Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AA33ED238EE11EE8DE376764AD9E6FC.roa
File:                     2AA33ED238EE11EE8DE376764AD9E6FC.roa (raw, json)
Hash identifier:          NiInSXAWhS0HZf+ulcSlGAi3TtfulrUTfDAE3+S0Oug=
Subject key identifier:   4E:FC:F9:6B:D2:4A:8D:5A:12:23:EA:DD:19:27:70:EF:E7:2A:C1:0A
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       113D
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AA33ED238EE11EE8DE376764AD9E6FC.roa
Signing time:             Sat 12 Aug 2023 08:56:46 +0000
ROA not before:           Sat 12 Aug 2023 08:56:43 +0000
ROA not after:            Wed 14 Aug 2024 08:56:43 +0000
asID:                     14670
IP address blocks:        154.16.115.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4413 (0x113d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 12 08:56:43 2023 GMT
            Not After : Aug 14 08:56:43 2024 GMT
        Subject: CN=64d7494e-c1a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:da:64:c3:e4:93:f4:df:fc:98:4c:77:e9:64:
                    7a:57:0f:3f:79:eb:a4:3d:07:16:93:67:fb:1b:c7:
                    a3:1d:4a:8c:73:fe:8e:dc:14:33:b9:36:d8:1b:87:
                    18:12:cc:86:07:a8:65:57:a9:0b:8d:33:48:7f:e2:
                    34:02:a0:56:ba:f7:1c:63:12:96:12:3d:49:e7:b9:
                    c0:4f:bb:28:73:5d:b4:16:a1:ad:67:59:11:25:29:
                    98:11:7f:ee:1b:ed:7d:48:cc:e8:56:ad:a7:4f:4b:
                    af:be:18:51:25:0d:4a:c6:b9:22:91:61:77:07:c0:
                    15:5c:71:dc:dd:f1:c3:b1:c2:84:7b:0b:76:36:83:
                    7e:62:48:10:03:01:90:f3:05:9a:a5:36:b2:ad:15:
                    5c:f4:c3:d4:9a:c3:c2:fe:a7:71:17:0b:9a:37:d8:
                    99:2a:e4:29:a3:06:a6:46:e7:0c:ab:d4:ad:f3:e4:
                    f1:b8:e1:06:46:45:d0:a8:68:10:e6:fa:5b:3a:e8:
                    c3:bc:c5:5d:9d:96:36:6a:cb:8b:37:db:60:e5:c0:
                    72:f3:21:dd:26:f8:a0:c0:d3:50:87:a2:85:65:65:
                    af:cb:60:1c:ea:0d:67:c4:c0:47:80:e6:7e:d7:7d:
                    2f:7b:6a:7d:27:56:83:20:62:6e:d7:69:88:2c:29:
                    de:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:FC:F9:6B:D2:4A:8D:5A:12:23:EA:DD:19:27:70:EF:E7:2A:C1:0A
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AA33ED238EE11EE8DE376764AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:c6:db:e6:d0:be:14:64:75:91:6b:e4:dc:05:9d:61:7e:77:
         79:c4:58:16:dd:c6:c7:2e:14:c9:f5:61:ba:d9:6b:60:9a:61:
         c5:37:ee:36:9c:31:0b:bf:e1:4f:1d:1a:62:ec:36:56:5e:de:
         cf:08:15:3d:49:74:36:f5:2f:41:ab:97:83:00:ad:ce:d0:41:
         3f:fa:e0:1b:76:99:c5:82:3c:22:26:b0:d7:4f:fd:4d:a6:03:
         a6:31:79:b5:94:95:ba:80:81:b0:bd:b9:c5:42:cb:90:98:b0:
         52:35:44:94:9c:cf:2d:95:c6:0a:42:5e:ab:c3:d8:96:f0:cc:
         ac:0c:17:48:33:26:55:cb:f6:0c:92:40:44:33:79:8e:bb:7d:
         43:4e:30:5d:dc:ed:d5:c9:a6:84:c7:2c:68:69:4a:d9:4a:c4:
         c7:94:ea:48:fb:a2:31:87:0a:f7:1f:ef:c0:f0:38:c8:f7:1c:
         70:b8:20:89:e5:2f:9d:79:4a:e2:71:c2:59:f3:76:a3:49:10:
         63:56:52:1e:7e:1d:20:ba:5b:f6:2b:ec:73:b0:36:da:ff:f8:
         aa:c6:58:d2:f1:18:26:e8:82:1a:22:d5:0c:94:f5:b3:31:6e:
         eb:e4:9b:9f:46:3b:e2:25:ea:1c:53:3b:a1:a2:9c:f4:a0:9c:
         8c:ac:ce:28
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICET0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MTIwODU2NDNaFw0yNDA4MTQwODU2NDNaMBgxFjAU
BgNVBAMTDTY0ZDc0OTRlLWMxYTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCs2mTD5JP03/yYTHfpZHpXDz9566Q9BxaTZ/sbx6MdSoxz/o7cFDO5Ntgb
hxgSzIYHqGVXqQuNM0h/4jQCoFa69xxjEpYSPUnnucBPuyhzXbQWoa1nWRElKZgR
f+4b7X1IzOhWradPS6++GFElDUrGuSKRYXcHwBVccdzd8cOxwoR7C3Y2g35iSBAD
AZDzBZqlNrKtFVz0w9Saw8L+p3EXC5o32Jkq5CmjBqZG5wyr1K3z5PG44QZGRdCo
aBDm+ls66MO8xV2dljZqy4s322DlwHLzId0m+KDA01CHooVlZa/LYBzqDWfEwEeA
5n7XfS97an0nVoMgYm7XaYgsKd5LAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUTvz5
a9JKjVoSI+rdGSdw7+cqwQowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzJBQTMzRUQyMzhFRTExRUU4REUzNzY3NjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHMwDQYJKoZIhvcNAQEL
BQADggEBAAfG2+bQvhRkdZFr5NwFnWF+d3nEWBbdxscuFMn1YbrZa2CaYcU37jac
MQu/4U8dGmLsNlZe3s8IFT1JdDb1L0Grl4MArc7QQT/64Bt2mcWCPCImsNdP/U2m
A6YxebWUlbqAgbC9ucVCy5CYsFI1RJSczy2VxgpCXqvD2JbwzKwMF0gzJlXL9gyS
QEQzeY67fUNOMF3c7dXJpoTHLGhpStlKxMeU6kj7ojGHCvcf78DwOMj3HHC4IInl
L515SuJxwlnzdqNJEGNWUh5+HSC6W/Yr7HOwNtr/+KrGWNLxGCboghoi1QyU9bMx
buvkm59GO+Il6hxTO6GinPSgnIyszig=
-----END CERTIFICATE-----
Generated at Sun Jul 14 02:50:28 2024 by rpki-client on console-ams.rpki-client.org