Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/087D4806D54811EE8FC74D8C775412E6.roa
File:                     087D4806D54811EE8FC74D8C775412E6.roa (raw, json)
Hash identifier:          goMuU6NgHuWnSeMVKZquXcVT6MZO2xu/rsxS0uQ2AmY=
Subject key identifier:   62:27:05:65:D9:49:9C:3F:48:F8:E6:D1:CA:00:B0:E6:94:1F:B1:F9
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       14E8
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/087D4806D54811EE8FC74D8C775412E6.roa
Signing time:             Tue 27 Feb 2024 08:13:05 +0000
ROA not before:           Tue 27 Feb 2024 08:13:02 +0000
ROA not after:            Fri 27 Feb 2026 08:13:02 +0000
asID:                     201341
IP address blocks:        154.16.39.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5352 (0x14e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 08:13:02 2024 GMT
            Not After : Feb 27 08:13:02 2026 GMT
        Subject: CN=65dd9991-b0f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ae:c6:a4:92:60:ae:e5:e8:96:e0:de:94:0f:
                    6f:d3:42:a3:fe:5e:29:65:b0:45:a0:1e:73:1a:4f:
                    f1:57:97:24:d1:c6:94:43:78:9e:86:5c:8f:0c:2d:
                    58:ac:06:7c:9e:e5:9d:76:4b:8a:c6:89:d4:49:52:
                    a6:60:64:7b:d0:f9:6a:22:a9:c1:30:37:41:1e:df:
                    34:46:ea:47:69:07:ac:7b:ae:0f:20:11:a4:71:f4:
                    cf:3b:c9:4a:09:21:34:d8:d1:22:eb:c4:99:be:a7:
                    ac:aa:72:e6:06:77:e0:c2:47:dc:dc:66:19:cb:06:
                    6a:f2:02:cf:01:af:59:85:dc:17:e3:e1:26:32:c8:
                    20:49:6f:fc:83:f6:a0:70:99:35:32:a3:15:74:70:
                    6e:1f:f1:d1:38:5c:25:5b:7f:4c:88:4e:55:d1:1f:
                    46:be:28:0d:68:a0:04:95:15:94:f1:b7:01:eb:94:
                    00:86:0a:ba:65:e8:65:1a:6d:27:8f:a1:51:ca:6a:
                    bd:35:cf:f9:17:31:71:32:5a:87:f4:12:1b:3f:4f:
                    16:e2:bf:e5:1c:d3:cd:e0:41:dc:d7:af:16:94:0e:
                    63:fa:48:53:68:10:75:6e:75:83:b6:d3:78:d9:8e:
                    19:87:09:29:c9:22:3c:13:25:28:49:05:28:24:b1:
                    bd:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:27:05:65:D9:49:9C:3F:48:F8:E6:D1:CA:00:B0:E6:94:1F:B1:F9
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/087D4806D54811EE8FC74D8C775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:6f:c0:d0:62:d0:76:b1:30:8e:1b:b7:c4:de:22:5c:f1:ca:
         dc:38:cb:19:c0:fc:f8:18:9b:38:30:cd:af:a2:fa:88:ac:75:
         07:b8:5b:0f:46:42:55:df:0e:ab:dd:31:73:2c:60:fa:33:4e:
         07:13:32:a0:5e:c2:9e:61:6a:6b:bf:0b:38:4b:ff:f6:e5:f4:
         f6:bf:f9:a7:84:c3:61:8c:a9:44:91:66:6f:80:57:94:a9:b4:
         a9:82:48:c2:5f:a1:19:a7:d9:46:a7:d2:06:ba:32:c7:df:5b:
         d3:ce:ad:b9:4c:08:8e:70:7a:8c:45:03:9b:bc:ce:3f:24:e7:
         d0:78:11:4b:a2:18:18:16:45:68:ec:0c:b4:48:23:e9:30:6d:
         34:c0:5e:65:c0:05:64:8b:a0:a0:f4:49:da:0a:43:fe:24:64:
         30:6f:24:77:72:e1:ce:ff:a9:13:77:84:f7:e1:79:4e:12:64:
         b3:81:7a:35:55:d8:e0:52:49:bf:20:e6:7c:a6:cf:dd:07:2b:
         43:e7:5c:b2:c2:5d:dd:c4:41:6a:e9:e9:5b:b9:77:78:b5:d0:
         d9:1a:27:67:8d:12:37:fa:5e:30:66:bf:2b:41:f6:9e:cc:1e:
         7f:d9:6f:1e:de:d7:4c:33:98:37:17:c4:06:55:2a:53:e0:1a:
         d5:7a:12:29
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFOgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwODEzMDJaFw0yNjAyMjcwODEzMDJaMBgxFjAU
BgNVBAMTDTY1ZGQ5OTkxLWIwZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDYrsakkmCu5eiW4N6UD2/TQqP+XillsEWgHnMaT/FXlyTRxpRDeJ6GXI8M
LVisBnye5Z12S4rGidRJUqZgZHvQ+WoiqcEwN0Ee3zRG6kdpB6x7rg8gEaRx9M87
yUoJITTY0SLrxJm+p6yqcuYGd+DCR9zcZhnLBmryAs8Br1mF3Bfj4SYyyCBJb/yD
9qBwmTUyoxV0cG4f8dE4XCVbf0yITlXRH0a+KA1ooASVFZTxtwHrlACGCrpl6GUa
bSePoVHKar01z/kXMXEyWof0Ehs/Txbiv+Uc083gQdzXrxaUDmP6SFNoEHVudYO2
03jZjhmHCSnJIjwTJShJBSgksb3RAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYicF
ZdlJnD9I+ObRygCw5pQfsfkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzA4N0Q0ODA2RDU0ODExRUU4RkM3NEQ4Qzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECcwDQYJKoZIhvcNAQEL
BQADggEBALZvwNBi0HaxMI4bt8TeIlzxytw4yxnA/PgYmzgwza+i+oisdQe4Ww9G
QlXfDqvdMXMsYPozTgcTMqBewp5hamu/CzhL//bl9Pa/+aeEw2GMqUSRZm+AV5Sp
tKmCSMJfoRmn2Uan0ga6MsffW9POrblMCI5weoxFA5u8zj8k59B4EUuiGBgWRWjs
DLRII+kwbTTAXmXABWSLoKD0SdoKQ/4kZDBvJHdy4c7/qRN3hPfheU4SZLOBejVV
2OBSSb8g5nymz90HK0PnXLLCXd3EQWrp6Vu5d3i10NkaJ2eNEjf6XjBmvytB9p7M
Hn/Zbx7e10wzmDcXxAZVKlPgGtV6Eik=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:43 2024 by rpki-client on console-fra.rpki-client.org