Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/163E6B6E1E6311EFA5B535367DDC24C2.roa
File:                     163E6B6E1E6311EFA5B535367DDC24C2.roa (raw, json)
Hash identifier:          IgfLAP9+w58tqp77/JEPPBIz/SbwnWOoKx3H/m3hlZA=
Subject key identifier:   D8:D1:5E:E7:6A:54:43:03:36:84:12:8D:BE:F5:C6:16:30:1F:F0:05
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       16AF
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/163E6B6E1E6311EFA5B535367DDC24C2.roa
Signing time:             Thu 30 May 2024 09:00:40 +0000
ROA not before:           Thu 30 May 2024 09:00:36 +0000
ROA not after:            Sun 31 May 2026 09:00:36 +0000
asID:                     13213
IP address blocks:        154.16.255.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5807 (0x16af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 30 09:00:36 2024 GMT
            Not After : May 31 09:00:36 2026 GMT
        Subject: CN=66584037-46fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ad:73:25:6c:02:84:d7:7a:6f:d3:d9:6a:60:
                    f8:35:24:80:ca:5b:6c:85:91:01:cd:d7:57:b4:1b:
                    38:fd:96:74:af:a9:98:aa:2e:04:8e:72:29:a4:6e:
                    95:c0:56:a2:0f:d7:33:31:21:22:27:ee:44:db:6d:
                    bd:6c:52:6e:90:fc:d5:dc:9f:85:ff:1e:61:7e:a3:
                    9d:49:ee:5d:c9:c4:03:42:44:99:2f:25:91:bb:09:
                    f3:4e:da:ba:92:d4:3e:2a:0b:d5:c5:e2:9f:50:d0:
                    fe:00:6e:50:bc:85:da:ea:cb:68:ee:2e:8d:12:7f:
                    92:c0:90:18:84:be:a0:9c:9a:54:e6:ee:da:34:8d:
                    76:67:50:d1:53:c2:75:27:a3:5d:35:4d:75:ff:9e:
                    28:ec:08:ea:3d:cd:4d:49:15:f6:c8:5a:85:27:32:
                    8d:05:e0:26:fd:43:01:55:46:9f:f2:eb:da:36:6c:
                    f2:f5:96:6f:79:67:b2:4f:08:5d:26:0b:6a:bf:a7:
                    6a:27:39:69:dd:07:6d:bc:f5:7c:d6:9d:14:38:d1:
                    a8:bb:54:b0:71:e9:03:2b:a5:57:fb:97:0d:d9:bf:
                    38:75:2e:28:05:4f:b7:53:cc:a8:c3:fa:ca:f6:5b:
                    02:c2:d8:05:fe:a8:4e:68:88:89:08:f3:06:1e:b2:
                    db:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:D1:5E:E7:6A:54:43:03:36:84:12:8D:BE:F5:C6:16:30:1F:F0:05
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/163E6B6E1E6311EFA5B535367DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:98:91:71:f2:6d:da:2f:83:dc:de:35:69:9a:81:db:4f:61:
         03:f0:89:80:c5:c2:18:06:da:ad:fb:ff:35:a8:79:7a:75:81:
         80:4d:90:17:d6:21:fc:8b:7b:0b:e6:fc:8b:34:43:80:d4:bf:
         b2:6c:7d:c1:c9:1b:ee:4b:e5:a4:75:61:6d:e4:22:d8:50:91:
         9c:91:04:85:9a:84:bb:ba:3f:6c:1d:43:5a:bf:98:2e:75:0c:
         fe:11:0e:84:5d:bf:67:ca:3d:6b:a9:1e:fb:1c:b1:74:44:17:
         49:b2:1c:ce:38:3c:e8:24:04:55:37:b1:4b:09:54:4d:ea:fa:
         22:00:34:42:aa:c7:64:02:06:6f:a8:1b:b9:af:7e:96:a2:f8:
         ef:73:02:cb:5d:ac:57:42:c1:59:d6:6b:d1:56:53:77:aa:b6:
         ad:43:1b:63:51:e3:51:0a:10:fe:8c:9f:1f:fb:52:54:21:c2:
         ea:43:4f:43:84:4b:8c:de:3f:6b:70:ff:48:a8:a5:44:55:a2:
         de:64:8b:d5:dd:38:41:28:f2:39:5c:16:4b:ea:27:db:f0:34:
         5d:5c:37:aa:be:ec:af:4a:ef:7f:36:76:dc:b1:4e:88:8f:a6:
         dd:4e:8d:98:fb:d4:b7:04:00:06:ea:c9:ec:ab:19:79:c3:c4:
         d0:e1:1f:3a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFq8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MzAwOTAwMzZaFw0yNjA1MzEwOTAwMzZaMBgxFjAU
BgNVBAMTDTY2NTg0MDM3LTQ2ZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCxrXMlbAKE13pv09lqYPg1JIDKW2yFkQHN11e0Gzj9lnSvqZiqLgSOcimk
bpXAVqIP1zMxISIn7kTbbb1sUm6Q/NXcn4X/HmF+o51J7l3JxANCRJkvJZG7CfNO
2rqS1D4qC9XF4p9Q0P4AblC8hdrqy2juLo0Sf5LAkBiEvqCcmlTm7to0jXZnUNFT
wnUno101TXX/nijsCOo9zU1JFfbIWoUnMo0F4Cb9QwFVRp/y69o2bPL1lm95Z7JP
CF0mC2q/p2onOWndB2289XzWnRQ40ai7VLBx6QMrpVf7lw3Zvzh1LigFT7dTzKjD
+sr2WwLC2AX+qE5oiIkI8wYestufAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2NFe
52pUQwM2hBKNvvXGFjAf8AUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzE2M0U2QjZFMUU2MzExRUZBNUI1MzUzNjdEREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEP8wDQYJKoZIhvcNAQEL
BQADggEBAEuYkXHybdovg9zeNWmagdtPYQPwiYDFwhgG2q37/zWoeXp1gYBNkBfW
IfyLewvm/Is0Q4DUv7JsfcHJG+5L5aR1YW3kIthQkZyRBIWahLu6P2wdQ1q/mC51
DP4RDoRdv2fKPWupHvscsXREF0myHM44POgkBFU3sUsJVE3q+iIANEKqx2QCBm+o
G7mvfpai+O9zAstdrFdCwVnWa9FWU3eqtq1DG2NR41EKEP6Mnx/7UlQhwupDT0OE
S4zeP2tw/0iopURVot5ki9XdOEEo8jlcFkvqJ9vwNF1cN6q+7K9K7382dtyxToiP
pt1OjZj71LcEAAbqyeyrGXnDxNDhHzo=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:02 2024 by rpki-client on console-ams.rpki-client.org