Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AC8CDCAE86911EEA6A909A4775412E6.roa
File:                     2AC8CDCAE86911EEA6A909A4775412E6.roa (raw, json)
Hash identifier:          SiLh4ZJE43La2UiouxWpUtBu5w/0J4fx+PzfRuSZYks=
Subject key identifier:   C5:F3:07:0B:B0:8E:9F:DD:46:31:44:BE:BE:1D:FA:89:29:9B:72:31
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1571
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AC8CDCAE86911EEA6A909A4775412E6.roa
Signing time:             Fri 22 Mar 2024 16:28:08 +0000
ROA not before:           Fri 22 Mar 2024 16:28:05 +0000
ROA not after:            Sun 22 Mar 2026 16:28:05 +0000
asID:                     29802
IP address blocks:        154.16.210.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5489 (0x1571)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar 22 16:28:05 2024 GMT
            Not After : Mar 22 16:28:05 2026 GMT
        Subject: CN=65fdb198-a0f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:cb:eb:f3:48:2f:da:53:5f:f1:ec:fc:09:78:
                    67:03:c8:18:84:55:ec:26:e9:81:26:27:57:9f:12:
                    c3:07:06:6e:ed:5d:e0:db:fb:4b:15:4f:cd:32:56:
                    d3:8f:93:44:23:69:bd:a9:68:ea:7a:d3:1a:45:4e:
                    a5:2b:61:90:1e:fd:a2:71:3b:e5:df:59:d0:bf:de:
                    1f:7c:35:46:93:34:9f:14:13:fa:dd:80:7d:44:dc:
                    63:1d:ed:95:22:30:09:30:9b:5c:93:bd:18:ff:30:
                    7e:75:8f:85:55:6c:61:cb:5c:c8:a3:c4:5c:d0:66:
                    07:42:1e:6d:03:86:db:bb:c4:e4:0d:5a:75:e2:2d:
                    7d:1e:47:7c:85:00:eb:c8:9d:35:18:b4:8d:5a:f8:
                    3a:1b:ce:80:b6:d8:86:b6:db:f3:ea:db:ce:a6:78:
                    ef:e1:41:8d:63:80:76:a4:f6:1e:c4:e1:c9:37:6d:
                    cb:ce:96:81:50:6b:f5:55:a5:66:9f:2d:96:32:a9:
                    09:d5:d7:01:19:d1:14:41:01:77:6b:6e:0e:9d:30:
                    91:73:4c:b4:33:28:71:d4:8a:3a:24:fa:c7:4b:89:
                    6f:87:65:7c:56:f2:e6:12:73:63:20:ab:69:53:51:
                    1c:1b:1d:3f:36:01:4c:5f:43:12:1d:a2:cc:75:0d:
                    a7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:F3:07:0B:B0:8E:9F:DD:46:31:44:BE:BE:1D:FA:89:29:9B:72:31
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AC8CDCAE86911EEA6A909A4775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:7d:5d:d0:5f:da:e2:49:fa:7e:8a:e4:65:21:c8:9e:2d:0c:
         49:14:f7:81:d5:d4:35:ee:d2:03:56:63:3a:b8:54:e2:b1:cc:
         c3:36:fe:6a:c7:20:15:b9:57:4d:02:2f:75:5e:3a:3e:34:9b:
         34:26:a1:49:80:fe:9b:c4:69:47:82:7a:8d:e8:8c:1f:66:ef:
         08:99:16:ef:d7:a4:09:ee:45:8a:ef:4e:dc:1e:3b:f4:2d:22:
         38:1f:33:f5:bf:a7:8a:ac:4f:de:66:f6:b5:2c:71:b9:b3:b2:
         0b:dc:3c:4e:0a:23:e7:a7:d3:20:c4:17:06:99:c3:fd:e1:ae:
         35:ad:ad:64:ce:0d:e4:03:05:de:dc:3b:2c:cb:45:98:9d:8c:
         36:17:77:fd:de:5f:49:87:9e:7e:00:ea:8a:ba:b0:6b:10:f0:
         6e:5d:a1:53:86:bc:0d:18:80:dd:f4:dd:36:0f:1b:d3:8f:5b:
         4b:6e:7f:f7:6d:e5:c7:3e:25:1d:20:ab:49:88:47:d2:0a:85:
         34:c2:c3:28:6a:d1:5c:b1:c6:74:27:ff:a3:66:a5:e2:22:81:
         92:97:48:77:29:42:01:36:42:82:4a:95:1d:48:6c:08:5f:0b:
         3d:e5:dc:5e:46:05:b3:08:6e:ef:50:6f:99:90:72:bd:f8:c1:
         b1:64:85:7e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFXEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMjIxNjI4MDVaFw0yNjAzMjIxNjI4MDVaMBgxFjAU
BgNVBAMTDTY1ZmRiMTk4LWEwZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDty+vzSC/aU1/x7PwJeGcDyBiEVewm6YEmJ1efEsMHBm7tXeDb+0sVT80y
VtOPk0Qjab2paOp60xpFTqUrYZAe/aJxO+XfWdC/3h98NUaTNJ8UE/rdgH1E3GMd
7ZUiMAkwm1yTvRj/MH51j4VVbGHLXMijxFzQZgdCHm0Dhtu7xOQNWnXiLX0eR3yF
AOvInTUYtI1a+DobzoC22Ia22/Pq286meO/hQY1jgHak9h7E4ck3bcvOloFQa/VV
pWafLZYyqQnV1wEZ0RRBAXdrbg6dMJFzTLQzKHHUijok+sdLiW+HZXxW8uYSc2Mg
q2lTURwbHT82AUxfQxIdosx1Dad5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxfMH
C7COn91GMUS+vh36iSmbcjEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzJBQzhDRENBRTg2OTExRUVBNkE5MDlBNDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENIwDQYJKoZIhvcNAQEL
BQADggEBAK59XdBf2uJJ+n6K5GUhyJ4tDEkU94HV1DXu0gNWYzq4VOKxzMM2/mrH
IBW5V00CL3VeOj40mzQmoUmA/pvEaUeCeo3ojB9m7wiZFu/XpAnuRYrvTtweO/Qt
IjgfM/W/p4qsT95m9rUscbmzsgvcPE4KI+en0yDEFwaZw/3hrjWtrWTODeQDBd7c
OyzLRZidjDYXd/3eX0mHnn4A6oq6sGsQ8G5doVOGvA0YgN303TYPG9OPW0tuf/dt
5cc+JR0gq0mIR9IKhTTCwyhq0VyxxnQn/6NmpeIigZKXSHcpQgE2QoJKlR1IbAhf
Cz3l3F5GBbMIbu9Qb5mQcr34wbFkhX4=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:02 2024 by rpki-client on console-ams.rpki-client.org