Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/23A1B096468111EE9497D6894AD9E6FC.roa
File:                     23A1B096468111EE9497D6894AD9E6FC.roa (raw, json)
Hash identifier:          +bPvHif1fZNNAxJf3JpFpNeCQNMwP2mGs4PKxfeRgXQ=
Subject key identifier:   06:7E:C7:DD:7D:B8:92:57:1A:32:C8:85:59:E9:FB:C2:CF:D4:02:DA
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       11D3
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/23A1B096468111EE9497D6894AD9E6FC.roa
Signing time:             Tue 29 Aug 2023 15:31:36 +0000
ROA not before:           Tue 29 Aug 2023 15:31:33 +0000
ROA not after:            Fri 30 Aug 2024 15:31:33 +0000
asID:                     5065
IP address blocks:        154.16.78.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4563 (0x11d3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 29 15:31:33 2023 GMT
            Not After : Aug 30 15:31:33 2024 GMT
        Subject: CN=64ee0f58-346a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d8:c8:a8:e7:e5:54:20:3b:1e:da:be:66:f5:
                    00:ee:c9:d3:42:82:94:88:af:23:07:06:81:31:00:
                    f2:73:7b:85:73:47:31:c5:01:29:09:92:bf:a7:dc:
                    a5:cc:bf:9b:93:29:44:98:63:b2:00:c3:0d:4c:27:
                    25:d1:66:5b:95:93:df:df:51:6d:95:a3:f7:60:38:
                    da:4f:4b:96:8d:d4:fb:ae:22:87:87:15:5e:3a:34:
                    eb:ca:a1:c9:9f:59:a9:6e:a2:b5:9a:d1:0e:23:6a:
                    f0:c2:b0:40:bf:98:c6:ca:01:6a:5d:a8:b7:77:b2:
                    c8:d8:42:0d:9a:a4:85:a9:5c:9a:22:af:d6:f7:25:
                    98:eb:79:96:6b:4e:91:6f:da:a1:34:49:ce:7d:88:
                    ea:20:f4:01:02:1a:2b:7a:c7:ce:91:3b:99:07:b3:
                    37:9c:0a:bd:8a:ef:72:28:b8:94:04:4c:eb:ba:09:
                    13:38:be:25:e3:b9:9f:0b:73:3c:71:9b:4d:a4:c8:
                    10:a6:e5:06:61:c9:7a:ef:cc:6e:cf:fc:97:d5:b2:
                    dc:f0:16:4c:97:f2:a3:70:1e:0f:d2:d8:87:7b:f9:
                    c5:52:fe:00:0f:53:d9:e0:91:9a:6f:fa:26:97:a7:
                    10:f4:a2:02:2e:25:5b:c8:71:93:5d:ec:15:fd:e6:
                    19:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:7E:C7:DD:7D:B8:92:57:1A:32:C8:85:59:E9:FB:C2:CF:D4:02:DA
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/23A1B096468111EE9497D6894AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:8d:56:90:72:aa:3a:1a:ba:d7:e9:f0:37:92:4f:6c:5b:9c:
         16:0b:ad:d5:09:0c:ec:55:5c:88:9d:fd:a2:9b:f0:2b:21:60:
         9d:7a:29:70:a9:fd:88:25:0d:86:bf:92:2b:06:f3:91:85:37:
         35:19:ef:4c:28:9b:d5:db:24:31:c3:19:bc:46:ad:0b:35:5d:
         4c:98:00:bc:16:f3:d6:b5:e5:a4:dd:10:d9:1a:13:e5:53:23:
         79:c9:9d:00:97:d2:b3:dd:02:f4:04:c8:6a:b2:3b:16:64:62:
         08:9d:b3:d0:7d:a9:40:da:3e:30:5a:24:86:fb:ec:e4:17:c6:
         f2:c6:60:0f:2d:a9:f2:a6:d8:08:59:e4:a0:0c:a2:bb:e3:67:
         25:26:ff:74:46:3a:c6:78:b8:1f:c3:c7:cf:a3:d5:10:74:5b:
         65:25:46:05:09:d9:f0:76:54:3a:b7:9b:6e:12:15:f0:29:14:
         fc:e1:a3:04:e1:5e:4e:cd:13:e1:98:e3:54:72:03:8d:3a:af:
         94:3c:a0:04:23:7f:be:57:b8:0b:f3:46:d0:ef:f0:78:18:30:
         6e:4f:a2:bf:6d:d4:69:d2:c4:21:95:8a:42:fc:92:90:57:21:
         c2:21:f6:8c:fe:41:7f:c4:7f:fa:fc:51:c5:f4:71:96:ef:f5:
         27:0f:b7:7c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEdMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MjkxNTMxMzNaFw0yNDA4MzAxNTMxMzNaMBgxFjAU
BgNVBAMTDTY0ZWUwZjU4LTM0NmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC92Mio5+VUIDse2r5m9QDuydNCgpSIryMHBoExAPJze4VzRzHFASkJkr+n
3KXMv5uTKUSYY7IAww1MJyXRZluVk9/fUW2Vo/dgONpPS5aN1PuuIoeHFV46NOvK
ocmfWaluorWa0Q4javDCsEC/mMbKAWpdqLd3ssjYQg2apIWpXJoir9b3JZjreZZr
TpFv2qE0Sc59iOog9AECGit6x86RO5kHszecCr2K73IouJQETOu6CRM4viXjuZ8L
czxxm02kyBCm5QZhyXrvzG7P/JfVstzwFkyX8qNwHg/S2Id7+cVS/gAPU9ngkZpv
+iaXpxD0ogIuJVvIcZNd7BX95hkfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUBn7H
3X24klcaMsiFWen7ws/UAtowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzIzQTFCMDk2NDY4MTExRUU5NDk3RDY4OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEE4wDQYJKoZIhvcNAQEL
BQADggEBAA6NVpByqjoautfp8DeST2xbnBYLrdUJDOxVXIid/aKb8CshYJ16KXCp
/YglDYa/kisG85GFNzUZ70wom9XbJDHDGbxGrQs1XUyYALwW89a15aTdENkaE+VT
I3nJnQCX0rPdAvQEyGqyOxZkYgids9B9qUDaPjBaJIb77OQXxvLGYA8tqfKm2AhZ
5KAMorvjZyUm/3RGOsZ4uB/Dx8+j1RB0W2UlRgUJ2fB2VDq3m24SFfApFPzhowTh
Xk7NE+GY41RyA406r5Q8oAQjf75XuAvzRtDv8HgYMG5Por9t1GnSxCGVikL8kpBX
IcIh9oz+QX/Ef/r8UcX0cZbv9ScPt3w=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:03 2024 by rpki-client on console-fra.rpki-client.org