndS/Q/ISsQjcyTUzItACfA1jlUerGVz4+R
XpoY3nbNMz+RArLfbCYQ2HjqAH3/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJ274
3w9ptRQkgSCs/uBG3i3PeRAwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4Lzk1QTQ5QkM0QUExQjExRUU5MUQ1MDU1Mzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxTswDQYJKoZIhvcNAQEL
BQADggEBANVgsT1OFprJDP9HAuofjchPKg9SznOrnf4YwBm3A8ZN0EEaVJwadwxx
3CIfTZ2IvOrkKxzoXg+p7ezOUHwgPCNIWamDvSXvQeA9kCbOxLe3q4K28GqLU5Md
DVvIL9bM4p/ftEvwQCmk6ohXDBPeeQMELhN0e2T99u9boMHFpMHf3mBAZ6sccJMU
6ZtM0ElTd1ZPKOUbvITmEWUIiCWcbegCJOS/AhdHLadr7v6S/OQOErUs/if4+XjS
g9j3/WMeT6CsQj/OMOpfDVovEr/enHtPIe4nqm+HpMU6j8HD5BICAk8SYen+Ks7I
WcG977yoaBq3WQ/Dt8tQudRPHIztgl8=
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:40 2024 by rpki-client on console-fra.rpki-client.org