Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CBF264C0B10211EE8730FB63775412E6.roa
File:                     CBF264C0B10211EE8730FB63775412E6.roa (raw, json)
Hash identifier:          eB4GgdmTUgBe9oNNumvOndMPBOCViRqgIKMB7McnKZE=
Subject key identifier:   CB:B7:E8:8B:0D:89:21:34:FE:9F:39:85:EE:83:4C:4F:B5:A6:9D:70
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       74A5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CBF264C0B10211EE8730FB63775412E6.roa
Signing time:             Fri 12 Jan 2024 04:26:46 +0000
ROA not before:           Fri 12 Jan 2024 04:26:43 +0000
ROA not after:            Fri 13 Dec 2024 04:26:43 +0000
asID:                     140224
IP address blocks:        154.205.223.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29861 (0x74a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 12 04:26:43 2024 GMT
            Not After : Dec 13 04:26:43 2024 GMT
        Subject: CN=65a0bf86-4962
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:83:de:a6:a5:5c:1b:42:ea:62:be:6c:c9:d7:
                    4f:c2:6c:5c:7a:a9:14:8c:ed:21:5a:fd:a5:9b:29:
                    8f:4d:2c:82:4d:73:86:2c:73:c6:d2:75:c3:39:bc:
                    c4:93:2b:5c:25:bd:94:34:98:84:dc:b8:93:9e:90:
                    f5:ab:30:e9:2e:7e:ce:f1:07:4b:f7:e3:82:ac:84:
                    5d:b8:d8:32:1c:d8:91:70:aa:6d:f1:91:44:48:83:
                    0d:57:55:86:18:9a:62:d9:98:d4:50:e7:e2:28:75:
                    86:17:62:39:6d:33:34:d7:bd:4a:86:63:90:e5:db:
                    ba:aa:1f:30:c1:bc:e8:cb:45:95:3f:34:b0:c2:87:
                    fa:56:a5:25:46:29:66:51:44:00:2c:bb:b3:96:90:
                    0b:be:84:7c:6c:1b:cd:65:be:ce:7a:2e:a3:b0:40:
                    0e:58:ab:49:9f:68:67:8e:51:e0:1c:31:e9:94:49:
                    2e:7b:29:da:d3:65:7d:14:b6:bd:72:f6:e6:5a:f9:
                    60:85:91:3d:81:e0:80:14:11:05:ac:93:3f:b8:23:
                    2f:56:a8:cd:ca:a6:9f:a1:c0:5a:28:b4:ea:db:df:
                    14:fa:0f:5a:78:d9:fe:f6:a9:8c:86:89:3d:78:49:
                    c7:00:6b:57:2d:da:8d:74:a3:8f:c6:09:d6:fb:27:
                    2d:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:B7:E8:8B:0D:89:21:34:FE:9F:39:85:EE:83:4C:4F:B5:A6:9D:70
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CBF264C0B10211EE8730FB63775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:5b:44:be:7d:f1:03:60:71:d5:d3:97:2b:f7:65:15:e8:61:
         6f:3f:87:b3:9d:2d:31:37:4b:15:af:2b:99:04:d9:38:f0:77:
         3e:40:aa:5d:f1:22:5d:30:59:99:d9:f0:b9:f4:41:92:aa:cb:
         f0:d3:ec:8e:0b:d5:65:7c:34:9c:04:df:b0:38:a5:40:2a:e2:
         cd:5a:ca:1e:76:35:1e:db:f1:27:5d:ab:44:af:21:0a:a8:1e:
         bc:64:ef:67:47:13:18:93:89:a0:a6:03:55:a6:25:3d:c1:84:
         f4:c6:1f:06:08:be:c3:be:a3:9f:d3:b0:12:f8:6a:78:16:67:
         39:a6:02:87:a7:4c:81:7b:a3:66:c4:23:68:c5:f6:80:c6:e6:
         94:64:f2:3f:e8:69:d8:f9:cb:4a:e1:82:cf:5f:06:a2:fd:95:
         3d:ed:66:0b:1e:59:df:ef:93:26:24:b9:ae:06:28:3e:13:45:
         b5:e3:95:b9:15:e5:f9:0e:77:12:f0:83:a0:3a:f7:29:f3:49:
         5f:7e:f2:59:2d:ce:b9:6d:45:af:8b:86:35:ae:d0:32:a8:35:
         46:d8:3c:9b:12:12:56:57:54:89:3b:cf:ff:bd:13:1c:bb:02:
         14:82:53:9b:86:d1:ca:2c:38:92:26:7b:ec:ef:46:bc:b2:52:
         5a:df:2b:9e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdKUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTIwNDI2NDNaFw0yNDEyMTMwNDI2NDNaMBgxFjAU
BgNVBAMTDTY1YTBiZjg2LTQ5NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjg96mpVwbQupivmzJ10/CbFx6qRSM7SFa/aWbKY9NLIJNc4Ysc8bSdcM5
vMSTK1wlvZQ0mITcuJOekPWrMOkufs7xB0v344KshF242DIc2JFwqm3xkURIgw1X
VYYYmmLZmNRQ5+IodYYXYjltMzTXvUqGY5Dl27qqHzDBvOjLRZU/NLDCh/pWpSVG
KWZRRAAsu7OWkAu+hHxsG81lvs56LqOwQA5Yq0mfaGeOUeAcMemUSS57KdrTZX0U
tr1y9uZa+WCFkT2B4IAUEQWskz+4Iy9WqM3Kpp+hwFootOrb3xT6D1p42f72qYyG
iT14SccAa1ct2o10o4/GCdb7Jy0hAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUy7fo
iw2JITT+nzmF7oNMT7WmnXAwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0NCRjI2NEMwQjEwMjExRUU4NzMwRkI2Mzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazd8wDQYJKoZIhvcNAQEL
BQADggEBAIpbRL598QNgcdXTlyv3ZRXoYW8/h7OdLTE3SxWvK5kE2Tjwdz5Aql3x
Il0wWZnZ8Ln0QZKqy/DT7I4L1WV8NJwE37A4pUAq4s1ayh52NR7b8Sddq0SvIQqo
Hrxk72dHExiTiaCmA1WmJT3BhPTGHwYIvsO+o5/TsBL4angWZzmmAoenTIF7o2bE
I2jF9oDG5pRk8j/oadj5y0rhgs9fBqL9lT3tZgseWd/vkyYkua4GKD4TRbXjlbkV
5fkOdxLwg6A69ynzSV9+8lktzrltRa+LhjWu0DKoNUbYPJsSElZXVIk7z/+9Exy7
AhSCU5uG0cosOJIme+zvRryyUlrfK54=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:27 2024 by rpki-client on console-ams.rpki-client.org