Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3FDA942A38EA11EE9E091C6B4AD9E6FC.roa
File:                     3FDA942A38EA11EE9E091C6B4AD9E6FC.roa (raw, json)
Hash identifier:          S8IDFU+vYLYWnGLoUds8el2ETbA+aaA6Obp7jUbNV+o=
Subject key identifier:   D9:10:FF:FF:FF:3E:26:A9:8B:53:B0:F7:0F:1E:31:C9:35:B6:B4:47
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1131
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3FDA942A38EA11EE9E091C6B4AD9E6FC.roa
Signing time:             Sat 12 Aug 2023 08:28:44 +0000
ROA not before:           Sat 12 Aug 2023 08:28:41 +0000
ROA not after:            Wed 14 Aug 2024 08:28:41 +0000
asID:                     14670
IP address blocks:        154.16.117.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4401 (0x1131)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 12 08:28:41 2023 GMT
            Not After : Aug 14 08:28:41 2024 GMT
        Subject: CN=64d742bc-dbd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:04:06:5b:24:bb:5c:d4:4f:b8:28:9c:72:cc:
                    7d:3d:35:d3:cd:ea:d0:01:71:89:3f:e7:13:82:5d:
                    d7:a4:d7:73:a4:49:f5:a6:7b:48:d1:9e:3c:ca:06:
                    fd:30:44:27:71:2e:6e:9a:25:3a:97:70:81:d1:58:
                    49:58:be:aa:60:bd:6a:93:b9:1f:b7:83:7b:99:e8:
                    38:16:4a:2d:57:45:6d:e8:3d:3a:8c:59:6c:fd:57:
                    e6:30:27:2d:74:82:5e:bc:0f:38:97:d8:da:c2:d3:
                    97:00:c4:63:10:02:d1:b5:0d:9f:46:98:b8:da:3b:
                    8b:d2:4e:8d:42:84:61:80:bd:6f:f3:10:80:76:74:
                    7f:66:91:74:df:b5:1f:cc:37:ed:02:ce:29:bf:23:
                    9f:a1:b1:f2:bf:11:87:03:83:f2:ca:a4:fc:00:5d:
                    76:df:a5:24:df:8b:df:f0:a6:c7:0e:93:03:c5:e4:
                    d6:6e:15:b0:8d:95:cd:9c:04:31:63:0e:90:eb:7a:
                    ba:02:aa:fc:66:c3:08:bc:c2:3c:3e:81:d5:2c:17:
                    fc:38:88:06:8a:ee:2e:e1:3a:a7:c0:eb:6c:2d:f5:
                    ef:0e:3a:6f:a3:cf:1d:ac:43:8c:42:4a:f7:45:41:
                    f6:35:b3:9b:20:05:a6:ab:60:fe:54:d0:8c:9f:ba:
                    c4:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:10:FF:FF:FF:3E:26:A9:8B:53:B0:F7:0F:1E:31:C9:35:B6:B4:47
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3FDA942A38EA11EE9E091C6B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:40:51:14:dd:e8:99:e5:2b:a2:f4:4a:a8:6b:8b:8c:d4:4f:
         a9:c0:0c:33:03:35:8a:02:7e:61:66:e3:3f:3f:58:56:29:aa:
         44:79:fe:4e:04:10:31:b3:7c:51:f6:cf:0a:e9:a5:80:7f:ab:
         7d:da:f4:93:39:61:3e:20:b0:0a:69:29:58:4d:cc:4e:cc:6d:
         d9:5e:19:a7:2b:27:53:8e:c2:12:66:84:99:23:56:6e:6c:e9:
         25:ea:80:bf:48:8d:58:ce:79:50:da:f3:22:0c:46:ac:b7:77:
         99:ec:61:73:85:7e:a5:8f:06:5f:a6:21:97:f9:66:08:5c:2a:
         fe:c2:03:26:93:5e:0e:cc:27:7e:94:f3:2c:05:a6:e4:d3:0f:
         cc:d2:d5:c0:a8:d1:5d:91:e1:74:77:34:1c:0f:be:2e:8b:1f:
         bb:18:41:bf:bf:13:43:b2:08:01:36:4b:b6:fb:c3:af:96:6c:
         42:76:86:dc:eb:53:ed:6a:70:97:09:9d:ea:27:7b:e0:c4:17:
         64:8e:d6:a8:bb:69:be:c3:49:49:90:7a:e7:3d:b5:66:69:fd:
         b2:5c:15:2f:41:6b:5e:10:81:a2:35:7b:44:60:cd:34:81:c4:
         a5:59:45:bd:b3:77:4a:e1:2c:1c:86:11:e1:73:f2:d4:f4:91:
         25:0a:36:96
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICETEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MTIwODI4NDFaFw0yNDA4MTQwODI4NDFaMBgxFjAU
BgNVBAMTDTY0ZDc0MmJjLWRiZDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQBAZbJLtc1E+4KJxyzH09NdPN6tABcYk/5xOCXdek13OkSfWme0jRnjzK
Bv0wRCdxLm6aJTqXcIHRWElYvqpgvWqTuR+3g3uZ6DgWSi1XRW3oPTqMWWz9V+Yw
Jy10gl68DziX2NrC05cAxGMQAtG1DZ9GmLjaO4vSTo1ChGGAvW/zEIB2dH9mkXTf
tR/MN+0Czim/I5+hsfK/EYcDg/LKpPwAXXbfpSTfi9/wpscOkwPF5NZuFbCNlc2c
BDFjDpDreroCqvxmwwi8wjw+gdUsF/w4iAaK7i7hOqfA62wt9e8OOm+jzx2sQ4xC
SvdFQfY1s5sgBaarYP5U0IyfusQZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2RD/
//8+JqmLU7D3Dx4xyTW2tEcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzNGREE5NDJBMzhFQTExRUU5RTA5MUM2QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHUwDQYJKoZIhvcNAQEL
BQADggEBAApAURTd6JnlK6L0Sqhri4zUT6nADDMDNYoCfmFm4z8/WFYpqkR5/k4E
EDGzfFH2zwrppYB/q33a9JM5YT4gsAppKVhNzE7MbdleGacrJ1OOwhJmhJkjVm5s
6SXqgL9IjVjOeVDa8yIMRqy3d5nsYXOFfqWPBl+mIZf5ZghcKv7CAyaTXg7MJ36U
8ywFpuTTD8zS1cCo0V2R4XR3NBwPvi6LH7sYQb+/E0OyCAE2S7b7w6+WbEJ2htzr
U+1qcJcJneone+DEF2SO1qi7ab7DSUmQeuc9tWZp/bJcFS9Ba14QgaI1e0RgzTSB
xKVZRb2zd0rhLByGEeFz8tT0kSUKNpY=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:03 2024 by rpki-client on console-fra.rpki-client.org