Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0B56D046B9D811EEA88A7F72775412E6.roa
File:                     0B56D046B9D811EEA88A7F72775412E6.roa (raw, json)
Hash identifier:          mwMAgYC6QwpfOiMa5imGKIxxyl5gkgmnd0ZqnaTh+Qo=
Subject key identifier:   CA:69:F8:E9:0B:A1:E8:C5:84:50:50:1F:D8:AA:75:95:C6:71:1B:5B
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1475
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0B56D046B9D811EEA88A7F72775412E6.roa
Signing time:             Tue 23 Jan 2024 10:13:25 +0000
ROA not before:           Tue 23 Jan 2024 10:13:22 +0000
ROA not after:            Sat 24 Jan 2026 10:13:22 +0000
asID:                     61112
IP address blocks:        154.16.10.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5237 (0x1475)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jan 23 10:13:22 2024 GMT
            Not After : Jan 24 10:13:22 2026 GMT
        Subject: CN=65af9145-32d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3d:ec:07:e9:8f:49:e5:e5:f8:1d:60:0e:bb:
                    dc:68:03:b4:fd:f9:fb:69:7e:d7:8e:f8:e4:b7:09:
                    89:2a:5c:36:a6:a0:dc:6f:cc:7b:b4:0c:ad:03:f0:
                    bb:a2:9a:28:18:e2:85:40:1c:5a:49:62:18:a4:e4:
                    81:b8:4a:b3:f3:cc:72:44:76:95:b4:35:eb:6b:9a:
                    7f:3f:06:b8:f4:c2:b3:16:95:69:c1:e8:48:07:06:
                    6e:6e:7a:d6:bb:ce:2b:d7:a1:c6:8c:a3:b3:c4:05:
                    cf:c8:5a:90:0c:9f:59:b6:4c:1f:ae:cc:f9:fa:ff:
                    2c:eb:3e:cc:a4:a8:c1:a0:66:b3:8a:33:44:3d:ea:
                    97:c4:52:29:63:f3:a3:72:f7:ec:e3:93:f8:77:7d:
                    f4:83:43:58:d6:0d:85:43:d5:1b:06:57:3b:35:71:
                    54:73:64:df:80:29:0b:57:a9:4a:bd:57:00:06:8b:
                    dd:2d:9d:06:f0:b3:e2:5c:8d:44:d3:85:3f:5f:66:
                    87:ae:6b:b4:d1:d0:fc:19:6a:ff:61:b0:cf:50:8a:
                    82:a4:cb:d0:23:aa:49:1d:cb:ba:1b:04:f8:2d:82:
                    a2:8f:b9:36:2a:96:4d:30:c9:75:5f:8c:b1:c0:f4:
                    c1:a7:05:2a:60:07:e5:2d:4a:90:2b:88:13:ff:f7:
                    3f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:69:F8:E9:0B:A1:E8:C5:84:50:50:1F:D8:AA:75:95:C6:71:1B:5B
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0B56D046B9D811EEA88A7F72775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:d7:c0:6c:4f:ed:5b:8a:ee:cf:15:92:b1:68:0a:82:0a:da:
         46:f1:aa:c8:e4:8b:2a:de:8f:55:02:42:eb:70:a4:8b:1c:25:
         d0:ba:35:d6:11:c6:77:f7:53:7a:6b:30:ee:bc:de:89:7c:92:
         12:ec:45:dc:25:b1:4f:16:d9:a5:87:ee:cc:9b:9d:95:f9:ab:
         b6:14:3b:a8:7d:f2:09:be:50:78:84:d2:74:49:e2:ee:79:38:
         a6:ba:4c:3e:79:2c:d1:9e:d1:95:48:72:39:55:f7:2b:3d:f5:
         f7:2b:f4:f8:d3:d6:94:39:92:2b:c7:8c:d9:ba:6b:be:03:16:
         2e:46:e6:05:9b:a6:e8:8b:f3:50:7f:02:10:4e:e9:6e:47:a5:
         dd:90:b7:7e:2b:99:ae:8e:e5:0b:e2:ff:d3:49:1f:97:0c:c4:
         7c:ab:a8:77:44:29:47:cf:b5:f3:0e:ac:76:2a:c6:7d:47:d3:
         8d:90:44:fd:b8:1e:f0:ea:e3:06:6a:57:fa:bb:59:27:45:97:
         0d:40:71:ea:26:1f:64:e4:0c:8c:0f:58:08:00:20:3f:94:a0:
         78:e9:c1:ab:65:1e:d4:22:af:aa:9f:bd:87:77:c6:bb:5f:8e:
         41:ce:a3:ed:3c:7b:18:9f:64:d1:e6:b0:b0:df:fe:60:8b:a6:
         25:88:1a:04
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFHUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAxMjMxMDEzMjJaFw0yNjAxMjQxMDEzMjJaMBgxFjAU
BgNVBAMTDTY1YWY5MTQ1LTMyZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9PewH6Y9J5eX4HWAOu9xoA7T9+ftpfteO+OS3CYkqXDamoNxvzHu0DK0D
8LuimigY4oVAHFpJYhik5IG4SrPzzHJEdpW0Netrmn8/Brj0wrMWlWnB6EgHBm5u
eta7zivXocaMo7PEBc/IWpAMn1m2TB+uzPn6/yzrPsykqMGgZrOKM0Q96pfEUilj
86Ny9+zjk/h3ffSDQ1jWDYVD1RsGVzs1cVRzZN+AKQtXqUq9VwAGi90tnQbws+Jc
jUTThT9fZoeua7TR0PwZav9hsM9QioKky9Ajqkkdy7obBPgtgqKPuTYqlk0wyXVf
jLHA9MGnBSpgB+UtSpAriBP/9z9HAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUymn4
6Quh6MWEUFAf2Kp1lcZxG1swHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzBCNTZEMDQ2QjlEODExRUVBODhBN0Y3Mjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAowDQYJKoZIhvcNAQEL
BQADggEBAFbXwGxP7VuK7s8VkrFoCoIK2kbxqsjkiyrej1UCQutwpIscJdC6NdYR
xnf3U3prMO683ol8khLsRdwlsU8W2aWH7sybnZX5q7YUO6h98gm+UHiE0nRJ4u55
OKa6TD55LNGe0ZVIcjlV9ys99fcr9PjT1pQ5kivHjNm6a74DFi5G5gWbpuiL81B/
AhBO6W5Hpd2Qt34rma6O5Qvi/9NJH5cMxHyrqHdEKUfPtfMOrHYqxn1H042QRP24
HvDq4wZqV/q7WSdFlw1AceomH2TkDIwPWAgAID+UoHjpwatlHtQir6qfvYd3xrtf
jkHOo+08exifZNHmsLDf/mCLpiWIGgQ=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:03 2024 by rpki-client on console-fra.rpki-client.org