Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/42D8C97EB8F911EDAE5B9FF7F1222468.roa
File:                     42D8C97EB8F911EDAE5B9FF7F1222468.roa (raw, json)
Hash identifier:          n1Brd7ZIm/26MkN0BYkfSLW9Ns3uMa+z3P0SUdtx8/I=
Subject key identifier:   E6:2B:BD:27:DE:98:9B:D7:CA:6B:E4:4D:1D:8A:7C:AA:5C:0D:EB:F1
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0CBA
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/42D8C97EB8F911EDAE5B9FF7F1222468.roa
Signing time:             Thu 02 Mar 2023 12:53:43 +0000
ROA not before:           Thu 02 Mar 2023 12:53:39 +0000
ROA not after:            Sat 01 Mar 2025 12:53:39 +0000
asID:                     61317
IP address blocks:        154.16.236.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Jul 2023 00:03:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3258 (0xcba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar  2 12:53:39 2023 GMT
            Not After : Mar  1 12:53:39 2025 GMT
        Subject: CN=64009c57-50e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:20:ec:3c:bc:03:0f:20:36:c0:e4:70:2b:a2:
                    50:6d:c7:e6:81:7e:bc:a1:43:14:64:6a:6e:fd:43:
                    f9:b3:4d:98:b0:d9:68:21:17:b7:f6:4e:3e:0e:83:
                    fc:93:3a:30:27:c5:b7:c9:85:24:22:60:ec:43:a3:
                    1a:65:e7:2f:a0:3f:c4:36:ef:be:da:f4:58:35:2c:
                    68:ff:a0:79:cf:a0:8e:a8:ac:13:30:7f:0c:b1:96:
                    d1:c8:69:79:f0:93:a9:5f:40:15:f3:24:7c:d5:bf:
                    ec:e8:6f:d2:38:77:f6:dd:de:df:2a:c9:80:2e:98:
                    ae:6e:77:b0:e9:78:62:7c:f3:9b:c4:ad:ef:10:05:
                    0f:8f:fc:db:11:85:aa:43:57:fa:c1:d2:f7:9f:a4:
                    3e:06:2a:06:0a:75:23:f0:20:37:5f:c1:5f:c3:b0:
                    dd:82:35:cf:a2:b8:ab:20:73:ac:84:73:4f:e4:4d:
                    7e:59:f7:f9:e7:d9:7e:d3:fd:ad:00:16:ae:38:0c:
                    a3:ca:2e:63:73:d3:e0:b0:aa:e5:eb:df:b9:fb:5b:
                    c9:f8:31:35:d2:77:ff:e0:ce:51:a2:96:d9:c6:82:
                    ce:fa:bb:17:c7:e8:9f:bf:9e:eb:3c:3e:41:3c:3e:
                    cb:3a:9f:d6:68:58:a8:80:14:05:43:b2:f6:73:d6:
                    87:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:2B:BD:27:DE:98:9B:D7:CA:6B:E4:4D:1D:8A:7C:AA:5C:0D:EB:F1
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/42D8C97EB8F911EDAE5B9FF7F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:27:85:51:79:c5:f8:ca:25:a7:c1:cc:9e:c6:bb:db:23:2f:
         ec:51:96:c8:8f:c5:6a:23:dc:1c:d4:00:90:7b:8b:ec:2a:8b:
         4a:af:67:e8:65:c3:89:e8:ae:b5:cb:5f:c9:1b:2a:0c:c1:8e:
         07:e8:70:0e:4c:cb:b5:03:11:45:fe:2a:4c:a9:2c:db:a5:31:
         c2:78:ef:80:3e:a7:de:fc:ac:27:9d:cd:eb:b9:4d:c2:2b:db:
         43:ad:d6:39:9c:89:23:d9:d3:7f:f0:96:fa:bc:02:74:5f:07:
         d3:49:3d:7f:9a:c5:cb:27:05:d2:38:85:fd:85:3e:b7:d4:12:
         20:e2:64:d4:ff:3b:7a:3b:b5:26:20:04:b7:53:d3:d7:e5:82:
         ca:a6:8e:dd:21:7b:43:c4:b9:de:48:d6:ba:08:72:b5:7d:55:
         c9:b7:4c:6d:d0:d7:00:33:96:bf:1e:de:8f:61:bd:4e:05:67:
         05:10:50:6b:a0:9f:0a:d0:ea:b5:f5:69:39:4c:ef:64:ed:27:
         00:9e:d0:70:af:db:cd:41:e0:cc:3f:a0:e4:7e:04:ed:70:48:
         0f:9f:09:a6:df:6b:a0:bb:d3:80:62:a6:58:f1:c7:89:1d:d9:
         4c:94:b2:73:5e:10:d7:5c:f6:b8:45:96:23:f8:0c:e0:c4:26:
         da:e8:84:07
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDLowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAzMDIxMjUzMzlaFw0yNTAzMDExMjUzMzlaMBgxFjAU
BgNVBAMMDTY0MDA5YzU3LTUwZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDBIOw8vAMPIDbA5HArolBtx+aBfryhQxRkam79Q/mzTZiw2WghF7f2Tj4O
g/yTOjAnxbfJhSQiYOxDoxpl5y+gP8Q2777a9Fg1LGj/oHnPoI6orBMwfwyxltHI
aXnwk6lfQBXzJHzVv+zob9I4d/bd3t8qyYAumK5ud7DpeGJ885vEre8QBQ+P/NsR
hapDV/rB0vefpD4GKgYKdSPwIDdfwV/DsN2CNc+iuKsgc6yEc0/kTX5Z9/nn2X7T
/a0AFq44DKPKLmNz0+CwquXr37n7W8n4MTXSd//gzlGiltnGgs76uxfH6J+/nus8
PkE8Pss6n9ZoWKiAFAVDsvZz1ofxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU5iu9
J96Ym9fKa+RNHYp8qlwN6/EwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQyRDhDOTdFQjhGOTExRURBRTVCOUZGN0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOwwDQYJKoZIhvcNAQEL
BQADggEBAAknhVF5xfjKJafBzJ7Gu9sjL+xRlsiPxWoj3BzUAJB7i+wqi0qvZ+hl
w4norrXLX8kbKgzBjgfocA5My7UDEUX+KkypLNulMcJ474A+p978rCedzeu5TcIr
20Ot1jmciSPZ03/wlvq8AnRfB9NJPX+axcsnBdI4hf2FPrfUEiDiZNT/O3o7tSYg
BLdT09flgsqmjt0he0PEud5I1roIcrV9Vcm3TG3Q1wAzlr8e3o9hvU4FZwUQUGug
nwrQ6rX1aTlM72TtJwCe0HCv281B4Mw/oOR+BO1wSA+fCabfa6C704Bipljxx4kd
2UyUsnNeENdc9rhFliP4DODEJtrohAc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:32:49 2023 by rpki-client on console-fra.rpki-client.org