Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0D51340C04C711EE9106B9134AD9E6FC.roa
File:                     0D51340C04C711EE9106B9134AD9E6FC.roa (raw, json)
Hash identifier:          RzN2mRn5Qd+sHwB0qPCP+fV7cFsTiFNd13gS817eAs4=
Subject key identifier:   5F:C6:CA:85:51:02:39:37:87:1D:47:0C:F6:86:97:16:2A:E2:A3:00
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0EE5
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0D51340C04C711EE9106B9134AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 00:05:46 +0000
ROA not before:           Wed 07 Jun 2023 00:00:43 +0000
ROA not after:            Sat 07 Jun 2025 00:00:43 +0000
asID:                     61317
IP address blocks:        154.16.155.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3813 (0xee5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun  7 00:00:43 2023 GMT
            Not After : Jun  7 00:00:43 2025 GMT
        Subject: CN=647fc9da-8ecf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9e:44:60:01:a8:4c:20:97:1c:45:c0:35:d5:
                    8b:a9:5c:f6:72:a1:e3:93:9b:7c:13:b1:fe:93:ca:
                    e0:50:46:53:b0:27:8d:50:c0:68:da:14:4b:a0:c7:
                    b5:a3:76:44:a6:95:6c:b8:56:fe:21:f3:cc:a1:15:
                    63:18:6f:25:bb:5c:91:6b:c3:9b:1d:dd:d6:0d:cf:
                    30:3a:e5:6c:69:47:e8:19:6e:b2:ce:59:5b:d8:65:
                    5e:0b:2c:63:03:d2:2b:5b:5e:9a:ff:fd:b8:f2:f8:
                    5f:33:88:80:ae:9a:5f:32:53:b4:1f:6e:8b:fa:2e:
                    ab:d0:a5:70:80:92:b3:e0:f1:37:aa:16:e2:e1:83:
                    46:b0:5c:23:f5:f2:f5:2d:0b:c6:1c:86:4a:3b:17:
                    ee:0b:e9:65:62:97:e3:b4:8f:e3:c3:06:a7:ab:a8:
                    e4:74:06:ba:76:85:a9:05:cf:25:83:f6:7c:c9:8c:
                    3c:b1:a4:30:61:b7:0a:cd:74:7f:05:7b:c5:a9:00:
                    58:32:52:df:e0:d3:2d:83:bc:13:3b:3e:6b:49:70:
                    b6:9a:88:11:46:47:37:29:7c:be:18:93:6e:ee:09:
                    91:72:8b:85:7b:fd:3e:ca:c4:f5:ba:e6:e2:25:5b:
                    19:00:8f:8a:c0:a8:7f:3e:0c:78:cc:64:77:40:f7:
                    a5:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:C6:CA:85:51:02:39:37:87:1D:47:0C:F6:86:97:16:2A:E2:A3:00
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0D51340C04C711EE9106B9134AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:bc:66:e1:15:da:3c:1a:31:98:a8:a1:a7:44:86:32:95:9f:
         f1:49:02:40:fb:93:78:07:dc:81:f0:ee:c8:82:54:c8:3b:74:
         0d:53:eb:03:7e:5b:2b:c6:64:03:3e:e1:0b:dc:db:3a:f1:1d:
         7c:02:ee:34:39:d3:70:02:15:c9:8c:ed:57:68:f1:bf:df:eb:
         2d:54:22:d9:a5:af:4e:83:5e:a2:a3:e7:3c:b0:39:1c:11:6b:
         cd:29:b4:4b:78:32:91:5c:b0:37:47:30:09:56:8a:4c:8e:45:
         21:52:7f:7c:db:d1:a1:7c:5c:02:1d:09:8b:3e:83:58:97:10:
         ea:b7:7d:91:65:b7:e8:4a:a6:10:25:1d:cf:a7:a9:a0:eb:dc:
         cd:10:ff:b7:2e:0b:81:55:a2:77:83:8e:6a:7e:00:f6:d5:75:
         c0:6f:08:1d:a4:ea:e5:9f:ee:93:80:1b:de:bb:5c:02:9c:30:
         7d:d9:78:03:77:fd:e2:d1:d0:b4:e5:8d:b1:12:0e:bb:60:7b:
         95:2a:9c:31:6c:a1:2c:9e:a9:0c:91:c8:76:45:1e:6e:3f:03:
         18:68:04:ea:a6:f1:8d:db:be:cd:04:73:c9:8e:30:52:07:5c:
         f1:1a:ee:28:cd:2b:a5:90:79:c0:4e:eb:44:cf:ef:eb:98:fd:
         f5:ed:71:b8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDuUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MDcwMDAwNDNaFw0yNTA2MDcwMDAwNDNaMBgxFjAU
BgNVBAMTDTY0N2ZjOWRhLThlY2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5nkRgAahMIJccRcA11YupXPZyoeOTm3wTsf6TyuBQRlOwJ41QwGjaFEug
x7WjdkSmlWy4Vv4h88yhFWMYbyW7XJFrw5sd3dYNzzA65WxpR+gZbrLOWVvYZV4L
LGMD0itbXpr//bjy+F8ziICuml8yU7Qfbov6LqvQpXCAkrPg8TeqFuLhg0awXCP1
8vUtC8Ychko7F+4L6WVil+O0j+PDBqerqOR0Brp2hakFzyWD9nzJjDyxpDBhtwrN
dH8Fe8WpAFgyUt/g0y2DvBM7PmtJcLaaiBFGRzcpfL4Yk27uCZFyi4V7/T7KxPW6
5uIlWxkAj4rAqH8+DHjMZHdA96UPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUX8bK
hVECOTeHHUcM9oaXFiriowAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzBENTEzNDBDMDRDNzExRUU5MTA2QjkxMzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJswDQYJKoZIhvcNAQEL
BQADggEBAIW8ZuEV2jwaMZiooadEhjKVn/FJAkD7k3gH3IHw7siCVMg7dA1T6wN+
WyvGZAM+4Qvc2zrxHXwC7jQ503ACFcmM7Vdo8b/f6y1UItmlr06DXqKj5zywORwR
a80ptEt4MpFcsDdHMAlWikyORSFSf3zb0aF8XAIdCYs+g1iXEOq3fZFlt+hKphAl
Hc+nqaDr3M0Q/7cuC4FVoneDjmp+APbVdcBvCB2k6uWf7pOAG967XAKcMH3ZeAN3
/eLR0LTljbESDrtge5UqnDFsoSyeqQyRyHZFHm4/AxhoBOqm8Y3bvs0Ec8mOMFIH
XPEa7ijNK6WQecBO60TP7+uY/fXtcbg=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:32:53 2024 by rpki-client on console-fra.rpki-client.org