Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A321A124AEC711EE8CD75D56775412E6.roa
File:                     A321A124AEC711EE8CD75D56775412E6.roa (raw, json)
Hash identifier:          pbiuy2xez4A9CrHtfeWUWJzaWaxH+WCS4ujOC2/hyHI=
Subject key identifier:   AD:E1:B7:37:3B:3C:8F:D3:DE:91:DC:F6:43:BA:07:43:A5:C0:42:0A
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       72DD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A321A124AEC711EE8CD75D56775412E6.roa
Signing time:             Tue 09 Jan 2024 08:18:15 +0000
ROA not before:           Tue 09 Jan 2024 08:18:12 +0000
ROA not after:            Sat 11 Jan 2025 08:18:12 +0000
asID:                     138995
IP address blocks:        154.198.53.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29405 (0x72dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan  9 08:18:12 2024 GMT
            Not After : Jan 11 08:18:12 2025 GMT
        Subject: CN=659d0147-a561
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:81:44:79:d5:2f:48:08:0a:af:92:3e:54:ca:
                    d0:eb:32:34:6a:1a:78:2d:f3:f5:f6:16:87:9f:26:
                    ab:ae:4c:02:c1:4f:f7:09:1f:b2:26:6a:46:3e:4a:
                    c5:06:02:11:b8:41:11:e8:3f:a3:3d:41:c6:85:cf:
                    6c:f6:e9:b6:10:83:cb:47:19:d9:e6:e7:fb:53:75:
                    65:e8:4e:03:8a:d7:fa:95:75:37:e6:6b:bd:e5:14:
                    d8:a4:bd:d9:c4:49:4c:a5:86:32:d5:23:c5:49:3b:
                    cc:12:9c:b2:36:9d:e8:cb:69:8c:7f:03:63:7f:13:
                    c7:05:87:ea:eb:af:7a:3b:18:1a:d9:d8:0f:17:17:
                    fa:0d:ea:5a:a8:6c:57:5d:0c:99:a2:57:91:31:17:
                    eb:1c:de:6f:c1:59:c5:7b:00:4e:21:88:bd:1d:7d:
                    5b:0b:1b:29:44:9f:f7:d3:38:53:f0:f6:61:6c:51:
                    14:56:96:8c:b5:f5:64:cd:4c:db:9c:3d:c1:c3:60:
                    c6:59:e6:0a:b1:7d:ab:b6:38:55:17:9c:24:25:47:
                    ec:ed:5d:4e:9f:41:09:5a:22:1a:a1:e5:8a:92:c6:
                    bd:7b:bf:1c:e9:be:d7:30:9b:cd:e4:7d:6b:86:8a:
                    8a:22:0e:aa:01:f6:83:70:5a:8a:be:14:9c:31:73:
                    6f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:E1:B7:37:3B:3C:8F:D3:DE:91:DC:F6:43:BA:07:43:A5:C0:42:0A
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A321A124AEC711EE8CD75D56775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.198.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c9:b9:bd:6a:23:98:b8:f4:d8:8f:30:49:84:c1:21:3b:11:a2:
         f2:cf:8d:c7:3a:db:2b:3d:70:ca:08:f2:c8:33:d2:ea:55:33:
         73:c5:f6:c9:d4:84:51:01:3a:4e:01:0d:de:da:b6:2d:07:03:
         68:6e:0c:51:0f:02:2f:df:c4:82:f6:8a:07:82:12:d7:7e:cc:
         c2:3b:05:b1:08:3a:99:54:7f:e9:cc:3e:63:25:5f:9c:a1:09:
         8e:45:52:f0:9f:02:97:08:dd:02:83:3c:19:93:ed:ce:2a:7d:
         4b:d0:8f:58:06:fd:39:15:44:1a:42:0e:58:43:85:8d:6d:09:
         d3:63:ed:f5:d1:6e:60:11:10:e7:24:5f:bd:26:38:8a:75:1b:
         c8:6d:61:7b:2a:7e:fe:40:69:2d:8f:62:4c:0a:1b:6d:ce:f8:
         86:61:05:54:a9:12:cc:f8:15:36:29:f0:ec:cc:c9:9b:81:fc:
         40:9f:7c:b2:80:b4:26:43:08:82:9c:13:6f:1c:21:16:a2:e4:
         1f:3a:74:48:04:e5:28:2b:48:e6:19:c2:95:fc:e6:2e:07:4c:
         5a:21:b8:1c:59:ce:dd:1f:c7:05:93:bd:0c:a8:56:5f:2c:1e:
         2d:9a:a6:c6:f0:53:95:27:9f:04:c2:8f:da:c8:c2:5c:94:be:
         93:e8:79:7a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICct0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMDkwODE4MTJaFw0yNTAxMTEwODE4MTJaMBgxFjAU
BgNVBAMTDTY1OWQwMTQ3LWE1NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDogUR51S9ICAqvkj5UytDrMjRqGngt8/X2FoefJquuTALBT/cJH7ImakY+
SsUGAhG4QRHoP6M9QcaFz2z26bYQg8tHGdnm5/tTdWXoTgOK1/qVdTfma73lFNik
vdnESUylhjLVI8VJO8wSnLI2nejLaYx/A2N/E8cFh+rrr3o7GBrZ2A8XF/oN6lqo
bFddDJmiV5ExF+sc3m/BWcV7AE4hiL0dfVsLGylEn/fTOFPw9mFsURRWloy19WTN
TNucPcHDYMZZ5gqxfau2OFUXnCQlR+ztXU6fQQlaIhqh5YqSxr17vxzpvtcwm83k
fWuGiooiDqoB9oNwWoq+FJwxc2+PAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUreG3
Nzs8j9Pekdz2Q7oHQ6XAQgowHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0EzMjFBMTI0QUVDNzExRUU4Q0Q3NUQ1Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxjUwDQYJKoZIhvcNAQEL
BQADggEBAMm5vWojmLj02I8wSYTBITsRovLPjcc62ys9cMoI8sgz0upVM3PF9snU
hFEBOk4BDd7ati0HA2huDFEPAi/fxIL2igeCEtd+zMI7BbEIOplUf+nMPmMlX5yh
CY5FUvCfApcI3QKDPBmT7c4qfUvQj1gG/TkVRBpCDlhDhY1tCdNj7fXRbmAREOck
X70mOIp1G8htYXsqfv5AaS2PYkwKG23O+IZhBVSpEsz4FTYp8OzMyZuB/ECffLKA
tCZDCIKcE28cIRai5B86dEgE5SgrSOYZwpX85i4HTFohuBxZzt0fxwWTvQyoVl8s
Hi2apsbwU5UnnwTCj9rIwlyUvpPoeXo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:18 2024 by rpki-client on console-fra.rpki-client.org