Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C865F9A4AE1C11EEA792F39C775412E6.roa
File:                     C865F9A4AE1C11EEA792F39C775412E6.roa (raw, json)
Hash identifier:          crm41cjB/bS3DUKzVZjJTooCGTGcyP0hb8G6cyaIZbE=
Subject key identifier:   FC:5A:5C:D1:19:46:2D:B5:16:C9:81:55:8A:8B:CD:DB:CB:A6:9A:2D
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       72B4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C865F9A4AE1C11EEA792F39C775412E6.roa
Signing time:             Mon 08 Jan 2024 11:55:14 +0000
ROA not before:           Mon 08 Jan 2024 11:55:11 +0000
ROA not after:            Tue 14 Jan 2025 11:55:11 +0000
asID:                     138965
IP address blocks:        154.223.9.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29364 (0x72b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan  8 11:55:11 2024 GMT
            Not After : Jan 14 11:55:11 2025 GMT
        Subject: CN=659be2a2-f081
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ad:68:7d:bb:ba:2c:30:ef:e1:30:6c:b6:68:
                    77:51:24:6e:24:6e:d3:b3:b8:96:f5:87:7f:1e:fd:
                    7e:42:ca:95:7d:79:b4:e5:36:6e:ab:40:39:b1:70:
                    5a:f5:44:02:94:ee:53:d9:6f:a2:90:7c:ee:e1:c3:
                    b6:2b:05:99:f4:13:76:55:8b:a8:1e:68:2a:fa:ea:
                    c5:2e:b7:70:b8:28:77:19:13:6c:60:4b:da:7b:7a:
                    75:21:f5:4a:17:d4:15:bc:e9:af:ad:ba:6f:e7:53:
                    db:ac:aa:a4:e6:4e:14:b8:60:35:90:1a:81:4b:b4:
                    6f:d2:d6:0b:36:88:c7:3f:a7:91:b7:da:09:e9:08:
                    72:77:4d:8a:43:e7:ee:2a:45:38:24:0a:09:b6:5a:
                    1b:5c:21:4a:3c:97:e0:73:61:cb:aa:c8:55:2c:a7:
                    74:db:38:8b:e6:42:32:05:e1:28:11:2e:f0:16:19:
                    14:a8:bd:ec:f0:cc:bb:09:21:65:b2:08:5c:16:b4:
                    de:05:68:0c:f3:a0:c3:d1:99:e5:60:56:36:23:7b:
                    f5:53:e1:c9:86:a2:6d:f7:dd:cc:aa:61:d9:05:4a:
                    2a:be:61:5f:6c:1b:d5:03:eb:65:dd:e8:38:3b:aa:
                    e3:6a:61:db:3a:ac:4e:23:60:72:c8:3a:26:da:89:
                    0e:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:5A:5C:D1:19:46:2D:B5:16:C9:81:55:8A:8B:CD:DB:CB:A6:9A:2D
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C865F9A4AE1C11EEA792F39C775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.223.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:e4:b8:a3:0e:c7:85:91:e4:2b:4d:3a:10:f6:eb:26:ff:6a:
         30:47:4e:f9:6a:27:6a:54:e8:38:d1:33:98:40:c6:32:aa:45:
         51:aa:87:a9:3f:fc:43:0a:01:c1:b3:15:4c:cc:25:aa:71:7a:
         ce:e4:af:97:9c:96:43:ed:a4:81:6c:34:9a:48:21:33:1d:08:
         26:47:35:f4:85:f0:7f:10:4b:f7:bc:82:1e:b6:2e:e1:25:c9:
         45:23:09:b8:5e:7b:7b:14:95:1c:4e:0d:d5:e3:60:be:4f:9d:
         cc:5e:31:a6:34:61:b9:34:f8:ac:26:13:95:52:4a:31:5c:f6:
         07:f3:7b:e7:6c:95:a9:47:da:4d:f3:fd:86:82:22:a4:3e:8d:
         14:4f:b6:c5:36:67:cd:2c:43:9e:fa:99:78:e9:9d:95:9b:35:
         f8:b3:7e:9f:d2:7b:24:70:ac:be:09:aa:4b:b4:be:9b:2d:de:
         48:a2:63:38:e0:94:66:64:18:86:45:b4:15:4c:4a:3d:3a:85:
         87:f4:f8:b4:6b:37:71:44:6b:08:cb:c9:c1:a0:8f:c1:12:68:
         a9:7b:e1:a8:cb:ec:1d:75:41:99:6c:17:65:b9:72:2c:a3:e1:
         19:e0:f6:e1:fd:1a:cf:f3:86:e0:e0:fa:88:75:8a:09:d5:9a:
         6e:78:89:11
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICcrQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMDgxMTU1MTFaFw0yNTAxMTQxMTU1MTFaMBgxFjAU
BgNVBAMTDTY1OWJlMmEyLWYwODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPrWh9u7osMO/hMGy2aHdRJG4kbtOzuJb1h38e/X5CypV9ebTlNm6rQDmx
cFr1RAKU7lPZb6KQfO7hw7YrBZn0E3ZVi6geaCr66sUut3C4KHcZE2xgS9p7enUh
9UoX1BW86a+tum/nU9usqqTmThS4YDWQGoFLtG/S1gs2iMc/p5G32gnpCHJ3TYpD
5+4qRTgkCgm2WhtcIUo8l+BzYcuqyFUsp3TbOIvmQjIF4SgRLvAWGRSovezwzLsJ
IWWyCFwWtN4FaAzzoMPRmeVgVjYje/VT4cmGom333cyqYdkFSiq+YV9sG9UD62Xd
6Dg7quNqYds6rE4jYHLIOibaiQ4dAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU/Fpc
0RlGLbUWyYFViovN28ummi0wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0M4NjVGOUE0QUUxQzExRUVBNzkyRjM5Qzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa3wkwDQYJKoZIhvcNAQEL
BQADggEBALPkuKMOx4WR5CtNOhD26yb/ajBHTvlqJ2pU6DjRM5hAxjKqRVGqh6k/
/EMKAcGzFUzMJapxes7kr5eclkPtpIFsNJpIITMdCCZHNfSF8H8QS/e8gh62LuEl
yUUjCbhee3sUlRxODdXjYL5PncxeMaY0Ybk0+KwmE5VSSjFc9gfze+dslalH2k3z
/YaCIqQ+jRRPtsU2Z80sQ576mXjpnZWbNfizfp/SeyRwrL4Jqku0vpst3kiiYzjg
lGZkGIZFtBVMSj06hYf0+LRrN3FEawjLycGgj8ESaKl74ajL7B11QZlsF2W5ciyj
4Rng9uH9Gs/zhuDg+oh1ignVmm54iRE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:24 2024 by rpki-client on console-fra.rpki-client.org