Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C0474EE141A11EFB4493940017001B1.roa
File:                     9C0474EE141A11EFB4493940017001B1.roa (raw, json)
Hash identifier:          70L3XKn0paNXGZEZ9FVd3Ie2HEuxTPPPi0JTlvY27Fs=
Subject key identifier:   ED:FF:C1:61:C6:7C:AD:E2:CB:2D:4B:26:90:A1:85:68:AC:2E:25:E6
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       B82F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C0474EE141A11EFB4493940017001B1.roa
Signing time:             Fri 17 May 2024 06:56:40 +0000
ROA not before:           Fri 17 May 2024 06:56:35 +0000
ROA not after:            Thu 04 Jul 2024 06:56:35 +0000
asID:                     44559
IP address blocks:        154.216.16.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47151 (0xb82f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 17 06:56:35 2024 GMT
            Not After : Jul  4 06:56:35 2024 GMT
        Subject: CN=6646ffa7-457c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:7e:30:96:86:01:05:17:f7:b8:0d:bb:19:11:
                    30:7c:dd:96:23:06:cc:75:be:6a:52:e6:71:35:d9:
                    6a:3c:5a:0e:d1:2d:50:13:02:38:ed:06:9c:75:2a:
                    df:bb:36:0d:e2:3a:02:8b:77:d4:ef:f8:55:5e:48:
                    64:c0:59:81:62:14:39:e9:52:07:55:a9:59:f0:f1:
                    58:f3:75:f9:8b:23:1f:70:f2:8f:b1:21:49:a4:e2:
                    09:60:5e:26:35:5b:be:80:d8:e4:94:33:6b:b7:80:
                    b4:4a:30:e7:10:00:ec:eb:9e:32:09:5a:6f:b2:66:
                    3e:56:38:6a:66:61:01:26:a7:74:ad:ac:be:b4:10:
                    46:19:b6:26:13:ea:5d:18:ce:be:bb:21:60:b1:e8:
                    d5:6c:ca:76:16:fb:58:f5:45:47:7f:6e:a2:df:39:
                    b5:2d:02:c1:88:d2:29:6a:d9:ac:96:96:9d:ae:96:
                    c0:ef:95:6e:bd:c9:eb:b7:ba:18:f5:0d:5a:8f:06:
                    54:4d:be:69:86:5a:e4:c9:ce:0a:4e:16:77:0c:a7:
                    1e:5d:2f:66:f9:25:1c:87:ee:45:bf:bb:a3:77:06:
                    59:aa:c4:ab:9e:5b:2d:8e:8a:1b:52:36:99:58:84:
                    3b:21:4f:90:52:cf:82:f5:ad:8b:dc:67:9e:06:19:
                    8a:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:FF:C1:61:C6:7C:AD:E2:CB:2D:4B:26:90:A1:85:68:AC:2E:25:E6
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C0474EE141A11EFB4493940017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.216.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         57:3c:b6:a1:db:31:52:a8:46:41:74:d2:1e:7f:6a:d5:60:2a:
         70:b8:95:fd:69:3d:f4:55:4b:9d:59:27:b8:eb:f3:23:2c:31:
         5c:05:db:1c:07:e9:8c:88:2a:25:27:a8:83:48:25:43:1e:3b:
         c9:a2:2f:86:4d:4c:cd:ac:15:ad:0f:f5:a1:d0:e3:e5:ad:91:
         98:b1:fd:d2:60:00:93:a9:50:0d:e3:ad:95:1c:dd:8d:3e:09:
         29:db:08:97:a1:ea:95:04:2b:5f:9f:cc:f9:30:57:66:c2:27:
         4e:5c:4d:e3:7d:9c:ec:b6:7f:fe:4a:65:87:54:44:6a:92:44:
         7a:44:16:f5:e6:ca:f0:e2:c5:36:83:9b:7a:ee:28:d0:8b:9b:
         54:f9:bc:89:a2:12:f3:f6:05:0b:78:96:31:ef:ae:17:8c:c2:
         16:a6:b3:5b:5e:c4:f6:43:ca:63:3a:de:8c:58:95:42:b8:a4:
         ef:fc:e3:00:2a:9c:3e:92:5a:02:2c:cf:7f:ab:43:ca:e4:e4:
         aa:4f:d6:93:41:80:ed:47:a8:9c:02:29:7e:6e:6f:5e:33:ae:
         c1:24:07:eb:08:2b:ac:a9:9e:47:17:bc:2f:60:4d:53:87:34:
         ea:20:25:82:47:71:37:88:00:1b:f4:9b:c8:db:b8:ed:aa:20:
         91:df:3d:ad
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALgvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTE3MDY1NjM1WhcNMjQwNzA0MDY1NjM1WjAYMRYw
FAYDVQQDEw02NjQ2ZmZhNy00NTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnH4wloYBBRf3uA27GREwfN2WIwbMdb5qUuZxNdlqPFoO0S1QEwI47Qac
dSrfuzYN4joCi3fU7/hVXkhkwFmBYhQ56VIHValZ8PFY83X5iyMfcPKPsSFJpOIJ
YF4mNVu+gNjklDNrt4C0SjDnEADs654yCVpvsmY+VjhqZmEBJqd0ray+tBBGGbYm
E+pdGM6+uyFgsejVbMp2FvtY9UVHf26i3zm1LQLBiNIpatmslpadrpbA75Vuvcnr
t7oY9Q1ajwZUTb5phlrkyc4KThZ3DKceXS9m+SUch+5Fv7ujdwZZqsSrnlstjoob
UjaZWIQ7IU+QUs+C9a2L3GeeBhmKCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO3/
wWHGfK3iyy1LJpChhWisLiXmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QzA0NzRFRTE0MUExMUVGQjQ0OTM5NDAwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtgQMA0GCSqGSIb3DQEB
CwUAA4IBAQBXPLah2zFSqEZBdNIef2rVYCpwuJX9aT30VUudWSe46/MjLDFcBdsc
B+mMiColJ6iDSCVDHjvJoi+GTUzNrBWtD/Wh0OPlrZGYsf3SYACTqVAN462VHN2N
Pgkp2wiXoeqVBCtfn8z5MFdmwidOXE3jfZzstn/+SmWHVERqkkR6RBb15srw4sU2
g5t67ijQi5tU+byJohLz9gULeJYx764XjMIWprNbXsT2Q8pjOt6MWJVCuKTv/OMA
Kpw+kloCLM9/q0PK5OSqT9aTQYDtR6icAil+bm9eM67BJAfrCCusqZ5HF7wvYE1T
hzTqICWCR3E3iAAb9JvI27jtqiCR3z2t
-----END CERTIFICATE-----
Generated at Sat Jun 15 07:34:16 2024 by rpki-client on console-fra.rpki-client.org