Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/09D8920438EB11EE9BAF6B6D4AD9E6FC.roa
File:                     09D8920438EB11EE9BAF6B6D4AD9E6FC.roa (raw, json)
Hash identifier:          0D7hXoPmHc3jjNrHd7yxYvgS4Ae9XQQkspmv20Ucu8k=
Subject key identifier:   34:5D:6C:3D:69:61:80:5F:7A:2B:CC:50:7A:16:0F:90:EC:71:A5:7B
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1135
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/09D8920438EB11EE9BAF6B6D4AD9E6FC.roa
Signing time:             Sat 12 Aug 2023 08:34:23 +0000
ROA not before:           Sat 12 Aug 2023 08:34:19 +0000
ROA not after:            Wed 14 Aug 2024 08:34:19 +0000
asID:                     14670
IP address blocks:        154.16.119.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4405 (0x1135)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 12 08:34:19 2023 GMT
            Not After : Aug 14 08:34:19 2024 GMT
        Subject: CN=64d7440f-a8ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:bd:c6:ff:c8:be:bc:36:d3:f2:72:d2:d9:bb:
                    da:7b:e3:2b:82:8c:28:97:00:e2:a5:a9:11:37:86:
                    55:da:9e:94:f5:0a:18:63:0e:a9:d5:8e:fa:a2:54:
                    3c:22:37:d4:6a:bf:17:d1:bd:13:db:a5:56:8c:22:
                    ae:6d:ff:97:ef:dd:00:5b:10:c7:04:d0:a7:63:dd:
                    ad:d9:5e:5a:51:47:ec:5c:03:3b:f0:32:e2:08:53:
                    65:74:0e:b0:e6:e6:37:6a:94:35:6d:8a:81:23:c9:
                    fe:32:46:84:18:cb:1a:4f:31:a7:75:22:67:cb:27:
                    48:a2:41:7d:bd:9a:f1:b3:2b:23:a8:e8:6c:ab:2c:
                    f3:e3:f4:b4:64:c1:c0:b7:33:93:6d:47:b8:37:b4:
                    bf:b8:d1:a2:81:f5:6b:da:32:bb:bb:b2:20:b1:d0:
                    b4:96:d5:f2:0a:2a:cb:49:39:67:4f:fe:b5:8a:9b:
                    7e:60:42:28:e6:89:12:5b:4a:9b:24:33:5b:e4:c7:
                    ab:d1:ac:a2:81:3f:09:d5:5c:f2:7f:b1:8e:fb:97:
                    77:d8:67:a5:d1:43:18:ce:29:6f:f7:3c:fe:51:be:
                    83:e5:ca:7f:5d:02:60:32:0e:1e:48:d4:cb:b4:68:
                    d4:95:39:4e:c6:89:71:6b:e1:de:a7:60:c7:85:d7:
                    24:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:5D:6C:3D:69:61:80:5F:7A:2B:CC:50:7A:16:0F:90:EC:71:A5:7B
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/09D8920438EB11EE9BAF6B6D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cf:f8:80:9d:1b:11:69:67:49:ea:ee:48:e7:b7:5d:08:ff:99:
         6d:a6:fa:62:fb:eb:75:4e:09:a2:c8:28:25:d7:18:0d:e5:d6:
         37:ea:47:b1:48:1e:21:7c:e2:e4:33:b3:96:f5:2c:22:cd:72:
         45:c8:61:f6:35:a2:a1:b8:aa:1f:c1:e3:68:91:d9:50:a0:b8:
         b7:9f:3b:ac:11:f1:6d:e7:73:7d:1f:b6:25:a2:37:6e:76:8a:
         27:6a:52:e2:6c:92:ed:57:9d:06:9c:b8:72:77:08:cf:e7:9b:
         4b:94:91:60:93:45:0a:fe:bc:1a:3c:53:65:2e:c4:7a:ef:47:
         c9:69:7d:2f:2e:4b:b0:16:fb:43:98:05:c2:82:ef:0f:6b:25:
         05:67:11:54:c5:80:8e:6b:3e:87:47:03:b8:39:9f:5f:2b:60:
         6f:37:57:ff:4d:5e:ae:b5:7f:45:c9:c3:9b:99:51:bd:dd:2a:
         d9:cf:db:9b:5c:1c:9a:51:79:c3:23:49:e7:57:a8:02:07:c5:
         e0:a7:e8:41:52:c3:37:af:30:b6:dd:bf:92:60:eb:fc:1a:25:
         0f:3f:8b:c0:f5:85:f9:9c:76:e0:62:3c:35:7d:5c:5c:d2:33:
         f4:d0:37:56:26:b5:e7:55:75:31:a1:04:32:92:a0:80:5d:3f:
         0a:12:ab:ba
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICETUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MTIwODM0MTlaFw0yNDA4MTQwODM0MTlaMBgxFjAU
BgNVBAMTDTY0ZDc0NDBmLWE4ZmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDKvcb/yL68NtPyctLZu9p74yuCjCiXAOKlqRE3hlXanpT1ChhjDqnVjvqi
VDwiN9RqvxfRvRPbpVaMIq5t/5fv3QBbEMcE0Kdj3a3ZXlpRR+xcAzvwMuIIU2V0
DrDm5jdqlDVtioEjyf4yRoQYyxpPMad1ImfLJ0iiQX29mvGzKyOo6GyrLPPj9LRk
wcC3M5NtR7g3tL+40aKB9WvaMru7siCx0LSW1fIKKstJOWdP/rWKm35gQijmiRJb
SpskM1vkx6vRrKKBPwnVXPJ/sY77l3fYZ6XRQxjOKW/3PP5RvoPlyn9dAmAyDh5I
1Mu0aNSVOU7GiXFr4d6nYMeF1yTdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNF1s
PWlhgF96K8xQehYPkOxxpXswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzA5RDg5MjA0MzhFQjExRUU5QkFGNkI2RDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHcwDQYJKoZIhvcNAQEL
BQADggEBAM/4gJ0bEWlnSeruSOe3XQj/mW2m+mL763VOCaLIKCXXGA3l1jfqR7FI
HiF84uQzs5b1LCLNckXIYfY1oqG4qh/B42iR2VCguLefO6wR8W3nc30ftiWiN252
iidqUuJsku1XnQacuHJ3CM/nm0uUkWCTRQr+vBo8U2UuxHrvR8lpfS8uS7AW+0OY
BcKC7w9rJQVnEVTFgI5rPodHA7g5n18rYG83V/9NXq61f0XJw5uZUb3dKtnP25tc
HJpRecMjSedXqAIHxeCn6EFSwzevMLbdv5Jg6/waJQ8/i8D1hfmcduBiPDV9XFzS
M/TQN1YmtedVdTGhBDKSoIBdPwoSq7o=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:02 2024 by rpki-client on console-ams.rpki-client.org