Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/410AA25E8B8811EEBED1D4204AD9E6FC.roa
File:                     410AA25E8B8811EEBED1D4204AD9E6FC.roa (raw, json)
Hash identifier:          Ii3szrMA4TNB6M9lqxMWiDoZyMcRP5rpZOt4wKC0thg=
Subject key identifier:   9A:AC:8F:83:A1:E4:80:41:DD:82:B6:C4:8F:D7:35:DE:21:4B:D8:79
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1381
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/410AA25E8B8811EEBED1D4204AD9E6FC.roa
Signing time:             Sat 25 Nov 2023 11:46:22 +0000
ROA not before:           Sat 25 Nov 2023 11:46:19 +0000
ROA not after:            Tue 25 Nov 2025 11:46:19 +0000
asID:                     212238
IP address blocks:        154.16.106.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4993 (0x1381)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 25 11:46:19 2023 GMT
            Not After : Nov 25 11:46:19 2025 GMT
        Subject: CN=6561de8e-db99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6e:62:41:24:c2:00:f6:0b:b2:56:f3:15:c2:
                    33:79:6b:88:66:48:71:5f:79:cb:99:ee:40:c8:b0:
                    0b:ab:28:fd:d7:c0:16:54:b3:42:63:50:56:c4:f6:
                    87:6c:5d:64:c6:9d:38:3b:31:ba:c9:31:7e:9f:fc:
                    0d:ac:39:57:de:cb:79:8a:05:ff:f8:74:10:d1:aa:
                    fa:34:ad:3d:c4:9b:e8:23:77:da:bb:58:b2:42:a2:
                    42:b4:2a:89:8d:0f:c2:92:80:df:5e:a2:d0:91:79:
                    db:19:90:fa:a2:a8:d6:ba:b9:f5:9a:08:a2:60:34:
                    d4:af:f0:16:f5:4d:60:d2:0d:50:98:8f:ea:31:22:
                    e5:ab:f1:45:0b:2d:cb:f6:6c:aa:50:43:30:2f:10:
                    f8:38:d9:26:d6:5f:5c:e1:0a:6d:00:4a:6c:5a:41:
                    ad:47:81:00:29:49:a0:04:ee:c1:65:77:1c:3a:fd:
                    f4:91:a7:4b:9a:66:a8:be:99:d9:9b:47:e8:c1:1a:
                    7c:d0:a2:7e:d5:c4:d7:78:cb:aa:d6:fe:6a:2b:31:
                    cc:5d:a7:43:81:56:92:eb:a6:88:ec:af:79:f9:9e:
                    f6:8f:52:20:a4:aa:4f:3b:67:52:29:f3:01:eb:eb:
                    70:4f:7b:b5:47:26:39:5d:81:33:f6:a9:76:26:4a:
                    ae:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:AC:8F:83:A1:E4:80:41:DD:82:B6:C4:8F:D7:35:DE:21:4B:D8:79
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/410AA25E8B8811EEBED1D4204AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:2d:3d:35:01:67:87:91:ab:9e:fc:21:1a:a1:a4:d8:7a:63:
         a6:4c:4d:77:d4:16:d3:df:f2:92:6b:a0:ee:5c:7f:14:a3:55:
         cf:df:6b:c1:0c:94:0b:34:c2:41:12:dd:08:dc:92:b1:b2:fe:
         4a:05:eb:2d:07:9f:85:e5:c0:2d:b7:20:50:eb:82:1c:32:5e:
         90:f7:0f:bf:65:8b:7c:f1:90:5e:34:5b:d0:0c:a5:1d:2a:81:
         23:6b:e1:33:50:70:6e:c4:c7:2a:cc:cf:3e:db:7d:28:dd:fc:
         ad:4c:9d:e0:29:f5:78:a8:b6:1d:fc:b5:56:b2:8d:a1:10:49:
         05:8c:6f:48:74:3d:ab:0e:aa:c8:ff:5a:f7:79:5b:38:67:14:
         a0:83:34:03:c3:b3:d7:32:19:68:57:c1:ed:3a:f2:12:66:11:
         e6:b2:1e:56:b6:b6:44:dd:4e:13:39:6e:67:48:01:08:fc:c7:
         0e:af:ea:33:81:b9:2c:4c:f5:85:90:8d:92:cb:89:c9:35:ea:
         ee:db:c0:a2:ff:e5:61:12:11:a9:fe:b0:0b:9a:b7:e2:0e:ff:
         4f:95:a4:c9:83:86:0d:f4:96:66:84:a7:e5:2f:bb:04:44:c5:
         8b:c1:10:9c:ee:2a:d6:26:94:10:ea:86:69:bc:58:9d:c7:f5:
         20:17:e8:9d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE4EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTQ2MTlaFw0yNTExMjUxMTQ2MTlaMBgxFjAU
BgNVBAMTDTY1NjFkZThlLWRiOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDHbmJBJMIA9guyVvMVwjN5a4hmSHFfecuZ7kDIsAurKP3XwBZUs0JjUFbE
9odsXWTGnTg7MbrJMX6f/A2sOVfey3mKBf/4dBDRqvo0rT3Em+gjd9q7WLJCokK0
KomND8KSgN9eotCRedsZkPqiqNa6ufWaCKJgNNSv8Bb1TWDSDVCYj+oxIuWr8UUL
Lcv2bKpQQzAvEPg42SbWX1zhCm0ASmxaQa1HgQApSaAE7sFldxw6/fSRp0uaZqi+
mdmbR+jBGnzQon7VxNd4y6rW/morMcxdp0OBVpLrpojsr3n5nvaPUiCkqk87Z1Ip
8wHr63BPe7VHJjldgTP2qXYmSq6XAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUmqyP
g6HkgEHdgrbEj9c13iFL2HkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQxMEFBMjVFOEI4ODExRUVCRUQxRDQyMDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGowDQYJKoZIhvcNAQEL
BQADggEBAC8tPTUBZ4eRq578IRqhpNh6Y6ZMTXfUFtPf8pJroO5cfxSjVc/fa8EM
lAs0wkES3QjckrGy/koF6y0Hn4XlwC23IFDrghwyXpD3D79li3zxkF40W9AMpR0q
gSNr4TNQcG7ExyrMzz7bfSjd/K1MneAp9Xioth38tVayjaEQSQWMb0h0PasOqsj/
Wvd5WzhnFKCDNAPDs9cyGWhXwe068hJmEeayHla2tkTdThM5bmdIAQj8xw6v6jOB
uSxM9YWQjZLLick16u7bwKL/5WESEan+sAuat+IO/0+VpMmDhg30lmaEp+UvuwRE
xYvBEJzuKtYmlBDqhmm8WJ3H9SAX6J0=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:03 2024 by rpki-client on console-fra.rpki-client.org