Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC8BA006155F11EEA8BBED524AD9E6FC.roa
File:                     DC8BA006155F11EEA8BBED524AD9E6FC.roa (raw, json)
Hash identifier:          4NCUS9t3NcC+KP/krak44MSnmObojtRstvodtkalsuk=
Subject key identifier:   6D:19:A7:B2:24:BD:62:AD:EE:F0:01:8C:BE:C5:E2:D2:55:4C:1D:B3
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       2E6F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC8BA006155F11EEA8BBED524AD9E6FC.roa
Signing time:             Wed 28 Jun 2023 02:59:56 +0000
ROA not before:           Wed 28 Jun 2023 02:59:53 +0000
ROA not after:            Sun 04 Oct 2026 02:59:53 +0000
asID:                     131267
IP address blocks:        154.222.4.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11887 (0x2e6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jun 28 02:59:53 2023 GMT
            Not After : Oct  4 02:59:53 2026 GMT
        Subject: CN=649ba22c-4435
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:65:70:88:c1:b2:5b:5c:a9:4c:51:d7:70:d7:
                    a5:27:c9:85:70:ef:ac:4f:ec:67:2e:c9:a3:9e:40:
                    bb:67:96:13:79:28:b6:0d:c3:6a:9f:df:3d:5e:bf:
                    34:5c:ea:ea:0a:dd:15:a0:5e:61:ab:aa:d0:6b:d0:
                    f5:b9:e7:53:c9:22:8a:48:9b:fa:15:90:5e:53:14:
                    d2:17:a0:f9:1d:8e:3c:1b:a0:47:e1:26:8c:ca:d8:
                    60:db:83:76:1c:56:f5:07:00:f2:df:87:6c:6c:ee:
                    e6:fd:e4:c5:76:f5:e4:16:3f:4a:44:57:46:39:b8:
                    c5:b6:d9:33:ee:c6:5a:20:57:2f:71:52:df:24:7b:
                    70:45:f6:82:c6:ef:f7:ea:c1:11:bc:4f:f1:ad:1b:
                    68:e5:48:b0:75:57:1b:5c:31:aa:d1:2c:6e:04:9b:
                    98:1e:ab:f3:d0:c0:d4:c1:c7:8f:3f:94:87:5d:8d:
                    9f:76:55:44:d7:6c:7d:23:06:2a:8a:9d:1b:67:35:
                    a8:a2:5f:96:c9:93:e3:c2:be:59:c9:02:cc:d1:e0:
                    1d:5d:7b:27:b8:75:99:ac:77:63:15:77:31:9b:1f:
                    b0:d7:9e:3c:2b:19:69:c5:cc:0f:79:96:e3:d4:94:
                    0e:14:46:b2:9e:04:05:85:e9:1a:82:f6:9c:cf:15:
                    95:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:19:A7:B2:24:BD:62:AD:EE:F0:01:8C:BE:C5:E2:D2:55:4C:1D:B3
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC8BA006155F11EEA8BBED524AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.222.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:e9:80:62:88:16:d0:65:81:49:56:27:5e:cd:1d:c7:3f:03:
         b9:ef:22:ea:75:ad:4b:0e:66:6d:4a:c7:3c:0d:d5:50:9d:9e:
         d1:be:75:82:84:81:6f:9c:e4:af:39:6f:39:a6:c2:33:76:06:
         8b:c4:8b:a8:39:55:5a:61:e2:4a:5b:45:8c:a8:51:04:15:3a:
         3f:b6:48:cc:92:29:ce:2b:09:1a:b5:b4:73:ac:40:d6:fc:49:
         ed:ab:36:e4:70:fb:41:8d:80:dc:86:65:93:4c:09:1f:dc:ff:
         f8:de:92:56:dc:37:22:ec:dd:b6:cf:29:92:60:e8:0a:e2:51:
         57:1e:0a:be:fb:d5:76:ad:c5:18:f9:72:c2:f9:c2:3a:70:86:
         83:4e:04:d9:f8:38:44:bb:9c:66:32:07:b5:9e:14:9c:1b:15:
         3f:9d:1f:58:0c:0e:90:63:c7:a4:2f:03:cc:8d:7e:0a:d4:80:
         9a:b6:ef:a3:2f:88:4c:f9:21:ab:b8:a2:1f:56:a3:b1:7c:83:
         8d:e2:64:0e:33:af:23:f1:7a:65:d4:15:f2:2d:f8:4e:bc:01:
         3d:55:70:f2:58:88:54:a5:c5:2e:a8:df:0d:75:5c:51:52:52:
         92:10:aa:e8:ad:b7:49:c7:6c:34:2d:9d:da:35:8d:43:d9:f1:
         ca:52:7f:3a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICLm8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA2MjgwMjU5NTNaFw0yNjEwMDQwMjU5NTNaMBgxFjAU
BgNVBAMTDTY0OWJhMjJjLTQ0MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzZXCIwbJbXKlMUddw16UnyYVw76xP7GcuyaOeQLtnlhN5KLYNw2qf3z1e
vzRc6uoK3RWgXmGrqtBr0PW551PJIopIm/oVkF5TFNIXoPkdjjwboEfhJozK2GDb
g3YcVvUHAPLfh2xs7ub95MV29eQWP0pEV0Y5uMW22TPuxlogVy9xUt8ke3BF9oLG
7/fqwRG8T/GtG2jlSLB1VxtcMarRLG4Em5geq/PQwNTBx48/lIddjZ92VUTXbH0j
BiqKnRtnNaiiX5bJk+PCvlnJAszR4B1deye4dZmsd2MVdzGbH7DXnjwrGWnFzA95
luPUlA4URrKeBAWF6RqC9pzPFZUjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUbRmn
siS9Yq3u8AGMvsXi0lVMHbMwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0RDOEJBMDA2MTU1RjExRUVBOEJCRUQ1MjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa3gQwDQYJKoZIhvcNAQEL
BQADggEBACvpgGKIFtBlgUlWJ17NHcc/A7nvIup1rUsOZm1KxzwN1VCdntG+dYKE
gW+c5K85bzmmwjN2BovEi6g5VVph4kpbRYyoUQQVOj+2SMySKc4rCRq1tHOsQNb8
Se2rNuRw+0GNgNyGZZNMCR/c//jeklbcNyLs3bbPKZJg6AriUVceCr771XatxRj5
csL5wjpwhoNOBNn4OES7nGYyB7WeFJwbFT+dH1gMDpBjx6QvA8yNfgrUgJq276Mv
iEz5Iau4oh9Wo7F8g43iZA4zryPxemXUFfIt+E68AT1VcPJYiFSlxS6o3w11XFFS
UpIQquitt0nHbDQtndo1jUPZ8cpSfzo=
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:49 2024 by rpki-client on console-fra.rpki-client.org