Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/425504ECB69511ED99AE9BC0F1222468.roa
File:                     425504ECB69511ED99AE9BC0F1222468.roa (raw, json)
Hash identifier:          S3q+dDcNA6Hb7p/6inNFqzmETmX8iYVbp8YRKz7IEEk=
Subject key identifier:   0A:D1:F4:66:54:1D:49:77:90:6A:14:23:C0:44:54:40:89:D4:77:53
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0C6B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/425504ECB69511ED99AE9BC0F1222468.roa
Signing time:             Mon 27 Feb 2023 11:52:50 +0000
ROA not before:           Mon 27 Feb 2023 11:52:46 +0000
ROA not after:            Thu 27 Feb 2025 11:52:46 +0000
asID:                     61317
IP address blocks:        154.16.138.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 18 Jul 2024 07:24:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3179 (0xc6b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 11:52:46 2023 GMT
            Not After : Feb 27 11:52:46 2025 GMT
        Subject: CN=63fc9992-0048
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:92:75:d8:a1:c8:aa:e4:e2:1c:7d:30:fb:56:
                    43:b9:65:66:2a:90:37:01:6c:dc:4f:cc:cb:f5:b8:
                    d2:f4:b9:85:60:41:07:56:97:53:14:52:69:28:62:
                    5d:23:31:08:64:6c:db:a5:f8:82:c1:65:1b:dc:c4:
                    d2:20:75:f6:a2:3a:22:19:e4:12:86:19:51:d8:f9:
                    30:60:cf:53:60:56:a3:36:e0:b3:d6:10:92:28:c8:
                    43:3c:a3:7c:0b:55:32:8f:b2:74:d6:17:14:ce:f3:
                    f1:0d:54:cb:4a:7c:11:53:eb:18:37:dc:b0:93:14:
                    e9:f3:4d:28:46:a8:e7:73:8a:bb:04:09:a7:b5:2b:
                    0b:88:83:15:ed:30:a9:31:99:69:bd:bf:a9:61:ad:
                    ca:71:87:29:21:bb:90:97:87:9f:cc:12:de:e8:5a:
                    eb:43:dc:3a:5b:60:1e:36:1a:e3:5a:e4:6c:ce:08:
                    b7:ce:9a:37:1b:d0:44:9f:ca:19:ba:62:02:fe:9c:
                    6b:23:ee:e9:4d:eb:d6:43:29:46:0d:83:6d:91:20:
                    ec:25:18:6d:ac:75:b2:84:24:e8:a3:ea:25:10:40:
                    46:e3:3c:9c:1c:dd:4e:23:03:fe:5e:ac:f7:45:d7:
                    57:da:8a:dc:14:f5:00:33:2b:67:e6:a6:80:b7:98:
                    8d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:D1:F4:66:54:1D:49:77:90:6A:14:23:C0:44:54:40:89:D4:77:53
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/425504ECB69511ED99AE9BC0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:8d:90:68:8a:09:1a:f7:f6:5e:06:c7:99:c4:69:f8:04:27:
         d9:57:6d:08:93:ba:11:86:fd:44:50:d1:d5:ae:06:ca:7f:34:
         c8:74:cf:fa:9d:9a:07:d0:8e:e4:27:88:58:c1:47:00:1f:26:
         bc:6b:73:01:b5:1e:2b:f0:84:f9:4c:b4:60:c5:48:fc:d7:22:
         db:62:6b:80:74:a3:c9:9e:36:b2:c3:a3:a0:c8:3d:99:a8:90:
         97:27:70:c5:ca:52:64:16:dd:3e:88:35:25:2b:81:25:88:c1:
         09:01:6a:b6:da:25:58:aa:3a:5d:21:93:a0:e7:7b:f9:bb:47:
         91:da:af:2c:15:7b:5d:91:2f:eb:a6:db:e2:b0:62:8e:27:5c:
         2a:e0:f9:93:02:7f:11:e3:2c:3c:3a:fc:1c:06:5f:18:bb:0e:
         8d:bf:67:16:ba:43:86:93:84:f7:53:06:72:7d:62:a4:5d:ee:
         ec:6d:2a:ca:53:40:e7:88:77:64:8a:c5:97:57:a4:67:3c:bd:
         bd:a4:dd:1f:e2:53:f6:be:2d:8d:aa:a3:5f:00:67:df:6f:70:
         0a:d2:eb:b0:10:28:10:a9:51:cb:44:3c:3f:36:63:eb:76:dd:
         b7:5c:72:12:d1:77:c5:68:c4:05:ca:14:8c:2e:f5:63:a4:56:
         07:4a:3c:0b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDGswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjcxMTUyNDZaFw0yNTAyMjcxMTUyNDZaMBgxFjAU
BgNVBAMMDTYzZmM5OTkyLTAwNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0knXYociq5OIcfTD7VkO5ZWYqkDcBbNxPzMv1uNL0uYVgQQdWl1MUUmko
Yl0jMQhkbNul+ILBZRvcxNIgdfaiOiIZ5BKGGVHY+TBgz1NgVqM24LPWEJIoyEM8
o3wLVTKPsnTWFxTO8/ENVMtKfBFT6xg33LCTFOnzTShGqOdzirsECae1KwuIgxXt
MKkxmWm9v6lhrcpxhykhu5CXh5/MEt7oWutD3DpbYB42GuNa5GzOCLfOmjcb0ESf
yhm6YgL+nGsj7ulN69ZDKUYNg22RIOwlGG2sdbKEJOij6iUQQEbjPJwc3U4jA/5e
rPdF11faitwU9QAzK2fmpoC3mI2lAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUCtH0
ZlQdSXeQahQjwERUQInUd1MwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQyNTUwNEVDQjY5NTExRUQ5OUFFOUJDMEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIowDQYJKoZIhvcNAQEL
BQADggEBAHGNkGiKCRr39l4Gx5nEafgEJ9lXbQiTuhGG/URQ0dWuBsp/NMh0z/qd
mgfQjuQniFjBRwAfJrxrcwG1HivwhPlMtGDFSPzXIttia4B0o8meNrLDo6DIPZmo
kJcncMXKUmQW3T6INSUrgSWIwQkBarbaJViqOl0hk6Dne/m7R5HarywVe12RL+um
2+KwYo4nXCrg+ZMCfxHjLDw6/BwGXxi7Do2/Zxa6Q4aThPdTBnJ9YqRd7uxtKspT
QOeId2SKxZdXpGc8vb2k3R/iU/a+LY2qo18AZ99vcArS67AQKBCpUctEPD82Y+t2
3bdcchLRd8VoxAXKFIwu9WOkVgdKPAs=
-----END CERTIFICATE-----
Generated at Tue Jul 16 10:30:34 2024 by rpki-client on console-fra.rpki-client.org