Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/45134018110311EEA8AC4F1C4AD9E6FC.roa
File:                     45134018110311EEA8AC4F1C4AD9E6FC.roa (raw, json)
Hash identifier:          O4YSMaQ+eZFG4MsUur3oSFHKDdv2QB1yWFKDaHEF8hM=
Subject key identifier:   FB:1E:D9:5C:93:69:AD:47:F0:3C:83:7F:27:46:9C:83:85:47:A8:9C
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0FEF
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/45134018110311EEA8AC4F1C4AD9E6FC.roa
Signing time:             Thu 22 Jun 2023 13:47:04 +0000
ROA not before:           Thu 22 Jun 2023 13:47:00 +0000
ROA not after:            Sat 21 Jun 2025 13:47:00 +0000
asID:                     64267
IP address blocks:        154.16.87.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4079 (0xfef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun 22 13:47:00 2023 GMT
            Not After : Jun 21 13:47:00 2025 GMT
        Subject: CN=649450d8-9081
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e6:8e:c9:13:da:f5:6a:53:ec:4b:fd:23:48:
                    c9:f0:e7:88:ed:18:0f:61:fd:98:fc:2c:37:cd:0e:
                    3f:4f:f2:4a:ba:6b:d0:d9:0d:56:db:bf:b6:b9:6f:
                    65:9f:88:30:ad:c4:26:7e:f0:11:33:26:45:02:d2:
                    1c:8a:b1:3f:88:92:67:02:98:4a:57:7c:1d:5e:73:
                    3b:24:87:90:d3:d4:25:4e:37:4d:8a:70:fe:ce:25:
                    45:2c:93:d9:db:cb:ea:03:f3:00:95:fd:75:50:46:
                    b7:17:20:fb:ca:d0:64:fc:2d:c7:57:51:6e:62:a0:
                    c2:1e:9c:21:9c:06:a8:6c:2b:77:b5:52:61:51:8a:
                    e1:6f:aa:f0:66:83:8c:a0:54:6a:dc:ca:dd:ed:9b:
                    0b:53:a0:de:f7:2b:9d:fd:ec:2d:e0:27:0e:b1:d5:
                    57:b1:2d:2d:13:bc:e9:97:52:88:ba:e2:ff:fd:de:
                    c7:93:e1:cf:d8:0e:1f:a5:94:01:58:ee:61:92:e6:
                    34:3b:f2:38:6b:c8:d3:af:39:1f:01:fd:d4:2a:d7:
                    05:10:21:ca:97:af:65:31:62:02:df:68:0b:c1:3f:
                    48:79:f7:bc:29:ea:0a:56:e1:05:6f:b1:32:82:4c:
                    30:e4:e3:c1:ca:10:ea:56:12:54:67:fc:9c:7e:da:
                    7f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:1E:D9:5C:93:69:AD:47:F0:3C:83:7F:27:46:9C:83:85:47:A8:9C
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/45134018110311EEA8AC4F1C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:8c:ca:eb:91:b9:8c:00:b0:c7:df:00:85:e0:b2:c0:fa:f4:
         4b:13:ba:f2:6d:0c:a3:9d:78:97:5a:3d:bd:52:75:7a:63:b4:
         08:f6:53:30:9c:b8:a8:27:3a:95:c1:e4:35:67:e7:2c:19:75:
         f6:87:00:5f:14:ac:cb:60:d7:fe:4f:9a:4c:b2:f8:7b:47:21:
         3c:b9:12:e0:2a:81:3d:11:5f:13:17:47:c8:51:85:56:03:96:
         a2:a0:7b:8f:65:95:72:37:31:5c:52:fa:42:5a:c6:94:4c:4a:
         d9:f1:41:17:47:8c:5b:83:ac:80:25:3d:33:50:77:0c:ca:62:
         7e:f9:72:10:94:5d:f6:68:e2:3e:3d:37:16:4d:66:91:0d:59:
         9d:0c:23:85:8d:c3:2c:8c:0e:1a:56:2a:d1:18:0b:e6:df:ce:
         0e:c8:0a:15:95:9d:3e:bd:73:87:ab:99:aa:c7:39:5f:d6:03:
         5c:55:c6:12:25:66:4b:a7:8b:95:e0:1b:75:4f:b5:08:18:0c:
         31:e0:f0:46:aa:46:39:4b:3a:d5:3d:e5:9e:7a:40:71:53:7d:
         a8:e0:be:4c:b9:44:7e:a8:ce:c3:1c:e6:c9:15:a3:92:df:29:
         dc:8f:29:20:08:dd:80:91:6e:06:6c:0e:dd:11:80:6b:ef:d8:
         66:d8:fe:76
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD+8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MjIxMzQ3MDBaFw0yNTA2MjExMzQ3MDBaMBgxFjAU
BgNVBAMTDTY0OTQ1MGQ4LTkwODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDG5o7JE9r1alPsS/0jSMnw54jtGA9h/Zj8LDfNDj9P8kq6a9DZDVbbv7a5
b2WfiDCtxCZ+8BEzJkUC0hyKsT+IkmcCmEpXfB1eczskh5DT1CVON02KcP7OJUUs
k9nby+oD8wCV/XVQRrcXIPvK0GT8LcdXUW5ioMIenCGcBqhsK3e1UmFRiuFvqvBm
g4ygVGrcyt3tmwtToN73K5397C3gJw6x1VexLS0TvOmXUoi64v/93seT4c/YDh+l
lAFY7mGS5jQ78jhryNOvOR8B/dQq1wUQIcqXr2UxYgLfaAvBP0h597wp6gpW4QVv
sTKCTDDk48HKEOpWElRn/Jx+2n+TAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU+x7Z
XJNprUfwPIN/J0acg4VHqJwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQ1MTM0MDE4MTEwMzExRUVBOEFDNEYxQzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFcwDQYJKoZIhvcNAQEL
BQADggEBALOMyuuRuYwAsMffAIXgssD69EsTuvJtDKOdeJdaPb1SdXpjtAj2UzCc
uKgnOpXB5DVn5ywZdfaHAF8UrMtg1/5Pmkyy+HtHITy5EuAqgT0RXxMXR8hRhVYD
lqKge49llXI3MVxS+kJaxpRMStnxQRdHjFuDrIAlPTNQdwzKYn75chCUXfZo4j49
NxZNZpENWZ0MI4WNwyyMDhpWKtEYC+bfzg7IChWVnT69c4ermarHOV/WA1xVxhIl
Zkuni5XgG3VPtQgYDDHg8EaqRjlLOtU95Z56QHFTfajgvky5RH6ozsMc5skVo5Lf
KdyPKSAI3YCRbgZsDt0RgGvv2GbY/nY=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:02 2024 by rpki-client on console-ams.rpki-client.org