Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/FF49F7B4C4D211EEB6F1A266775412E6.roa
File:                     FF49F7B4C4D211EEB6F1A266775412E6.roa (raw, json)
Hash identifier:          qvVux5l6rnVThhETsGLH9EXoxv6/IKPh5G9ATtSGJFg=
Subject key identifier:   11:29:B5:5B:05:D1:E7:0B:C0:DE:ED:73:63:B9:48:97:54:C3:C7:CB
Certificate issuer:       /CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Certificate serial:       31
Authority key identifier: FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/FF49F7B4C4D211EEB6F1A266775412E6.roa
Signing time:             Tue 06 Feb 2024 09:35:00 +0000
ROA not before:           Tue 06 Feb 2024 09:34:57 +0000
ROA not after:            Sat 06 Feb 2027 09:34:57 +0000
asID:                     36905
IP address blocks:        154.126.180.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 49 (0x31)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
        Validity
            Not Before: Feb  6 09:34:57 2024 GMT
            Not After : Feb  6 09:34:57 2027 GMT
        Subject: CN=65c1fd44-a1e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:d4:92:6e:86:c0:ff:27:9f:ec:a2:bd:6e:aa:
                    52:66:0e:b2:85:a8:63:ec:40:57:c9:91:7c:c4:e1:
                    3d:b9:10:58:6d:1e:e8:0c:57:6e:79:5e:b6:2f:0e:
                    89:0e:00:4f:89:53:cc:b0:d0:cf:38:2b:9d:ee:f0:
                    9b:1b:28:1b:3e:ef:13:88:8a:3d:47:74:21:6b:0b:
                    11:b6:16:0d:e6:74:b7:2a:5a:ae:d6:b8:f1:f4:3b:
                    f7:a2:34:8b:a1:35:95:95:e3:60:b3:df:1d:77:93:
                    dc:af:d6:e8:5a:6e:ae:dd:88:5d:cc:b8:f0:34:e4:
                    3f:ad:49:ab:57:7b:0e:17:e6:7a:66:d1:44:e3:44:
                    3e:4d:69:80:42:86:b0:c4:1d:7a:03:7c:8d:c3:4b:
                    42:5c:5a:8a:bd:48:60:87:a6:8c:67:f5:07:ab:75:
                    64:53:e7:41:aa:82:4b:6e:8d:05:23:92:a7:6e:69:
                    58:a0:63:54:ab:5a:ab:ea:11:e2:7f:07:86:29:9e:
                    bb:f8:77:0d:a6:57:c8:77:48:23:63:33:55:16:16:
                    7e:cb:69:1a:e7:b4:4f:c0:86:68:d7:90:e2:5b:65:
                    63:48:75:d4:32:ec:64:3e:be:10:1b:c3:20:77:c9:
                    8d:c9:74:e1:f1:d8:25:ae:c8:22:82:36:c4:bd:51:
                    11:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:29:B5:5B:05:D1:E7:0B:C0:DE:ED:73:63:B9:48:97:54:C3:C7:CB
            X509v3 Authority Key Identifier:
                keyid:FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/FF49F7B4C4D211EEB6F1A266775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.126.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:67:4f:a1:03:9b:56:18:05:31:f5:20:3f:41:51:bd:03:e7:
         10:e6:06:2e:64:52:82:de:d7:f4:4d:c0:47:6c:cb:bc:2b:3e:
         1b:e5:dd:32:bd:2d:dc:6a:3b:23:06:e5:eb:b2:83:1f:7e:77:
         36:85:35:19:80:3f:ee:10:14:1a:25:4a:0a:9b:79:c5:ac:dd:
         67:3d:30:8a:2a:22:0c:d0:df:2e:6f:f4:c2:06:58:e7:e6:2f:
         37:b3:ba:09:33:89:c1:d6:1a:dd:b1:93:62:c4:16:b3:c7:28:
         1c:24:f9:d9:86:44:2f:41:c3:10:d7:ad:2b:64:19:01:1b:3a:
         88:0d:5e:f3:73:67:c1:9f:9a:28:6c:97:28:ec:8b:eb:a1:e9:
         32:c5:a0:e5:c4:c9:a9:00:8b:ba:c2:7b:e1:87:15:03:99:87:
         8e:60:f5:41:10:7a:da:b6:fb:94:f0:2c:87:62:39:28:69:ef:
         c0:6c:39:47:8b:ab:6f:b9:80:ff:68:67:d8:c6:db:47:fa:f1:
         88:f0:cc:e5:08:26:7a:80:4a:20:2f:ab:e0:23:b2:05:c0:47:
         a7:84:2d:5f:11:03:9c:fa:9f:dd:fa:9c:3c:e4:27:a4:13:51:
         84:64:2d:c9:b1:ed:c4:a1:a8:e9:1d:e2:f8:9a:1a:7b:b4:aa:
         98:39:0e:ea
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBMTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NUQyQ0FGMTEwLwYDVQQFEyhGREY0QkYwMDEzQjFGMUFBQ0EzOTU1MUJBNjI2Q0Ey
NDY4M0RBRTY2MB4XDTI0MDIwNjA5MzQ1N1oXDTI3MDIwNjA5MzQ1N1owGDEWMBQG
A1UEAxMNNjVjMWZkNDQtYTFlNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnUkm6GwP8nn+yivW6qUmYOsoWoY+xAV8mRfMThPbkQWG0e6AxXbnleti8O
iQ4AT4lTzLDQzzgrne7wmxsoGz7vE4iKPUd0IWsLEbYWDeZ0typarta48fQ796I0
i6E1lZXjYLPfHXeT3K/W6Fpurt2IXcy48DTkP61Jq1d7DhfmembRRONEPk1pgEKG
sMQdegN8jcNLQlxair1IYIemjGf1B6t1ZFPnQaqCS26NBSOSp25pWKBjVKtaq+oR
4n8Hhimeu/h3DaZXyHdII2MzVRYWfstpGue0T8CGaNeQ4ltlY0h11DLsZD6+EBvD
IHfJjcl04fHYJa7IIoI2xL1RETkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQRKbVb
BdHnC8De7XNjuUiXVMPHyzAfBgNVHSMEGDAWgBT99L8AE7Hxqso5VRumJsokaD2u
ZjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1NDEyRTYvX2ZTX0FC
T3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX2ZTX0FCT3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1
NDEyRTYvRkY0OUY3QjRDNEQyMTFFRUI2RjFBMjY2Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJp+tDANBgkqhkiG9w0BAQsF
AAOCAQEAx2dPoQObVhgFMfUgP0FRvQPnEOYGLmRSgt7X9E3AR2zLvCs+G+XdMr0t
3Go7Iwbl67KDH353NoU1GYA/7hAUGiVKCpt5xazdZz0wiioiDNDfLm/0wgZY5+Yv
N7O6CTOJwdYa3bGTYsQWs8coHCT52YZEL0HDENetK2QZARs6iA1e83NnwZ+aKGyX
KOyL66HpMsWg5cTJqQCLusJ74YcVA5mHjmD1QRB62rb7lPAsh2I5KGnvwGw5R4ur
b7mA/2hn2MbbR/rxiPDM5QgmeoBKIC+r4COyBcBHp4QtXxEDnPqf3fqcPOQnpBNR
hGQtybHtxKGo6R3i+Joae7SqmDkO6g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:35 2024 by rpki-client on console-ams.rpki-client.org