Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DE680C34A30311EEAEF2481DD25BE465.roa
File:                     DE680C34A30311EEAEF2481DD25BE465.roa (raw, json)
Hash identifier:          tq+gPptWLVqXjtf8pKBF7E3tGudVUeXHusHYlHwFEpM=
Subject key identifier:   10:A3:38:1E:B5:08:9A:B2:03:B1:2B:64:7E:AB:F3:20:E3:41:18:38
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       6721
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DE680C34A30311EEAEF2481DD25BE465.roa
Signing time:             Mon 25 Dec 2023 08:59:11 +0000
ROA not before:           Mon 25 Dec 2023 08:59:07 +0000
ROA not after:            Tue 07 Jan 2025 08:59:07 +0000
asID:                     139057
IP address blocks:        154.85.75.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26401 (0x6721)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Dec 25 08:59:07 2023 GMT
            Not After : Jan  7 08:59:07 2025 GMT
        Subject: CN=6589445f-6905
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:05:50:13:02:f3:ee:78:d0:06:ea:86:e5:5e:
                    15:db:b0:ea:ff:fb:d0:e2:7b:d8:06:8c:ab:a0:b2:
                    3a:64:20:40:60:43:81:a2:a0:5d:cf:49:14:97:fe:
                    90:df:bf:0c:02:83:3e:96:24:8f:a9:c7:80:01:44:
                    77:ed:4b:a1:36:ec:41:f9:f1:6a:06:17:97:4d:2d:
                    1f:50:e9:d8:e1:20:0e:c3:f0:d6:1d:ad:9d:cd:c2:
                    a7:70:92:04:39:8c:c4:c6:b6:a3:3d:70:1b:bf:9e:
                    4c:fe:93:0d:e9:1a:c3:52:e2:9d:81:a5:b9:e5:3d:
                    1a:d0:13:5f:69:ee:96:97:bc:20:05:26:42:29:03:
                    71:ef:4e:1c:b9:01:11:6a:b9:e2:0e:9b:8c:07:6e:
                    0d:1e:97:8f:d0:ec:c8:42:83:24:46:2d:54:3f:ce:
                    ac:e0:c5:50:94:f5:3e:12:fd:2a:8b:1a:32:dd:04:
                    fd:5a:4b:ae:11:8c:ed:01:62:8a:18:4e:57:3e:05:
                    3c:ed:2f:dd:18:19:4d:b3:a4:b0:1d:4f:64:f1:84:
                    37:38:c2:77:66:ce:f6:7d:48:ff:a8:ab:39:55:3d:
                    1a:ae:61:83:dd:e5:4a:3f:15:18:4a:84:45:b9:ac:
                    c1:67:86:58:9e:1c:61:76:8b:bd:10:98:a4:57:c1:
                    ed:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:A3:38:1E:B5:08:9A:B2:03:B1:2B:64:7E:AB:F3:20:E3:41:18:38
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DE680C34A30311EEAEF2481DD25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.85.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:d3:dd:35:03:cb:d2:94:db:6f:61:88:2e:5b:23:03:b1:f7:
         9a:92:c0:1e:09:bf:6f:c1:79:68:cf:d0:5b:54:0b:af:01:6c:
         c2:cd:dc:54:71:29:b0:4f:07:7a:cf:24:bb:92:fe:ad:67:30:
         cf:85:1d:eb:a2:94:16:a3:35:74:51:1f:07:57:19:ad:49:b8:
         01:b5:2e:e3:45:72:ca:31:6a:ed:90:a3:b2:4c:b4:4e:30:6b:
         46:4f:f2:14:4c:ef:7c:65:d8:96:57:73:d1:df:bc:1d:08:33:
         10:83:84:e3:2d:7e:6e:8e:b9:22:75:52:af:1f:71:e3:06:75:
         0c:d8:d9:d6:8f:1a:15:96:3a:d1:47:03:2f:0c:39:b7:f5:af:
         b8:1f:d3:5e:65:10:20:ba:b9:36:5d:22:f1:11:1e:dc:c3:76:
         10:14:41:eb:52:3c:94:47:d6:e5:ad:86:53:3f:91:f5:14:17:
         6c:f2:e1:d2:71:db:92:7a:a5:c9:69:25:c4:c0:40:40:bc:ec:
         84:5b:ae:cd:77:7c:1c:28:db:b2:f9:7d:27:39:f8:6a:3e:be:
         d9:7a:52:4e:b9:f0:43:d4:5e:85:34:87:ab:87:e5:db:34:d8:
         fb:f6:99:f6:20:a9:98:77:d5:4f:fd:63:20:c7:eb:97:8e:09:
         12:0f:df:ce
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICZyEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzEyMjUwODU5MDdaFw0yNTAxMDcwODU5MDdaMBgxFjAU
BgNVBAMTDTY1ODk0NDVmLTY5MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDoBVATAvPueNAG6oblXhXbsOr/+9Die9gGjKugsjpkIEBgQ4GioF3PSRSX
/pDfvwwCgz6WJI+px4ABRHftS6E27EH58WoGF5dNLR9Q6djhIA7D8NYdrZ3Nwqdw
kgQ5jMTGtqM9cBu/nkz+kw3pGsNS4p2BpbnlPRrQE19p7paXvCAFJkIpA3HvThy5
ARFqueIOm4wHbg0el4/Q7MhCgyRGLVQ/zqzgxVCU9T4S/SqLGjLdBP1aS64RjO0B
YooYTlc+BTztL90YGU2zpLAdT2TxhDc4wndmzvZ9SP+oqzlVPRquYYPd5Uo/FRhK
hEW5rMFnhlieHGF2i70QmKRXwe2JAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUEKM4
HrUImrIDsStkfqvzIONBGDgwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0RFNjgwQzM0QTMwMzExRUVBRUYyNDgxREQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVUswDQYJKoZIhvcNAQEL
BQADggEBAHXT3TUDy9KU229hiC5bIwOx95qSwB4Jv2/BeWjP0FtUC68BbMLN3FRx
KbBPB3rPJLuS/q1nMM+FHeuilBajNXRRHwdXGa1JuAG1LuNFcsoxau2Qo7JMtE4w
a0ZP8hRM73xl2JZXc9HfvB0IMxCDhOMtfm6OuSJ1Uq8fceMGdQzY2daPGhWWOtFH
Ay8MObf1r7gf015lECC6uTZdIvERHtzDdhAUQetSPJRH1uWthlM/kfUUF2zy4dJx
25J6pclpJcTAQEC87IRbrs13fBwo27L5fSc5+Go+vtl6Uk658EPUXoU0h6uH5ds0
2Pv2mfYgqZh31U/9YyDH65eOCRIP384=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:31 2024 by rpki-client on console-ams.rpki-client.org