Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD079740A26011EFB704B394762E951A.roa
File:                     CD079740A26011EFB704B394762E951A.roa (raw, json)
Hash identifier:          NFoeyCxu+XusAIq2bctTz2jbVuEntN6stu+xrvEKWq4=
Subject key identifier:   70:C5:EF:71:60:D1:62:D6:E3:07:55:AD:B1:0B:43:38:89:BC:9F:6C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       010CE8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD079740A26011EFB704B394762E951A.roa
Signing time:             Thu 14 Nov 2024 08:16:51 +0000
ROA not before:           Thu 14 Nov 2024 08:16:48 +0000
ROA not after:            Sun 12 Jul 2026 08:16:48 +0000
asID:                     55967
IP address blocks:        154.85.44.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 68840 (0x10ce8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Nov 14 08:16:48 2024 GMT
            Not After : Jul 12 08:16:48 2026 GMT
        Subject: CN=6735b1f3-c241
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:00:75:bf:1a:f4:67:2a:06:c3:ad:a5:4c:0d:
                    ba:56:c0:a7:77:32:0d:ff:02:24:86:e5:25:5f:78:
                    48:c0:d9:10:19:a5:9d:5a:55:7c:45:09:2b:dd:c7:
                    3a:8f:36:d3:64:9d:e0:a3:68:3d:ec:9e:18:bc:04:
                    c9:3a:5b:11:0d:a3:88:a2:87:d1:a4:95:f7:29:1f:
                    3d:a9:de:72:b2:03:80:a8:11:72:30:ee:5a:f5:fd:
                    1c:10:02:c7:c0:76:8c:31:b4:1e:79:aa:f1:9a:32:
                    8e:51:bd:d1:ec:60:f3:00:9c:da:e5:9e:c6:15:1e:
                    da:90:c0:f7:99:b5:17:b0:8b:a1:46:b6:dd:52:06:
                    51:c6:30:fe:78:7d:df:b5:12:04:1c:cb:56:25:4c:
                    96:b4:c1:3b:91:d2:b8:2d:94:c7:43:2e:58:5c:a1:
                    99:64:d0:73:8b:f7:af:9a:6a:0e:ad:76:49:ef:79:
                    df:40:d4:4e:5b:af:85:f9:67:55:4e:00:3e:61:a3:
                    05:a6:c9:bb:48:2f:52:4f:f7:9a:00:6f:4c:c5:b9:
                    72:c7:14:7a:4d:09:48:fd:01:14:b2:54:18:9e:b8:
                    0e:83:13:cc:a3:0b:e4:44:16:0f:04:90:47:e4:e3:
                    6a:9b:e4:ca:8f:66:ea:c5:95:33:62:da:32:03:3e:
                    f0:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:C5:EF:71:60:D1:62:D6:E3:07:55:AD:B1:0B:43:38:89:BC:9F:6C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD079740A26011EFB704B394762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.85.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0d:87:9a:77:bd:9c:8e:20:1a:50:ce:c3:91:6a:3e:8b:0e:2e:
         cd:a3:5a:0b:5f:39:8e:73:62:c1:f7:d5:bb:7c:f7:98:88:99:
         7c:22:89:57:25:ce:c0:f6:2e:2c:fa:2f:53:cf:10:c7:39:2f:
         ac:ec:73:2c:bf:1c:39:9a:c8:bc:a8:14:a9:c6:42:05:3f:20:
         72:49:0b:d9:4f:e4:1e:66:81:0c:e7:2a:e3:4f:e3:68:7d:ec:
         be:89:27:25:bd:85:0a:7e:5e:87:5f:58:ea:29:73:82:f3:18:
         59:2a:d5:64:e2:1a:66:dd:d6:5f:46:a9:ac:38:ff:c5:aa:fe:
         3c:9e:a3:f1:4a:f4:16:0f:c7:44:ba:3b:8f:99:de:01:5f:14:
         58:09:c1:a5:a9:04:f8:36:5f:a0:e6:f6:10:8b:11:74:72:31:
         f0:6e:2e:25:b3:47:19:60:e1:13:a1:d5:8d:a0:f6:7e:5e:4b:
         6b:9f:e1:6f:c8:4d:7d:4c:c7:fe:cc:9a:d7:c9:48:f9:fb:ed:
         ef:f1:71:58:d5:40:f7:24:64:d7:2a:53:e4:a6:91:bf:2b:4d:
         69:7c:1f:06:e8:d2:5f:42:e6:5f:c1:7c:11:6f:f4:28:4d:ea:
         11:c7:6f:86:85:6c:97:c5:91:8e:90:ed:a1:6a:00:66:3b:9f:
         fc:62:7c:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQzoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE0MDgxNjQ4WhcNMjYwNzEyMDgxNjQ4WjAYMRYw
FAYDVQQDEw02NzM1YjFmMy1jMjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2AB1vxr0ZyoGw62lTA26VsCndzIN/wIkhuUlX3hIwNkQGaWdWlV8RQkr
3cc6jzbTZJ3go2g97J4YvATJOlsRDaOIoofRpJX3KR89qd5ysgOAqBFyMO5a9f0c
EALHwHaMMbQeearxmjKOUb3R7GDzAJza5Z7GFR7akMD3mbUXsIuhRrbdUgZRxjD+
eH3ftRIEHMtWJUyWtME7kdK4LZTHQy5YXKGZZNBzi/evmmoOrXZJ73nfQNROW6+F
+WdVTgA+YaMFpsm7SC9ST/eaAG9MxblyxxR6TQlI/QEUslQYnrgOgxPMowvkRBYP
BJBH5ONqm+TKj2bqxZUzYtoyAz7wuwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHDF
73Fg0WLW4wdVrbELQziJvJ9sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDA3OTc0MEEyNjAxMUVGQjcwNEIzOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlUsMA0GCSqGSIb3DQEB
CwUAA4IBAQANh5p3vZyOIBpQzsORaj6LDi7No1oLXzmOc2LB99W7fPeYiJl8IolX
Jc7A9i4s+i9TzxDHOS+s7HMsvxw5msi8qBSpxkIFPyBySQvZT+QeZoEM5yrjT+No
fey+iSclvYUKfl6HX1jqKXOC8xhZKtVk4hpm3dZfRqmsOP/Fqv48nqPxSvQWD8dE
ujuPmd4BXxRYCcGlqQT4Nl+g5vYQixF0cjHwbi4ls0cZYOETodWNoPZ+Xktrn+Fv
yE19TMf+zJrXyUj5++3v8XFY1UD3JGTXKlPkppG/K01pfB8G6NJfQuZfwXwRb/Qo
TeoRx2+GhWyXxZGOkO2hagBmO5/8YnyM
-----END CERTIFICATE-----