Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4BDEC242B74D11EDBA999DECF1222468.roa
File:                     4BDEC242B74D11EDBA999DECF1222468.roa (raw, json)
Hash identifier:          OZow5N0rWIurroaW0kWqfDc2LGoKD+mOa/bFmgf7drA=
Subject key identifier:   9D:41:A6:5A:E8:C4:3A:47:50:BF:44:ED:FC:9E:A6:B1:4D:0A:FD:CE
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0C88
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4BDEC242B74D11EDBA999DECF1222468.roa
Signing time:             Tue 28 Feb 2023 09:50:13 +0000
ROA not before:           Tue 28 Feb 2023 09:50:09 +0000
ROA not after:            Fri 28 Feb 2025 09:50:09 +0000
asID:                     61317
IP address blocks:        154.16.202.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3208 (0xc88)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 28 09:50:09 2023 GMT
            Not After : Feb 28 09:50:09 2025 GMT
        Subject: CN=63fdce55-db9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4a:5e:9a:6b:7b:20:9c:e8:31:71:28:05:28:
                    65:8f:72:27:70:5b:d0:30:e9:e6:dd:1f:1c:65:d0:
                    22:df:e3:16:42:06:ad:b1:7a:33:80:5c:77:ae:a1:
                    c4:29:25:8b:79:cb:30:0d:90:e1:7b:12:79:08:54:
                    ab:ba:b9:93:30:e8:90:01:cf:d3:42:21:f8:d8:5b:
                    b5:67:fc:e5:de:8f:45:43:84:72:b8:ca:c2:eb:98:
                    57:e8:ba:a4:30:f8:e9:a8:f8:92:d0:ad:05:f8:37:
                    24:27:f8:a1:bd:06:bf:70:cf:26:2f:bf:9d:62:95:
                    9d:e6:a2:c2:35:bc:09:37:20:3a:26:46:89:b0:ed:
                    33:1f:e9:91:31:5d:48:e7:1c:06:05:f0:e6:4c:5e:
                    52:f2:b0:84:57:37:1f:22:f2:fb:6d:83:9f:1f:11:
                    11:8c:5e:f1:7a:de:b7:04:7e:1d:19:d0:0c:41:3d:
                    5f:98:45:b7:5b:8e:d8:67:cb:33:b1:5e:11:3c:a3:
                    75:60:20:8d:75:0d:58:a3:bf:9a:37:ac:14:6b:76:
                    17:73:d2:04:12:6e:66:44:83:03:ec:2f:e9:04:85:
                    e3:b7:fa:99:f6:67:73:20:63:a8:b3:e6:bd:2a:6e:
                    e9:e3:cf:ee:b9:c0:5e:16:6d:46:9d:85:ee:15:7e:
                    dd:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:41:A6:5A:E8:C4:3A:47:50:BF:44:ED:FC:9E:A6:B1:4D:0A:FD:CE
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4BDEC242B74D11EDBA999DECF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:c8:b5:e7:ab:92:04:4c:8b:e1:bc:bb:17:e6:d0:67:18:6f:
         bd:10:39:52:25:bd:fc:e9:56:52:54:fd:53:8d:98:e1:23:fa:
         fc:a9:72:16:6e:3b:9b:06:6e:c0:f9:dd:47:7a:e3:91:c5:28:
         d0:79:68:76:7e:3a:df:ad:f2:da:f8:5d:bc:4d:ab:ff:5d:fd:
         22:ad:eb:e0:a1:0e:68:96:5d:bb:f3:02:01:82:2d:68:86:8a:
         23:b2:4d:f6:83:b5:48:56:31:4a:c7:32:6c:56:94:90:00:e9:
         70:34:17:9e:a5:da:61:17:69:ae:f3:f8:5f:84:56:13:d1:08:
         0d:59:cb:0c:fb:bd:0e:78:b4:0e:d9:6b:4d:ed:ff:41:88:1c:
         4b:a9:ec:87:52:86:be:8b:41:f8:d5:76:a7:1c:08:74:46:d3:
         84:4f:16:36:35:1f:ff:2e:72:63:ff:18:4b:4a:93:8e:4b:b9:
         63:fc:4b:11:12:97:ad:15:1b:47:d8:31:56:d9:95:7f:f9:b2:
         38:63:02:c1:6f:fe:26:cf:d1:fd:94:9f:0d:23:a4:cf:6d:23:
         fe:a1:3e:08:11:49:12:22:cd:26:38:61:db:c3:e1:ff:b3:0a:
         71:25:f7:0f:85:26:aa:e5:3d:95:80:00:ae:3f:99:b2:f3:79:
         1d:29:54:d9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDIgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjgwOTUwMDlaFw0yNTAyMjgwOTUwMDlaMBgxFjAU
BgNVBAMMDTYzZmRjZTU1LWRiOWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5Sl6aa3sgnOgxcSgFKGWPcidwW9Aw6ebdHxxl0CLf4xZCBq2xejOAXHeu
ocQpJYt5yzANkOF7EnkIVKu6uZMw6JABz9NCIfjYW7Vn/OXej0VDhHK4ysLrmFfo
uqQw+Omo+JLQrQX4NyQn+KG9Br9wzyYvv51ilZ3mosI1vAk3IDomRomw7TMf6ZEx
XUjnHAYF8OZMXlLysIRXNx8i8vttg58fERGMXvF63rcEfh0Z0AxBPV+YRbdbjthn
yzOxXhE8o3VgII11DVijv5o3rBRrdhdz0gQSbmZEgwPsL+kEheO3+pn2Z3MgY6iz
5r0qbunjz+65wF4WbUadhe4Vft3HAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUnUGm
WujEOkdQv0Tt/J6msU0K/c4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzRCREVDMjQyQjc0RDExRURCQTk5OURFQ0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMowDQYJKoZIhvcNAQEL
BQADggEBADrIteerkgRMi+G8uxfm0GcYb70QOVIlvfzpVlJU/VONmOEj+vypchZu
O5sGbsD53Ud645HFKNB5aHZ+Ot+t8tr4XbxNq/9d/SKt6+ChDmiWXbvzAgGCLWiG
iiOyTfaDtUhWMUrHMmxWlJAA6XA0F56l2mEXaa7z+F+EVhPRCA1Zywz7vQ54tA7Z
a03t/0GIHEup7IdShr6LQfjVdqccCHRG04RPFjY1H/8ucmP/GEtKk45LuWP8SxES
l60VG0fYMVbZlX/5sjhjAsFv/ibP0f2Unw0jpM9tI/6hPggRSRIizSY4YdvD4f+z
CnEl9w+FJqrlPZWAAK4/mbLzeR0pVNk=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:54 2024 by rpki-client on console-fra.rpki-client.org