Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FBF3644CB10411EE8858CA67775412E6.roa
File:                     FBF3644CB10411EE8858CA67775412E6.roa (raw, json)
Hash identifier:          vAgWvBF1ht4QUl3nyh0j6rPBP106+kaGA8cZuAOCizs=
Subject key identifier:   30:81:12:E9:0D:3D:D3:06:38:F4:A9:54:85:21:57:8A:AF:7F:B7:2D
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       74B3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FBF3644CB10411EE8858CA67775412E6.roa
Signing time:             Fri 12 Jan 2024 04:42:26 +0000
ROA not before:           Fri 12 Jan 2024 04:42:23 +0000
ROA not after:            Fri 13 Dec 2024 04:42:23 +0000
asID:                     140227
IP address blocks:        154.205.200.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29875 (0x74b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 12 04:42:23 2024 GMT
            Not After : Dec 13 04:42:23 2024 GMT
        Subject: CN=65a0c332-9262
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:2e:a3:ac:aa:95:61:0d:83:f7:f1:96:14:5a:
                    bb:34:b9:f4:3b:f8:c7:71:7d:f0:72:f6:4a:c8:ac:
                    e1:90:42:b2:6e:96:a1:11:fd:f9:da:69:3f:38:fd:
                    22:f0:70:d0:b3:04:8d:24:6e:5c:0f:a4:43:96:6c:
                    ae:d8:32:25:1b:e7:9a:99:71:4d:7f:8d:06:44:28:
                    fd:3b:0e:d3:cd:3e:46:26:ca:2d:a0:ed:24:7e:b5:
                    cd:3b:d2:aa:ce:65:f1:28:69:22:38:18:a2:01:46:
                    3d:ec:53:6b:09:4e:af:e7:27:56:b2:ef:d3:79:da:
                    39:63:62:ac:5a:dc:af:b5:9b:22:97:a4:7a:84:82:
                    26:c8:9b:ae:12:f0:8e:5a:fe:7c:d2:a7:94:e2:2c:
                    26:d7:bb:29:64:96:d5:c3:bd:f0:4e:89:fb:05:8f:
                    d0:00:c1:49:69:a4:28:58:7d:98:fb:24:3a:4b:f5:
                    87:ad:7c:e4:d4:b4:74:31:5d:e7:28:af:a3:56:16:
                    5b:6a:61:72:27:52:0a:e6:3f:bf:63:00:dd:bb:25:
                    6d:fe:a1:8e:69:ef:25:46:2c:a1:72:c7:cc:ad:0b:
                    0b:8a:fd:a2:3e:88:66:7c:bc:93:48:fd:72:53:22:
                    36:d7:db:f7:82:eb:04:68:35:15:73:ca:92:41:f0:
                    d3:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:81:12:E9:0D:3D:D3:06:38:F4:A9:54:85:21:57:8A:AF:7F:B7:2D
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FBF3644CB10411EE8858CA67775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:b7:b5:7c:05:01:89:63:87:67:b4:99:9b:fd:a6:d4:50:14:
         1f:76:73:14:ef:76:f5:bc:80:5e:b0:51:97:83:17:b5:7a:a3:
         49:d6:31:38:48:31:e4:01:00:8d:0f:22:2e:93:bf:c7:7b:ad:
         ba:bd:16:2f:99:4c:ca:19:b4:47:b6:e5:e5:1e:20:7c:65:ce:
         27:8c:d0:80:13:99:18:38:7a:2e:20:1a:5c:dc:b3:9f:8d:3a:
         e2:16:c0:39:2e:37:db:4a:c7:b6:d9:cf:2a:ad:1b:23:38:c1:
         28:41:da:59:f4:d9:06:e1:37:bb:73:4a:21:a7:18:31:8e:4e:
         3d:85:35:9e:7c:78:7a:7f:0c:13:f2:53:2d:8d:ec:d6:1e:5a:
         65:0b:84:a2:18:69:71:52:3e:73:91:11:5c:ce:26:21:a7:ca:
         91:34:56:6a:93:08:23:70:41:0b:c0:b5:d5:8c:e7:14:49:e3:
         5e:a0:b6:07:59:11:44:9d:a4:85:91:33:e8:9c:41:46:f3:ae:
         be:e3:a3:ac:be:70:a6:85:d7:b1:8f:5b:11:16:04:e8:33:a6:
         fd:97:4b:f2:0a:17:9a:6e:8a:81:56:1d:23:18:c9:f6:49:ab:
         e5:15:12:44:12:3f:1d:13:17:7b:59:1f:c5:28:9a:ea:e9:f0:
         1a:37:7a:e6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdLMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTIwNDQyMjNaFw0yNDEyMTMwNDQyMjNaMBgxFjAU
BgNVBAMTDTY1YTBjMzMyLTkyNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDLqOsqpVhDYP38ZYUWrs0ufQ7+MdxffBy9krIrOGQQrJulqER/fnaaT84
/SLwcNCzBI0kblwPpEOWbK7YMiUb55qZcU1/jQZEKP07DtPNPkYmyi2g7SR+tc07
0qrOZfEoaSI4GKIBRj3sU2sJTq/nJ1ay79N52jljYqxa3K+1myKXpHqEgibIm64S
8I5a/nzSp5TiLCbXuylkltXDvfBOifsFj9AAwUlppChYfZj7JDpL9YetfOTUtHQx
Xecor6NWFltqYXInUgrmP79jAN27JW3+oY5p7yVGLKFyx8ytCwuK/aI+iGZ8vJNI
/XJTIjbX2/eC6wRoNRVzypJB8NONAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUMIES
6Q090wY49KlUhSFXiq9/ty0wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0ZCRjM2NDRDQjEwNDExRUU4ODU4Q0E2Nzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazcgwDQYJKoZIhvcNAQEL
BQADggEBAAq3tXwFAYljh2e0mZv9ptRQFB92cxTvdvW8gF6wUZeDF7V6o0nWMThI
MeQBAI0PIi6Tv8d7rbq9Fi+ZTMoZtEe25eUeIHxlzieM0IATmRg4ei4gGlzcs5+N
OuIWwDkuN9tKx7bZzyqtGyM4wShB2ln02QbhN7tzSiGnGDGOTj2FNZ58eHp/DBPy
Uy2N7NYeWmULhKIYaXFSPnOREVzOJiGnypE0VmqTCCNwQQvAtdWM5xRJ416gtgdZ
EUSdpIWRM+icQUbzrr7jo6y+cKaF17GPWxEWBOgzpv2XS/IKF5puioFWHSMYyfZJ
q+UVEkQSPx0TF3tZH8Uomurp8Bo3euY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:35 2024 by rpki-client on console-ams.rpki-client.org