Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98EC3540155F11EE87BFF7514AD9E6FC.roa
File:                     98EC3540155F11EE87BFF7514AD9E6FC.roa (raw, json)
Hash identifier:          UsfH4y1GE0XeOlagr5hIFyYt+jhDvwILFQ6oFkEvPf0=
Subject key identifier:   4C:6B:E0:48:4D:2D:76:CF:35:55:93:22:9D:43:BF:4B:F7:10:8C:7E
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       2E6B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98EC3540155F11EE87BFF7514AD9E6FC.roa
Signing time:             Wed 28 Jun 2023 02:58:03 +0000
ROA not before:           Wed 28 Jun 2023 02:57:59 +0000
ROA not after:            Sun 04 Oct 2026 02:57:59 +0000
asID:                     131267
IP address blocks:        154.222.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11883 (0x2e6b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jun 28 02:57:59 2023 GMT
            Not After : Oct  4 02:57:59 2026 GMT
        Subject: CN=649ba1bb-a77f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:c4:17:a2:42:10:22:ae:c9:05:db:19:59:d2:
                    4e:d1:e4:5b:10:8c:6f:4f:76:a6:41:8e:9d:ec:8d:
                    78:1d:ac:c3:97:37:5c:35:48:f3:c1:41:4b:38:38:
                    e0:f3:19:da:ce:e9:7a:d9:26:f9:13:3b:26:f0:43:
                    69:69:10:f5:20:34:f6:54:23:09:f1:5d:c7:35:e2:
                    50:c1:b3:1e:09:3b:56:41:99:e6:9c:d0:5b:56:ac:
                    60:b1:42:68:33:7d:f0:8c:61:e8:e5:4a:b0:0d:74:
                    29:7d:75:06:b8:98:69:e0:39:f6:86:c5:a9:fa:22:
                    bb:3f:d0:3e:8a:be:d5:93:c6:91:ed:87:d5:91:30:
                    2e:f8:70:b4:8a:88:41:7f:40:08:c2:a9:db:78:e5:
                    6c:3a:76:8a:51:d7:8b:6a:2f:3f:7c:50:0f:0d:1e:
                    7d:b7:6f:dc:31:f5:e3:44:51:1a:ef:f6:5b:d4:28:
                    c4:2a:88:32:f6:ef:00:50:60:6e:23:63:0a:ad:08:
                    39:61:52:b1:1e:05:8f:3a:22:cb:ea:cd:54:78:ba:
                    df:51:fb:34:91:bf:08:55:2b:1b:5e:30:34:77:df:
                    34:f1:65:56:fa:4b:58:2c:52:a2:c2:84:42:ce:00:
                    a8:48:81:76:32:d8:11:c9:96:25:5b:8c:23:93:90:
                    94:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:6B:E0:48:4D:2D:76:CF:35:55:93:22:9D:43:BF:4B:F7:10:8C:7E
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98EC3540155F11EE87BFF7514AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.222.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ca:62:18:3c:69:4c:65:8a:01:87:5c:13:96:67:c4:5d:30:68:
         09:07:bb:5f:27:49:51:ad:39:64:0e:35:2e:5b:d0:38:e5:07:
         06:26:5a:2f:27:f3:41:6c:97:c0:b4:70:3f:03:39:3b:23:0f:
         d7:a4:d8:52:1b:e1:7e:c0:42:bb:43:a4:77:43:56:ae:97:1e:
         9c:02:8c:39:3c:b7:69:5b:fd:68:74:75:88:45:18:80:ab:da:
         8a:25:b7:46:cb:ad:16:42:b0:54:75:39:85:cf:3a:f2:21:25:
         f0:be:39:ff:8c:ee:2f:e0:bc:4e:66:28:0f:93:88:f9:c7:31:
         f6:ca:7b:b4:fe:bf:55:30:02:bf:21:33:21:20:bd:2c:83:ff:
         eb:02:2a:7f:4f:ed:76:87:ed:a7:8d:b0:46:98:40:5e:4d:8f:
         8c:75:7b:77:51:c0:c2:45:02:01:9a:11:6f:5d:6d:4a:1c:f8:
         d4:95:b1:2b:10:d1:ee:c7:d0:1c:8d:bd:ef:03:de:0e:e0:bd:
         dc:08:8a:0e:53:0e:30:2e:a8:6c:92:ff:dc:41:b2:a3:a0:c2:
         86:45:a5:4c:f2:bc:27:ab:c0:ef:12:5e:bb:18:36:c0:db:b7:
         9f:07:bd:b7:8d:da:a2:d2:f9:e5:f5:56:9b:ab:f4:30:5f:71:
         c9:46:e0:c4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICLmswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA2MjgwMjU3NTlaFw0yNjEwMDQwMjU3NTlaMBgxFjAU
BgNVBAMTDTY0OWJhMWJiLWE3N2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDgxBeiQhAirskF2xlZ0k7R5FsQjG9PdqZBjp3sjXgdrMOXN1w1SPPBQUs4
OODzGdrO6XrZJvkTOybwQ2lpEPUgNPZUIwnxXcc14lDBsx4JO1ZBmeac0FtWrGCx
QmgzffCMYejlSrANdCl9dQa4mGngOfaGxan6Irs/0D6KvtWTxpHth9WRMC74cLSK
iEF/QAjCqdt45Ww6dopR14tqLz98UA8NHn23b9wx9eNEURrv9lvUKMQqiDL27wBQ
YG4jYwqtCDlhUrEeBY86IsvqzVR4ut9R+zSRvwhVKxteMDR33zTxZVb6S1gsUqLC
hELOAKhIgXYy2BHJliVbjCOTkJQ3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUTGvg
SE0tds81VZMinUO/S/cQjH4wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4Lzk4RUMzNTQwMTU1RjExRUU4N0JGRjc1MTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa3gcwDQYJKoZIhvcNAQEL
BQADggEBAMpiGDxpTGWKAYdcE5ZnxF0waAkHu18nSVGtOWQONS5b0DjlBwYmWi8n
80Fsl8C0cD8DOTsjD9ek2FIb4X7AQrtDpHdDVq6XHpwCjDk8t2lb/Wh0dYhFGICr
2oolt0bLrRZCsFR1OYXPOvIhJfC+Of+M7i/gvE5mKA+TiPnHMfbKe7T+v1UwAr8h
MyEgvSyD/+sCKn9P7XaH7aeNsEaYQF5Nj4x1e3dRwMJFAgGaEW9dbUoc+NSVsSsQ
0e7H0ByNve8D3g7gvdwIig5TDjAuqGyS/9xBsqOgwoZFpUzyvCerwO8SXrsYNsDb
t58HvbeN2qLS+eX1Vpur9DBfcclG4MQ=
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:40 2024 by rpki-client on console-fra.rpki-client.org