Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/484BA566F7FF11EE844E4224017001B1.roa
File:                     484BA566F7FF11EE844E4224017001B1.roa (raw, json)
Hash identifier:          UxKguIZzBmv873B61mDwStlOYyU/cWzUoWyzHNyutdM=
Subject key identifier:   C0:70:DD:02:C6:2B:83:93:A5:4E:CC:DF:C9:58:75:0E:EB:0E:F8:CF
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       15A4
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/484BA566F7FF11EE844E4224017001B1.roa
Signing time:             Thu 11 Apr 2024 12:30:30 +0000
ROA not before:           Thu 11 Apr 2024 12:30:26 +0000
ROA not after:            Sat 11 Apr 2026 12:30:26 +0000
asID:                     213060
IP address blocks:        154.16.71.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5540 (0x15a4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 11 12:30:26 2024 GMT
            Not After : Apr 11 12:30:26 2026 GMT
        Subject: CN=6617d7e6-8ff0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:b7:cc:47:6b:90:9d:d3:be:f0:98:cf:ab:10:
                    b4:ef:eb:82:7f:7e:fe:17:71:ba:1f:b1:cb:e7:88:
                    be:49:fa:2c:9a:22:37:84:36:f4:1c:a8:e4:a7:c7:
                    fa:30:66:a6:22:2e:92:55:8f:ca:5b:27:d9:3c:57:
                    e6:c2:14:b4:43:2b:3c:fd:da:12:9b:8e:f1:92:ae:
                    37:06:2d:fc:78:aa:a9:67:42:ea:5e:3c:c9:1a:74:
                    d4:98:c9:3c:37:fc:b1:bc:c8:fc:f8:40:86:d5:f5:
                    d8:da:85:ac:05:17:89:96:1b:25:a2:2d:04:1a:1d:
                    cd:62:ca:1b:22:e8:3f:b9:14:39:02:e9:ca:04:05:
                    19:79:e4:7d:ee:c0:48:57:96:ae:b1:9e:6b:85:8f:
                    2f:ac:a7:93:6a:42:21:3a:fb:0c:70:cf:cf:a3:8f:
                    d7:8c:46:01:21:e0:95:bc:ff:f9:f7:e8:d7:10:a6:
                    b4:16:91:8b:15:4c:5b:7f:e0:76:25:47:c9:a1:82:
                    0d:80:f6:e2:40:03:8c:f7:8b:ac:9a:3a:80:57:3e:
                    c0:d6:6a:68:d8:70:1e:f3:1b:ec:7c:08:92:25:aa:
                    a7:e9:b1:58:2e:4e:35:e0:93:25:c8:14:ec:9a:46:
                    44:6d:dd:d4:1f:57:6d:a0:2a:cc:3c:ac:92:53:32:
                    95:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:70:DD:02:C6:2B:83:93:A5:4E:CC:DF:C9:58:75:0E:EB:0E:F8:CF
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/484BA566F7FF11EE844E4224017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:37:a5:8b:5d:35:b4:d3:c1:64:92:56:a1:79:ce:f0:23:94:
         7a:c1:2b:39:81:40:f6:78:d7:dc:60:1b:92:ca:d8:37:04:d6:
         8d:cb:55:64:a7:8e:4c:19:78:28:e5:f9:c6:86:a0:01:80:c6:
         cd:07:51:0c:ba:c2:0e:f5:b1:40:3f:ac:9e:21:9e:77:ee:bd:
         11:50:e1:13:cc:87:a7:c3:7a:f1:f5:65:45:ec:8f:b0:ba:7c:
         38:33:c9:ab:52:a7:3d:b3:a4:ce:4b:de:bd:cb:02:d2:9c:2c:
         65:14:ef:a2:7b:c1:26:d4:90:75:9d:02:5e:30:88:4e:f9:ff:
         4c:eb:89:d5:03:48:0b:44:82:4c:5e:4f:b0:b4:49:96:31:24:
         1d:8e:ab:50:aa:f0:fd:75:a3:da:f3:ea:b5:5e:d4:7e:3b:c0:
         f7:5e:e2:15:66:04:c0:4d:46:ae:51:9d:59:74:e3:81:d7:c8:
         9b:97:0e:ac:22:38:aa:8f:f1:e6:e6:5e:b2:06:06:5d:90:6b:
         9a:14:cb:16:c9:2c:03:4e:d1:71:62:79:30:42:d7:bd:2a:74:
         05:28:7c:a4:4d:82:8d:1f:e1:55:b4:b1:7f:d2:c8:89:38:d3:
         1c:a3:3d:b2:e5:ee:d2:42:c2:4a:55:b6:60:e4:4f:f5:e7:aa:
         1b:7b:dd:58
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFaQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MTExMjMwMjZaFw0yNjA0MTExMjMwMjZaMBgxFjAU
BgNVBAMTDTY2MTdkN2U2LThmZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJt8xHa5Cd077wmM+rELTv64J/fv4XcbofscvniL5J+iyaIjeENvQcqOSn
x/owZqYiLpJVj8pbJ9k8V+bCFLRDKzz92hKbjvGSrjcGLfx4qqlnQupePMkadNSY
yTw3/LG8yPz4QIbV9djahawFF4mWGyWiLQQaHc1iyhsi6D+5FDkC6coEBRl55H3u
wEhXlq6xnmuFjy+sp5NqQiE6+wxwz8+jj9eMRgEh4JW8//n36NcQprQWkYsVTFt/
4HYlR8mhgg2A9uJAA4z3i6yaOoBXPsDWamjYcB7zG+x8CJIlqqfpsVguTjXgkyXI
FOyaRkRt3dQfV22gKsw8rJJTMpVZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUwHDd
AsYrg5OlTszfyVh1DusO+M8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQ4NEJBNTY2RjdGRjExRUU4NDRFNDIyNDAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEcwDQYJKoZIhvcNAQEL
BQADggEBAHE3pYtdNbTTwWSSVqF5zvAjlHrBKzmBQPZ419xgG5LK2DcE1o3LVWSn
jkwZeCjl+caGoAGAxs0HUQy6wg71sUA/rJ4hnnfuvRFQ4RPMh6fDevH1ZUXsj7C6
fDgzyatSpz2zpM5L3r3LAtKcLGUU76J7wSbUkHWdAl4wiE75/0zridUDSAtEgkxe
T7C0SZYxJB2Oq1Cq8P11o9rz6rVe1H47wPde4hVmBMBNRq5RnVl044HXyJuXDqwi
OKqP8ebmXrIGBl2Qa5oUyxbJLANO0XFieTBC170qdAUofKRNgo0f4VW0sX/SyIk4
0xyjPbLl7tJCwkpVtmDkT/Xnqht73Vg=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:02 2024 by rpki-client on console-ams.rpki-client.org