Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/249335B6506C11EE893D872D4AD9E6FC.roa
File:                     249335B6506C11EE893D872D4AD9E6FC.roa (raw, json)
Hash identifier:          0Krp113IumjfGZLAAz4IkandySGCRI7BD/2cCVk1TAo=
Subject key identifier:   97:11:11:06:3D:3A:98:06:47:6C:40:7A:F7:4A:14:6A:D7:13:F1:89
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       120B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/249335B6506C11EE893D872D4AD9E6FC.roa
Signing time:             Mon 11 Sep 2023 06:26:30 +0000
ROA not before:           Mon 11 Sep 2023 06:26:26 +0000
ROA not after:            Thu 11 Sep 2025 06:26:26 +0000
asID:                     29802
IP address blocks:        154.127.61.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4619 (0x120b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Sep 11 06:26:26 2023 GMT
            Not After : Sep 11 06:26:26 2025 GMT
        Subject: CN=64feb315-27f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e5:1a:02:b0:4c:e4:cd:87:e6:a0:e1:77:0c:
                    c6:36:31:5b:61:c7:ae:5d:48:18:65:5d:5c:28:d5:
                    28:5c:19:0a:68:28:d7:59:88:ca:13:c4:52:8c:da:
                    ae:dc:6a:c1:49:0b:41:20:01:f2:4a:4a:f7:53:0f:
                    98:68:9d:d8:72:9f:b5:25:91:c0:85:a6:2d:7a:40:
                    58:ca:ca:8b:8c:63:74:8d:9a:be:9c:d1:e5:c4:c3:
                    88:92:68:51:29:d5:d8:7e:6f:12:70:99:52:30:2e:
                    66:0b:a6:ea:18:24:15:76:c3:4f:3d:42:bf:89:2a:
                    d2:68:c5:0b:b2:85:55:75:c3:5d:ca:04:8e:ea:a9:
                    2c:5d:a6:10:12:65:47:26:e9:db:34:d0:3b:bb:df:
                    0f:72:0d:fc:88:20:e2:67:20:91:de:57:9e:e3:28:
                    36:6a:5d:04:9c:72:f5:55:e9:09:f4:d0:4c:1b:ac:
                    90:4c:8f:cd:9c:5d:33:12:74:80:91:5d:ff:ac:93:
                    66:c2:96:2f:2a:f0:a4:74:b6:20:bf:2e:54:32:6d:
                    fc:a2:43:e7:ec:54:23:64:06:ca:39:f3:17:4b:27:
                    bb:53:93:67:f3:90:36:b6:8d:49:31:de:41:cd:0d:
                    94:bb:63:33:6b:11:84:3b:c9:53:95:4e:8f:3d:00:
                    ab:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:11:11:06:3D:3A:98:06:47:6C:40:7A:F7:4A:14:6A:D7:13:F1:89
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/249335B6506C11EE893D872D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.127.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:dc:80:17:5a:43:07:37:60:f3:36:b6:29:3c:e6:ab:da:af:
         b0:dc:1c:65:c9:39:7d:a5:50:dd:80:6a:f1:fb:ff:71:6a:4d:
         d5:ba:50:df:92:99:7d:33:95:2c:45:ea:be:63:0b:7b:52:69:
         26:b3:04:12:7a:4b:26:52:ab:a5:8f:cc:cc:e4:d9:29:81:93:
         15:9b:47:17:39:56:2a:74:79:63:f4:57:cc:4c:d5:04:26:ab:
         3c:d0:e9:80:19:94:1e:d2:54:85:7f:4c:bd:ed:bb:43:f1:73:
         82:a0:cc:3a:ff:93:73:7f:98:af:c8:1e:ef:b5:2e:21:69:cc:
         a7:a2:e6:4a:d1:a6:c9:80:10:6d:43:b5:db:fd:81:f3:73:d3:
         7b:bf:76:24:9d:00:73:64:12:88:c1:32:57:aa:2e:2b:6e:a2:
         74:78:ee:a6:e3:38:5e:c9:aa:cd:8d:a5:02:21:d5:c3:1b:c1:
         d2:d8:63:88:6d:a3:c6:5a:2c:b3:ed:73:37:46:76:04:37:77:
         88:0a:de:d1:a8:56:8b:a9:ec:a2:65:13:74:46:4d:c6:fd:15:
         81:d4:7b:fc:fc:f5:88:3c:90:3a:df:9b:8c:d7:72:31:21:61:
         36:8e:55:a3:cc:4b:e1:19:02:82:67:6e:8a:c0:41:6e:23:21:
         d6:a5:e2:3f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEgswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MTEwNjI2MjZaFw0yNTA5MTEwNjI2MjZaMBgxFjAU
BgNVBAMTDTY0ZmViMzE1LTI3ZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCd5RoCsEzkzYfmoOF3DMY2MVthx65dSBhlXVwo1ShcGQpoKNdZiMoTxFKM
2q7casFJC0EgAfJKSvdTD5hondhyn7UlkcCFpi16QFjKyouMY3SNmr6c0eXEw4iS
aFEp1dh+bxJwmVIwLmYLpuoYJBV2w089Qr+JKtJoxQuyhVV1w13KBI7qqSxdphAS
ZUcm6ds00Du73w9yDfyIIOJnIJHeV57jKDZqXQSccvVV6Qn00EwbrJBMj82cXTMS
dICRXf+sk2bCli8q8KR0tiC/LlQybfyiQ+fsVCNkBso58xdLJ7tTk2fzkDa2jUkx
3kHNDZS7YzNrEYQ7yVOVTo89AKtjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUlxER
Bj06mAZHbEB690oUatcT8YkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzI0OTMzNUI2NTA2QzExRUU4OTNEODcyRDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACafz0wDQYJKoZIhvcNAQEL
BQADggEBABncgBdaQwc3YPM2tik85qvar7DcHGXJOX2lUN2AavH7/3FqTdW6UN+S
mX0zlSxF6r5jC3tSaSazBBJ6SyZSq6WPzMzk2SmBkxWbRxc5Vip0eWP0V8xM1QQm
qzzQ6YAZlB7SVIV/TL3tu0Pxc4KgzDr/k3N/mK/IHu+1LiFpzKei5krRpsmAEG1D
tdv9gfNz03u/diSdAHNkEojBMleqLituonR47qbjOF7Jqs2NpQIh1cMbwdLYY4ht
o8ZaLLPtczdGdgQ3d4gK3tGoVoup7KJlE3RGTcb9FYHUe/z89Yg8kDrfm4zXcjEh
YTaOVaPMS+EZAoJnborAQW4jIdal4j8=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:03 2024 by rpki-client on console-fra.rpki-client.org