Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/13DE21DAB8FB11ED8E69E37EF1222468.roa
File:                     13DE21DAB8FB11ED8E69E37EF1222468.roa (raw, json)
Hash identifier:          M57k/z8+BFQs+AizXNWUQAGk4TRuk7ehcj4WMItDuO4=
Subject key identifier:   B3:38:6F:E6:BA:9F:25:E7:7D:91:04:81:6F:FA:A8:00:A5:3F:8B:21
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0CD5
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/13DE21DAB8FB11ED8E69E37EF1222468.roa
Signing time:             Thu 02 Mar 2023 13:06:43 +0000
ROA not before:           Thu 02 Mar 2023 13:06:39 +0000
ROA not after:            Sat 01 Mar 2025 13:06:39 +0000
asID:                     61317
IP address blocks:        154.127.51.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3285 (0xcd5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar  2 13:06:39 2023 GMT
            Not After : Mar  1 13:06:39 2025 GMT
        Subject: CN=64009f63-a2a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:64:69:1f:1a:69:f0:92:d8:f1:d0:7f:dd:6a:
                    71:12:f7:04:5c:79:0c:08:25:27:57:8a:1c:c2:95:
                    d0:dd:28:0b:87:50:ca:2d:8c:19:38:40:4a:52:9e:
                    c0:cb:2a:d6:98:4d:ac:7a:30:ac:4f:a5:00:f2:24:
                    72:00:42:be:c1:f7:33:86:2f:e8:69:6d:b2:d0:f1:
                    6f:53:f2:59:df:64:14:f8:c5:29:f3:45:ff:6e:e7:
                    38:1d:a0:b6:e1:23:ad:ad:42:c1:4a:1d:aa:61:7c:
                    b2:4b:ae:f3:13:c3:41:86:93:74:d7:36:36:ea:db:
                    39:0f:09:75:58:94:a1:c3:ea:26:cc:3e:7a:02:07:
                    c5:2b:46:7d:75:a8:c0:3f:11:0b:50:7a:49:5a:35:
                    14:41:d5:98:34:78:7a:77:99:1a:ec:62:8b:7a:23:
                    f5:50:28:f5:79:c4:a0:22:c8:27:a0:57:c1:80:a1:
                    54:67:84:a4:35:64:3a:c0:8c:6d:76:5a:86:ef:87:
                    83:d4:96:95:6a:75:d5:74:1c:48:d6:2f:4f:12:db:
                    7d:42:0e:30:f8:91:67:e4:94:7e:ff:07:bf:a4:1d:
                    c0:5b:12:45:c8:47:e3:d7:6f:38:ff:50:c8:bc:77:
                    6a:87:6a:e5:ac:39:2b:02:b6:f7:23:bf:05:5c:a7:
                    31:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:38:6F:E6:BA:9F:25:E7:7D:91:04:81:6F:FA:A8:00:A5:3F:8B:21
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/13DE21DAB8FB11ED8E69E37EF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.127.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:8b:8f:48:34:9e:e8:95:39:fd:b9:59:06:cd:94:2b:b4:31:
         dc:65:0d:c1:f6:bf:3d:64:14:c2:92:c2:af:a7:92:04:a4:98:
         eb:74:a4:99:1e:a3:6f:39:62:c0:c0:f7:68:68:4c:a7:c6:d4:
         37:04:77:5a:f2:42:fc:05:09:a5:9d:fe:fd:26:04:cf:cd:83:
         ee:68:a5:f3:a2:0d:0a:c6:02:d0:1b:71:c8:ca:8e:b0:d6:85:
         fb:74:80:0d:e0:b1:c2:ef:7d:7f:01:43:a6:08:0f:00:1e:db:
         58:a3:9e:37:d6:5d:6c:2b:c0:c4:7b:bc:19:eb:f9:0d:a4:d2:
         c0:f8:cb:ce:db:7c:83:01:fa:bd:14:40:46:de:02:d9:3f:34:
         89:08:0b:cb:c8:e4:6b:26:74:34:a9:76:15:4e:53:37:a3:4c:
         e6:3c:00:49:89:80:7c:94:41:36:17:88:a3:a9:6a:86:53:d0:
         36:6d:9d:13:f3:a7:f3:c5:fc:2b:e5:55:16:cd:0f:9c:84:20:
         2f:45:74:ed:04:5e:d5:f1:c9:f2:3b:ba:65:c5:16:f0:3f:09:
         b0:ec:b2:22:76:a7:cf:1f:83:73:af:ff:92:dd:72:97:79:0e:
         13:5e:75:1e:89:0a:5d:ac:8e:5f:33:09:e1:0c:b7:3e:d8:12:
         7d:a8:b6:e5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDNUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAzMDIxMzA2MzlaFw0yNTAzMDExMzA2MzlaMBgxFjAU
BgNVBAMMDTY0MDA5ZjYzLWEyYTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDYZGkfGmnwktjx0H/danES9wRceQwIJSdXihzCldDdKAuHUMotjBk4QEpS
nsDLKtaYTax6MKxPpQDyJHIAQr7B9zOGL+hpbbLQ8W9T8lnfZBT4xSnzRf9u5zgd
oLbhI62tQsFKHaphfLJLrvMTw0GGk3TXNjbq2zkPCXVYlKHD6ibMPnoCB8UrRn11
qMA/EQtQeklaNRRB1Zg0eHp3mRrsYot6I/VQKPV5xKAiyCegV8GAoVRnhKQ1ZDrA
jG12Wobvh4PUlpVqddV0HEjWL08S231CDjD4kWfklH7/B7+kHcBbEkXIR+PXbzj/
UMi8d2qHauWsOSsCtvcjvwVcpzHxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUszhv
5rqfJed9kQSBb/qoAKU/iyEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzEzREUyMURBQjhGQjExRUQ4RTY5RTM3RUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACafzMwDQYJKoZIhvcNAQEL
BQADggEBAKuLj0g0nuiVOf25WQbNlCu0MdxlDcH2vz1kFMKSwq+nkgSkmOt0pJke
o285YsDA92hoTKfG1DcEd1ryQvwFCaWd/v0mBM/Ng+5opfOiDQrGAtAbccjKjrDW
hft0gA3gscLvfX8BQ6YIDwAe21ijnjfWXWwrwMR7vBnr+Q2k0sD4y87bfIMB+r0U
QEbeAtk/NIkIC8vI5GsmdDSpdhVOUzejTOY8AEmJgHyUQTYXiKOpaoZT0DZtnRPz
p/PF/CvlVRbND5yEIC9FdO0EXtXxyfI7umXFFvA/CbDssiJ2p88fg3Ov/5Ldcpd5
DhNedR6JCl2sjl8zCeEMtz7YEn2otuU=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:49 2024 by rpki-client on console-ams.rpki-client.org