Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/49EBDD0E385211EE927BB7164AD9E6FC.roa
File:                     49EBDD0E385211EE927BB7164AD9E6FC.roa (raw, json)
Hash identifier:          JpcLnCKvOAxEkgD4CwM7ox6QOUfbZ/sISpSNGXHqFBQ=
Subject key identifier:   C0:34:F7:06:EB:54:B2:21:BD:4B:A9:94:1B:A9:7C:34:1D:E5:9D:C8
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       112C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/49EBDD0E385211EE927BB7164AD9E6FC.roa
Signing time:             Fri 11 Aug 2023 14:20:57 +0000
ROA not before:           Fri 11 Aug 2023 14:20:54 +0000
ROA not after:            Sat 16 Aug 2025 14:20:54 +0000
asID:                     212238
IP address blocks:        154.16.36.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4396 (0x112c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 11 14:20:54 2023 GMT
            Not After : Aug 16 14:20:54 2025 GMT
        Subject: CN=64d643c9-dca0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b8:b2:02:e6:ec:1e:0e:3d:22:cf:8a:c8:92:
                    86:5f:87:b5:7b:73:13:ed:1e:f2:79:68:16:66:f2:
                    aa:39:d9:7f:50:c4:bb:95:b7:95:73:81:dc:1b:02:
                    23:53:61:10:21:f4:cf:14:89:b9:30:43:61:86:6e:
                    bf:e7:54:b9:0b:ed:c6:35:63:c5:9d:21:7c:72:a2:
                    79:ac:5f:2d:ca:8a:a7:2b:ab:10:ea:7a:bd:df:16:
                    86:5a:94:b0:ef:90:47:c9:cd:46:ad:37:a3:5b:1a:
                    4a:da:e4:37:71:61:64:ea:98:14:76:b6:d2:2e:da:
                    20:3e:f0:92:c2:76:49:6b:f9:fe:00:c7:79:c0:ca:
                    16:a2:12:64:43:63:9a:34:e0:53:4c:1a:fc:62:34:
                    8d:3a:10:ca:98:9e:37:16:99:ee:7f:b4:dd:9b:98:
                    37:99:d9:b4:df:81:21:51:62:46:51:92:42:6e:7e:
                    75:37:f1:fa:6f:97:49:d5:f6:9f:92:01:d7:b8:11:
                    ea:b5:26:3f:c9:99:a9:6f:00:60:39:4e:40:6a:7a:
                    b7:49:82:2f:ec:9f:25:49:2a:d8:a3:cf:8f:42:37:
                    eb:09:53:a0:39:7d:ff:52:2e:58:a0:df:6c:5c:72:
                    10:60:ba:33:08:8d:7d:a4:5d:a8:57:50:32:ff:2d:
                    16:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:34:F7:06:EB:54:B2:21:BD:4B:A9:94:1B:A9:7C:34:1D:E5:9D:C8
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/49EBDD0E385211EE927BB7164AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:4b:91:51:be:5e:a3:5a:82:f6:dd:2c:b4:9b:85:84:fa:84:
         1d:d2:80:41:a9:4f:0b:26:34:2b:17:34:64:c0:72:f4:0f:40:
         e9:7b:ce:9f:7d:cf:91:d1:cc:c8:aa:35:71:cf:ec:91:8b:c2:
         a6:3d:6a:5c:61:1b:e1:7b:bc:46:37:5c:2a:52:f8:1f:bf:e9:
         53:d7:f4:d9:de:30:5d:14:63:4b:45:54:c6:4a:30:83:78:db:
         85:69:56:ae:fc:54:a4:5b:d7:02:68:b0:a2:8b:5c:36:f6:24:
         11:29:83:a9:5c:cb:f3:74:2a:c9:a0:2d:ad:fc:a1:9e:2a:e2:
         d5:67:2e:cd:59:92:22:90:68:bb:1f:11:ce:f4:60:9b:17:dc:
         bf:86:1a:c5:70:6f:c6:9d:41:6a:85:21:bb:fa:8a:0e:d2:e8:
         27:b3:d6:9f:68:5a:38:96:66:3d:07:80:74:48:03:8d:6a:45:
         aa:1c:df:1f:2c:85:f2:78:96:45:5a:8f:34:21:f6:bd:d3:4c:
         b9:ad:ce:53:9c:eb:30:b6:05:3e:2d:75:1b:c1:87:df:04:04:
         89:a8:b9:4c:50:11:16:ef:87:31:5d:49:26:ab:02:79:7f:bd:
         e1:84:80:99:d2:e7:6a:5a:17:81:7b:19:50:39:ed:fb:f7:c8:
         2d:f7:26:98
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICESwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MTExNDIwNTRaFw0yNTA4MTYxNDIwNTRaMBgxFjAU
BgNVBAMTDTY0ZDY0M2M5LWRjYTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5uLIC5uweDj0iz4rIkoZfh7V7cxPtHvJ5aBZm8qo52X9QxLuVt5Vzgdwb
AiNTYRAh9M8UibkwQ2GGbr/nVLkL7cY1Y8WdIXxyonmsXy3KiqcrqxDqer3fFoZa
lLDvkEfJzUatN6NbGkra5DdxYWTqmBR2ttIu2iA+8JLCdklr+f4Ax3nAyhaiEmRD
Y5o04FNMGvxiNI06EMqYnjcWme5/tN2bmDeZ2bTfgSFRYkZRkkJufnU38fpvl0nV
9p+SAde4Eeq1Jj/JmalvAGA5TkBqerdJgi/snyVJKtijz49CN+sJU6A5ff9SLlig
32xcchBgujMIjX2kXahXUDL/LRbbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUwDT3
ButUsiG9S6mUG6l8NB3lncgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQ5RUJERDBFMzg1MjExRUU5MjdCQjcxNjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECQwDQYJKoZIhvcNAQEL
BQADggEBAGpLkVG+XqNagvbdLLSbhYT6hB3SgEGpTwsmNCsXNGTAcvQPQOl7zp99
z5HRzMiqNXHP7JGLwqY9alxhG+F7vEY3XCpS+B+/6VPX9NneMF0UY0tFVMZKMIN4
24VpVq78VKRb1wJosKKLXDb2JBEpg6lcy/N0KsmgLa38oZ4q4tVnLs1ZkiKQaLsf
Ec70YJsX3L+GGsVwb8adQWqFIbv6ig7S6Cez1p9oWjiWZj0HgHRIA41qRaoc3x8s
hfJ4lkVajzQh9r3TTLmtzlOc6zC2BT4tdRvBh98EBImouUxQERbvhzFdSSarAnl/
veGEgJnS52paF4F7GVA57fv3yC33Jpg=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:03 2024 by rpki-client on console-fra.rpki-client.org