Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C4B915ABC8911EE8A271A5F775412E6.roa
File:                     9C4B915ABC8911EE8A271A5F775412E6.roa (raw, json)
Hash identifier:          aJNL5w/K1X694p7IpJzjw2AS4+4ImQt37/2eF7aPBHY=
Subject key identifier:   AE:CF:44:E7:C0:01:6D:82:F6:C5:86:14:B2:5D:05:11:B5:10:6E:F0
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7EB4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C4B915ABC8911EE8A271A5F775412E6.roa
Signing time:             Fri 26 Jan 2024 20:29:31 +0000
ROA not before:           Fri 26 Jan 2024 20:29:28 +0000
ROA not after:            Mon 27 Jan 2025 20:29:28 +0000
asID:                     38638
IP address blocks:        154.194.15.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32436 (0x7eb4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 26 20:29:28 2024 GMT
            Not After : Jan 27 20:29:28 2025 GMT
        Subject: CN=65b4162b-7464
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a6:12:31:8a:87:a9:78:d4:fc:5a:b9:d6:1a:
                    13:0e:8e:38:24:84:12:23:7f:f4:8c:82:38:c2:88:
                    2c:bb:78:e1:29:f2:68:f9:f5:ea:14:d0:1c:24:a3:
                    ff:fb:ec:9e:de:bd:54:d8:aa:37:b4:84:af:aa:49:
                    3d:57:98:3b:a3:d9:dd:94:42:90:61:45:ba:7b:56:
                    6a:c6:2d:a2:ed:67:2a:5a:a8:f1:67:72:28:fb:f8:
                    96:e6:92:c5:0f:62:90:e3:f5:5e:8b:22:69:d8:fe:
                    cf:65:c3:47:7f:2a:70:31:19:f6:c0:a3:4d:b6:a0:
                    83:00:a2:f7:b6:59:ce:69:d2:26:f1:fe:f2:09:5d:
                    d8:c0:54:d8:b6:f8:84:73:9b:f5:b7:7f:0c:5a:d2:
                    42:67:7a:a4:5c:22:7e:51:19:36:d4:66:cd:ab:fd:
                    e6:a6:b4:97:21:15:31:e4:15:00:6e:91:15:38:da:
                    77:85:3e:5c:c7:de:cb:a2:70:cd:bd:8f:4d:7b:14:
                    dd:1c:77:59:ae:36:3f:11:25:85:87:69:a6:b1:39:
                    63:e8:82:fd:28:a4:f6:e0:41:5c:d0:fe:df:3b:73:
                    2a:69:0c:8a:44:14:8f:01:65:65:9b:03:a5:45:6d:
                    95:86:2c:d4:2a:f1:26:cc:04:d8:ab:9c:9f:88:81:
                    15:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:CF:44:E7:C0:01:6D:82:F6:C5:86:14:B2:5D:05:11:B5:10:6E:F0
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C4B915ABC8911EE8A271A5F775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.194.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:5a:59:fb:f2:bd:78:fb:53:9b:45:0d:bc:22:84:10:5d:2a:
         7a:df:fc:95:fc:02:32:21:72:79:2a:82:0c:f5:82:23:4b:22:
         92:db:4c:e0:2a:d7:18:c0:28:ba:87:f3:a0:fd:56:5d:6f:bf:
         24:f6:5f:89:0c:17:a6:63:a2:3b:e4:63:42:41:38:dc:8e:94:
         17:ef:ab:19:18:75:e1:b5:46:11:ff:ff:32:08:a5:30:a7:5e:
         0c:10:65:4e:38:e1:51:3b:7d:01:9e:43:58:65:76:3a:99:08:
         f9:18:65:bf:8e:06:0e:2b:94:ea:31:3e:9e:b0:34:30:ff:4f:
         6a:83:eb:1b:46:a1:8b:ea:7c:3d:c9:a1:67:94:ef:43:66:00:
         2e:73:d0:9d:4b:08:f3:b4:f9:f0:1c:b5:e9:23:74:f9:bf:46:
         c7:e3:e3:b3:e9:f4:9d:2b:70:41:47:fe:a5:fc:4e:1b:70:de:
         0f:94:51:0f:2a:ae:3a:bc:bd:25:fd:cd:22:07:97:06:34:d3:
         e0:fe:cb:b1:2c:57:5f:80:98:e1:43:ae:17:6e:a9:b7:04:2c:
         44:bb:ff:6d:6a:c2:a2:d5:43:21:c8:e9:ae:d7:50:68:28:13:
         00:53:06:b9:8f:ed:bd:6a:1c:0b:e5:2f:82:f6:3d:d1:67:0f:
         50:22:8f:9b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICfrQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMjYyMDI5MjhaFw0yNTAxMjcyMDI5MjhaMBgxFjAU
BgNVBAMTDTY1YjQxNjJiLTc0NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDfphIxioepeNT8WrnWGhMOjjgkhBIjf/SMgjjCiCy7eOEp8mj59eoU0Bwk
o//77J7evVTYqje0hK+qST1XmDuj2d2UQpBhRbp7VmrGLaLtZypaqPFncij7+Jbm
ksUPYpDj9V6LImnY/s9lw0d/KnAxGfbAo022oIMAove2Wc5p0ibx/vIJXdjAVNi2
+IRzm/W3fwxa0kJneqRcIn5RGTbUZs2r/eamtJchFTHkFQBukRU42neFPlzH3sui
cM29j017FN0cd1muNj8RJYWHaaaxOWPogv0opPbgQVzQ/t87cyppDIpEFI8BZWWb
A6VFbZWGLNQq8SbMBNirnJ+IgRUVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUrs9E
58ABbYL2xYYUsl0FEbUQbvAwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzlDNEI5MTVBQkM4OTExRUU4QTI3MUE1Rjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACawg8wDQYJKoZIhvcNAQEL
BQADggEBAHlaWfvyvXj7U5tFDbwihBBdKnrf/JX8AjIhcnkqggz1giNLIpLbTOAq
1xjAKLqH86D9Vl1vvyT2X4kMF6ZjojvkY0JBONyOlBfvqxkYdeG1RhH//zIIpTCn
XgwQZU444VE7fQGeQ1hldjqZCPkYZb+OBg4rlOoxPp6wNDD/T2qD6xtGoYvqfD3J
oWeU70NmAC5z0J1LCPO0+fActekjdPm/Rsfj47Pp9J0rcEFH/qX8Thtw3g+UUQ8q
rjq8vSX9zSIHlwY00+D+y7EsV1+AmOFDrhduqbcELES7/21qwqLVQyHI6a7XUGgo
EwBTBrmP7b1qHAvlL4L2PdFnD1Aij5s=
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:40 2024 by rpki-client on console-fra.rpki-client.org