Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F44A28A623D311EF8EA7AFEA7CDC24C2.roa
File:                     F44A28A623D311EF8EA7AFEA7CDC24C2.roa (raw, json)
Hash identifier:          XQfDpaA6uQnLH3oIdgdXX80trHetV72suXnAmFyCY14=
Subject key identifier:   35:73:D3:40:CB:2B:02:9C:0C:B7:CD:BB:BE:38:13:DA:5F:0E:A9:42
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       C08D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F44A28A623D311EF8EA7AFEA7CDC24C2.roa
Signing time:             Thu 06 Jun 2024 07:11:12 +0000
ROA not before:           Thu 06 Jun 2024 07:11:08 +0000
ROA not after:            Tue 22 Apr 2025 07:11:08 +0000
asID:                     28419
IP address blocks:        154.201.16.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Nov 2024 00:05:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 49293 (0xc08d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jun  6 07:11:08 2024 GMT
            Not After : Apr 22 07:11:08 2025 GMT
        Subject: CN=66616110-e0c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:05:0b:d3:17:f3:f7:0a:dd:09:91:ca:81:59:
                    ae:a9:a7:36:58:a8:74:84:65:ab:83:89:b8:05:bd:
                    99:ea:49:71:1b:0f:c3:8d:98:4b:3b:4a:ad:08:9e:
                    54:a3:62:c2:b1:7a:c7:03:8c:4d:17:ac:3e:95:c4:
                    83:da:71:7e:4d:2c:e3:2c:0c:1a:16:1b:f4:d5:34:
                    07:e8:d1:71:f1:23:fe:27:0c:7c:54:74:f6:18:ef:
                    16:b0:28:0c:88:a4:7c:df:ba:29:05:0f:56:9e:c7:
                    b9:a5:f0:17:51:b7:7d:f6:ed:73:16:9e:a0:fb:10:
                    05:61:d8:cb:79:93:09:2c:46:d1:da:6a:a2:fc:f2:
                    66:4d:33:9c:c0:11:f2:18:87:4a:86:6f:95:31:ff:
                    a5:b3:19:db:65:71:bc:29:8b:89:9f:b8:a4:cd:2b:
                    43:48:83:94:35:a9:46:07:d2:04:4a:cc:1d:64:00:
                    00:02:50:b6:53:ce:0a:a9:39:31:df:26:a5:9e:21:
                    03:71:13:62:e1:f3:a0:ad:39:48:bf:4b:10:6a:89:
                    cb:ac:72:26:db:cc:db:c9:c9:e6:fa:0a:86:79:54:
                    5f:3f:c6:5c:24:16:45:7d:f1:93:d1:d6:88:c5:d6:
                    31:83:e9:8c:0b:35:0b:59:3c:a0:32:25:28:5b:3c:
                    66:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:73:D3:40:CB:2B:02:9C:0C:B7:CD:BB:BE:38:13:DA:5F:0E:A9:42
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F44A28A623D311EF8EA7AFEA7CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.201.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         82:4f:e7:95:a0:64:46:51:08:be:f4:43:f9:95:1e:cd:9f:b1:
         90:10:19:31:8a:e7:de:2e:1e:58:b6:96:62:2e:41:75:ad:5d:
         f4:cf:1e:d8:07:61:33:d8:77:99:9c:60:01:b8:d8:24:27:a6:
         fd:83:aa:4b:57:d4:7a:f0:fc:d0:12:05:20:d0:10:d2:dd:1d:
         a7:af:3f:cd:d2:a2:b7:8a:a9:cc:f0:3d:cb:5e:62:24:fa:3d:
         73:d9:a2:a1:3f:88:4d:ae:89:5c:22:7e:e2:43:02:36:d3:b2:
         a4:df:a0:e8:e8:66:0e:e0:4b:ce:19:76:f3:4b:16:f0:52:f9:
         b2:9f:9c:52:2f:57:72:0f:2e:e8:83:10:69:5c:ce:d0:85:a2:
         e7:da:0b:38:c7:cd:11:ab:3a:0a:ec:b3:c0:54:cd:a2:ce:71:
         a3:40:8e:59:bc:9b:ef:64:bb:19:b2:ab:71:60:87:4b:5c:bd:
         fb:0c:84:6e:e6:a0:80:02:a4:26:a1:5f:8b:cd:cd:d5:bc:39:
         0c:1e:37:08:a1:f2:60:bd:df:ad:b1:33:bf:e5:93:08:48:fd:
         fd:9e:8d:04:8b:f1:4d:75:36:e7:7f:54:8b:d9:7e:97:7e:5c:
         1e:6e:34:14:19:d0:1d:f6:7c:29:72:25:57:bb:e2:69:82:82:
         62:58:92:c6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMCNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjA2MDcxMTA4WhcNMjUwNDIyMDcxMTA4WjAYMRYw
FAYDVQQDEw02NjYxNjExMC1lMGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxQUL0xfz9wrdCZHKgVmuqac2WKh0hGWrg4m4Bb2Z6klxGw/DjZhLO0qt
CJ5Uo2LCsXrHA4xNF6w+lcSD2nF+TSzjLAwaFhv01TQH6NFx8SP+Jwx8VHT2GO8W
sCgMiKR837opBQ9Wnse5pfAXUbd99u1zFp6g+xAFYdjLeZMJLEbR2mqi/PJmTTOc
wBHyGIdKhm+VMf+lsxnbZXG8KYuJn7ikzStDSIOUNalGB9IESswdZAAAAlC2U84K
qTkx3yalniEDcRNi4fOgrTlIv0sQaonLrHIm28zbycnm+gqGeVRfP8ZcJBZFffGT
0daIxdYxg+mMCzULWTygMiUoWzxmXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDVz
00DLKwKcDLfNu744E9pfDqlCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNDRBMjhBNjIzRDMxMUVGOEVBN0FGRUE3Q0RDMjRDMi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmskQMA0GCSqGSIb3DQEB
CwUAA4IBAQCCT+eVoGRGUQi+9EP5lR7Nn7GQEBkxiufeLh5YtpZiLkF1rV30zx7Y
B2Ez2HeZnGABuNgkJ6b9g6pLV9R68PzQEgUg0BDS3R2nrz/N0qK3iqnM8D3LXmIk
+j1z2aKhP4hNrolcIn7iQwI207Kk36Do6GYO4EvOGXbzSxbwUvmyn5xSL1dyDy7o
gxBpXM7QhaLn2gs4x80RqzoK7LPAVM2iznGjQI5ZvJvvZLsZsqtxYIdLXL37DIRu
5qCAAqQmoV+Lzc3VvDkMHjcIofJgvd+tsTO/5ZMISP39no0Ei/FNdTbnf1SL2X6X
flwebjQUGdAd9nwpciVXu+JpgoJiWJLG
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:33:54 2024 by rpki-client on console-fra.rpki-client.org