Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/32744AFA589411EEB40FFE2A4AD9E6FC.roa
File:                     32744AFA589411EEB40FFE2A4AD9E6FC.roa (raw, json)
Hash identifier:          lQNzxcVpi7f8hevuNvSsG+1aG1zjCky8AclOVMmOz7I=
Subject key identifier:   3B:0E:AC:B3:EB:B3:10:10:15:54:4E:A1:5E:6B:9C:94:B2:F0:BC:00
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1268
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/32744AFA589411EEB40FFE2A4AD9E6FC.roa
Signing time:             Thu 21 Sep 2023 15:33:22 +0000
ROA not before:           Thu 21 Sep 2023 15:33:18 +0000
ROA not after:            Wed 25 Sep 2024 15:33:18 +0000
asID:                     14445
IP address blocks:        154.16.96.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 05 Mar 2024 00:04:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4712 (0x1268)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Sep 21 15:33:18 2023 GMT
            Not After : Sep 25 15:33:18 2024 GMT
        Subject: CN=650c6242-5a5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:cc:75:84:13:1e:76:4b:04:1a:d6:0c:fb:40:
                    e0:1d:4d:54:63:ea:80:8b:ea:a6:78:be:80:34:d1:
                    82:07:10:58:f2:8f:f3:23:ae:7f:73:8c:a3:8d:25:
                    70:e2:9e:9e:a2:27:ed:e5:59:44:32:1d:ba:df:fe:
                    b6:d7:bd:53:41:20:29:02:3b:17:fd:11:86:2d:a1:
                    c3:0a:a4:f8:6c:39:82:87:92:be:74:83:41:20:50:
                    6f:ef:03:bf:73:fb:e8:f7:09:6e:bf:b5:bb:99:da:
                    2e:56:ae:14:20:70:47:55:93:8e:ed:d1:83:0b:ca:
                    47:bb:b9:7d:46:08:2c:5c:c7:19:de:66:68:23:95:
                    09:05:00:1e:1e:b3:7a:ba:c3:b1:3a:9e:b3:b7:4a:
                    ea:0e:1b:36:7d:22:3a:4f:c1:57:be:58:db:cf:97:
                    33:69:7b:b1:58:00:9c:51:d9:a0:79:5b:f0:1f:79:
                    03:d4:bf:f5:f5:14:f4:a3:58:ff:e9:86:c3:cf:bf:
                    8f:16:f6:ea:46:f3:cf:bf:db:0c:84:b7:42:da:cf:
                    e6:67:ea:2f:3a:59:3d:c7:c0:50:89:37:7e:2a:d1:
                    68:56:6a:b7:1a:b1:6d:d6:86:53:27:04:7c:72:4b:
                    60:8c:07:18:e3:04:ee:98:d3:f1:01:f2:76:85:c3:
                    d5:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:0E:AC:B3:EB:B3:10:10:15:54:4E:A1:5E:6B:9C:94:B2:F0:BC:00
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/32744AFA589411EEB40FFE2A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:34:c5:0f:3a:1e:3a:67:b7:4a:95:97:68:da:ee:5d:fe:9a:
         79:ca:4d:ac:d8:43:d7:6b:71:b1:ad:fd:71:33:10:af:4b:80:
         35:21:09:25:28:ba:65:e6:f1:fd:31:c0:7d:f8:26:6d:0e:d5:
         9e:42:db:07:6e:0f:67:90:51:e4:ad:2c:7f:e5:26:fe:31:80:
         58:2d:5e:c5:68:be:70:8a:31:11:54:67:da:8a:e5:fe:0f:4b:
         04:77:6f:19:ce:73:8a:21:ac:21:3b:a6:5b:69:51:be:de:fe:
         75:d6:e5:ce:3a:4d:bc:e7:38:a2:00:2f:43:b2:7d:1f:d0:d4:
         76:2d:95:03:5f:b3:59:9c:b6:ec:cf:c4:70:a0:92:32:aa:fd:
         ed:ad:b5:22:92:d8:06:9d:8f:d5:73:2e:48:91:98:62:58:55:
         0f:11:ff:7d:fe:71:29:70:c0:3a:50:60:db:e9:3d:56:11:65:
         a8:45:ea:2b:b8:15:23:f8:44:40:a1:68:3f:15:cb:16:03:a1:
         7c:27:91:9a:b0:74:12:d7:ce:be:df:3b:e2:0c:28:5b:b7:39:
         08:42:6f:8d:ed:c4:5e:27:73:45:87:68:6b:0c:6c:33:e3:12:
         f5:a8:6d:0d:8e:cf:46:b0:dd:cf:13:12:06:b6:4b:e3:af:15:
         1a:93:5a:91
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEmgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MjExNTMzMThaFw0yNDA5MjUxNTMzMThaMBgxFjAU
BgNVBAMTDTY1MGM2MjQyLTVhNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCizHWEEx52SwQa1gz7QOAdTVRj6oCL6qZ4voA00YIHEFjyj/Mjrn9zjKON
JXDinp6iJ+3lWUQyHbrf/rbXvVNBICkCOxf9EYYtocMKpPhsOYKHkr50g0EgUG/v
A79z++j3CW6/tbuZ2i5WrhQgcEdVk47t0YMLyke7uX1GCCxcxxneZmgjlQkFAB4e
s3q6w7E6nrO3SuoOGzZ9IjpPwVe+WNvPlzNpe7FYAJxR2aB5W/AfeQPUv/X1FPSj
WP/phsPPv48W9upG88+/2wyEt0Laz+Zn6i86WT3HwFCJN34q0WhWarcasW3WhlMn
BHxyS2CMBxjjBO6Y0/EB8naFw9X3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUOw6s
s+uzEBAVVE6hXmuclLLwvAAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzMyNzQ0QUZBNTg5NDExRUVCNDBGRkUyQTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGAwDQYJKoZIhvcNAQEL
BQADggEBALo0xQ86Hjpnt0qVl2ja7l3+mnnKTazYQ9drcbGt/XEzEK9LgDUhCSUo
umXm8f0xwH34Jm0O1Z5C2wduD2eQUeStLH/lJv4xgFgtXsVovnCKMRFUZ9qK5f4P
SwR3bxnOc4ohrCE7pltpUb7e/nXW5c46TbznOKIAL0OyfR/Q1HYtlQNfs1mctuzP
xHCgkjKq/e2ttSKS2Aadj9VzLkiRmGJYVQ8R/33+cSlwwDpQYNvpPVYRZahF6iu4
FSP4REChaD8VyxYDoXwnkZqwdBLXzr7fO+IMKFu3OQhCb43txF4nc0WHaGsMbDPj
EvWobQ2Oz0aw3c8TEga2S+OvFRqTWpE=
-----END CERTIFICATE-----
Generated at Sun Mar 3 02:14:15 2024 by rpki-client on console-fra.rpki-client.org