Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/47DEEA4AB69011ED80EFF0B1F1222468.roa
File:                     47DEEA4AB69011ED80EFF0B1F1222468.roa (raw, json)
Hash identifier:          0fpN6sxGamIFnLphVJYbBWbybBZVj3gKroNwXxJwvJc=
Subject key identifier:   15:CD:13:51:C1:80:B2:74:C5:52:F5:71:81:F1:94:60:6D:9F:19:42
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0C34
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/47DEEA4AB69011ED80EFF0B1F1222468.roa
Signing time:             Mon 27 Feb 2023 11:17:12 +0000
ROA not before:           Mon 27 Feb 2023 11:17:08 +0000
ROA not after:            Thu 27 Feb 2025 11:17:08 +0000
asID:                     61317
IP address blocks:        154.16.69.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 18 Jul 2024 07:24:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3124 (0xc34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 11:17:08 2023 GMT
            Not After : Feb 27 11:17:08 2025 GMT
        Subject: CN=63fc9137-2f12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:00:fd:45:b3:e7:53:0e:d0:51:45:f8:37:84:
                    5b:29:0f:fc:2e:06:53:cc:c0:76:3e:cc:70:14:8a:
                    d6:74:ab:c5:6e:fc:0c:72:28:55:d9:28:2c:93:86:
                    68:cb:45:37:37:78:5f:e9:f5:bd:c8:52:a1:56:da:
                    a0:41:27:e2:79:93:9a:a7:a2:79:37:ab:cf:1a:80:
                    64:03:89:93:de:0a:b7:c3:59:2c:f7:cc:1d:3f:60:
                    90:ec:2e:d3:9c:00:b8:d0:52:49:33:aa:28:a9:e7:
                    0f:47:ab:ad:73:e2:20:c0:ec:d1:a6:c7:c4:2a:a0:
                    20:d6:4d:84:f8:49:cd:84:0c:d0:d4:50:60:32:6d:
                    b4:59:bd:09:d7:51:f5:ee:e7:1c:ec:cf:49:34:8d:
                    40:df:5a:67:e3:27:01:9a:75:dd:04:d4:19:cb:81:
                    b5:bc:7e:6e:06:15:a7:8c:ad:56:bd:65:6a:77:c4:
                    93:11:05:5a:ef:75:39:68:a4:09:c5:91:c8:b9:5b:
                    8e:bb:17:31:75:9b:01:50:9b:38:90:97:22:88:a4:
                    8a:76:95:b8:4f:2c:d6:f2:3e:74:d5:a7:2b:f2:8a:
                    a6:91:f0:df:ef:f4:ee:76:e4:57:c4:8e:60:25:54:
                    cb:e9:04:07:b2:00:88:67:72:45:cf:e1:e5:5e:51:
                    fe:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:CD:13:51:C1:80:B2:74:C5:52:F5:71:81:F1:94:60:6D:9F:19:42
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/47DEEA4AB69011ED80EFF0B1F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:14:dc:1c:8a:ad:1b:fd:e1:2f:04:75:98:63:0e:9a:ea:cb:
         03:fa:5c:8f:d9:c1:59:3d:a5:10:f6:00:f3:25:da:e5:98:50:
         87:b7:cf:bd:09:ea:71:4b:2f:45:cf:b5:5c:da:72:1e:29:0c:
         6e:4f:d6:f9:cc:2a:74:bf:17:b2:72:ab:d3:dd:e5:9b:56:4a:
         38:65:53:ed:47:d7:5a:71:0b:06:e0:fa:ab:0b:f4:57:f6:cc:
         cd:92:5e:31:e2:8b:2d:73:96:06:25:ca:27:79:34:f8:5d:1e:
         d2:ff:ab:ab:20:54:50:66:6c:74:89:b8:c1:1f:0e:36:fa:fb:
         04:fc:a2:37:60:e1:ea:87:53:27:2c:1a:ee:65:b6:9b:95:2d:
         69:d8:2c:c4:3c:7c:a7:c1:e1:a6:64:9e:5c:24:8a:43:1c:fe:
         1b:75:32:f3:35:17:99:28:b4:39:81:d2:f4:a5:82:23:41:cd:
         b7:66:10:ac:9e:86:9e:7f:e8:dd:8f:29:cd:71:f7:dd:c6:64:
         74:f2:72:a4:e2:f5:2a:74:47:d5:be:c9:8b:bb:83:fa:11:22:
         33:33:eb:83:ae:67:79:73:50:34:13:10:21:f1:80:23:f6:4f:
         f3:d0:46:2d:77:79:a3:fe:08:c5:89:6a:82:9b:43:a0:4f:5a:
         fe:1a:9c:07
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDDQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjcxMTE3MDhaFw0yNTAyMjcxMTE3MDhaMBgxFjAU
BgNVBAMMDTYzZmM5MTM3LTJmMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCfAP1Fs+dTDtBRRfg3hFspD/wuBlPMwHY+zHAUitZ0q8Vu/AxyKFXZKCyT
hmjLRTc3eF/p9b3IUqFW2qBBJ+J5k5qnonk3q88agGQDiZPeCrfDWSz3zB0/YJDs
LtOcALjQUkkzqiip5w9Hq61z4iDA7NGmx8QqoCDWTYT4Sc2EDNDUUGAybbRZvQnX
UfXu5xzsz0k0jUDfWmfjJwGadd0E1BnLgbW8fm4GFaeMrVa9ZWp3xJMRBVrvdTlo
pAnFkci5W467FzF1mwFQmziQlyKIpIp2lbhPLNbyPnTVpyvyiqaR8N/v9O525FfE
jmAlVMvpBAeyAIhnckXP4eVeUf7BAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUFc0T
UcGAsnTFUvVxgfGUYG2fGUIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQ3REVFQTRBQjY5MDExRUQ4MEVGRjBCMUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEUwDQYJKoZIhvcNAQEL
BQADggEBAJkU3ByKrRv94S8EdZhjDprqywP6XI/ZwVk9pRD2APMl2uWYUIe3z70J
6nFLL0XPtVzach4pDG5P1vnMKnS/F7Jyq9Pd5ZtWSjhlU+1H11pxCwbg+qsL9Ff2
zM2SXjHiiy1zlgYlyid5NPhdHtL/q6sgVFBmbHSJuMEfDjb6+wT8ojdg4eqHUycs
Gu5ltpuVLWnYLMQ8fKfB4aZknlwkikMc/ht1MvM1F5kotDmB0vSlgiNBzbdmEKye
hp5/6N2PKc1x993GZHTycqTi9Sp0R9W+yYu7g/oRIjMz64OuZ3lzUDQTECHxgCP2
T/PQRi13eaP+CMWJaoKbQ6BPWv4anAc=
-----END CERTIFICATE-----
Generated at Tue Jul 16 10:30:34 2024 by rpki-client on console-fra.rpki-client.org