Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/012055F6D54511EEAC3E7687775412E6.roa
File:                     012055F6D54511EEAC3E7687775412E6.roa (raw, json)
Hash identifier:          +x/Uga8HlShO9wSd0gqZOs626kyxw6an6hXLzQq8VTY=
Subject key identifier:   77:B6:37:3F:1E:66:37:6E:22:07:D9:59:90:3F:D7:12:23:B8:4B:49
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       14DC
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/012055F6D54511EEAC3E7687775412E6.roa
Signing time:             Tue 27 Feb 2024 07:51:24 +0000
ROA not before:           Tue 27 Feb 2024 07:51:21 +0000
ROA not after:            Fri 27 Feb 2026 07:51:21 +0000
asID:                     201341
IP address blocks:        154.16.21.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5340 (0x14dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 07:51:21 2024 GMT
            Not After : Feb 27 07:51:21 2026 GMT
        Subject: CN=65dd947c-fae2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:1a:99:29:44:eb:ca:12:0c:e9:cd:c8:71:c3:
                    f3:32:f3:76:f0:a8:fb:b2:ee:32:5e:37:4a:71:77:
                    0e:ec:9f:6d:73:69:d9:06:db:f6:eb:3b:cc:6e:ce:
                    64:52:fe:c1:7d:97:8a:ac:80:04:4f:4a:ef:fb:6a:
                    1e:65:47:30:e5:22:25:b2:f0:32:71:c4:df:59:b2:
                    58:38:f0:7f:b4:03:93:85:f2:87:7d:ac:d5:5c:ee:
                    5d:05:44:05:e9:1c:de:49:8b:76:9d:8e:27:0e:e7:
                    1c:6c:06:99:4a:7b:db:3f:b3:30:6b:2e:9c:f1:fa:
                    9d:ac:87:80:ff:13:32:60:c9:e9:a6:17:49:c5:be:
                    75:11:91:ce:65:0a:e9:ac:de:ae:0a:11:e8:50:2c:
                    83:d3:22:58:01:ee:89:36:90:13:c9:e2:65:e1:be:
                    40:d8:04:65:73:9b:87:39:cf:d5:01:f6:ec:af:20:
                    8e:15:30:c6:1f:f0:74:fd:66:c3:ca:f1:a6:56:d5:
                    d8:f4:bc:fd:0c:6e:95:1c:1e:f2:75:bc:24:6b:5b:
                    43:b1:fd:07:0c:da:46:06:30:a6:a7:a4:79:ec:66:
                    66:94:f7:a1:b9:96:21:14:e1:4d:85:6b:cd:f8:30:
                    a8:d5:a0:21:7c:77:ea:df:c3:0f:74:55:d4:27:49:
                    6f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:B6:37:3F:1E:66:37:6E:22:07:D9:59:90:3F:D7:12:23:B8:4B:49
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/012055F6D54511EEAC3E7687775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:ad:c5:e5:63:a3:0f:bb:70:cd:40:9c:80:4a:46:c0:b6:a5:
         9d:57:03:39:1c:7c:f3:dc:a0:73:3b:bf:3d:b0:f2:bc:83:17:
         29:21:9d:ba:7c:15:69:18:e9:7e:c5:46:95:f8:27:a9:8d:65:
         dc:f3:72:b4:74:f0:70:8a:30:2d:c0:d0:ad:9c:21:15:ef:f6:
         19:0e:fb:ce:df:98:a5:78:e2:02:a1:22:82:ff:c4:b9:87:70:
         93:cb:ed:d2:4b:0b:33:0e:41:d3:fb:d7:40:45:a4:6d:b9:8c:
         22:9f:58:64:84:f6:e7:1a:93:c7:ff:64:e8:00:0b:de:43:7a:
         d3:a2:0a:b2:28:a2:67:10:20:d2:87:57:60:9e:42:9d:26:ff:
         22:3b:a7:81:e6:74:ef:6b:6b:1c:13:d9:61:c7:8c:dc:b4:f6:
         4f:d8:3e:cd:3d:54:73:75:de:50:72:95:2e:cb:2d:f8:93:02:
         77:4f:d9:f0:3b:b0:dd:05:05:41:80:7d:ac:83:99:7b:2a:59:
         89:8f:62:18:60:75:41:17:e1:54:46:89:d8:0c:28:d0:12:4f:
         3d:34:7d:9b:b9:6c:7c:6d:f7:54:ac:d4:8d:7f:5c:a8:0f:be:
         d1:a2:c4:31:52:56:2d:28:5f:5e:f2:d2:f3:c7:51:ed:71:71:
         ec:22:ba:cd
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFNwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwNzUxMjFaFw0yNjAyMjcwNzUxMjFaMBgxFjAU
BgNVBAMTDTY1ZGQ5NDdjLWZhZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGGpkpROvKEgzpzchxw/My83bwqPuy7jJeN0pxdw7sn21zadkG2/brO8xu
zmRS/sF9l4qsgARPSu/7ah5lRzDlIiWy8DJxxN9Zslg48H+0A5OF8od9rNVc7l0F
RAXpHN5Ji3adjicO5xxsBplKe9s/szBrLpzx+p2sh4D/EzJgyemmF0nFvnURkc5l
Cums3q4KEehQLIPTIlgB7ok2kBPJ4mXhvkDYBGVzm4c5z9UB9uyvII4VMMYf8HT9
ZsPK8aZW1dj0vP0MbpUcHvJ1vCRrW0Ox/QcM2kYGMKanpHnsZmaU96G5liEU4U2F
a834MKjVoCF8d+rfww90VdQnSW+nAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUd7Y3
Px5mN24iB9lZkD/XEiO4S0kwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzAxMjA1NUY2RDU0NTExRUVBQzNFNzY4Nzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBUwDQYJKoZIhvcNAQEL
BQADggEBAHCtxeVjow+7cM1AnIBKRsC2pZ1XAzkcfPPcoHM7vz2w8ryDFykhnbp8
FWkY6X7FRpX4J6mNZdzzcrR08HCKMC3A0K2cIRXv9hkO+87fmKV44gKhIoL/xLmH
cJPL7dJLCzMOQdP710BFpG25jCKfWGSE9ucak8f/ZOgAC95DetOiCrIoomcQINKH
V2CeQp0m/yI7p4HmdO9raxwT2WHHjNy09k/YPs09VHN13lBylS7LLfiTAndP2fA7
sN0FBUGAfayDmXsqWYmPYhhgdUEX4VRGidgMKNASTz00fZu5bHxt91Ss1I1/XKgP
vtGixDFSVi0oX17y0vPHUe1xcewius0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:55 2024 by rpki-client on console-fra.rpki-client.org