Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBEFCC584A5011EFBF0FB7A5762E951A.roa
File:                     EBEFCC584A5011EFBF0FB7A5762E951A.roa (raw, json)
Hash identifier:          uRWtmsEO+egyLs5cmY37f0e8VyK2rHya9LPkwksD4Pk=
Subject key identifier:   CF:D1:9D:52:24:46:49:50:20:86:67:33:0A:17:3A:0F:84:B8:78:3E
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       D694
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBEFCC584A5011EFBF0FB7A5762E951A.roa
Signing time:             Thu 25 Jul 2024 06:41:29 +0000
ROA not before:           Thu 25 Jul 2024 06:41:25 +0000
ROA not after:            Sun 23 Feb 2025 06:41:25 +0000
asID:                     152920
IP address blocks:        154.208.172.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54932 (0xd694)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 25 06:41:25 2024 GMT
            Not After : Feb 23 06:41:25 2025 GMT
        Subject: CN=66a1f399-f6fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:50:20:ea:11:23:77:52:94:a1:26:1c:bd:c2:
                    a5:65:48:10:92:ae:71:08:2b:a3:12:e4:a6:05:81:
                    75:29:90:10:e4:1a:52:53:7a:e2:da:ef:2a:bb:94:
                    10:16:e9:39:1e:1a:24:40:4e:c0:d5:d9:33:47:c3:
                    18:9c:ea:d6:b7:61:dc:76:9c:cb:1e:36:b7:31:e4:
                    e8:97:94:e8:51:7e:29:2d:80:5c:7f:8a:e1:0e:4c:
                    7a:45:e9:07:07:c2:25:1e:7a:16:03:1b:1c:fe:0e:
                    09:a5:fb:58:53:05:e9:0f:a0:0b:f5:e8:d2:f4:ca:
                    86:da:e6:c5:cf:17:26:75:3b:d7:cd:8b:c2:fe:0e:
                    b4:e4:4e:e8:87:f3:4e:ce:47:15:00:f6:db:70:b7:
                    17:54:ed:a0:39:69:3f:71:11:64:55:9b:5d:63:f5:
                    93:d5:f7:47:88:6a:d2:8a:10:f2:a2:92:53:a4:cd:
                    68:07:5e:be:f3:a4:52:dd:02:60:8b:90:fd:f7:f0:
                    b1:1f:e6:f3:19:df:92:f6:1c:85:93:5f:02:e0:52:
                    fa:fe:f7:11:31:73:7c:90:ea:b8:77:b4:c1:58:7a:
                    13:ec:34:4b:63:de:b7:21:2b:68:69:27:5b:e2:c6:
                    26:8c:d0:37:63:c6:6d:c1:cf:2a:97:ab:4a:d3:bc:
                    38:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:D1:9D:52:24:46:49:50:20:86:67:33:0A:17:3A:0F:84:B8:78:3E
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBEFCC584A5011EFBF0FB7A5762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.208.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6e:b9:18:86:06:0d:3e:21:e6:ac:5d:7c:50:13:37:96:34:38:
         4d:7f:dc:11:fd:48:5a:be:1c:e4:9d:2e:20:1c:29:c9:8d:e6:
         91:e0:e8:1c:1c:13:47:a0:cb:23:35:89:b9:27:40:ce:57:0f:
         82:d4:62:00:62:ef:c9:ea:fe:f6:36:d1:21:91:a2:6d:97:93:
         18:a6:37:47:c8:a0:f3:04:73:b4:1d:06:d1:40:fe:fe:9d:05:
         e9:fb:b7:d8:64:50:bd:63:d2:d7:41:f5:99:fa:ec:60:8a:07:
         13:23:3e:1c:cb:fa:55:11:68:04:be:1f:57:58:ac:39:bc:49:
         f9:10:d6:cf:c4:72:8c:e6:db:22:79:da:51:5a:7f:cd:46:e9:
         c9:c5:58:3f:24:57:2b:fb:77:49:2b:c0:85:26:82:d2:a7:6f:
         16:c0:fe:b7:34:06:ce:90:99:bc:11:87:7d:3b:c5:21:a4:d8:
         0d:5c:ee:2d:2e:4d:bb:1f:37:6d:90:3a:7a:3d:db:f7:67:77:
         80:21:36:f2:e6:37:43:74:91:d7:b0:50:00:cc:29:38:9e:f5:
         60:bb:1d:fc:a8:1d:9b:62:2b:5d:50:ba:c6:6a:bc:77:b2:69:
         c4:a6:0e:25:26:b6:09:f0:07:5c:0c:0a:0d:e3:79:58:f3:ca:
         33:ef:98:07
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDANaUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNzI1MDY0MTI1WhcNMjUwMjIzMDY0MTI1WjAYMRYw
FAYDVQQDEw02NmExZjM5OS1mNmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA21Ag6hEjd1KUoSYcvcKlZUgQkq5xCCujEuSmBYF1KZAQ5BpSU3ri2u8q
u5QQFuk5HhokQE7A1dkzR8MYnOrWt2HcdpzLHja3MeTol5ToUX4pLYBcf4rhDkx6
RekHB8IlHnoWAxsc/g4JpftYUwXpD6AL9ejS9MqG2ubFzxcmdTvXzYvC/g605E7o
h/NOzkcVAPbbcLcXVO2gOWk/cRFkVZtdY/WT1fdHiGrSihDyopJTpM1oB16+86RS
3QJgi5D99/CxH+bzGd+S9hyFk18C4FL6/vcRMXN8kOq4d7TBWHoT7DRLY963ISto
aSdb4sYmjNA3Y8Ztwc8ql6tK07w4fQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM/R
nVIkRklQIIZnMwoXOg+EuHg+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQkVGQ0M1ODRBNTAxMUVGQkYwRkI3QTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtCsMA0GCSqGSIb3DQEB
CwUAA4IBAQBuuRiGBg0+IeasXXxQEzeWNDhNf9wR/UhavhzknS4gHCnJjeaR4Ogc
HBNHoMsjNYm5J0DOVw+C1GIAYu/J6v72NtEhkaJtl5MYpjdHyKDzBHO0HQbRQP7+
nQXp+7fYZFC9Y9LXQfWZ+uxgigcTIz4cy/pVEWgEvh9XWKw5vEn5ENbPxHKM5tsi
edpRWn/NRunJxVg/JFcr+3dJK8CFJoLSp28WwP63NAbOkJm8EYd9O8UhpNgNXO4t
Lk27HzdtkDp6Pdv3Z3eAITby5jdDdJHXsFAAzCk4nvVgux38qB2bYitdULrGarx3
smnEpg4lJrYJ8AdcDAoN43lY88oz75gH
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:30 2024 by rpki-client on console-fra.rpki-client.org