Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C518C710B09A11EEBCF7B89A775412E6.roa
File:                     C518C710B09A11EEBCF7B89A775412E6.roa (raw, json)
Hash identifier:          ZWJFntLYcG9UEmZ7A/0bdM3QRGFBOk4D/MUBsjUgTAc=
Subject key identifier:   F4:94:28:7C:EB:DB:99:9A:F2:A3:08:14:E1:AB:DE:AC:F3:2E:49:D7
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7420
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C518C710B09A11EEBCF7B89A775412E6.roa
Signing time:             Thu 11 Jan 2024 16:02:07 +0000
ROA not before:           Thu 11 Jan 2024 16:02:04 +0000
ROA not after:            Sun 22 Dec 2024 16:02:04 +0000
asID:                     137184
IP address blocks:        154.198.4.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29728 (0x7420)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 11 16:02:04 2024 GMT
            Not After : Dec 22 16:02:04 2024 GMT
        Subject: CN=65a010ff-c6be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:02:5d:b7:52:79:75:30:0a:d4:f9:b0:21:6b:
                    88:70:45:5b:c9:e8:4b:14:94:4a:82:9c:ed:3f:82:
                    f7:e3:17:86:e0:51:01:6c:f3:37:9e:4b:6a:3a:d6:
                    09:96:1c:af:90:ac:f9:44:0f:ad:ea:a4:00:e8:38:
                    7e:82:06:2c:5b:1f:e5:67:64:3a:7a:85:1d:2f:cd:
                    fe:dc:3f:fb:c1:15:d4:99:6f:fb:25:a1:4c:2b:7d:
                    a2:86:2f:a1:74:0a:26:05:5c:92:de:f3:43:00:ae:
                    23:0e:d8:19:52:1b:12:3c:56:46:b1:94:62:4c:87:
                    dd:6d:58:db:61:bd:a6:65:74:38:00:ee:15:da:8b:
                    96:08:c7:d7:6c:03:fa:d9:76:72:d7:1b:50:ea:08:
                    35:88:82:30:ea:0d:65:5e:cb:81:ac:56:3b:0a:da:
                    dc:c1:fb:74:85:31:01:4c:64:36:29:6b:9a:28:67:
                    01:12:86:86:c1:a5:ca:24:85:d1:e6:ba:e7:bc:41:
                    9f:eb:92:30:42:c0:49:90:7c:a3:7d:21:7f:d8:1d:
                    84:a5:f7:60:10:97:ab:05:43:7e:6f:16:0c:59:1e:
                    9a:c6:90:e8:fc:d6:c2:44:78:b9:af:d2:38:38:67:
                    bf:ff:71:d5:59:4a:fa:cb:bd:8f:83:21:7f:4b:e0:
                    71:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:94:28:7C:EB:DB:99:9A:F2:A3:08:14:E1:AB:DE:AC:F3:2E:49:D7
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C518C710B09A11EEBCF7B89A775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.198.4.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:6d:4e:33:41:40:fa:65:93:c4:f8:13:74:41:2b:5b:23:c9:
         58:f4:11:37:72:c9:38:cb:e7:e1:48:8f:48:7c:a5:53:50:45:
         af:bc:27:78:37:11:7a:2a:b6:71:63:58:ae:92:67:6a:af:4e:
         a5:23:a1:e8:99:4c:0b:1b:94:d9:2a:e0:25:73:76:e5:be:ad:
         82:c0:b4:ee:86:1a:a6:2d:9a:2b:28:2e:c6:d7:d6:b9:78:4f:
         60:63:59:10:70:64:17:9e:1a:18:64:65:a9:35:4f:42:9c:99:
         ba:e9:6f:d9:d2:76:5e:d5:e3:23:c5:61:af:29:6b:bb:b2:96:
         66:22:c9:33:2e:75:8e:e4:eb:bd:fe:5e:2f:6e:5a:e1:ee:e5:
         5a:3b:6e:bb:e8:da:bb:fa:71:4b:9d:f5:3d:99:00:fd:d5:20:
         08:42:74:0c:a5:a6:f4:a4:f7:0e:62:7a:22:69:3f:b1:88:d9:
         b2:b3:3c:a7:cf:8d:cc:43:3e:95:39:44:1c:a3:67:24:54:1f:
         49:0a:e7:7d:c2:80:6f:01:26:fe:5f:e1:ca:4f:32:70:2a:01:
         fe:55:44:43:da:e2:3c:68:bd:93:34:65:8e:91:6e:e7:4f:c4:
         3b:9e:1a:27:a7:a2:ae:b6:29:69:44:5a:88:2f:8f:56:6c:b1:
         72:a1:7f:26
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdCAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTExNjAyMDRaFw0yNDEyMjIxNjAyMDRaMBgxFjAU
BgNVBAMTDTY1YTAxMGZmLWM2YmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0Al23Unl1MArU+bAha4hwRVvJ6EsUlEqCnO0/gvfjF4bgUQFs8zeeS2o6
1gmWHK+QrPlED63qpADoOH6CBixbH+VnZDp6hR0vzf7cP/vBFdSZb/sloUwrfaKG
L6F0CiYFXJLe80MAriMO2BlSGxI8VkaxlGJMh91tWNthvaZldDgA7hXai5YIx9ds
A/rZdnLXG1DqCDWIgjDqDWVey4GsVjsK2tzB+3SFMQFMZDYpa5ooZwEShobBpcok
hdHmuue8QZ/rkjBCwEmQfKN9IX/YHYSl92AQl6sFQ35vFgxZHprGkOj81sJEeLmv
0jg4Z7//cdVZSvrLvY+DIX9L4HFVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9JQo
fOvbmZryowgU4averPMuSdcwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0M1MThDNzEwQjA5QTExRUVCQ0Y3Qjg5QTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaxgQwDQYJKoZIhvcNAQEL
BQADggEBAE1tTjNBQPplk8T4E3RBK1sjyVj0ETdyyTjL5+FIj0h8pVNQRa+8J3g3
EXoqtnFjWK6SZ2qvTqUjoeiZTAsblNkq4CVzduW+rYLAtO6GGqYtmisoLsbX1rl4
T2BjWRBwZBeeGhhkZak1T0Kcmbrpb9nSdl7V4yPFYa8pa7uylmYiyTMudY7k673+
Xi9uWuHu5Vo7brvo2rv6cUud9T2ZAP3VIAhCdAylpvSk9w5ieiJpP7GI2bKzPKfP
jcxDPpU5RByjZyRUH0kK533CgG8BJv5f4cpPMnAqAf5VREPa4jxovZM0ZY6RbudP
xDueGienoq62KWlEWogvj1ZssXKhfyY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:26 2024 by rpki-client on console-ams.rpki-client.org