Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1B62CD40FE3A11EE9D7AB06B017001B1.roa
File:                     1B62CD40FE3A11EE9D7AB06B017001B1.roa (raw, json)
Hash identifier:          bfoZkGhHeb2wBwFjtgNQhFdVFYog+hoJMEx6YOhpZZ8=
Subject key identifier:   B5:D0:29:63:64:78:D8:07:83:BB:1D:43:CB:C6:1D:2E:CB:A8:D5:2B
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       15EE
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1B62CD40FE3A11EE9D7AB06B017001B1.roa
Signing time:             Fri 19 Apr 2024 10:46:42 +0000
ROA not before:           Fri 19 Apr 2024 10:46:38 +0000
ROA not after:            Sun 19 Apr 2026 10:46:38 +0000
asID:                     60542
IP address blocks:        154.16.123.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5614 (0x15ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 19 10:46:38 2024 GMT
            Not After : Apr 19 10:46:38 2026 GMT
        Subject: CN=66224b92-0eea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:51:b5:72:60:6c:ff:18:9f:fb:7d:db:74:ce:
                    06:2b:53:fb:b0:18:78:00:4f:9f:76:2f:04:34:5a:
                    d4:34:18:5f:91:0f:22:e8:f3:99:7a:5d:04:f2:54:
                    c6:64:53:69:79:b7:81:2a:7f:c8:f8:d3:4f:79:0e:
                    89:27:5f:e5:d7:71:45:87:d6:d9:98:e2:e3:52:b7:
                    0c:58:e6:f2:f5:a3:51:3c:1f:19:d7:0c:5f:f5:ec:
                    58:1a:28:7a:65:70:54:8a:27:cb:2a:a6:5e:db:dd:
                    f0:d4:e9:42:7d:fd:3a:8b:c9:a2:06:06:de:4f:71:
                    e3:a4:07:88:4e:73:d2:f4:e8:18:7e:d9:56:69:97:
                    1c:72:a3:96:87:c3:f3:50:a2:1f:71:40:e2:ca:60:
                    c0:cc:14:9a:e1:0e:a5:f5:4e:ef:dc:8e:76:9b:08:
                    10:2f:15:ad:b4:14:13:f2:05:b6:ee:17:a2:4a:30:
                    ca:50:48:c2:6a:fd:a0:89:25:5c:04:80:b0:81:25:
                    7f:37:fb:b7:f4:89:50:27:b6:7e:f1:e4:d4:8f:62:
                    05:f8:e5:cb:1a:e5:c6:8a:67:3a:66:47:1e:39:1f:
                    ce:ee:3f:c6:4b:07:03:58:7f:76:b7:e3:ed:3c:70:
                    6a:e6:f4:32:d7:00:7f:68:e5:db:31:d2:bb:df:f2:
                    f1:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:D0:29:63:64:78:D8:07:83:BB:1D:43:CB:C6:1D:2E:CB:A8:D5:2B
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1B62CD40FE3A11EE9D7AB06B017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:36:bd:96:db:5c:38:6f:94:12:4d:c7:c5:10:18:0f:32:b9:
         41:13:01:4f:49:2a:49:d0:08:57:db:61:ef:00:5a:60:68:c7:
         77:cf:39:10:ac:09:7a:db:db:d3:ba:53:5d:3f:91:81:19:e4:
         f9:39:21:98:70:78:b2:78:00:a6:b8:b2:30:e8:0a:32:e9:f3:
         f4:00:0f:88:4b:a0:78:30:2f:47:8c:e5:57:8f:67:f8:70:6a:
         10:94:cb:36:30:f8:21:91:7c:9c:8f:c4:be:46:3a:75:94:24:
         d0:5c:27:45:fb:0f:43:11:0f:9e:f2:13:f1:a6:4d:b4:a9:0d:
         28:fb:bd:2b:dd:81:24:19:ea:1e:d7:dc:a7:c6:86:55:a6:1f:
         74:f0:01:fd:ed:6b:d6:31:58:93:ac:b8:fd:2d:b5:8b:63:32:
         d8:36:9d:9c:e4:56:97:7d:d2:a1:0d:e0:f9:9d:a7:48:03:56:
         7a:3c:dc:16:66:17:4c:2b:bf:ae:d9:dd:33:06:11:df:40:43:
         9b:a0:4a:da:eb:a9:41:cf:ea:6e:c0:4b:d4:71:0d:18:b3:e4:
         ed:d2:a4:8a:89:11:a4:11:53:8e:93:bf:d1:7c:0c:17:6f:dd:
         b9:7a:50:ce:b2:30:46:f7:63:a7:ed:9a:bc:9d:df:8f:a6:45:
         50:6f:00:43
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFe4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MTkxMDQ2MzhaFw0yNjA0MTkxMDQ2MzhaMBgxFjAU
BgNVBAMTDTY2MjI0YjkyLTBlZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWUbVyYGz/GJ/7fdt0zgYrU/uwGHgAT592LwQ0WtQ0GF+RDyLo85l6XQTy
VMZkU2l5t4Eqf8j40095DoknX+XXcUWH1tmY4uNStwxY5vL1o1E8HxnXDF/17Fga
KHplcFSKJ8sqpl7b3fDU6UJ9/TqLyaIGBt5PceOkB4hOc9L06Bh+2VZplxxyo5aH
w/NQoh9xQOLKYMDMFJrhDqX1Tu/cjnabCBAvFa20FBPyBbbuF6JKMMpQSMJq/aCJ
JVwEgLCBJX83+7f0iVAntn7x5NSPYgX45csa5caKZzpmRx45H87uP8ZLBwNYf3a3
4+08cGrm9DLXAH9o5dsx0rvf8vEbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUtdAp
Y2R42AeDux1Dy8YdLsuo1SswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzFCNjJDRDQwRkUzQTExRUU5RDdBQjA2QjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHswDQYJKoZIhvcNAQEL
BQADggEBAFM2vZbbXDhvlBJNx8UQGA8yuUETAU9JKknQCFfbYe8AWmBox3fPORCs
CXrb29O6U10/kYEZ5Pk5IZhweLJ4AKa4sjDoCjLp8/QAD4hLoHgwL0eM5VePZ/hw
ahCUyzYw+CGRfJyPxL5GOnWUJNBcJ0X7D0MRD57yE/GmTbSpDSj7vSvdgSQZ6h7X
3KfGhlWmH3TwAf3ta9YxWJOsuP0ttYtjMtg2nZzkVpd90qEN4Pmdp0gDVno83BZm
F0wrv67Z3TMGEd9AQ5ugStrrqUHP6m7AS9RxDRiz5O3SpIqJEaQRU46Tv9F8DBdv
3bl6UM6yMEb3Y6ftmryd34+mRVBvAEM=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:02 2024 by rpki-client on console-ams.rpki-client.org