Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/187A1F92227111EFB5D875FD7CDC24C2.roa
File:                     187A1F92227111EFB5D875FD7CDC24C2.roa (raw, json)
Hash identifier:          EOJ/x8zNT8ZvN4KbXRoCJ+nri5ohKO1Mage6NqvxiqQ=
Subject key identifier:   4A:31:B6:CD:0F:E4:9D:BF:93:56:A9:E3:A7:F4:C3:D0:B2:27:10:23
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       16BB
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/187A1F92227111EFB5D875FD7CDC24C2.roa
Signing time:             Tue 04 Jun 2024 12:51:01 +0000
ROA not before:           Tue 04 Jun 2024 12:50:58 +0000
ROA not after:            Sat 06 Jun 2026 12:50:58 +0000
asID:                     397423
IP address blocks:        154.127.54.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5819 (0x16bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun  4 12:50:58 2024 GMT
            Not After : Jun  6 12:50:58 2026 GMT
        Subject: CN=665f0db5-7b7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:13:35:62:38:6e:10:e8:3a:80:4b:99:e7:29:
                    08:f9:b6:30:55:d7:95:c4:c9:d7:c9:89:6b:84:ab:
                    57:74:d3:b8:90:fc:d8:9b:05:93:41:42:a7:3e:ed:
                    46:88:c8:2c:be:b2:21:4f:c6:84:8b:15:cc:d7:71:
                    2a:46:87:86:dc:a1:aa:9e:91:b0:2e:b0:38:7f:c6:
                    b6:4d:37:49:47:6d:8e:13:c7:42:c1:f1:74:72:fe:
                    31:c5:33:e1:ef:f9:97:5a:5d:57:9b:30:a3:36:de:
                    ff:7e:4d:e1:e8:3e:1b:6d:5f:58:a7:ec:bb:85:36:
                    05:54:e9:02:26:9c:5f:62:0a:6f:0f:8d:12:96:cc:
                    a4:46:54:2f:53:33:fd:80:a9:37:84:b6:79:88:b9:
                    e3:26:b5:f7:aa:8a:41:66:e8:10:d8:3c:06:3b:c6:
                    3f:a3:86:0c:7f:07:cc:7b:26:92:ac:90:0b:33:61:
                    ff:ba:3b:8e:43:5e:ab:34:f4:eb:f2:3a:01:dd:71:
                    f1:64:b9:99:8f:fd:12:c4:31:76:1e:cb:fc:c7:f8:
                    f3:49:a3:76:99:5b:54:5a:97:e7:2b:f1:a3:f4:5e:
                    94:7e:d8:bc:af:4c:e7:d9:e8:78:05:f3:8f:55:74:
                    46:7f:91:74:ac:82:25:df:8c:a7:1b:c7:44:ce:22:
                    82:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:31:B6:CD:0F:E4:9D:BF:93:56:A9:E3:A7:F4:C3:D0:B2:27:10:23
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/187A1F92227111EFB5D875FD7CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.127.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:a0:68:a4:9b:35:6f:d8:ea:ff:53:7e:15:5f:98:a0:b4:ef:
         a5:45:d7:a8:88:3d:19:fe:ff:58:66:ea:33:a2:81:c6:5c:46:
         e9:09:11:9d:18:a4:72:df:7c:47:13:ff:ba:5d:8b:db:8b:26:
         6e:15:c3:46:73:a5:66:72:b5:67:2e:ca:70:69:bd:e9:a7:1d:
         35:55:46:be:b9:0e:8f:9f:ce:47:b0:dc:a3:f9:26:9a:d6:c0:
         59:c9:78:b1:0d:4e:58:35:f1:f9:e3:65:38:df:2e:e3:c8:66:
         16:d1:3c:b4:7a:7e:82:bf:0e:36:e6:1b:36:88:60:07:de:de:
         dc:8b:b2:4d:e5:f8:97:c8:87:50:ef:3e:71:74:58:9b:7c:41:
         4e:76:2d:89:7a:94:94:b7:73:cd:33:de:08:0d:6c:c0:e9:3a:
         35:b1:dd:07:1f:4d:cf:b6:d7:b6:e1:c4:09:18:02:f0:ce:22:
         a4:f2:c2:b4:e5:78:7a:29:9f:0b:dd:f6:de:89:c0:d8:c3:2d:
         02:55:70:b5:46:54:75:93:59:54:28:f5:5f:e7:9d:41:96:36:
         76:68:d3:22:8a:99:d7:e3:fd:a7:59:72:67:24:48:08:ef:4c:
         ae:b0:fd:07:44:06:9b:3b:e8:3b:d2:0b:60:f5:bf:03:07:7d:
         d4:ef:ae:8b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFrswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA2MDQxMjUwNThaFw0yNjA2MDYxMjUwNThaMBgxFjAU
BgNVBAMTDTY2NWYwZGI1LTdiN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCsEzViOG4Q6DqAS5nnKQj5tjBV15XEydfJiWuEq1d007iQ/NibBZNBQqc+
7UaIyCy+siFPxoSLFczXcSpGh4bcoaqekbAusDh/xrZNN0lHbY4Tx0LB8XRy/jHF
M+Hv+ZdaXVebMKM23v9+TeHoPhttX1in7LuFNgVU6QImnF9iCm8PjRKWzKRGVC9T
M/2AqTeEtnmIueMmtfeqikFm6BDYPAY7xj+jhgx/B8x7JpKskAszYf+6O45DXqs0
9OvyOgHdcfFkuZmP/RLEMXYey/zH+PNJo3aZW1Ral+cr8aP0XpR+2LyvTOfZ6HgF
849VdEZ/kXSsgiXfjKcbx0TOIoIxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUSjG2
zQ/knb+TVqnjp/TD0LInECMwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzE4N0ExRjkyMjI3MTExRUZCNUQ4NzVGRDdDREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACafzYwDQYJKoZIhvcNAQEL
BQADggEBAJmgaKSbNW/Y6v9TfhVfmKC076VF16iIPRn+/1hm6jOigcZcRukJEZ0Y
pHLffEcT/7pdi9uLJm4Vw0ZzpWZytWcuynBpvemnHTVVRr65Do+fzkew3KP5JprW
wFnJeLENTlg18fnjZTjfLuPIZhbRPLR6foK/DjbmGzaIYAfe3tyLsk3l+JfIh1Dv
PnF0WJt8QU52LYl6lJS3c80z3ggNbMDpOjWx3QcfTc+217bhxAkYAvDOIqTywrTl
eHopnwvd9t6JwNjDLQJVcLVGVHWTWVQo9V/nnUGWNnZo0yKKmdfj/adZcmckSAjv
TK6w/QdEBps76DvSC2D1vwMHfdTvros=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:22 2024 by rpki-client on console-ams.rpki-client.org