Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/36E1EB1CA7ED11EE985B3AC7775412E6.roa
File:                     36E1EB1CA7ED11EE985B3AC7775412E6.roa (raw, json)
Hash identifier:          qQcsjx5VC/YsyArNQ6dMBJO5Vn7qvlQ0rAcPfIchm5c=
Subject key identifier:   53:11:CB:17:6C:50:9F:A2:27:6C:47:2C:97:BE:A9:04:00:29:72:F8
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1432
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/36E1EB1CA7ED11EE985B3AC7775412E6.roa
Signing time:             Sun 31 Dec 2023 14:59:37 +0000
ROA not before:           Sun 31 Dec 2023 14:59:33 +0000
ROA not after:            Wed 29 Jan 2025 14:59:33 +0000
asID:                     20473
IP address blocks:        154.16.86.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5170 (0x1432)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Dec 31 14:59:33 2023 GMT
            Not After : Jan 29 14:59:33 2025 GMT
        Subject: CN=659181d8-ad3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:15:5e:6a:37:ba:cb:76:16:5f:30:00:6d:f6:
                    93:c9:e2:6b:6d:e0:8b:e3:68:b8:04:e3:90:bb:51:
                    17:c1:b4:99:de:84:a7:9b:a6:3f:69:0f:56:c6:e0:
                    b4:5e:51:a3:8e:31:53:3f:fb:ec:0b:c4:77:4f:6b:
                    09:5a:16:f2:bc:dc:f8:68:e2:75:5a:03:12:ca:84:
                    ce:79:6e:dd:f8:82:1e:3a:01:86:3a:fd:01:3c:fd:
                    e8:eb:a4:61:3b:60:ba:5f:ab:25:89:2a:20:67:b1:
                    0a:17:b5:0c:12:22:72:ad:4d:80:b9:32:a5:dc:4a:
                    87:72:ad:9f:eb:47:65:12:1c:c8:ef:1f:94:7d:8c:
                    e6:b7:2c:d8:05:9b:5d:4d:5a:1f:de:b9:62:a2:10:
                    e0:c1:a2:08:39:8d:73:54:f0:0e:01:fb:44:84:af:
                    6d:ec:94:70:a3:9c:f1:3a:10:b5:4b:06:72:db:c1:
                    40:b1:c2:4c:57:55:7f:22:5e:91:f8:d0:bd:a3:d3:
                    bf:38:48:46:f3:55:98:ae:cb:91:fc:0a:eb:0a:83:
                    11:83:fa:59:3d:5c:9e:dd:d8:2d:4e:9a:58:05:0d:
                    27:f4:db:82:d9:65:63:04:16:a4:71:56:21:51:1a:
                    4a:3a:4b:a8:2e:1b:f7:27:93:93:d6:8b:d3:cb:9f:
                    5e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:11:CB:17:6C:50:9F:A2:27:6C:47:2C:97:BE:A9:04:00:29:72:F8
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/36E1EB1CA7ED11EE985B3AC7775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:62:5e:5d:ca:9c:b5:e3:8d:af:fb:c4:54:a6:16:73:d3:0f:
         4b:21:e0:01:15:65:50:1c:71:67:b6:85:9d:d7:10:4a:a2:e0:
         1c:79:d7:15:72:71:00:c9:da:82:a3:84:94:97:3d:6a:4d:ae:
         db:07:b5:89:10:bd:fd:7f:b7:85:5e:26:fb:80:63:be:76:9e:
         7d:23:c3:b3:74:9f:3d:db:63:f1:43:77:d7:a1:f0:c1:b0:d2:
         63:93:3b:6b:44:f5:30:5d:ca:e8:07:bb:dd:35:67:42:a3:da:
         27:ea:79:0f:2f:b3:70:71:36:7b:78:30:32:f5:17:62:1a:fe:
         ab:ae:ef:b4:6f:3f:ed:ce:d4:5a:02:d2:b1:3d:d4:f3:0f:bf:
         53:d3:70:ec:7c:f3:7b:0c:1d:8e:34:61:f8:7e:02:01:8c:20:
         5c:a7:02:66:88:0a:3e:d5:37:fc:f5:e4:c4:d1:1a:ed:ee:d4:
         b8:38:2e:e2:ee:42:61:b7:6e:ff:32:b3:93:94:26:27:8a:27:
         58:27:0e:dc:0e:46:38:4b:40:02:b1:25:1d:d4:0c:a3:a5:fa:
         d2:8c:f3:05:50:db:4b:d4:69:a6:0f:0b:62:d9:be:df:4b:d1:
         fc:78:ce:fa:95:de:23:a1:44:81:4d:bc:9c:cf:9e:2d:57:04:
         cd:d6:87:60
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFDIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEyMzExNDU5MzNaFw0yNTAxMjkxNDU5MzNaMBgxFjAU
BgNVBAMTDTY1OTE4MWQ4LWFkM2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDwFV5qN7rLdhZfMABt9pPJ4mtt4IvjaLgE45C7URfBtJnehKebpj9pD1bG
4LReUaOOMVM/++wLxHdPawlaFvK83Pho4nVaAxLKhM55bt34gh46AYY6/QE8/ejr
pGE7YLpfqyWJKiBnsQoXtQwSInKtTYC5MqXcSodyrZ/rR2USHMjvH5R9jOa3LNgF
m11NWh/euWKiEODBogg5jXNU8A4B+0SEr23slHCjnPE6ELVLBnLbwUCxwkxXVX8i
XpH40L2j0784SEbzVZiuy5H8CusKgxGD+lk9XJ7d2C1OmlgFDSf024LZZWMEFqRx
ViFRGko6S6guG/cnk5PWi9PLn17JAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUUxHL
F2xQn6InbEcsl76pBAApcvgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzM2RTFFQjFDQTdFRDExRUU5ODVCM0FDNzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFYwDQYJKoZIhvcNAQEL
BQADggEBAJtiXl3KnLXjja/7xFSmFnPTD0sh4AEVZVAccWe2hZ3XEEqi4Bx51xVy
cQDJ2oKjhJSXPWpNrtsHtYkQvf1/t4VeJvuAY752nn0jw7N0nz3bY/FDd9eh8MGw
0mOTO2tE9TBdyugHu901Z0Kj2ifqeQ8vs3BxNnt4MDL1F2Ia/quu77RvP+3O1FoC
0rE91PMPv1PTcOx883sMHY40Yfh+AgGMIFynAmaICj7VN/z15MTRGu3u1Lg4LuLu
QmG3bv8ys5OUJieKJ1gnDtwORjhLQAKxJR3UDKOl+tKM8wVQ20vUaaYPC2LZvt9L
0fx4zvqV3iOhRIFNvJzPni1XBM3Wh2A=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:02 2024 by rpki-client on console-ams.rpki-client.org