Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4A3A6C661BEC11EF976A9ED87CDC24C2.roa
File:                     4A3A6C661BEC11EF976A9ED87CDC24C2.roa (raw, json)
Hash identifier:          Y8DD4U55seRNbfTJTV52aoEzb+3Hx+LN+SCoQy/MUWo=
Subject key identifier:   9B:3E:E2:A9:30:0F:62:89:04:1D:BB:AF:76:FA:9A:17:07:40:97:61
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       168F
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4A3A6C661BEC11EF976A9ED87CDC24C2.roa
Signing time:             Mon 27 May 2024 05:45:14 +0000
ROA not before:           Mon 27 May 2024 05:45:09 +0000
ROA not after:            Wed 27 May 2026 05:45:09 +0000
asID:                     834
IP address blocks:        154.16.204.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5775 (0x168f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 27 05:45:09 2024 GMT
            Not After : May 27 05:45:09 2026 GMT
        Subject: CN=66541dea-ee18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:14:64:4e:9a:2e:fc:95:01:62:4c:78:27:8e:
                    5b:22:f2:4a:4b:37:d7:6a:95:3b:8b:02:bb:b4:fa:
                    f7:18:05:4c:95:23:f2:e4:b5:af:ff:3f:29:35:28:
                    a0:f7:08:47:41:5e:56:96:81:64:d9:0e:2b:ff:04:
                    1e:b8:e0:37:aa:ce:f9:6a:1b:3e:dd:51:19:df:27:
                    1f:23:67:9e:3d:47:16:bb:68:db:93:ef:5b:d2:f4:
                    91:ab:58:6a:bb:02:f9:83:6a:4d:98:c2:a8:54:d7:
                    2a:db:6c:a9:f5:e8:e6:de:f7:15:bc:b0:a9:1e:b7:
                    42:e8:de:5e:a7:6b:a4:7b:4e:96:53:de:b5:f6:6c:
                    ee:5c:9d:dc:25:43:bf:de:34:eb:46:c5:5d:b4:f0:
                    ca:06:bf:9a:7a:46:cf:e0:a3:f1:52:05:cf:86:f2:
                    98:60:ee:16:6c:ca:75:86:3a:74:1d:d6:78:22:f2:
                    a7:0a:85:9f:f7:ca:f4:69:a3:2e:5f:5b:3c:0a:0e:
                    98:7f:d0:1c:30:35:71:75:cf:23:e3:08:aa:e9:8e:
                    2f:de:15:e2:c6:6d:53:c8:c5:8b:d9:15:ca:02:bb:
                    5c:42:b4:16:ab:ac:ab:da:57:84:72:72:d7:78:3c:
                    75:d4:f4:08:92:1f:36:e1:7a:c5:d4:3c:16:24:2f:
                    16:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:3E:E2:A9:30:0F:62:89:04:1D:BB:AF:76:FA:9A:17:07:40:97:61
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4A3A6C661BEC11EF976A9ED87CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:b8:79:7d:1b:17:6b:ce:42:57:65:bf:77:d3:57:db:1d:3b:
         4f:f4:b6:cf:17:ad:af:e1:19:01:bf:e1:76:3a:bf:86:45:b4:
         45:e9:4f:d3:5c:8e:e3:0f:68:64:3a:1c:7a:a6:bf:18:06:17:
         95:40:61:a7:5b:70:f5:69:ca:46:47:a0:92:e9:78:74:ea:d7:
         5a:13:2d:bc:d2:32:74:5e:de:c1:1b:b7:b2:03:be:95:1c:bc:
         8e:a0:81:e8:82:ab:2f:9a:62:95:7d:03:3d:2f:bd:c7:70:21:
         c0:35:eb:2c:96:35:d2:7a:98:1e:4b:96:cc:53:1e:70:76:b4:
         d2:58:35:36:ca:17:f8:60:d8:49:d6:be:1a:ac:4b:37:70:26:
         9c:f2:45:26:b5:36:64:d6:7e:0e:e8:fb:94:dd:66:62:85:f4:
         e8:9b:d2:d8:23:98:22:06:d9:13:8c:ed:11:fb:1a:22:21:33:
         6c:67:fa:85:0a:cc:06:25:8f:14:99:cc:78:25:a9:52:d6:bd:
         c1:1a:90:0a:6c:a1:1f:0f:93:c3:ba:f3:83:0a:63:c9:6c:60:
         71:85:d6:04:f0:12:6f:fa:2e:f5:a8:87:5b:54:74:e1:57:72:
         31:42:fc:63:88:4d:3f:25:0f:93:dd:31:d3:79:08:73:56:7d:
         fd:a1:f6:da
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFo8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MjcwNTQ1MDlaFw0yNjA1MjcwNTQ1MDlaMBgxFjAU
BgNVBAMTDTY2NTQxZGVhLWVlMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6FGROmi78lQFiTHgnjlsi8kpLN9dqlTuLAru0+vcYBUyVI/Lkta//Pyk1
KKD3CEdBXlaWgWTZDiv/BB644DeqzvlqGz7dURnfJx8jZ549Rxa7aNuT71vS9JGr
WGq7AvmDak2YwqhU1yrbbKn16Obe9xW8sKket0Lo3l6na6R7TpZT3rX2bO5cndwl
Q7/eNOtGxV208MoGv5p6Rs/go/FSBc+G8phg7hZsynWGOnQd1ngi8qcKhZ/3yvRp
oy5fWzwKDph/0BwwNXF1zyPjCKrpji/eFeLGbVPIxYvZFcoCu1xCtBarrKvaV4Ry
ctd4PHXU9AiSHzbhesXUPBYkLxbDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUmz7i
qTAPYokEHbuvdvqaFwdAl2EwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzRBM0E2QzY2MUJFQzExRUY5NzZBOUVEODdDREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMwwDQYJKoZIhvcNAQEL
BQADggEBAFi4eX0bF2vOQldlv3fTV9sdO0/0ts8Xra/hGQG/4XY6v4ZFtEXpT9Nc
juMPaGQ6HHqmvxgGF5VAYadbcPVpykZHoJLpeHTq11oTLbzSMnRe3sEbt7IDvpUc
vI6ggeiCqy+aYpV9Az0vvcdwIcA16yyWNdJ6mB5LlsxTHnB2tNJYNTbKF/hg2EnW
vhqsSzdwJpzyRSa1NmTWfg7o+5TdZmKF9Oib0tgjmCIG2ROM7RH7GiIhM2xn+oUK
zAYljxSZzHglqVLWvcEakApsoR8Pk8O684MKY8lsYHGF1gTwEm/6LvWoh1tUdOFX
cjFC/GOITT8lD5PdMdN5CHNWff2h9to=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:03 2024 by rpki-client on console-fra.rpki-client.org