Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB50BF30B10011EEBBEA9960775412E6.roa
File:                     EB50BF30B10011EEBBEA9960775412E6.roa (raw, json)
Hash identifier:          lrKq3mzdK5Z2leqtveaOoanGDkVp9E7SdfS8cj6xDwI=
Subject key identifier:   90:29:A4:AB:8F:DD:2C:C9:28:F5:B4:31:D5:D7:2B:3C:54:A9:61:2A
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7493
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB50BF30B10011EEBBEA9960775412E6.roa
Signing time:             Fri 12 Jan 2024 04:13:20 +0000
ROA not before:           Fri 12 Jan 2024 04:13:17 +0000
ROA not after:            Fri 13 Dec 2024 04:13:17 +0000
asID:                     140224
IP address blocks:        154.205.213.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29843 (0x7493)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 12 04:13:17 2024 GMT
            Not After : Dec 13 04:13:17 2024 GMT
        Subject: CN=65a0bc60-2718
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:eb:3f:49:8f:93:98:e6:68:c5:76:51:ed:c3:
                    fc:52:d9:66:72:d7:29:7e:7b:ea:aa:a3:aa:85:fd:
                    13:33:20:71:74:7a:65:2b:e1:54:39:0b:55:2e:ff:
                    56:a0:d1:81:90:9e:7b:d0:42:a8:c5:37:f0:2a:6c:
                    86:29:17:83:34:87:01:0b:d9:74:ca:0a:d9:51:9b:
                    fd:0f:0b:30:a3:c0:89:b9:32:e9:26:b8:97:6c:b4:
                    6b:cb:ec:f5:84:22:c9:4f:1a:4c:be:6b:1b:25:9c:
                    92:1a:7a:98:c4:27:32:81:ea:7c:fc:ad:a2:b9:c8:
                    44:88:2c:ab:75:c5:f2:9b:da:e5:c7:3d:3b:86:26:
                    5d:5d:66:c4:2e:23:4d:05:ce:37:66:5f:c7:3b:ab:
                    70:0a:20:a9:20:98:ef:63:6b:b4:63:04:21:b1:58:
                    bc:27:91:2f:60:07:51:dd:f7:81:d3:ed:79:e3:c6:
                    a6:7f:d2:01:91:36:80:80:a1:c5:da:be:53:41:c9:
                    0a:c5:77:35:c1:88:93:e5:a0:0d:25:78:26:44:2a:
                    e5:40:78:eb:47:f7:db:1f:f7:56:e5:93:86:a5:17:
                    b4:58:f1:f8:36:42:bf:82:9e:31:75:f6:56:b5:bf:
                    d4:83:a8:9e:f6:89:53:e4:86:0a:10:29:3e:9d:a4:
                    a6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:29:A4:AB:8F:DD:2C:C9:28:F5:B4:31:D5:D7:2B:3C:54:A9:61:2A
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB50BF30B10011EEBBEA9960775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:8c:c5:ea:c3:f1:cd:52:56:77:c5:33:6a:2a:bf:76:72:3d:
         ec:9f:a9:08:22:6f:81:2b:45:66:d5:74:4e:04:8a:c5:55:1b:
         2d:a9:37:2e:0d:98:34:39:d6:64:3f:f9:8c:a2:70:ee:d9:94:
         4d:5d:7c:66:aa:8c:a5:7c:02:c9:cc:07:7e:3f:c1:22:7c:d9:
         39:5e:d3:fd:da:c7:45:ff:a4:48:8d:e1:13:05:45:5e:49:e4:
         69:d9:c5:d6:8d:1d:9e:31:eb:70:23:4d:3b:82:53:fe:7c:03:
         44:e5:ca:7b:65:7e:0b:b1:c6:4e:71:99:32:3c:02:52:23:8f:
         e8:e5:29:e9:9e:4a:97:72:fa:e4:01:9e:4f:47:d2:8f:42:d8:
         03:90:89:65:d6:87:de:34:7e:d8:b2:8c:94:70:5a:0f:9c:f3:
         dc:90:c8:5b:61:c7:63:ed:7d:7f:45:c3:ab:b1:28:5f:27:c5:
         17:c9:be:18:75:99:1a:0e:3a:2e:77:bd:21:47:c3:c3:d4:6e:
         78:da:52:bf:c3:cf:ac:21:fd:01:68:2e:64:66:c2:fe:c0:7a:
         00:4a:81:2c:c8:be:c9:27:54:30:ac:05:79:8b:5f:d4:95:29:
         f3:08:1d:0b:5f:a3:88:13:6d:b8:f2:71:24:42:68:d2:a0:0c:
         74:47:24:fe
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdJMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTIwNDEzMTdaFw0yNDEyMTMwNDEzMTdaMBgxFjAU
BgNVBAMTDTY1YTBiYzYwLTI3MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCv6z9Jj5OY5mjFdlHtw/xS2WZy1yl+e+qqo6qF/RMzIHF0emUr4VQ5C1Uu
/1ag0YGQnnvQQqjFN/AqbIYpF4M0hwEL2XTKCtlRm/0PCzCjwIm5MukmuJdstGvL
7PWEIslPGky+axslnJIaepjEJzKB6nz8raK5yESILKt1xfKb2uXHPTuGJl1dZsQu
I00FzjdmX8c7q3AKIKkgmO9ja7RjBCGxWLwnkS9gB1Hd94HT7XnjxqZ/0gGRNoCA
ocXavlNByQrFdzXBiJPloA0leCZEKuVAeOtH99sf91blk4alF7RY8fg2Qr+CnjF1
9la1v9SDqJ72iVPkhgoQKT6dpKYHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUkCmk
q4/dLMko9bQx1dcrPFSpYSowHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0VCNTBCRjMwQjEwMDExRUVCQkVBOTk2MDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazdUwDQYJKoZIhvcNAQEL
BQADggEBAJSMxerD8c1SVnfFM2oqv3ZyPeyfqQgib4ErRWbVdE4EisVVGy2pNy4N
mDQ51mQ/+YyicO7ZlE1dfGaqjKV8AsnMB34/wSJ82Tle0/3ax0X/pEiN4RMFRV5J
5GnZxdaNHZ4x63AjTTuCU/58A0Tlyntlfguxxk5xmTI8AlIjj+jlKemeSpdy+uQB
nk9H0o9C2AOQiWXWh940ftiyjJRwWg+c89yQyFthx2PtfX9Fw6uxKF8nxRfJvhh1
mRoOOi53vSFHw8PUbnjaUr/Dz6wh/QFoLmRmwv7AegBKgSzIvsknVDCsBXmLX9SV
KfMIHQtfo4gTbbjycSRCaNKgDHRHJP4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:33 2024 by rpki-client on console-ams.rpki-client.org