Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1A9F510A032911EFAC513722017001B1.roa
File:                     1A9F510A032911EFAC513722017001B1.roa (raw, json)
Hash identifier:          j/zVYkFtmoy5iDKlNB4LMGd1qqPskLkA60Vujj3tZ84=
Subject key identifier:   1F:2B:A9:F3:42:DC:4E:F7:25:91:AC:5E:95:6D:3D:6F:5A:06:5A:DD
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1611
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1A9F510A032911EFAC513722017001B1.roa
Signing time:             Thu 25 Apr 2024 17:27:35 +0000
ROA not before:           Thu 25 Apr 2024 17:27:31 +0000
ROA not after:            Sat 25 Apr 2026 17:27:31 +0000
asID:                     22168
IP address blocks:        154.16.230.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5649 (0x1611)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 25 17:27:31 2024 GMT
            Not After : Apr 25 17:27:31 2026 GMT
        Subject: CN=662a9287-302c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:dd:8d:f6:90:a8:8a:63:14:9f:09:fa:a9:80:
                    0f:39:f7:c2:5c:e3:97:d5:20:02:62:c1:66:69:03:
                    06:d1:11:7e:b2:16:3f:c5:15:33:b8:84:f9:b3:91:
                    1d:4e:50:4a:89:81:c4:ae:25:66:ac:60:d5:1b:58:
                    64:b6:9a:06:a8:31:ac:57:4a:ff:28:77:ad:63:ef:
                    ab:ed:94:d5:cf:ef:34:c5:f0:0d:fe:11:4e:53:56:
                    86:13:87:50:a2:6f:c5:30:63:1f:01:e6:08:6e:73:
                    f3:c1:51:84:27:f5:44:40:5b:9c:e3:2b:5e:ab:bb:
                    0e:f4:7a:99:2e:a7:8b:6e:b7:9b:85:58:93:9b:6a:
                    33:35:6f:4a:65:47:ac:e6:55:e2:d4:a7:e5:38:b8:
                    f4:e3:d4:2d:77:f4:d3:46:30:b9:61:2b:57:18:b5:
                    fb:7a:4b:38:bb:fa:39:aa:38:2a:fe:1c:94:58:fa:
                    23:91:d4:98:1d:6d:ee:f6:dd:3d:58:a4:7d:33:96:
                    3e:7f:45:2f:50:0c:99:09:9c:19:e2:f7:4b:60:48:
                    ee:09:dc:5a:02:d4:c0:6c:41:16:1c:ed:66:39:8e:
                    39:3f:c7:b4:d1:d5:4c:c4:43:0c:00:4e:6b:b7:e7:
                    3d:2f:85:c0:be:a7:3e:b5:df:a7:76:9f:64:26:3e:
                    aa:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:2B:A9:F3:42:DC:4E:F7:25:91:AC:5E:95:6D:3D:6F:5A:06:5A:DD
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1A9F510A032911EFAC513722017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:64:3f:3e:43:45:6a:f0:a4:22:9c:6e:23:3e:03:6f:02:d7:
         0f:69:46:1f:bd:47:4c:61:42:a7:e2:f7:93:45:a4:d6:96:92:
         65:54:11:37:04:12:60:b3:74:6a:bc:5d:c5:ed:69:f7:a3:18:
         7f:12:47:ab:84:3a:9b:f3:ce:7d:ae:10:fc:9b:53:78:c1:dc:
         e0:ab:dc:17:8c:e5:b5:30:53:87:70:d9:44:a4:30:38:72:73:
         20:43:81:0f:59:49:ff:86:60:f2:9f:76:da:b3:98:1d:49:b1:
         69:03:cb:c5:bf:45:34:f1:b8:59:87:5c:0b:6a:72:35:15:d2:
         e8:08:df:b1:c1:93:d9:bd:d8:66:99:30:cb:92:46:76:74:f4:
         05:d7:ae:43:5e:76:3a:c4:e2:3b:89:ef:60:83:2f:5c:6d:38:
         66:64:a2:87:36:32:58:fb:ef:e1:ed:d0:4e:ff:51:cb:9a:85:
         a0:03:ee:6c:6f:60:dc:08:38:8e:dd:cf:b1:36:71:58:00:61:
         7d:71:3c:79:e9:62:b3:45:77:8b:2a:1c:90:66:3b:3b:fe:2e:
         27:19:ff:de:a9:0d:14:0f:dc:82:a3:3f:4c:4a:27:21:56:ed:
         9a:09:8f:bf:aa:cb:b6:19:2b:22:45:9e:9e:e8:3e:2b:a7:b6:
         66:d3:36:c7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFhEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MjUxNzI3MzFaFw0yNjA0MjUxNzI3MzFaMBgxFjAU
BgNVBAMTDTY2MmE5Mjg3LTMwMmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC43Y32kKiKYxSfCfqpgA8598Jc45fVIAJiwWZpAwbREX6yFj/FFTO4hPmz
kR1OUEqJgcSuJWasYNUbWGS2mgaoMaxXSv8od61j76vtlNXP7zTF8A3+EU5TVoYT
h1Cib8UwYx8B5ghuc/PBUYQn9URAW5zjK16ruw70epkup4tut5uFWJObajM1b0pl
R6zmVeLUp+U4uPTj1C139NNGMLlhK1cYtft6Szi7+jmqOCr+HJRY+iOR1Jgdbe72
3T1YpH0zlj5/RS9QDJkJnBni90tgSO4J3FoC1MBsQRYc7WY5jjk/x7TR1UzEQwwA
Tmu35z0vhcC+pz6136d2n2QmPqqHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUHyup
80LcTvclkaxelW09b1oGWt0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzFBOUY1MTBBMDMyOTExRUZBQzUxMzcyMjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOYwDQYJKoZIhvcNAQEL
BQADggEBAKJkPz5DRWrwpCKcbiM+A28C1w9pRh+9R0xhQqfi95NFpNaWkmVUETcE
EmCzdGq8XcXtafejGH8SR6uEOpvzzn2uEPybU3jB3OCr3BeM5bUwU4dw2USkMDhy
cyBDgQ9ZSf+GYPKfdtqzmB1JsWkDy8W/RTTxuFmHXAtqcjUV0ugI37HBk9m92GaZ
MMuSRnZ09AXXrkNedjrE4juJ72CDL1xtOGZkooc2Mlj77+Ht0E7/UcuahaAD7mxv
YNwIOI7dz7E2cVgAYX1xPHnpYrNFd4sqHJBmOzv+LicZ/96pDRQP3IKjP0xKJyFW
7ZoJj7+qy7YZKyJFnp7oPiuntmbTNsc=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:02 2024 by rpki-client on console-ams.rpki-client.org