Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/B918F940B04E11EEBBD2E697775412E6.roa
File:                     B918F940B04E11EEBBD2E697775412E6.roa (raw, json)
Hash identifier:          ZrUlsRanFtsZhQlEVluoYbwWKfggdoIE9yZOZzdy4S4=
Subject key identifier:   7F:37:F2:11:62:DD:7C:00:84:20:D2:D4:50:1D:F0:A9:5E:34:08:19
Certificate issuer:       /CN=F3652C3AAF/serialNumber=3F0EEA59196D14A32AF35DA1710F150D5F9DDDD8
Certificate serial:       27
Authority key identifier: 3F:0E:EA:59:19:6D:14:A3:2A:F3:5D:A1:71:0F:15:0D:5F:9D:DD:D8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/Pw7qWRltFKMq812hcQ8VDV-d3dg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/B918F940B04E11EEBBD2E697775412E6.roa
Signing time:             Thu 11 Jan 2024 06:57:45 +0000
ROA not before:           Thu 11 Jan 2024 06:57:42 +0000
ROA not after:            Sun 31 Dec 2028 06:57:42 +0000
asID:                     37523
IP address blocks:        154.65.64.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/Pw7qWRltFKMq812hcQ8VDV-d3dg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/Pw7qWRltFKMq812hcQ8VDV-d3dg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/Pw7qWRltFKMq812hcQ8VDV-d3dg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 39 (0x27)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3652C3AAF/serialNumber=3F0EEA59196D14A32AF35DA1710F150D5F9DDDD8
        Validity
            Not Before: Jan 11 06:57:42 2024 GMT
            Not After : Dec 31 06:57:42 2028 GMT
        Subject: CN=659f9169-2577
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e0:fd:7f:61:d7:ee:ef:b7:bf:a5:bd:cb:8c:
                    86:1a:85:5d:05:ba:86:6b:7d:48:41:2f:f6:cc:a0:
                    75:23:32:60:86:d9:10:61:51:7b:3e:18:38:41:e5:
                    7f:54:6c:3a:26:d8:1e:c8:c8:a2:eb:24:95:59:18:
                    ed:1f:c3:5b:3c:3c:31:81:6b:74:30:eb:eb:79:8f:
                    1b:cd:e3:68:67:10:da:71:38:b7:d0:e6:dc:f1:c1:
                    7b:6f:5a:31:6d:86:ee:c1:8c:1c:ee:12:3f:a5:75:
                    9c:1c:67:11:11:6d:eb:81:f7:2e:c5:7b:57:b7:9b:
                    0b:c0:8c:46:4b:f6:b5:cc:2b:d0:88:27:03:35:c7:
                    a2:96:25:c1:ca:0b:70:e5:d7:b6:9f:f6:6e:c0:49:
                    55:d7:43:b5:cf:95:f5:84:1f:d4:49:7e:62:8a:db:
                    33:b4:77:bc:74:83:a3:c2:1a:4d:c7:a9:60:c8:d0:
                    cb:4d:11:e6:7d:e8:2f:04:4e:8c:4e:e2:24:91:51:
                    0d:ad:4d:c2:7c:cc:09:8f:e7:4b:a0:4a:60:d1:c4:
                    a4:82:dd:3b:72:96:5c:62:89:0f:a8:a1:6a:94:98:
                    b6:a9:99:a7:98:6d:d0:ad:e5:fb:22:c1:d2:db:06:
                    db:3d:5e:a6:cc:fe:97:57:51:e2:b7:7c:a9:f9:29:
                    84:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:37:F2:11:62:DD:7C:00:84:20:D2:D4:50:1D:F0:A9:5E:34:08:19
            X509v3 Authority Key Identifier:
                keyid:3F:0E:EA:59:19:6D:14:A3:2A:F3:5D:A1:71:0F:15:0D:5F:9D:DD:D8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/Pw7qWRltFKMq812hcQ8VDV-d3dg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Pw7qWRltFKMq812hcQ8VDV-d3dg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3652C3A/D607CF289A8111EE8A7BF12BD25BE465/B918F940B04E11EEBBD2E697775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.65.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:f2:a9:e4:04:f5:ce:5f:ea:ac:60:fd:a0:c8:70:1c:28:01:
         e0:6f:19:8a:c3:3c:28:07:62:03:76:df:08:4e:17:ab:e2:d7:
         21:74:e2:45:8e:f7:05:f5:cb:80:8e:70:7f:76:9e:6c:ae:0e:
         57:43:95:a8:43:a5:ac:b5:ed:2f:ff:82:f2:3f:a6:b6:0b:c1:
         31:b6:98:82:38:54:99:fa:e6:cd:2c:9e:32:26:2b:a1:39:4c:
         ca:3a:40:62:bb:d0:6c:78:08:79:10:a1:26:23:9c:0b:ff:40:
         27:1d:e8:3c:66:c7:e5:42:55:3a:7a:bb:2c:e2:1f:06:a2:07:
         58:cb:c8:bc:f5:f7:7c:83:12:12:e3:e6:ed:19:ce:ad:98:c9:
         39:09:8d:b5:61:30:ee:b2:40:96:3b:6c:05:33:c0:bf:f6:aa:
         d0:3f:41:21:40:4d:aa:94:1b:6b:36:79:90:e9:51:d8:d2:24:
         68:30:5b:67:34:12:b4:f1:2c:59:af:d7:ba:b2:d6:b6:40:11:
         9b:dd:2c:4f:9b:fd:88:86:e3:da:65:79:8e:99:16:f8:b2:14:
         8e:1d:d3:61:8d:4e:8d:15:54:f3:45:a4:f1:da:84:44:7c:56:
         65:85:96:7b:eb:d8:3b:91:8b:e5:d8:c6:18:07:83:c5:cc:2c:
         65:6d:70:21
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
MkMzQUFGMTEwLwYDVQQFEygzRjBFRUE1OTE5NkQxNEEzMkFGMzVEQTE3MTBGMTUw
RDVGOUREREQ4MB4XDTI0MDExMTA2NTc0MloXDTI4MTIzMTA2NTc0MlowGDEWMBQG
A1UEAxMNNjU5ZjkxNjktMjU3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/g/X9h1+7vt7+lvcuMhhqFXQW6hmt9SEEv9sygdSMyYIbZEGFRez4YOEHl
f1RsOibYHsjIousklVkY7R/DWzw8MYFrdDDr63mPG83jaGcQ2nE4t9Dm3PHBe29a
MW2G7sGMHO4SP6V1nBxnERFt64H3LsV7V7ebC8CMRkv2tcwr0IgnAzXHopYlwcoL
cOXXtp/2bsBJVddDtc+V9YQf1El+YorbM7R3vHSDo8IaTcepYMjQy00R5n3oLwRO
jE7iJJFRDa1NwnzMCY/nS6BKYNHEpILdO3KWXGKJD6ihapSYtqmZp5ht0K3l+yLB
0tsG2z1epsz+l1dR4rd8qfkphFkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR/N/IR
Yt18AIQg0tRQHfCpXjQIGTAfBgNVHSMEGDAWgBQ/DupZGW0UoyrzXaFxDxUNX53d
2DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTJDM0EvRDYwN0NGMjg5QTgxMTFFRThBN0JGMTJCRDI1QkU0NjUvUHc3cVdS
bHRGS01xODEyaGNROFZEVi1kM2RnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUHc3cVdSbHRGS01xODEyaGNROFZEVi1kM2RnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTJDM0EvRDYwN0NGMjg5QTgxMTFFRThBN0JGMTJCRDI1
QkU0NjUvQjkxOEY5NDBCMDRFMTFFRUJCRDJFNjk3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJpBQDANBgkqhkiG9w0BAQsF
AAOCAQEAo/Kp5AT1zl/qrGD9oMhwHCgB4G8ZisM8KAdiA3bfCE4Xq+LXIXTiRY73
BfXLgI5wf3aebK4OV0OVqEOlrLXtL/+C8j+mtgvBMbaYgjhUmfrmzSyeMiYroTlM
yjpAYrvQbHgIeRChJiOcC/9AJx3oPGbH5UJVOnq7LOIfBqIHWMvIvPX3fIMSEuPm
7RnOrZjJOQmNtWEw7rJAljtsBTPAv/aq0D9BIUBNqpQbazZ5kOlR2NIkaDBbZzQS
tPEsWa/XurLWtkARm90sT5v9iIbj2mV5jpkW+LIUjh3TYY1OjRVU80Wk8dqERHxW
ZYWWe+vYO5GL5djGGAeDxcwsZW1wIQ==
-----END CERTIFICATE-----
Generated at Mon Jun 17 03:35:08 2024 by rpki-client on console-fra.rpki-client.org