Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1AE84FCE493311ED891E7D80F1222468.roa
File:                     1AE84FCE493311ED891E7D80F1222468.roa (raw, json)
Hash identifier:          G/Ahu+mAggDzqf2RGQGSzbXa3sXjO0HcC5KRJ5PuSwo=
Subject key identifier:   F7:33:B4:43:D5:A6:3A:AE:39:14:40:5E:81:72:25:18:4D:02:B1:9F
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A01
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1AE84FCE493311ED891E7D80F1222468.roa
Signing time:             Tue 11 Oct 2022 07:05:36 +0000
ROA not before:           Tue 11 Oct 2022 07:05:33 +0000
ROA not after:            Fri 11 Oct 2024 07:05:33 +0000
asID:                     397423
IP address blocks:        154.16.151.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2561 (0xa01)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 11 07:05:33 2022 GMT
            Not After : Oct 11 07:05:33 2024 GMT
        Subject: CN=634515c0-51a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ff:64:53:5e:13:20:dd:13:9c:00:6f:e8:31:
                    34:7b:cd:fa:ee:57:f2:b8:66:d9:ca:da:0d:ee:53:
                    34:e1:c0:bf:b6:7a:ae:5b:28:92:ed:43:de:ec:44:
                    aa:63:84:11:11:0d:45:1c:89:e8:14:e8:4f:23:82:
                    44:05:d9:b3:da:80:f5:9b:b9:68:f1:12:aa:62:9b:
                    0e:66:f6:cc:9e:f7:01:9b:29:30:92:16:8d:87:a8:
                    05:89:d7:ca:55:39:9c:82:50:41:9f:63:c8:53:23:
                    12:13:de:dd:12:82:f7:36:89:08:a2:db:c9:00:f8:
                    cb:41:a3:1d:2e:18:ee:7a:a4:0b:56:72:49:47:46:
                    b1:bf:a8:0f:d5:70:df:cd:0d:28:34:1d:03:b3:b9:
                    19:16:62:20:48:f9:c1:e7:51:76:4e:bf:9c:57:40:
                    02:5c:0a:43:df:ad:9f:07:64:49:df:ae:22:13:ed:
                    ff:89:7a:37:dd:ea:f5:9b:63:ed:86:1d:66:e7:e9:
                    7b:ce:96:eb:21:0d:83:b3:6b:50:82:f2:cf:c6:9e:
                    89:16:95:bc:6e:eb:3d:cf:e4:35:49:8b:41:68:f3:
                    f0:ed:ba:a4:6d:65:18:c2:75:ae:bc:94:3f:83:ff:
                    3c:37:c9:44:41:63:2e:b9:49:7e:84:e9:7f:78:d4:
                    14:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:33:B4:43:D5:A6:3A:AE:39:14:40:5E:81:72:25:18:4D:02:B1:9F
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1AE84FCE493311ED891E7D80F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:31:f8:1a:70:c7:9e:12:18:ab:0c:90:f0:84:91:a3:27:34:
         fe:00:f1:4c:aa:8b:06:47:d5:be:b5:e0:2d:d9:a0:56:0d:81:
         33:7f:57:b9:e1:94:1a:d2:cb:62:03:8c:29:38:5f:8c:d0:dd:
         4f:c0:1c:28:5c:51:44:0c:5f:c1:2c:eb:43:06:b4:3a:cd:18:
         29:e6:be:ac:95:6e:cb:08:f3:a4:de:6d:8b:be:db:0c:61:e2:
         cc:ce:59:34:ac:45:68:4c:f2:48:8e:fd:d4:c8:4c:32:eb:50:
         83:9f:89:ed:41:d0:98:8a:01:28:d6:84:ed:62:2f:68:b7:bc:
         22:a0:bd:7e:4f:23:02:8b:50:ab:e7:b0:44:dd:20:63:d7:ae:
         24:ed:24:99:a2:77:2b:aa:b4:7f:ef:db:ff:51:84:b9:bc:95:
         eb:f9:6e:84:61:76:4f:d9:b7:be:6d:55:0c:e5:89:bf:82:b3:
         0d:b2:8f:50:60:0c:7a:48:cc:ff:a5:b0:5c:2c:2b:f8:d2:d1:
         6a:b4:77:13:86:6c:9a:7d:bd:6d:d2:09:6e:d7:44:52:bc:27:
         a2:2d:10:b5:a8:5b:15:9b:b3:9b:95:60:50:68:7e:4c:e2:f7:
         3d:45:9d:f7:bd:7c:aa:b1:1d:f3:c8:95:05:df:98:f9:ea:a5:
         06:57:3f:96
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCgEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMTEwNzA1MzNaFw0yNDEwMTEwNzA1MzNaMBgxFjAU
BgNVBAMMDTYzNDUxNWMwLTUxYTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCx/2RTXhMg3ROcAG/oMTR7zfruV/K4ZtnK2g3uUzThwL+2eq5bKJLtQ97s
RKpjhBERDUUciegU6E8jgkQF2bPagPWbuWjxEqpimw5m9sye9wGbKTCSFo2HqAWJ
18pVOZyCUEGfY8hTIxIT3t0Sgvc2iQii28kA+MtBox0uGO56pAtWcklHRrG/qA/V
cN/NDSg0HQOzuRkWYiBI+cHnUXZOv5xXQAJcCkPfrZ8HZEnfriIT7f+Jejfd6vWb
Y+2GHWbn6XvOlushDYOza1CC8s/GnokWlbxu6z3P5DVJi0Fo8/DtuqRtZRjCda68
lD+D/zw3yURBYy65SX6E6X941BQLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9zO0
Q9WmOq45FEBegXIlGE0CsZ8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzFBRTg0RkNFNDkzMzExRUQ4OTFFN0Q4MEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJcwDQYJKoZIhvcNAQEL
BQADggEBAIYx+Bpwx54SGKsMkPCEkaMnNP4A8UyqiwZH1b614C3ZoFYNgTN/V7nh
lBrSy2IDjCk4X4zQ3U/AHChcUUQMX8Es60MGtDrNGCnmvqyVbssI86TebYu+2wxh
4szOWTSsRWhM8kiO/dTITDLrUIOfie1B0JiKASjWhO1iL2i3vCKgvX5PIwKLUKvn
sETdIGPXriTtJJmidyuqtH/v2/9RhLm8lev5boRhdk/Zt75tVQzlib+Csw2yj1Bg
DHpIzP+lsFwsK/jS0Wq0dxOGbJp9vW3SCW7XRFK8J6ItELWoWxWbs5uVYFBofkzi
9z1Fnfe9fKqxHfPIlQXfmPnqpQZXP5Y=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:03 2024 by rpki-client on console-fra.rpki-client.org