Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/81B67878C4C711EEA9FDDB53775412E6.roa
File:                     81B67878C4C711EEA9FDDB53775412E6.roa (raw, json)
Hash identifier:          vTf8z95jt6AfKb+uGSv38KFOEqTok2j1GUU2yZdAI08=
Subject key identifier:   13:05:5F:DA:B3:A4:EF:BD:FF:29:70:30:5A:48:34:55:E4:FD:4E:3F
Certificate issuer:       /CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Certificate serial:       05
Authority key identifier: FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/81B67878C4C711EEA9FDDB53775412E6.roa
Signing time:             Tue 06 Feb 2024 08:12:45 +0000
ROA not before:           Tue 06 Feb 2024 08:12:41 +0000
ROA not after:            Sat 06 Feb 2027 08:12:41 +0000
asID:                     36905
IP address blocks:        154.126.160.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
        Validity
            Not Before: Feb  6 08:12:41 2024 GMT
            Not After : Feb  6 08:12:41 2027 GMT
        Subject: CN=65c1e9fd-45d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a7:67:33:54:ba:fb:b9:bc:97:a8:f0:fa:0e:
                    35:06:93:59:b0:5d:59:8c:51:d8:bd:31:d6:6c:f2:
                    09:f7:6d:86:d0:08:3d:b4:cd:66:6e:72:6b:d8:3f:
                    40:dd:5f:1a:90:65:4f:14:f0:b3:f0:59:a0:8a:67:
                    e9:d7:4f:c9:83:87:9d:df:6b:53:3b:7c:c5:73:37:
                    cb:11:80:c3:e4:63:a5:8d:0b:5b:29:db:0b:da:20:
                    59:ac:51:ee:3d:c2:65:55:5d:30:43:b5:7e:3e:64:
                    34:c2:9e:66:fd:94:7a:92:62:d0:f0:fc:49:2c:6c:
                    b2:9c:8f:ff:9b:42:25:a9:58:29:9a:4f:78:41:d1:
                    91:2a:a3:78:6e:c6:7d:55:47:8d:0b:be:e5:8f:64:
                    e7:b4:e6:2f:81:88:c4:a0:31:b7:72:5a:9b:d3:b7:
                    88:51:96:51:18:40:b9:b8:45:71:2b:18:69:aa:ad:
                    42:1d:1d:64:0c:dc:96:a4:e5:01:91:7b:84:43:8d:
                    40:93:ef:83:d6:56:62:00:1b:f2:0c:d6:d1:2e:12:
                    a2:6c:a8:64:ea:d3:3b:c1:e1:6f:8b:41:b3:fa:77:
                    a4:c1:86:29:08:bb:f2:3c:2e:c7:20:38:4e:33:09:
                    08:50:36:b2:0c:bf:0f:f7:2e:c6:74:ad:ac:9a:f2:
                    f5:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:05:5F:DA:B3:A4:EF:BD:FF:29:70:30:5A:48:34:55:E4:FD:4E:3F
            X509v3 Authority Key Identifier:
                keyid:FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/81B67878C4C711EEA9FDDB53775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.126.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:17:59:fd:84:0d:66:71:9d:8f:aa:6a:1e:eb:a4:f0:b5:b3:
         5c:0a:25:59:43:81:30:bc:6c:a3:03:96:ee:a5:74:03:4b:19:
         3d:35:45:eb:69:ba:4b:44:db:a8:1b:f9:cd:fd:c2:60:b9:87:
         44:f5:a2:2c:81:6b:18:c0:90:a2:9d:66:ac:07:0d:a8:e3:bd:
         bc:0f:95:a9:24:5d:a1:90:ed:da:ba:22:5f:c8:06:b4:f7:4a:
         3c:5f:f1:97:18:40:a7:ba:d9:a0:fa:63:86:24:b0:8c:2d:de:
         c2:eb:e2:87:61:7b:3d:59:b3:13:3c:4e:7b:c9:5f:97:ce:f0:
         f9:86:9d:f4:59:1f:31:30:65:cf:d1:c8:ce:f7:e0:79:4f:fe:
         bf:7f:9a:f7:0f:8d:8c:ad:f0:21:ad:b6:01:a9:10:64:13:cd:
         06:a0:73:40:14:a0:9d:d5:93:51:bf:25:d6:05:c7:c4:0c:1c:
         4f:04:ec:6f:72:ab:ae:39:26:ef:e4:09:71:c9:c0:af:8d:6b:
         1d:4a:8b:c7:5e:d1:ee:10:42:8e:0c:b1:9a:68:2a:08:d4:d7:
         92:9c:91:24:97:8d:18:af:16:fe:0a:d4:c6:aa:68:fb:e4:f7:
         a1:0f:d2:bb:a5:91:75:59:de:63:93:02:bb:ce:65:03:97:9c:
         2f:08:72:18
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NUQyQ0FGMTEwLwYDVQQFEyhGREY0QkYwMDEzQjFGMUFBQ0EzOTU1MUJBNjI2Q0Ey
NDY4M0RBRTY2MB4XDTI0MDIwNjA4MTI0MVoXDTI3MDIwNjA4MTI0MVowGDEWMBQG
A1UEAxMNNjVjMWU5ZmQtNDVkODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+nZzNUuvu5vJeo8PoONQaTWbBdWYxR2L0x1mzyCfdthtAIPbTNZm5ya9g/
QN1fGpBlTxTws/BZoIpn6ddPyYOHnd9rUzt8xXM3yxGAw+RjpY0LWynbC9ogWaxR
7j3CZVVdMEO1fj5kNMKeZv2UepJi0PD8SSxsspyP/5tCJalYKZpPeEHRkSqjeG7G
fVVHjQu+5Y9k57TmL4GIxKAxt3Jam9O3iFGWURhAubhFcSsYaaqtQh0dZAzclqTl
AZF7hEONQJPvg9ZWYgAb8gzW0S4SomyoZOrTO8Hhb4tBs/p3pMGGKQi78jwuxyA4
TjMJCFA2sgy/D/cuxnStrJry9VcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQTBV/a
s6Tvvf8pcDBaSDRV5P1OPzAfBgNVHSMEGDAWgBT99L8AE7Hxqso5VRumJsokaD2u
ZjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1NDEyRTYvX2ZTX0FC
T3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX2ZTX0FCT3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1
NDEyRTYvODFCNjc4NzhDNEM3MTFFRUE5RkREQjUzNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJp+oDANBgkqhkiG9w0BAQsF
AAOCAQEAthdZ/YQNZnGdj6pqHuuk8LWzXAolWUOBMLxsowOW7qV0A0sZPTVF62m6
S0TbqBv5zf3CYLmHRPWiLIFrGMCQop1mrAcNqOO9vA+VqSRdoZDt2roiX8gGtPdK
PF/xlxhAp7rZoPpjhiSwjC3ewuvih2F7PVmzEzxOe8lfl87w+Yad9FkfMTBlz9HI
zvfgeU/+v3+a9w+NjK3wIa22AakQZBPNBqBzQBSgndWTUb8l1gXHxAwcTwTsb3Kr
rjkm7+QJccnAr41rHUqLx17R7hBCjgyxmmgqCNTXkpyRJJeNGK8W/grUxqpo++T3
oQ/Su6WRdVneY5MCu85lA5ecLwhyGA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org