Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3176662FE1711EE891D2B58017001B1.roa
File:                     D3176662FE1711EE891D2B58017001B1.roa (raw, json)
Hash identifier:          qp96+muJaLB8e13Pkb7ZxxcesMhy8RNkgAEgepLLQVM=
Subject key identifier:   82:16:FD:23:5E:23:AC:BD:0B:7B:E8:5F:CF:04:73:87:8E:8A:02:44
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       AE3E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3176662FE1711EE891D2B58017001B1.roa
Signing time:             Fri 19 Apr 2024 06:41:17 +0000
ROA not before:           Fri 19 Apr 2024 06:41:14 +0000
ROA not after:            Sat 04 Jan 2025 06:41:14 +0000
asID:                     211392
IP address blocks:        154.83.30.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44606 (0xae3e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Apr 19 06:41:14 2024 GMT
            Not After : Jan  4 06:41:14 2025 GMT
        Subject: CN=6622120d-3590
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a6:e5:07:cf:2d:81:19:b6:b1:a5:08:19:ed:
                    91:af:79:f4:83:39:84:84:89:15:9b:39:72:83:8a:
                    a0:fb:fb:f1:d0:9d:dc:a2:3f:14:e9:44:40:50:bd:
                    91:5d:4c:a0:38:85:74:ee:9d:c1:bf:0b:4d:7e:8b:
                    e8:03:98:c7:da:94:59:6b:0f:93:4e:e1:9f:f1:4e:
                    d1:c2:6a:33:2c:ae:0a:ad:1c:84:84:b6:9f:4f:66:
                    97:99:65:db:0b:3f:5b:0a:03:fb:d9:2e:45:62:c6:
                    0a:63:cd:da:fb:f3:d8:d3:32:20:a7:5c:63:49:bf:
                    3a:61:28:e3:04:79:23:d6:33:33:fa:bc:a5:11:47:
                    63:8a:fc:d0:13:05:0a:a8:f3:e1:dc:62:88:92:4c:
                    bd:9c:be:94:6c:a9:11:47:5d:9d:93:96:e7:0c:f5:
                    29:fe:c2:d4:d2:83:d6:89:fa:73:14:25:54:e9:4a:
                    98:c5:2e:49:6f:b5:51:f3:40:c8:15:fa:8c:97:88:
                    3b:d6:0f:25:c7:98:9c:1b:13:32:d5:12:08:42:3e:
                    4b:f7:99:bc:ed:7e:c2:5e:ae:f9:4e:c6:f3:ca:8f:
                    d8:4b:24:e6:7d:74:15:20:e3:c4:6e:14:33:74:91:
                    02:08:d8:91:c1:f6:05:75:83:7e:f9:6f:84:d8:36:
                    83:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:16:FD:23:5E:23:AC:BD:0B:7B:E8:5F:CF:04:73:87:8E:8A:02:44
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3176662FE1711EE891D2B58017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.83.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:ab:fc:23:d2:68:79:80:e6:a8:71:55:92:e5:a2:cc:74:79:
         86:dd:29:46:1d:d6:25:13:ce:0a:3c:52:b2:a8:8e:f7:df:57:
         bc:70:fa:33:5a:9b:7d:88:c9:db:57:de:52:73:c5:a3:82:a5:
         38:1e:d6:68:d2:8d:2c:ea:ee:f8:f1:22:6a:c8:36:46:d2:32:
         51:62:7c:5e:0a:4f:b0:54:2f:c1:07:5c:5f:9b:18:1b:31:49:
         ef:18:04:1e:75:6d:c2:95:da:2b:5e:21:ee:4a:d2:74:1c:32:
         d5:69:a0:89:dc:70:3d:2d:ba:20:a4:eb:e9:41:93:a1:36:0e:
         0b:a4:33:3e:4a:71:df:fd:c3:5e:9b:02:f5:91:a4:4d:6b:ea:
         09:f6:42:81:d1:87:c1:d8:d5:89:24:3f:02:83:7a:23:4e:19:
         9b:21:26:ba:c7:79:99:49:99:bb:fb:df:e9:9d:1d:88:7b:fc:
         43:41:40:17:6a:e7:77:e3:5e:66:bb:12:ef:01:40:06:63:e8:
         39:4b:f0:44:10:78:2b:b7:97:54:84:e6:46:f8:83:c2:fd:a7:
         4b:cd:d1:f8:d1:30:bf:22:29:3e:24:4a:4e:9e:8e:1a:5d:fa:
         fe:a9:9d:6f:46:6d:ca:26:38:fd:7d:b9:32:af:e2:35:a3:e7:
         61:09:47:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK4+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE5MDY0MTE0WhcNMjUwMTA0MDY0MTE0WjAYMRYw
FAYDVQQDEw02NjIyMTIwZC0zNTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsablB88tgRm2saUIGe2Rr3n0gzmEhIkVmzlyg4qg+/vx0J3coj8U6URA
UL2RXUygOIV07p3BvwtNfovoA5jH2pRZaw+TTuGf8U7RwmozLK4KrRyEhLafT2aX
mWXbCz9bCgP72S5FYsYKY83a+/PY0zIgp1xjSb86YSjjBHkj1jMz+rylEUdjivzQ
EwUKqPPh3GKIkky9nL6UbKkRR12dk5bnDPUp/sLU0oPWifpzFCVU6UqYxS5Jb7VR
80DIFfqMl4g71g8lx5icGxMy1RIIQj5L95m87X7CXq75Tsbzyo/YSyTmfXQVIOPE
bhQzdJECCNiRwfYFdYN++W+E2DaDJQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIIW
/SNeI6y9C3voX88Ec4eOigJEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzE3NjY2MkZFMTcxMUVFODkxRDJCNTgwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlMeMA0GCSqGSIb3DQEB
CwUAA4IBAQCoq/wj0mh5gOaocVWS5aLMdHmG3SlGHdYlE84KPFKyqI7331e8cPoz
Wpt9iMnbV95Sc8WjgqU4HtZo0o0s6u748SJqyDZG0jJRYnxeCk+wVC/BB1xfmxgb
MUnvGAQedW3CldorXiHuStJ0HDLVaaCJ3HA9LbogpOvpQZOhNg4LpDM+SnHf/cNe
mwL1kaRNa+oJ9kKB0YfB2NWJJD8Cg3ojThmbISa6x3mZSZm7+9/pnR2Ie/xDQUAX
aud3415muxLvAUAGY+g5S/BEEHgrt5dUhOZG+IPC/adLzdH40TC/Iik+JEpOno4a
Xfr+qZ1vRm3KJjj9fbkyr+I1o+dhCUc2
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:28 2024 by rpki-client on console-ams.rpki-client.org