Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA6A005887C711EFBB87A9BE762E951A.roa
File:                     CA6A005887C711EFBB87A9BE762E951A.roa (raw, json)
Hash identifier:          JWjZ0Aa5fJvPbeFf84JvJBVq4Oeo600DewAbG9Mftic=
Subject key identifier:   28:F5:DA:6A:96:03:EE:B0:60:EC:F7:0C:BF:5D:72:AB:FF:AA:BC:6C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       FD72
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA6A005887C711EFBB87A9BE762E951A.roa
Signing time:             Fri 11 Oct 2024 11:56:04 +0000
ROA not before:           Fri 11 Oct 2024 11:55:43 +0000
ROA not after:            Sun 12 Oct 2025 11:55:43 +0000
asID:                     136907
IP address blocks:        154.83.0.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64882 (0xfd72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Oct 11 11:55:43 2024 GMT
            Not After : Oct 12 11:55:43 2025 GMT
        Subject: CN=67091254-87b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:51:fa:b3:3b:24:0b:bf:b5:16:ca:e0:81:a2:
                    b5:02:1c:d1:89:84:c2:3a:b8:de:8a:3a:c6:4e:e1:
                    a9:3d:50:88:4f:df:73:4e:da:f4:7a:a4:8a:76:ab:
                    3d:c1:e1:7b:b9:f1:1d:c5:58:da:05:a8:65:c8:52:
                    36:02:dc:87:2c:b6:22:95:35:a5:f7:20:ec:b7:4e:
                    37:cf:65:d9:67:fa:ee:e9:2b:af:5d:ae:f6:ff:d3:
                    bd:e3:47:a7:e2:51:70:3d:5a:c4:75:cc:cb:49:0b:
                    07:9c:89:84:b5:46:26:5e:4a:07:3c:1c:d7:df:e3:
                    82:51:3a:10:f1:84:58:2c:9f:56:cf:ca:eb:9c:66:
                    5d:ce:36:3e:45:22:62:dd:15:ea:ba:e2:11:2a:07:
                    4f:e9:25:ba:94:6e:46:aa:5f:a4:9d:28:de:3d:bb:
                    cc:d2:ac:06:c3:01:49:16:dc:6f:fc:e7:cf:1a:31:
                    07:2f:2a:02:f3:53:b5:1d:a4:37:7a:90:19:40:ab:
                    a6:b0:7e:b1:9e:fb:83:ef:ff:6d:04:c1:d0:75:cd:
                    19:3d:5b:f8:73:6e:6a:e5:fd:2d:de:97:fe:36:cf:
                    87:0a:6a:59:34:db:22:9c:e9:8a:fe:d6:35:03:2e:
                    0f:d3:50:55:c9:3a:cd:60:d7:ad:86:bf:65:b2:be:
                    0c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:F5:DA:6A:96:03:EE:B0:60:EC:F7:0C:BF:5D:72:AB:FF:AA:BC:6C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA6A005887C711EFBB87A9BE762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.83.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1d:c3:d1:19:8b:fb:56:9e:a8:c4:37:c5:7a:20:0c:9f:3e:17:
         00:c1:80:e3:17:90:88:d8:3e:f8:5f:10:b4:df:b9:00:18:fc:
         d2:7d:16:30:24:4a:14:39:68:ec:0c:5f:9a:47:36:a7:da:4f:
         45:4f:37:f0:ec:e8:d9:e5:f7:36:36:9d:31:07:b8:85:76:67:
         38:ff:a0:73:03:39:48:38:7e:a2:ff:e3:bd:bc:71:24:71:d7:
         bf:a1:1b:6b:4f:8a:19:65:ba:29:47:fe:18:19:88:af:23:80:
         32:01:44:ab:8c:1f:29:bc:a1:79:c6:f1:e2:e5:dd:08:fc:10:
         14:52:c6:fb:84:7f:c1:24:30:9e:7b:61:e0:b4:fe:16:e5:9c:
         19:32:b6:fe:eb:94:d1:4c:78:f3:e5:58:06:f9:eb:23:0d:df:
         b0:93:c9:08:15:7e:7e:1d:d3:18:be:0a:fe:3a:29:8e:06:61:
         bd:54:19:9e:e7:4c:65:e2:08:d4:26:09:c1:d1:2c:69:73:7a:
         bb:74:74:8f:88:26:de:82:f4:e3:aa:ad:a1:6a:e3:2d:86:da:
         85:29:5c:2a:95:b7:8f:ae:da:68:a0:3f:3f:e2:d2:6b:2f:32:
         39:f2:9c:b3:bf:74:7b:42:af:84:7e:61:c6:97:cb:dc:13:e8:
         2e:56:35:10
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAP1yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDExMTE1NTQzWhcNMjUxMDEyMTE1NTQzWjAYMRYw
FAYDVQQDEw02NzA5MTI1NC04N2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA11H6szskC7+1FsrggaK1AhzRiYTCOrjeijrGTuGpPVCIT99zTtr0eqSK
dqs9weF7ufEdxVjaBahlyFI2AtyHLLYilTWl9yDst043z2XZZ/ru6SuvXa72/9O9
40en4lFwPVrEdczLSQsHnImEtUYmXkoHPBzX3+OCUToQ8YRYLJ9Wz8rrnGZdzjY+
RSJi3RXquuIRKgdP6SW6lG5Gql+knSjePbvM0qwGwwFJFtxv/OfPGjEHLyoC81O1
HaQ3epAZQKumsH6xnvuD7/9tBMHQdc0ZPVv4c25q5f0t3pf+Ns+HCmpZNNsinOmK
/tY1Ay4P01BVyTrNYNethr9lsr4MIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCj1
2mqWA+6wYOz3DL9dcqv/qrxsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQTZBMDA1ODg3QzcxMUVGQkI4N0E5QkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlMAMA0GCSqGSIb3DQEB
CwUAA4IBAQAdw9EZi/tWnqjEN8V6IAyfPhcAwYDjF5CI2D74XxC037kAGPzSfRYw
JEoUOWjsDF+aRzan2k9FTzfw7OjZ5fc2Np0xB7iFdmc4/6BzAzlIOH6i/+O9vHEk
cde/oRtrT4oZZbopR/4YGYivI4AyAUSrjB8pvKF5xvHi5d0I/BAUUsb7hH/BJDCe
e2HgtP4W5ZwZMrb+65TRTHjz5VgG+esjDd+wk8kIFX5+HdMYvgr+OimOBmG9VBme
50xl4gjUJgnB0Sxpc3q7dHSPiCbegvTjqq2hauMthtqFKVwqlbePrtpooD8/4tJr
LzI58pyzv3R7Qq+EfmHGl8vcE+guVjUQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:27 2024 by rpki-client on console-ams.rpki-client.org