Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BAF7151CB0FD11EEBB2DF65A775412E6.roa
File:                     BAF7151CB0FD11EEBB2DF65A775412E6.roa (raw, json)
Hash identifier:          5e4AYh0FlzkYYhJ6elAaNPiGD5p835dM2BUR82t0gZo=
Subject key identifier:   01:DE:1B:7A:E0:40:F2:FD:78:14:C0:73:FC:64:F9:10:92:B5:5B:2E
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7477
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BAF7151CB0FD11EEBB2DF65A775412E6.roa
Signing time:             Fri 12 Jan 2024 03:50:31 +0000
ROA not before:           Fri 12 Jan 2024 03:50:27 +0000
ROA not after:            Fri 13 Dec 2024 03:50:27 +0000
asID:                     140224
IP address blocks:        154.205.197.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29815 (0x7477)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 12 03:50:27 2024 GMT
            Not After : Dec 13 03:50:27 2024 GMT
        Subject: CN=65a0b706-88ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a2:55:b0:e8:ed:45:dd:31:09:6b:1a:22:e1:
                    41:40:79:47:2a:d6:06:d7:38:e3:9c:3a:fc:ec:97:
                    8d:bd:a5:c2:bf:9e:8a:32:59:f5:7e:3d:b8:23:2a:
                    09:71:83:6c:43:c5:1c:15:03:62:75:95:27:ef:1b:
                    13:4e:00:8d:e3:27:a9:b4:4c:c2:97:a6:83:c0:da:
                    f9:20:eb:09:d5:88:6c:bb:dd:9d:c1:05:db:1c:d0:
                    c3:a3:64:96:7f:27:da:6a:22:55:18:6c:11:97:ac:
                    cd:d3:ab:bc:ae:ee:c2:7d:1b:4e:40:e3:39:44:ad:
                    53:21:7a:e6:32:17:f4:73:f4:ab:61:ff:15:23:93:
                    e9:cf:88:d4:6d:ea:5a:b6:cf:63:f9:6b:d0:cf:3d:
                    f0:11:10:86:70:c0:5e:88:2a:c2:84:62:20:61:6e:
                    e1:4f:2f:4d:9a:5c:23:99:05:85:a3:f0:72:e0:fb:
                    2a:bd:25:03:fe:2b:85:0b:ce:a4:91:33:d2:60:06:
                    32:49:71:9e:91:67:53:8e:de:af:21:80:1a:3e:7c:
                    12:7f:6f:4f:39:7f:cd:59:a2:dc:4c:6b:0b:81:b8:
                    13:85:ba:9a:f8:7d:bb:be:f4:b4:68:07:4d:5c:b2:
                    33:87:8b:b1:a4:c6:2b:27:ae:e5:a5:b7:14:a3:b2:
                    a9:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:DE:1B:7A:E0:40:F2:FD:78:14:C0:73:FC:64:F9:10:92:B5:5B:2E
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BAF7151CB0FD11EEBB2DF65A775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:ce:06:08:37:09:44:72:1d:36:1a:f7:dc:16:4d:31:01:62:
         f4:4b:0f:32:6b:3e:f5:52:92:9f:a5:fd:40:d5:85:38:a5:86:
         24:cf:da:69:9d:ee:dc:fa:16:fc:ae:70:02:82:84:d4:15:e8:
         47:e7:fd:7a:26:03:c0:48:e5:4f:20:9f:f6:d0:b5:41:70:73:
         0f:4c:ec:3b:14:4a:1a:2d:b6:0a:db:af:64:00:d8:a8:5e:b9:
         4a:82:3a:ff:86:fb:de:1a:ae:12:e2:00:29:24:2d:cd:41:bf:
         2f:38:9a:39:9a:3b:d6:93:64:ff:95:38:94:38:b8:e5:8f:28:
         00:58:a6:8d:91:65:b4:81:87:1c:d3:14:a5:64:68:ec:ae:8a:
         b4:3f:36:ab:db:9e:53:73:b9:21:e3:b5:ea:a8:3d:12:43:6f:
         c7:99:4a:36:a0:16:70:f9:18:24:d8:61:29:b3:b6:6d:62:03:
         b3:60:74:e2:f4:29:24:4a:0d:b2:41:35:27:54:34:ec:ae:c9:
         4c:84:fc:0b:86:4d:83:e8:a0:63:05:2a:45:3e:a9:86:fc:b2:
         29:ff:9d:df:5f:16:56:60:a4:92:88:24:f9:ee:83:4f:c6:35:
         7d:90:d3:83:84:1d:1a:9d:f8:b8:ab:21:e6:67:b3:ea:c7:86:
         9b:35:45:ba
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdHcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTIwMzUwMjdaFw0yNDEyMTMwMzUwMjdaMBgxFjAU
BgNVBAMTDTY1YTBiNzA2LTg4YmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCwolWw6O1F3TEJaxoi4UFAeUcq1gbXOOOcOvzsl429pcK/nooyWfV+Pbgj
Kglxg2xDxRwVA2J1lSfvGxNOAI3jJ6m0TMKXpoPA2vkg6wnViGy73Z3BBdsc0MOj
ZJZ/J9pqIlUYbBGXrM3Tq7yu7sJ9G05A4zlErVMheuYyF/Rz9Kth/xUjk+nPiNRt
6lq2z2P5a9DPPfAREIZwwF6IKsKEYiBhbuFPL02aXCOZBYWj8HLg+yq9JQP+K4UL
zqSRM9JgBjJJcZ6RZ1OO3q8hgBo+fBJ/b085f81ZotxMawuBuBOFupr4fbu+9LRo
B01csjOHi7GkxisnruWltxSjsqnRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUAd4b
euBA8v14FMBz/GT5EJK1Wy4wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0JBRjcxNTFDQjBGRDExRUVCQjJERjY1QTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazcUwDQYJKoZIhvcNAQEL
BQADggEBAL7OBgg3CURyHTYa99wWTTEBYvRLDzJrPvVSkp+l/UDVhTilhiTP2mmd
7tz6FvyucAKChNQV6Efn/XomA8BI5U8gn/bQtUFwcw9M7DsUShottgrbr2QA2Khe
uUqCOv+G+94arhLiACkkLc1Bvy84mjmaO9aTZP+VOJQ4uOWPKABYpo2RZbSBhxzT
FKVkaOyuirQ/NqvbnlNzuSHjteqoPRJDb8eZSjagFnD5GCTYYSmztm1iA7NgdOL0
KSRKDbJBNSdUNOyuyUyE/AuGTYPooGMFKkU+qYb8sin/nd9fFlZgpJKIJPnug0/G
NX2Q04OEHRqd+LirIeZns+rHhps1Rbo=
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:04:31 2024 by rpki-client on console-ams.rpki-client.org