Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8307B125E1811EEA6F8114B4AD9E6FC.roa
File:                     B8307B125E1811EEA6F8114B4AD9E6FC.roa (raw, json)
Hash identifier:          UJ+kgg8S60pBPDEMlAeRqrgIJJHh5POKkalXv/9SXmE=
Subject key identifier:   24:A3:75:65:91:C5:39:AA:78:8E:CC:D6:8C:1A:E1:4F:37:04:1D:3F
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       4381
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8307B125E1811EEA6F8114B4AD9E6FC.roa
Signing time:             Thu 28 Sep 2023 16:04:36 +0000
ROA not before:           Thu 28 Sep 2023 16:04:33 +0000
ROA not after:            Wed 30 Sep 2026 16:04:33 +0000
asID:                     27947
IP address blocks:        154.197.111.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17281 (0x4381)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Sep 28 16:04:33 2023 GMT
            Not After : Sep 30 16:04:33 2026 GMT
        Subject: CN=6515a414-39ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:40:04:0f:fa:67:b6:c6:cf:37:1a:1b:4c:70:
                    40:fc:38:c8:ec:b0:38:3b:ce:77:88:ca:0e:e3:3d:
                    5a:5e:d0:fb:2a:c1:02:f4:b2:dc:2a:5a:91:f3:29:
                    46:0e:02:97:57:a7:50:f7:5f:dd:c7:e2:cf:d8:1e:
                    31:84:2d:f7:b9:67:eb:09:36:8a:f7:b0:b8:28:47:
                    cb:52:96:ac:37:2a:39:8d:d0:70:4c:86:fc:e1:4e:
                    07:d4:b7:53:95:dd:6a:1c:8f:fa:5a:36:7e:3a:32:
                    f5:28:1f:a0:fa:40:2d:63:10:7a:46:5a:e3:3b:bd:
                    97:0a:1c:3a:bd:36:4e:75:28:90:d0:22:01:18:b5:
                    8b:ac:e8:53:77:de:e8:71:0f:f1:27:bf:0d:2a:f5:
                    e6:50:80:58:95:5a:78:92:1b:3e:37:9a:8d:3c:b1:
                    98:16:ed:69:6a:8d:04:cc:ef:07:5b:ea:e0:3c:71:
                    04:8f:49:57:07:96:2b:42:b7:89:00:d3:54:e9:32:
                    03:1d:93:c9:ac:e1:80:e3:b8:8e:46:ef:24:c8:3b:
                    fd:61:8c:fe:c7:b9:83:ff:a2:6e:ee:f2:5d:13:c1:
                    d4:3d:84:5f:0b:cb:ab:64:1f:d1:50:c6:71:3a:20:
                    06:8d:df:c9:77:72:77:87:35:03:37:83:48:7a:49:
                    73:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:A3:75:65:91:C5:39:AA:78:8E:CC:D6:8C:1A:E1:4F:37:04:1D:3F
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8307B125E1811EEA6F8114B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.197.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:99:17:6b:65:6c:b1:27:84:bb:2f:28:57:ad:2b:8b:8c:79:
         57:9b:8c:5a:19:aa:2a:4b:0c:89:c9:c0:07:14:3d:e2:5f:dd:
         71:16:8b:3f:1a:70:a4:0c:4e:c0:4c:af:96:e6:8c:d8:d6:03:
         16:7d:e3:7c:7c:1b:60:d4:c8:12:08:6e:e1:5d:9d:86:da:33:
         f8:91:c7:b4:85:78:1f:41:a9:3c:12:c8:39:9e:44:26:e6:3c:
         10:f2:cf:62:05:31:09:10:a3:bb:84:36:37:57:5e:eb:d6:ef:
         87:2d:81:79:0e:ea:77:c8:e5:a0:e6:0c:e5:57:30:9b:00:4e:
         99:37:38:6e:5b:91:b6:3f:0f:80:0b:47:4f:81:80:a4:b5:14:
         1b:e1:f3:9c:96:62:a9:03:1a:f9:30:2b:ac:7d:6f:31:03:04:
         e4:a6:07:d5:2d:08:74:ea:e8:d3:e7:60:52:6f:0f:00:06:6c:
         bd:1a:1d:89:d9:51:1d:1e:93:cc:87:8c:3c:4e:99:af:6f:83:
         8b:82:8e:37:2f:79:ee:25:51:9b:6b:e3:98:04:19:ae:90:e2:
         86:3b:f5:ea:8b:b3:35:8f:65:71:ab:b5:0c:55:42:4b:40:84:
         9c:96:70:13:49:d9:fc:bf:1e:82:16:24:1b:18:a4:bf:f1:9f:
         07:e8:d2:ca
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICQ4EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA5MjgxNjA0MzNaFw0yNjA5MzAxNjA0MzNaMBgxFjAU
BgNVBAMTDTY1MTVhNDE0LTM5ZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEQAQP+me2xs83GhtMcED8OMjssDg7zneIyg7jPVpe0PsqwQL0stwqWpHz
KUYOApdXp1D3X93H4s/YHjGELfe5Z+sJNor3sLgoR8tSlqw3KjmN0HBMhvzhTgfU
t1OV3Wocj/paNn46MvUoH6D6QC1jEHpGWuM7vZcKHDq9Nk51KJDQIgEYtYus6FN3
3uhxD/Envw0q9eZQgFiVWniSGz43mo08sZgW7WlqjQTM7wdb6uA8cQSPSVcHlitC
t4kA01TpMgMdk8ms4YDjuI5G7yTIO/1hjP7HuYP/om7u8l0TwdQ9hF8Ly6tkH9FQ
xnE6IAaN38l3cneHNQM3g0h6SXMfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJKN1
ZZHFOap4jszWjBrhTzcEHT8wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0I4MzA3QjEyNUUxODExRUVBNkY4MTE0QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxW8wDQYJKoZIhvcNAQEL
BQADggEBADCZF2tlbLEnhLsvKFetK4uMeVebjFoZqipLDInJwAcUPeJf3XEWiz8a
cKQMTsBMr5bmjNjWAxZ943x8G2DUyBIIbuFdnYbaM/iRx7SFeB9BqTwSyDmeRCbm
PBDyz2IFMQkQo7uENjdXXuvW74ctgXkO6nfI5aDmDOVXMJsATpk3OG5bkbY/D4AL
R0+BgKS1FBvh85yWYqkDGvkwK6x9bzEDBOSmB9UtCHTq6NPnYFJvDwAGbL0aHYnZ
UR0ek8yHjDxOma9vg4uCjjcvee4lUZtr45gEGa6Q4oY79eqLszWPZXGrtQxVQktA
hJyWcBNJ2fy/HoIWJBsYpL/xnwfo0so=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:02 2024 by rpki-client on console-ams.rpki-client.org