Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/15B386C4B6F911EEB83AA5B6775412E6.roa
File:                     15B386C4B6F911EEB83AA5B6775412E6.roa (raw, json)
Hash identifier:          RcqcDqck2TMwicOD478Ibc4lD5W64W/QkSZoms4cs6I=
Subject key identifier:   B2:79:D8:93:B2:91:E8:EA:54:A5:67:3C:BA:A0:34:B8:E1:3B:61:63
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       146B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/15B386C4B6F911EEB83AA5B6775412E6.roa
Signing time:             Fri 19 Jan 2024 18:32:22 +0000
ROA not before:           Fri 19 Jan 2024 18:32:19 +0000
ROA not after:            Tue 20 Jan 2026 18:32:19 +0000
asID:                     61112
IP address blocks:        154.16.55.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5227 (0x146b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jan 19 18:32:19 2024 GMT
            Not After : Jan 20 18:32:19 2026 GMT
        Subject: CN=65aac036-c57f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:1b:57:29:d3:ef:ba:fc:2e:92:f9:da:ef:68:
                    3c:42:74:5f:5c:46:38:39:25:f1:9f:02:2d:0b:58:
                    da:65:f3:5a:6c:9a:5d:c1:66:ff:ff:76:1b:1c:a2:
                    c0:91:1e:f4:ec:9d:e4:bd:58:5c:c0:25:c0:2d:39:
                    74:c4:2a:0e:36:c6:d9:5a:a0:23:ec:87:5c:6e:ae:
                    71:a3:49:e2:b0:07:18:64:48:8f:2c:a4:de:37:d6:
                    9f:d6:86:81:02:5e:aa:95:74:27:45:4b:aa:5a:2f:
                    9b:95:a9:27:eb:4b:67:f3:2a:e2:08:f8:c8:8b:95:
                    4e:4c:53:c9:69:06:c6:f8:a5:39:95:df:6b:8d:a1:
                    52:55:66:c3:99:04:73:c5:3e:af:2f:29:6b:fa:29:
                    f4:0f:97:b7:e6:cf:16:31:bc:c5:00:fc:07:6a:03:
                    65:93:01:83:ad:58:bb:8c:03:e1:88:99:42:61:e5:
                    86:09:ec:08:7d:97:c0:78:3b:51:cc:f9:c4:88:d9:
                    28:07:97:28:51:e8:ff:4d:45:4b:1d:24:b0:17:c9:
                    4f:b3:22:d6:31:2e:20:7f:94:4a:cb:74:c8:d6:29:
                    88:d9:cc:23:b3:63:60:b0:c4:ee:df:28:b2:96:c9:
                    b0:95:a0:b3:f2:65:a7:d0:f3:29:64:54:a7:dd:1e:
                    d2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:79:D8:93:B2:91:E8:EA:54:A5:67:3C:BA:A0:34:B8:E1:3B:61:63
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/15B386C4B6F911EEB83AA5B6775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:1b:e3:0b:e7:e9:11:56:b3:df:27:94:82:09:71:8e:f8:e3:
         2f:12:a6:ad:f9:0f:b0:1a:da:f6:f4:63:39:49:ce:ec:ae:1b:
         76:16:2c:91:bf:28:cd:93:51:34:6e:bf:5b:c6:00:a2:82:24:
         be:0f:e6:2d:31:6f:5e:fd:98:8a:5e:48:ee:f2:cf:c0:4e:8c:
         93:9c:ab:12:e0:42:96:ff:13:bb:1f:62:f1:64:b6:66:5b:9c:
         5a:b5:22:cb:d3:92:e6:ed:80:5a:73:25:6d:16:ce:93:8f:5b:
         5a:55:3d:12:95:e8:cb:26:c4:3a:0d:76:89:c2:e8:b8:46:f1:
         ae:21:f7:c4:df:c7:f9:e9:d3:d3:1c:2a:c7:9e:8a:3c:3a:d3:
         1d:d1:2c:d2:cd:da:15:ee:74:86:7b:17:6a:c2:41:de:58:de:
         93:2e:90:79:ae:d9:dc:3e:7b:d4:ea:28:bf:26:83:8d:58:a2:
         60:c8:5e:e1:12:70:a9:0e:0c:54:fd:f0:38:27:1d:f9:81:dc:
         21:9e:25:33:43:3e:15:42:0a:9e:85:e9:02:55:4e:e8:c7:9b:
         fc:bf:fd:7e:93:bd:6e:2c:77:70:62:ca:e6:13:77:4f:36:54:
         79:f4:7a:dc:fc:56:f4:23:85:c2:f8:ae:32:7f:c7:51:f1:e8:
         06:10:95:3f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFGswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAxMTkxODMyMTlaFw0yNjAxMjAxODMyMTlaMBgxFjAU
BgNVBAMTDTY1YWFjMDM2LWM1N2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+G1cp0++6/C6S+drvaDxCdF9cRjg5JfGfAi0LWNpl81psml3BZv//dhsc
osCRHvTsneS9WFzAJcAtOXTEKg42xtlaoCPsh1xurnGjSeKwBxhkSI8spN431p/W
hoECXqqVdCdFS6paL5uVqSfrS2fzKuII+MiLlU5MU8lpBsb4pTmV32uNoVJVZsOZ
BHPFPq8vKWv6KfQPl7fmzxYxvMUA/AdqA2WTAYOtWLuMA+GImUJh5YYJ7Ah9l8B4
O1HM+cSI2SgHlyhR6P9NRUsdJLAXyU+zItYxLiB/lErLdMjWKYjZzCOzY2CwxO7f
KLKWybCVoLPyZafQ8ylkVKfdHtLHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUsnnY
k7KR6OpUpWc8uqA0uOE7YWMwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzE1QjM4NkM0QjZGOTExRUVCODNBQTVCNjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDcwDQYJKoZIhvcNAQEL
BQADggEBAHob4wvn6RFWs98nlIIJcY744y8Spq35D7Aa2vb0YzlJzuyuG3YWLJG/
KM2TUTRuv1vGAKKCJL4P5i0xb179mIpeSO7yz8BOjJOcqxLgQpb/E7sfYvFktmZb
nFq1IsvTkubtgFpzJW0WzpOPW1pVPRKV6MsmxDoNdonC6LhG8a4h98Tfx/np09Mc
Kseeijw60x3RLNLN2hXudIZ7F2rCQd5Y3pMukHmu2dw+e9TqKL8mg41YomDIXuES
cKkODFT98DgnHfmB3CGeJTNDPhVCCp6F6QJVTujHm/y//X6TvW4sd3BiyuYTd082
VHn0etz8VvQjhcL4rjJ/x1Hx6AYQlT8=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:03 2024 by rpki-client on console-fra.rpki-client.org