Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4B6D37ECB69611EDBC05F3C3F1222468.roa
File:                     4B6D37ECB69611EDBC05F3C3F1222468.roa (raw, json)
Hash identifier:          EUnVP2VYv2F/5wGMuVEGd0bW05R1JEF3U+9WqhKq6TU=
Subject key identifier:   C3:8B:46:02:91:17:48:6B:91:55:5B:0B:3C:A5:DC:80:90:74:A6:EC
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0C76
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4B6D37ECB69611EDBC05F3C3F1222468.roa
Signing time:             Mon 27 Feb 2023 12:00:15 +0000
ROA not before:           Mon 27 Feb 2023 12:00:11 +0000
ROA not after:            Thu 27 Feb 2025 12:00:11 +0000
asID:                     61317
IP address blocks:        154.16.158.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3190 (0xc76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 12:00:11 2023 GMT
            Not After : Feb 27 12:00:11 2025 GMT
        Subject: CN=63fc9b4e-5869
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:55:e9:47:fd:37:3a:26:41:76:d4:13:fb:69:
                    69:c2:8a:30:b5:2a:91:5a:37:5b:a1:b7:d0:9c:b9:
                    a6:e6:ea:4c:a4:05:f8:bd:f6:c4:7b:c6:3b:1a:e6:
                    95:e7:f8:4b:af:19:f0:9f:6f:c7:d6:ab:80:f1:c3:
                    b7:08:31:98:3c:46:ad:49:f3:ef:f9:55:a1:78:44:
                    83:82:75:c1:94:b0:57:e1:fe:90:ba:9c:73:d0:ec:
                    0d:04:e7:bf:13:d7:51:e4:3a:8e:e0:36:9f:b7:96:
                    e8:98:a2:56:25:a5:fa:59:34:10:94:01:48:69:a0:
                    1d:2a:32:39:9e:1c:ba:3a:97:2b:1a:86:59:96:22:
                    cc:b5:54:12:82:f0:5c:73:b9:c2:fe:49:75:3c:3d:
                    c6:e7:a0:d4:6f:f3:3c:ac:34:bb:09:5b:83:4a:bb:
                    be:ae:b2:61:f1:c2:58:40:38:88:c0:d9:7b:67:ac:
                    50:6f:c0:75:1a:0d:ee:8a:3f:f2:58:7f:79:2c:b6:
                    70:fd:d7:3a:d8:3f:ea:aa:69:8c:47:2c:3e:b7:15:
                    0a:85:7e:36:f2:bd:f3:20:40:c6:04:05:e4:71:2b:
                    74:ed:48:a4:d3:49:3f:ca:b1:75:51:74:2b:cc:5d:
                    c2:b2:9f:cd:f3:89:2a:4a:e3:91:ef:49:f1:97:8b:
                    04:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:8B:46:02:91:17:48:6B:91:55:5B:0B:3C:A5:DC:80:90:74:A6:EC
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4B6D37ECB69611EDBC05F3C3F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:47:ef:11:e5:a9:e4:6d:38:ca:63:91:ce:00:d2:cc:34:7d:
         ba:e8:a0:d8:d5:e9:9e:b0:c5:4e:82:ee:32:21:e7:eb:93:76:
         f8:80:bc:34:fa:21:8b:fe:f5:e8:0b:c7:b1:ba:c1:bc:80:45:
         5b:fd:a0:d8:14:d0:63:0e:53:8c:a4:da:bb:21:27:8a:f0:15:
         17:2a:4f:e8:92:c0:16:15:8c:20:f1:5d:25:c4:3d:cc:8a:cd:
         9b:0a:0b:7f:81:e1:b7:39:e7:55:b1:b8:a6:cf:ec:25:2b:76:
         ee:f8:06:e6:c4:a4:2d:96:99:75:b2:c4:84:86:76:cb:ca:b3:
         2d:48:f4:35:4d:b2:9b:ad:84:b7:d4:68:9b:a2:d2:b5:7b:f2:
         bc:a4:d6:33:12:e5:6f:cf:31:14:b9:f3:61:09:e7:9c:83:ae:
         ff:5c:29:34:5e:52:ab:d7:b9:38:e5:29:8b:73:3e:a7:b3:4b:
         4c:1b:a9:9f:68:43:2e:95:66:5a:e1:f7:b0:f2:f3:c6:fa:9a:
         14:15:ea:ab:d9:f3:86:07:86:13:3c:09:ad:9b:69:35:c1:9e:
         bd:4e:8f:10:3f:ff:64:e9:ce:0d:15:ee:b5:91:d7:03:23:85:
         3f:16:80:8d:59:41:5e:18:ee:3a:22:a2:ac:3b:a9:8c:b7:f5:
         e2:de:cf:f4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDHYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjcxMjAwMTFaFw0yNTAyMjcxMjAwMTFaMBgxFjAU
BgNVBAMMDTYzZmM5YjRlLTU4NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDtVelH/Tc6JkF21BP7aWnCijC1KpFaN1uht9Ccuabm6kykBfi99sR7xjsa
5pXn+EuvGfCfb8fWq4Dxw7cIMZg8Rq1J8+/5VaF4RIOCdcGUsFfh/pC6nHPQ7A0E
578T11HkOo7gNp+3luiYolYlpfpZNBCUAUhpoB0qMjmeHLo6lysahlmWIsy1VBKC
8FxzucL+SXU8PcbnoNRv8zysNLsJW4NKu76usmHxwlhAOIjA2XtnrFBvwHUaDe6K
P/JYf3kstnD91zrYP+qqaYxHLD63FQqFfjbyvfMgQMYEBeRxK3TtSKTTST/KsXVR
dCvMXcKyn83ziSpK45HvSfGXiwRdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUw4tG
ApEXSGuRVVsLPKXcgJB0puwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzRCNkQzN0VDQjY5NjExRURCQzA1RjNDM0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJ4wDQYJKoZIhvcNAQEL
BQADggEBAG5H7xHlqeRtOMpjkc4A0sw0fbrooNjV6Z6wxU6C7jIh5+uTdviAvDT6
IYv+9egLx7G6wbyARVv9oNgU0GMOU4yk2rshJ4rwFRcqT+iSwBYVjCDxXSXEPcyK
zZsKC3+B4bc551WxuKbP7CUrdu74BubEpC2WmXWyxISGdsvKsy1I9DVNsputhLfU
aJui0rV78ryk1jMS5W/PMRS582EJ55yDrv9cKTReUqvXuTjlKYtzPqezS0wbqZ9o
Qy6VZlrh97Dy88b6mhQV6qvZ84YHhhM8Ca2baTXBnr1OjxA//2Tpzg0V7rWR1wMj
hT8WgI1ZQV4Y7joioqw7qYy39eLez/Q=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:52:03 2024 by rpki-client on console-fra.rpki-client.org