Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/100F0ABA8B8711EEACCC001D4AD9E6FC.roa
File:                     100F0ABA8B8711EEACCC001D4AD9E6FC.roa (raw, json)
Hash identifier:          w8oUGwA3/BKfjHyNuuOMPVcpOZPkIBg/y8hgCJbu5y0=
Subject key identifier:   F5:BD:5B:AA:3D:77:09:C6:68:B0:21:0D:05:7B:56:88:02:4F:5A:81
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1373
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/100F0ABA8B8711EEACCC001D4AD9E6FC.roa
Signing time:             Sat 25 Nov 2023 11:37:50 +0000
ROA not before:           Sat 25 Nov 2023 11:37:47 +0000
ROA not after:            Tue 25 Nov 2025 11:37:47 +0000
asID:                     212238
IP address blocks:        154.16.89.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4979 (0x1373)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 25 11:37:47 2023 GMT
            Not After : Nov 25 11:37:47 2025 GMT
        Subject: CN=6561dc8e-0070
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b9:db:c2:64:23:31:dd:99:2d:e9:66:aa:a3:
                    53:5d:4d:c6:4d:04:a7:3b:0c:ee:b6:b9:4e:94:f1:
                    26:1b:d6:79:a4:29:3b:61:c6:bd:3a:ba:c6:3f:a5:
                    74:ee:e2:25:ec:cb:5b:05:06:4e:81:0d:8a:b4:83:
                    77:6e:c0:82:d1:bd:83:d0:42:4c:1c:e0:93:18:b9:
                    da:f1:18:f1:66:6d:ee:56:76:ee:28:72:cd:90:7a:
                    b4:a7:22:60:dd:45:4b:1d:0b:08:14:bd:3c:fe:f0:
                    1d:10:be:99:0c:db:39:b9:a1:84:34:1e:c3:63:fe:
                    02:0e:45:6d:a0:81:56:6a:1a:06:44:de:a8:4d:d4:
                    b8:27:fb:dd:b1:6d:56:33:b3:33:44:63:4c:71:70:
                    0f:c4:36:98:75:bf:7e:4b:ad:29:3b:17:e0:98:78:
                    91:4b:a8:f7:8c:9e:b3:47:2f:9d:8a:24:a9:a8:7f:
                    e7:47:4c:28:07:3c:c5:e1:11:1b:d6:55:2a:b1:d6:
                    89:88:af:1d:5a:c1:c0:8c:1f:01:45:d4:b8:58:73:
                    46:97:a4:da:03:8a:18:dc:df:a4:1b:2a:09:49:26:
                    72:98:10:83:12:64:7b:7a:9a:bf:ad:72:9b:0f:e7:
                    b8:4c:f3:b6:8a:7a:bb:ad:9b:6a:8f:ac:96:d0:dd:
                    1c:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:BD:5B:AA:3D:77:09:C6:68:B0:21:0D:05:7B:56:88:02:4F:5A:81
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/100F0ABA8B8711EEACCC001D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:c2:7b:d5:f0:69:72:fd:5f:70:b6:6f:29:e5:0c:d9:ad:06:
         be:76:bf:eb:f2:40:de:55:4d:c9:1f:af:0d:03:b7:8d:7e:cb:
         68:db:96:d8:3b:00:90:92:fa:cf:55:4c:ec:15:43:c2:9d:b0:
         51:e2:12:ca:7c:87:55:45:6b:fb:e2:2c:cf:56:24:c6:15:cd:
         2b:0b:d8:50:91:23:ef:79:97:86:9d:55:93:48:d2:66:88:6d:
         08:8f:38:7c:90:22:58:6d:20:80:25:b9:61:9f:0f:ea:6c:18:
         bb:22:0a:46:9e:53:79:28:35:f5:3c:e5:6b:89:fd:ab:fc:6b:
         33:e1:60:a5:53:8c:c7:49:22:12:1b:ef:a7:64:8f:38:e9:a6:
         b6:ab:dc:55:2a:d9:71:b6:8a:94:47:95:2d:6b:7c:d3:7a:2e:
         63:df:fb:b9:7c:1c:f3:82:c2:e6:75:35:57:aa:96:4c:fd:cf:
         f3:12:97:bf:ab:b2:3f:97:47:bf:14:bd:f9:d6:d6:dd:3e:75:
         ec:dc:87:92:89:e0:12:cd:83:a6:0c:cf:78:08:97:ae:9f:d8:
         b1:33:87:04:08:56:a0:19:3a:e8:2f:c6:5a:bb:00:e3:47:d7:
         9e:ea:43:be:b1:29:a3:e3:6b:d3:77:25:99:01:ca:33:f6:17:
         55:5d:66:68
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE3MwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTM3NDdaFw0yNTExMjUxMTM3NDdaMBgxFjAU
BgNVBAMTDTY1NjFkYzhlLTAwNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5udvCZCMx3Zkt6Waqo1NdTcZNBKc7DO62uU6U8SYb1nmkKTthxr06usY/
pXTu4iXsy1sFBk6BDYq0g3duwILRvYPQQkwc4JMYudrxGPFmbe5Wdu4ocs2QerSn
ImDdRUsdCwgUvTz+8B0QvpkM2zm5oYQ0HsNj/gIORW2ggVZqGgZE3qhN1Lgn+92x
bVYzszNEY0xxcA/ENph1v35LrSk7F+CYeJFLqPeMnrNHL52KJKmof+dHTCgHPMXh
ERvWVSqx1omIrx1awcCMHwFF1LhYc0aXpNoDihjc36QbKglJJnKYEIMSZHt6mr+t
cpsP57hM87aKerutm2qPrJbQ3RwHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9b1b
qj13CcZosCENBXtWiAJPWoEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzEwMEYwQUJBOEI4NzExRUVBQ0NDMDAxRDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFkwDQYJKoZIhvcNAQEL
BQADggEBAFvCe9XwaXL9X3C2bynlDNmtBr52v+vyQN5VTckfrw0Dt41+y2jbltg7
AJCS+s9VTOwVQ8KdsFHiEsp8h1VFa/viLM9WJMYVzSsL2FCRI+95l4adVZNI0maI
bQiPOHyQIlhtIIAluWGfD+psGLsiCkaeU3koNfU85WuJ/av8azPhYKVTjMdJIhIb
76dkjzjpprar3FUq2XG2ipRHlS1rfNN6LmPf+7l8HPOCwuZ1NVeqlkz9z/MSl7+r
sj+XR78UvfnW1t0+dezch5KJ4BLNg6YMz3gIl66f2LEzhwQIVqAZOugvxlq7AONH
157qQ76xKaPja9N3JZkByjP2F1VdZmg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:55 2024 by rpki-client on console-fra.rpki-client.org