Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1576F52B22E11EE81285976775412E6.roa
File:                     B1576F52B22E11EE81285976775412E6.roa (raw, json)
Hash identifier:          juU/dW+vIRXyTnAjspiX599GqJ6aPEcAO3UKFHF8rhI=
Subject key identifier:   CB:55:ED:7B:E8:4E:89:D0:6D:48:A2:FE:EE:A1:B6:2A:CE:7A:FD:B4
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7508
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1576F52B22E11EE81285976775412E6.roa
Signing time:             Sat 13 Jan 2024 16:13:31 +0000
ROA not before:           Sat 13 Jan 2024 16:13:28 +0000
ROA not after:            Fri 13 Dec 2024 16:13:28 +0000
asID:                     140227
IP address blocks:        154.205.213.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29960 (0x7508)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 13 16:13:28 2024 GMT
            Not After : Dec 13 16:13:28 2024 GMT
        Subject: CN=65a2b6ab-9e95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:64:6d:e9:b2:9e:0e:3f:4b:9c:b7:02:b0:fd:
                    ab:cc:60:e2:57:84:3e:2c:31:b7:32:b3:f7:f3:b3:
                    a2:a5:77:0e:0d:1e:0d:d3:b1:b3:cc:aa:9b:8c:cf:
                    9d:a9:4d:cf:f7:bd:2d:4a:17:96:8f:49:ac:c0:c0:
                    33:b8:ca:d7:0b:7c:f3:2f:b8:bc:0a:df:3c:f0:2a:
                    d8:97:da:ca:7d:56:a4:7f:5e:18:25:55:95:ff:a7:
                    e2:95:4c:14:19:fa:4b:a0:9f:10:d9:73:11:62:31:
                    25:f9:2d:17:61:a5:d7:aa:e6:7d:b8:2a:19:fb:62:
                    b9:e9:47:f0:59:5f:aa:04:3a:88:98:2e:ce:72:82:
                    f4:71:d0:e0:51:31:4a:40:60:78:36:57:7e:ec:a8:
                    a8:b0:b7:49:bf:41:4c:96:04:bd:ce:71:12:5a:db:
                    91:8a:17:e9:ef:2d:e0:51:1b:e4:15:6c:af:07:01:
                    97:86:c8:62:83:87:5b:27:98:06:ec:57:24:ef:ab:
                    d5:52:98:7a:5c:2e:8d:d3:0b:64:4a:c0:b9:c8:81:
                    82:44:cc:07:b1:95:1a:20:49:8e:86:e1:8e:d5:fc:
                    e2:aa:7a:fa:75:25:f8:95:46:4e:a5:1b:0f:f6:19:
                    ce:c8:30:92:09:73:e0:b1:90:b2:0c:24:39:50:a7:
                    75:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:55:ED:7B:E8:4E:89:D0:6D:48:A2:FE:EE:A1:B6:2A:CE:7A:FD:B4
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1576F52B22E11EE81285976775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:d1:4d:1c:e4:c3:71:1c:12:00:1d:26:cf:1b:5a:61:79:76:
         6b:cf:bf:03:3b:9c:66:7b:0c:b3:1d:09:a5:17:4b:36:24:0c:
         e7:0f:c0:35:22:7e:9d:ff:87:ba:18:55:43:5f:2d:57:d4:fe:
         e9:c2:a1:df:58:91:fb:25:2a:83:d6:56:b7:6e:77:15:e2:60:
         48:27:37:54:b1:9f:4c:9f:80:bc:83:02:c9:a2:e0:97:9e:39:
         55:86:e7:ef:41:73:25:ef:16:e8:a4:b1:e4:ef:9b:c7:b3:fd:
         62:e7:01:0f:46:d4:5d:0c:c1:8f:d1:a1:ab:a8:17:8b:96:8b:
         eb:3a:ee:c7:4b:5a:f7:26:1e:0b:c1:29:c8:75:bf:d4:be:92:
         1f:46:53:7c:ff:eb:8f:51:85:e2:95:4e:5a:73:66:f6:1b:85:
         46:d0:f6:2e:6c:e1:4a:e4:1d:22:d5:1b:06:3c:49:3f:7e:9f:
         95:3a:a4:ff:69:33:29:18:94:43:c1:ea:4c:d6:d8:0a:39:63:
         20:4d:1e:e3:01:77:f8:49:ad:8f:0e:50:4c:aa:a0:a4:0e:04:
         7b:d3:43:f7:12:e4:cf:0d:3e:40:0a:3e:f9:c5:13:fe:86:b1:
         87:82:57:53:99:05:88:41:e0:46:11:83:f7:5d:18:96:dd:c9:
         56:45:40:67
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdQgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTMxNjEzMjhaFw0yNDEyMTMxNjEzMjhaMBgxFjAU
BgNVBAMTDTY1YTJiNmFiLTllOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEZG3psp4OP0uctwKw/avMYOJXhD4sMbcys/fzs6Kldw4NHg3TsbPMqpuM
z52pTc/3vS1KF5aPSazAwDO4ytcLfPMvuLwK3zzwKtiX2sp9VqR/XhglVZX/p+KV
TBQZ+kugnxDZcxFiMSX5LRdhpdeq5n24Khn7YrnpR/BZX6oEOoiYLs5ygvRx0OBR
MUpAYHg2V37sqKiwt0m/QUyWBL3OcRJa25GKF+nvLeBRG+QVbK8HAZeGyGKDh1sn
mAbsVyTvq9VSmHpcLo3TC2RKwLnIgYJEzAexlRogSY6G4Y7V/OKqevp1JfiVRk6l
Gw/2Gc7IMJIJc+CxkLIMJDlQp3WzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUy1Xt
e+hOidBtSKL+7qG2Ks56/bQwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0IxNTc2RjUyQjIyRTExRUU4MTI4NTk3Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazdUwDQYJKoZIhvcNAQEL
BQADggEBAHnRTRzkw3EcEgAdJs8bWmF5dmvPvwM7nGZ7DLMdCaUXSzYkDOcPwDUi
fp3/h7oYVUNfLVfU/unCod9YkfslKoPWVrdudxXiYEgnN1Sxn0yfgLyDAsmi4Jee
OVWG5+9BcyXvFuikseTvm8ez/WLnAQ9G1F0MwY/RoauoF4uWi+s67sdLWvcmHgvB
Kch1v9S+kh9GU3z/649RheKVTlpzZvYbhUbQ9i5s4UrkHSLVGwY8ST9+n5U6pP9p
MykYlEPB6kzW2Ao5YyBNHuMBd/hJrY8OUEyqoKQOBHvTQ/cS5M8NPkAKPvnFE/6G
sYeCV1OZBYhB4EYRg/ddGJbdyVZFQGc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:04:29 2024 by rpki-client on console-ams.rpki-client.org