Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3D12E016434E11EF83A1977A762E951A.roa
File:                     3D12E016434E11EF83A1977A762E951A.roa (raw, json)
Hash identifier:          yvxsaa8IrvKkMsxMWIhVryCQ0gmBtGr9SchZUksPF+k=
Subject key identifier:   00:DD:3D:1A:63:FC:45:62:46:34:25:D3:B8:F4:51:32:BE:0C:F2:B5
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       172E
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3D12E016434E11EF83A1977A762E951A.roa
Signing time:             Tue 16 Jul 2024 08:34:38 +0000
ROA not before:           Tue 16 Jul 2024 08:34:35 +0000
ROA not after:            Thu 16 Jul 2026 08:34:35 +0000
asID:                     212238
IP address blocks:        154.16.35.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5934 (0x172e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jul 16 08:34:35 2024 GMT
            Not After : Jul 16 08:34:35 2026 GMT
        Subject: CN=6696309e-f5a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:1f:ce:be:a5:1d:48:47:75:8f:07:4d:de:c6:
                    85:1b:3a:9b:aa:ad:db:3d:e8:28:82:4c:2a:fb:b4:
                    09:2c:63:04:2f:b8:4f:5e:d3:67:85:ec:09:ee:8f:
                    d0:60:28:26:12:68:6c:cb:a0:8b:18:3d:53:da:11:
                    5b:39:1d:46:0c:5d:04:32:ae:bd:5e:fc:c9:54:2b:
                    63:4b:7b:29:df:00:c8:8f:8b:3b:b8:4f:94:fb:d7:
                    8f:e2:11:65:d8:49:db:5f:e9:dd:4b:61:f2:7b:93:
                    f2:b9:0f:46:2a:aa:55:e4:16:1f:c6:e2:a6:6d:59:
                    cb:98:1d:ff:76:51:4c:a6:04:5d:14:38:f3:3f:49:
                    dd:32:d0:00:8a:16:83:84:2e:74:4c:99:43:a8:b5:
                    96:76:c3:86:14:66:b1:03:e3:98:bd:24:1a:86:48:
                    b0:1c:fa:92:32:ee:51:b4:21:55:3e:1c:1b:14:eb:
                    8b:01:f4:e0:19:1c:55:cb:0a:ba:65:73:1b:fc:1a:
                    da:dd:36:42:92:d8:8e:ab:e7:ac:4a:db:c7:0f:14:
                    c2:06:e0:4d:d7:70:af:8b:27:76:89:0a:7c:14:15:
                    6f:6c:b2:8b:5f:bd:c7:05:5f:f2:3f:79:5f:55:51:
                    8a:4f:40:51:b3:52:f4:61:16:b4:28:01:9a:bc:0d:
                    4f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:DD:3D:1A:63:FC:45:62:46:34:25:D3:B8:F4:51:32:BE:0C:F2:B5
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3D12E016434E11EF83A1977A762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d3:4f:17:28:30:6a:ff:4d:a1:7b:4c:c9:dc:89:31:a6:a2:af:
         f2:9c:62:f5:6f:66:b3:64:58:96:ed:ea:27:26:53:ab:2b:6c:
         62:2b:0c:fd:f1:99:30:a9:12:10:cd:b0:a8:be:d3:0a:cf:73:
         f5:17:5f:34:d3:94:c5:f6:50:a3:74:e0:89:59:1b:05:82:cb:
         25:1c:70:d6:20:bf:44:a3:66:18:f2:db:61:32:13:b8:37:c5:
         39:b0:e1:d1:58:4a:26:72:a4:dd:40:b1:0b:6b:18:fc:91:f3:
         ea:8e:78:bd:14:08:fa:96:10:1b:18:b2:bb:59:6d:c9:24:a2:
         58:51:6e:16:29:f7:ac:9c:b1:d5:76:40:cb:9d:cf:69:32:bd:
         f7:da:9e:eb:9e:9d:5a:ae:c8:36:94:c2:b0:dc:ff:07:94:b6:
         d1:a8:3e:a8:1d:9c:0d:80:c0:54:f9:c1:f8:0f:01:be:78:8f:
         d8:75:f8:f6:69:66:27:4b:37:ac:c0:92:99:c5:0b:c3:4a:ef:
         c3:72:93:99:78:2e:83:63:7b:f2:4b:e4:e0:17:03:2a:06:1b:
         c8:a9:07:ed:a1:be:2b:3b:5c:84:57:c4:78:58:b3:1a:31:30:
         9b:0e:58:a1:fc:7c:48:4e:3c:94:31:ed:63:fc:a8:ea:5b:e7:
         b7:1c:be:25
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFy4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA3MTYwODM0MzVaFw0yNjA3MTYwODM0MzVaMBgxFjAU
BgNVBAMTDTY2OTYzMDllLWY1YTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCqH86+pR1IR3WPB03exoUbOpuqrds96CiCTCr7tAksYwQvuE9e02eF7Anu
j9BgKCYSaGzLoIsYPVPaEVs5HUYMXQQyrr1e/MlUK2NLeynfAMiPizu4T5T714/i
EWXYSdtf6d1LYfJ7k/K5D0YqqlXkFh/G4qZtWcuYHf92UUymBF0UOPM/Sd0y0ACK
FoOELnRMmUOotZZ2w4YUZrED45i9JBqGSLAc+pIy7lG0IVU+HBsU64sB9OAZHFXL
Crplcxv8GtrdNkKS2I6r56xK28cPFMIG4E3XcK+LJ3aJCnwUFW9ssotfvccFX/I/
eV9VUYpPQFGzUvRhFrQoAZq8DU8/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUAN09
GmP8RWJGNCXTuPRRMr4M8rUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzNEMTJFMDE2NDM0RTExRUY4M0ExOTc3QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECMwDQYJKoZIhvcNAQEL
BQADggEBANNPFygwav9NoXtMydyJMaair/KcYvVvZrNkWJbt6icmU6srbGIrDP3x
mTCpEhDNsKi+0wrPc/UXXzTTlMX2UKN04IlZGwWCyyUccNYgv0SjZhjy22EyE7g3
xTmw4dFYSiZypN1AsQtrGPyR8+qOeL0UCPqWEBsYsrtZbckkolhRbhYp96ycsdV2
QMudz2kyvffanuuenVquyDaUwrDc/weUttGoPqgdnA2AwFT5wfgPAb54j9h1+PZp
ZidLN6zAkpnFC8NK78Nyk5l4LoNje/JL5OAXAyoGG8ipB+2hvis7XIRXxHhYsxox
MJsOWKH8fEhOPJQx7WP8qOpb57ccviU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:55 2024 by rpki-client on console-fra.rpki-client.org