Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F8C3C7C2B09A11EE87E9E29A775412E6.roa
File:                     F8C3C7C2B09A11EE87E9E29A775412E6.roa (raw, json)
Hash identifier:          A8JXUPjmExYiSTJShytLit9+FeqTrwiCWETnRPFyJ/s=
Subject key identifier:   3E:E1:36:10:83:DB:F7:74:15:A2:CE:C6:7C:69:B7:A1:50:DA:8F:6F
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       7422
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F8C3C7C2B09A11EE87E9E29A775412E6.roa
Signing time:             Thu 11 Jan 2024 16:03:34 +0000
ROA not before:           Thu 11 Jan 2024 16:03:31 +0000
ROA not after:            Sun 22 Dec 2024 16:03:31 +0000
asID:                     137184
IP address blocks:        154.198.4.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29730 (0x7422)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 11 16:03:31 2024 GMT
            Not After : Dec 22 16:03:31 2024 GMT
        Subject: CN=65a01156-91e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7e:70:f4:d8:70:5c:9a:d6:4a:0c:a4:38:8c:
                    74:58:32:e9:32:a7:af:57:c5:ee:25:c3:4d:22:de:
                    05:6f:36:79:5c:6f:f5:f3:c9:4c:85:3e:2c:ef:02:
                    cf:2a:9e:d0:e6:36:14:eb:50:e9:15:b6:4d:6c:d6:
                    c2:e9:11:f3:e2:c5:b1:b8:7a:d5:21:16:c6:14:9c:
                    52:b2:65:f8:9d:2b:51:8f:b8:cc:e4:1c:30:d6:bd:
                    a9:a9:4d:b7:a8:82:1b:d3:13:c5:ec:d4:8c:e9:cd:
                    42:47:45:4f:1b:d7:8a:89:9e:c9:3f:78:a5:8e:14:
                    ce:22:4e:d8:28:99:ec:b2:30:29:04:7d:9e:20:de:
                    3e:c5:80:3e:30:3c:14:f0:42:b7:ee:84:9b:e5:5a:
                    8a:7a:96:23:76:8d:75:7b:09:c8:7e:e0:0d:0d:4f:
                    a0:13:17:a3:b3:18:e9:18:4b:2e:57:e5:fc:b6:0f:
                    b3:43:0b:58:2f:3f:ad:b5:46:fd:8c:67:1c:a8:95:
                    f8:1f:69:ac:f6:db:cd:86:97:7c:43:52:c8:bf:b1:
                    98:1c:1e:d2:13:f5:8c:1c:38:96:e7:2b:db:20:40:
                    8a:25:62:f0:3a:30:8b:35:d7:59:bd:f2:2b:ec:6a:
                    98:18:66:14:3c:2d:08:47:f6:6d:7c:00:11:18:e6:
                    fb:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:E1:36:10:83:DB:F7:74:15:A2:CE:C6:7C:69:B7:A1:50:DA:8F:6F
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F8C3C7C2B09A11EE87E9E29A775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.198.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:13:a8:c6:09:cb:47:0a:6d:51:83:e7:31:a6:81:e9:11:55:
         6e:e8:7b:11:d9:e9:0b:49:76:1a:06:39:c3:5d:e9:7c:11:4a:
         e2:0a:d7:5d:08:60:f3:31:7d:ab:f6:dd:ce:ca:ba:d3:b2:90:
         a9:0b:6b:bf:fe:71:32:ad:29:0d:76:ae:47:2b:da:2f:4c:ce:
         53:74:74:28:4c:e3:5c:bd:26:3e:f6:78:3d:ad:8e:a7:0a:9b:
         32:93:ae:6d:cc:a6:1f:0a:b1:7d:d5:d1:36:9b:14:b0:78:6e:
         ff:ed:be:c4:e9:54:0c:dc:55:38:3f:04:03:60:51:af:60:1b:
         b3:7d:f0:45:41:91:e9:56:e4:15:6a:ad:cf:05:ce:29:77:ca:
         7d:0c:74:cf:59:cc:3c:aa:38:62:bf:f3:39:ca:70:a5:f1:25:
         f4:69:3a:69:13:63:fa:af:93:a5:a3:e6:41:5c:72:d6:14:31:
         f0:25:82:54:9b:49:5e:3b:ed:18:89:d2:81:ba:2e:0b:8e:0d:
         f3:e3:1b:02:84:41:b3:bd:32:d0:c3:2f:2e:32:67:ec:15:d1:
         eb:01:23:45:b7:5d:69:1b:ac:d0:46:42:70:a7:e3:53:d4:5c:
         14:4b:e4:7b:ac:35:1c:67:5c:97:a9:7a:24:02:d2:16:6e:26:
         cc:bc:96:ab
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdCIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTExNjAzMzFaFw0yNDEyMjIxNjAzMzFaMBgxFjAU
BgNVBAMTDTY1YTAxMTU2LTkxZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8fnD02HBcmtZKDKQ4jHRYMukyp69Xxe4lw00i3gVvNnlcb/XzyUyFPizv
As8qntDmNhTrUOkVtk1s1sLpEfPixbG4etUhFsYUnFKyZfidK1GPuMzkHDDWvamp
TbeoghvTE8Xs1IzpzUJHRU8b14qJnsk/eKWOFM4iTtgomeyyMCkEfZ4g3j7FgD4w
PBTwQrfuhJvlWop6liN2jXV7Cch+4A0NT6ATF6OzGOkYSy5X5fy2D7NDC1gvP621
Rv2MZxyolfgfaaz2282Gl3xDUsi/sZgcHtIT9YwcOJbnK9sgQIolYvA6MIs111m9
8ivsapgYZhQ8LQhH9m18ABEY5vvhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPuE2
EIPb93QVos7GfGm3oVDaj28wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0Y4QzNDN0MyQjA5QTExRUU4N0U5RTI5QTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxgQwDQYJKoZIhvcNAQEL
BQADggEBAHwTqMYJy0cKbVGD5zGmgekRVW7oexHZ6QtJdhoGOcNd6XwRSuIK110I
YPMxfav23c7KutOykKkLa7/+cTKtKQ12rkcr2i9MzlN0dChM41y9Jj72eD2tjqcK
mzKTrm3Mph8KsX3V0TabFLB4bv/tvsTpVAzcVTg/BANgUa9gG7N98EVBkelW5BVq
rc8Fzil3yn0MdM9ZzDyqOGK/8znKcKXxJfRpOmkTY/qvk6Wj5kFcctYUMfAlglSb
SV477RiJ0oG6LguODfPjGwKEQbO9MtDDLy4yZ+wV0esBI0W3XWkbrNBGQnCn41PU
XBRL5HusNRxnXJepeiQC0hZuJsy8lqs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:35 2024 by rpki-client on console-ams.rpki-client.org