Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/196A813EFBDA11EEA0FADA14017001B1.roa
File:                     196A813EFBDA11EEA0FADA14017001B1.roa (raw, json)
Hash identifier:          wNFApF1VpzLa6kXhAwQLY6iNMgNHspb8aFfvgXLE4b0=
Subject key identifier:   60:BE:48:A8:78:AF:FE:F7:05:A4:D5:01:FC:54:11:7F:40:5D:B9:8E
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       15C9
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/196A813EFBDA11EEA0FADA14017001B1.roa
Signing time:             Tue 16 Apr 2024 10:14:24 +0000
ROA not before:           Tue 16 Apr 2024 10:14:21 +0000
ROA not after:            Thu 16 Apr 2026 10:14:21 +0000
asID:                     51358
IP address blocks:        154.16.166.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5577 (0x15c9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 16 10:14:21 2024 GMT
            Not After : Apr 16 10:14:21 2026 GMT
        Subject: CN=661e4f80-7970
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f8:8c:5a:23:6b:26:76:ef:51:c5:2a:a6:73:
                    23:40:fb:e3:d0:aa:03:e4:c9:25:2f:1b:bf:e6:ab:
                    09:2b:bd:04:b7:95:01:78:a6:b0:fa:93:22:4a:f8:
                    c3:5d:e4:04:f3:5b:e1:b3:12:ea:52:4f:56:a2:aa:
                    ce:79:f7:49:02:10:32:23:e4:04:34:4c:05:9d:41:
                    d7:95:91:5b:c2:33:47:c6:68:1f:01:4e:7e:f9:5c:
                    04:fe:69:6c:0a:f0:a1:16:84:05:cc:b6:bd:91:56:
                    a9:a4:2a:13:d2:c1:15:59:7a:3b:cf:d4:63:17:93:
                    9d:59:68:56:ab:44:dd:f7:1c:0d:1f:7f:9f:97:96:
                    27:b4:d0:2d:7e:f6:aa:e1:1c:53:b7:4a:6a:5b:85:
                    cd:e4:4b:f6:4f:91:a4:c4:27:47:9a:7b:c8:2e:41:
                    4d:7c:9b:a3:9a:42:8a:f7:bf:13:79:5e:41:99:e0:
                    52:8a:07:3c:eb:8b:70:09:18:f2:76:06:11:b4:02:
                    d6:63:25:1b:60:b8:18:d9:73:a4:1c:ff:a8:d7:6b:
                    db:50:ee:d8:d4:8e:fd:7e:67:54:7b:71:bc:36:0d:
                    aa:fc:70:26:9c:93:3f:28:e6:fa:00:05:81:37:8b:
                    cd:79:f7:1a:5f:9c:59:b3:eb:ed:80:c8:45:a8:60:
                    b8:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:BE:48:A8:78:AF:FE:F7:05:A4:D5:01:FC:54:11:7F:40:5D:B9:8E
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/196A813EFBDA11EEA0FADA14017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.166.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:42:5f:76:0a:5f:97:74:1b:6e:94:83:35:57:0d:c0:8c:0a:
         c9:cf:b9:36:63:6b:84:01:85:7c:ca:ca:81:70:90:66:d0:dc:
         d9:72:9b:3e:8b:71:98:f6:9c:1c:a1:9f:eb:ad:18:66:3e:63:
         12:a5:37:5a:f6:e5:38:54:52:ba:3c:19:53:bb:9a:ad:82:dc:
         a6:fc:74:31:7e:41:2b:b7:c1:0d:7a:f3:d8:27:75:81:98:b4:
         03:2a:84:b3:b8:58:50:33:33:f4:28:45:17:77:d9:d0:2a:77:
         2f:74:61:40:9d:60:81:3d:41:f0:bf:35:4a:3f:ee:f1:bb:ff:
         f2:22:b2:7f:c3:7e:3b:11:8b:00:73:2a:1d:28:98:30:c8:ca:
         a6:e5:0b:42:5b:88:f8:ef:0c:88:6b:29:ee:15:c9:dc:32:e0:
         3d:03:fc:70:26:c1:8e:9d:82:c0:a2:6f:c0:0e:8f:94:01:f6:
         17:32:58:a7:ea:5d:bb:d7:80:6e:52:1b:ab:cd:1a:54:6f:6d:
         ff:75:e1:88:c4:6d:a9:0d:ed:66:a3:ec:a9:48:60:86:4d:a4:
         2c:92:53:b5:fa:d0:8f:46:78:91:27:ca:8f:f7:d8:1f:10:79:
         a1:4d:01:bf:d0:6f:30:55:88:04:ce:83:90:26:0a:b2:da:53:
         7a:e6:16:3c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFckwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MTYxMDE0MjFaFw0yNjA0MTYxMDE0MjFaMBgxFjAU
BgNVBAMTDTY2MWU0ZjgwLTc5NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3+IxaI2smdu9RxSqmcyNA++PQqgPkySUvG7/mqwkrvQS3lQF4prD6kyJK
+MNd5ATzW+GzEupST1aiqs5590kCEDIj5AQ0TAWdQdeVkVvCM0fGaB8BTn75XAT+
aWwK8KEWhAXMtr2RVqmkKhPSwRVZejvP1GMXk51ZaFarRN33HA0ff5+Xlie00C1+
9qrhHFO3Smpbhc3kS/ZPkaTEJ0eae8guQU18m6OaQor3vxN5XkGZ4FKKBzzri3AJ
GPJ2BhG0AtZjJRtguBjZc6Qc/6jXa9tQ7tjUjv1+Z1R7cbw2Dar8cCackz8o5voA
BYE3i8159xpfnFmz6+2AyEWoYLgxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYL5I
qHiv/vcFpNUB/FQRf0BduY4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzE5NkE4MTNFRkJEQTExRUVBMEZBREExNDAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEKYwDQYJKoZIhvcNAQEL
BQADggEBADpCX3YKX5d0G26UgzVXDcCMCsnPuTZja4QBhXzKyoFwkGbQ3Nlymz6L
cZj2nByhn+utGGY+YxKlN1r25ThUUro8GVO7mq2C3Kb8dDF+QSu3wQ1689gndYGY
tAMqhLO4WFAzM/QoRRd32dAqdy90YUCdYIE9QfC/NUo/7vG7//Iisn/DfjsRiwBz
Kh0omDDIyqblC0JbiPjvDIhrKe4Vydwy4D0D/HAmwY6dgsCib8AOj5QB9hcyWKfq
XbvXgG5SG6vNGlRvbf914YjEbakN7Waj7KlIYIZNpCySU7X60I9GeJEnyo/32B8Q
eaFNAb/QbzBViATOg5AmCrLaU3rmFjw=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:03 2024 by rpki-client on console-fra.rpki-client.org