Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3897FD0A2C711EEBC03F62BD25BE465.roa
File:                     A3897FD0A2C711EEBC03F62BD25BE465.roa (raw, json)
Hash identifier:          e2T+HYCc//Y2OqXAW8trA6kUQaSkahhQOGiU5neO4EQ=
Subject key identifier:   D3:E0:66:C7:5D:81:28:43:89:32:CE:E7:14:08:A9:E8:27:9A:55:90
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       66A5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3897FD0A2C711EEBC03F62BD25BE465.roa
Signing time:             Mon 25 Dec 2023 01:48:02 +0000
ROA not before:           Mon 25 Dec 2023 01:47:59 +0000
ROA not after:            Tue 07 Jan 2025 01:47:59 +0000
asID:                     139057
IP address blocks:        154.85.91.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26277 (0x66a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Dec 25 01:47:59 2023 GMT
            Not After : Jan  7 01:47:59 2025 GMT
        Subject: CN=6588df52-c8c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:9d:dc:a7:cc:52:34:19:4c:8f:d0:5c:b5:c9:
                    40:09:ff:b1:2f:0e:83:ec:47:6c:c2:dd:a4:6f:ed:
                    52:75:63:ea:d5:dc:65:7c:78:35:ef:c2:66:23:3b:
                    c1:05:29:22:d1:5a:d7:ca:18:65:32:7d:2e:1c:d5:
                    86:32:e0:f4:72:13:98:3d:3f:eb:83:7c:6a:74:81:
                    9d:61:98:dc:ef:f9:56:ed:0a:75:f7:ab:22:b6:a0:
                    f2:c8:c8:41:c2:f4:f5:67:f4:6b:c6:d0:38:f6:a1:
                    90:34:ea:a1:9d:fb:18:c6:cc:f4:fc:e1:27:3c:1b:
                    78:b7:8b:d1:84:43:88:33:b5:29:cc:e5:cd:bc:5c:
                    33:f0:3c:f9:9e:de:79:f0:27:57:c6:1a:c7:fb:bb:
                    0f:11:c4:53:12:9a:00:ae:90:7b:e3:b1:e8:ea:92:
                    04:c8:ad:73:2f:48:5f:6c:5d:e1:7a:11:3d:84:d3:
                    76:43:89:1b:c9:4c:9a:5a:7d:25:a0:59:1d:e2:b1:
                    6c:bd:23:f4:7b:35:e2:6b:d0:a4:c0:5d:25:e6:d3:
                    9d:47:92:a2:8a:d9:5d:fd:28:13:29:2d:44:0d:a5:
                    6e:0f:2e:3a:00:ef:f4:f3:69:6c:4f:5b:27:ff:1c:
                    34:63:12:ce:72:f6:9e:fa:85:e3:f6:54:40:a3:74:
                    4c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:E0:66:C7:5D:81:28:43:89:32:CE:E7:14:08:A9:E8:27:9A:55:90
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3897FD0A2C711EEBC03F62BD25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.85.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:5f:1a:80:8f:4c:9c:37:d1:27:52:58:71:50:d3:6c:aa:26:
         d4:cd:22:1c:8b:11:c7:df:7e:d2:f9:50:94:9a:cc:03:b4:f2:
         6c:c6:89:bf:f5:ff:2c:93:90:ee:9f:44:2b:d4:e7:bd:99:e6:
         0d:a7:42:7b:68:95:a6:92:38:c6:8c:6e:a0:fd:ef:cd:a5:96:
         86:c6:79:40:49:13:e4:c2:3b:03:e0:ec:6c:f9:b6:6b:18:82:
         f1:78:f6:f7:54:3e:bf:53:02:cb:b8:3e:25:f1:46:4f:b2:4c:
         57:4c:98:56:0f:31:fe:34:10:65:cf:cf:07:72:c8:3e:e0:ad:
         65:dd:8c:71:8c:da:b9:01:2d:28:39:1b:d7:17:79:b3:9b:19:
         1e:bf:e2:6a:0f:bc:30:cb:65:de:75:03:2e:2e:e7:5b:5c:8d:
         52:64:97:d1:c2:f0:22:e7:6a:b2:07:a8:da:d3:32:20:a1:66:
         dc:db:33:06:99:71:5f:5a:05:b5:73:8b:8d:d5:6c:2f:a6:bc:
         d8:36:7f:d0:2d:ab:f4:6e:b1:08:13:4c:33:6c:6c:08:12:35:
         1b:8d:e7:19:21:4f:f2:92:d1:ad:40:d1:2e:41:4c:c2:5e:8e:
         fd:08:69:7d:63:cb:8e:45:2c:dd:1f:d8:a6:36:4e:c9:7d:2e:
         d4:fa:f3:a9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICZqUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzEyMjUwMTQ3NTlaFw0yNTAxMDcwMTQ3NTlaMBgxFjAU
BgNVBAMTDTY1ODhkZjUyLWM4YzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdndynzFI0GUyP0Fy1yUAJ/7EvDoPsR2zC3aRv7VJ1Y+rV3GV8eDXvwmYj
O8EFKSLRWtfKGGUyfS4c1YYy4PRyE5g9P+uDfGp0gZ1hmNzv+VbtCnX3qyK2oPLI
yEHC9PVn9GvG0Dj2oZA06qGd+xjGzPT84Sc8G3i3i9GEQ4gztSnM5c28XDPwPPme
3nnwJ1fGGsf7uw8RxFMSmgCukHvjsejqkgTIrXMvSF9sXeF6ET2E03ZDiRvJTJpa
fSWgWR3isWy9I/R7NeJr0KTAXSXm051HkqKK2V39KBMpLUQNpW4PLjoA7/TzaWxP
Wyf/HDRjEs5y9p76heP2VECjdEyTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0+Bm
x12BKEOJMs7nFAip6CeaVZAwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0EzODk3RkQwQTJDNzExRUVCQzAzRjYyQkQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVVswDQYJKoZIhvcNAQEL
BQADggEBAMdfGoCPTJw30SdSWHFQ02yqJtTNIhyLEcffftL5UJSazAO08mzGib/1
/yyTkO6fRCvU572Z5g2nQntolaaSOMaMbqD9782llobGeUBJE+TCOwPg7Gz5tmsY
gvF49vdUPr9TAsu4PiXxRk+yTFdMmFYPMf40EGXPzwdyyD7grWXdjHGM2rkBLSg5
G9cXebObGR6/4moPvDDLZd51Ay4u51tcjVJkl9HC8CLnarIHqNrTMiChZtzbMwaZ
cV9aBbVzi43VbC+mvNg2f9Atq/RusQgTTDNsbAgSNRuN5xkhT/KS0a1A0S5BTMJe
jv0IaX1jy45FLN0f2KY2Tsl9LtT686k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:18 2024 by rpki-client on console-fra.rpki-client.org