Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4CE36DACE86911EE932D88A4775412E6.roa
File:                     4CE36DACE86911EE932D88A4775412E6.roa (raw, json)
Hash identifier:          g40vlzldgnrEZJDABebnuOX+r7LC0RrXe2TBsvJrJl4=
Subject key identifier:   C8:24:48:AE:CB:99:27:F5:5E:4B:58:EC:D3:0D:AD:B1:AD:3E:0A:7A
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1573
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4CE36DACE86911EE932D88A4775412E6.roa
Signing time:             Fri 22 Mar 2024 16:29:05 +0000
ROA not before:           Fri 22 Mar 2024 16:29:02 +0000
ROA not after:            Sun 22 Mar 2026 16:29:02 +0000
asID:                     29802
IP address blocks:        154.16.215.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5491 (0x1573)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar 22 16:29:02 2024 GMT
            Not After : Mar 22 16:29:02 2026 GMT
        Subject: CN=65fdb1d1-7b99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e0:1e:19:4b:3a:71:6e:bf:f5:1f:d3:a7:42:
                    ba:6c:b6:30:37:b8:ad:27:0c:bb:9c:a4:ac:b4:5f:
                    7d:30:ff:a1:3c:a8:cf:65:ba:3e:8e:f2:e5:19:c6:
                    cc:b8:4f:59:45:52:60:46:28:2c:60:a8:16:79:64:
                    46:2f:95:af:c0:dc:8e:ae:42:15:f7:96:e5:bd:47:
                    4b:37:33:f9:b6:fa:46:c9:96:d9:40:07:f6:29:66:
                    04:cc:7b:cb:2d:af:ca:d8:38:6f:d4:2b:a4:6d:3d:
                    d7:d0:ed:41:40:62:ac:72:cd:33:a1:ac:2d:ae:8f:
                    bf:0f:6e:8f:0c:5c:c1:ae:34:42:81:c9:bc:91:e2:
                    c5:8f:06:af:95:fc:bf:54:86:e8:80:fa:17:33:e9:
                    2b:c3:1e:13:76:1e:02:30:0d:76:91:54:d3:6d:b6:
                    d2:ab:a1:4c:9d:d3:bc:96:97:35:42:0d:98:ce:ce:
                    cb:da:51:61:c2:05:a2:2b:6a:06:5d:30:c0:90:11:
                    cd:db:ac:5c:ed:04:b7:91:2e:ac:7c:29:ca:95:1b:
                    df:d1:3b:95:27:b1:ec:5a:83:f9:b1:e2:09:ef:a7:
                    c9:55:4a:ae:71:63:a2:70:71:cd:59:44:ad:45:c9:
                    20:a7:c9:c3:32:c5:76:42:aa:8a:7f:13:74:68:f4:
                    90:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:24:48:AE:CB:99:27:F5:5E:4B:58:EC:D3:0D:AD:B1:AD:3E:0A:7A
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4CE36DACE86911EE932D88A4775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:ee:bb:78:64:db:4a:04:0f:cc:81:9d:8f:81:0e:ff:d9:9f:
         be:27:60:f5:fb:03:ec:8d:37:4b:19:3b:91:23:b5:cd:5b:7b:
         fb:5a:62:3c:cc:b9:ae:f4:59:a4:03:6c:56:2d:7b:31:2a:f9:
         3c:d0:42:c6:69:27:c1:c0:b7:0f:bb:8a:ee:a8:c0:70:de:37:
         c0:f5:69:58:4e:0a:c6:f2:8e:d4:6e:8d:1e:c5:cf:39:b8:b9:
         91:c0:68:21:e5:aa:43:0c:7a:a2:5e:36:72:ad:f0:50:05:fc:
         22:70:24:32:24:0d:6e:4a:e0:44:88:58:c1:2e:92:f6:c3:3f:
         7d:1f:a0:b2:44:38:e6:88:84:08:6d:7b:d3:4b:92:82:35:da:
         57:c1:9d:ea:8b:69:2c:c2:4a:94:69:7b:36:70:64:2d:6a:e9:
         ff:1f:58:2b:24:34:be:75:ed:23:ee:9e:7d:d4:00:04:bf:5e:
         bc:f5:c8:23:d2:e8:45:43:cc:20:34:05:69:02:8b:06:77:44:
         ee:76:17:dc:3d:c8:6e:c5:8b:1b:1e:0d:25:46:f9:e9:eb:e2:
         e7:6c:51:8a:92:3d:b3:32:b1:78:6f:2c:86:bc:9d:bf:05:63:
         ac:8b:65:a7:5d:4d:79:28:7b:48:ea:6b:d3:0c:f5:b3:a2:57:
         2a:00:ba:0e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFXMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMjIxNjI5MDJaFw0yNjAzMjIxNjI5MDJaMBgxFjAU
BgNVBAMTDTY1ZmRiMWQxLTdiOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCb4B4ZSzpxbr/1H9OnQrpstjA3uK0nDLucpKy0X30w/6E8qM9luj6O8uUZ
xsy4T1lFUmBGKCxgqBZ5ZEYvla/A3I6uQhX3luW9R0s3M/m2+kbJltlAB/YpZgTM
e8str8rYOG/UK6RtPdfQ7UFAYqxyzTOhrC2uj78Pbo8MXMGuNEKBybyR4sWPBq+V
/L9UhuiA+hcz6SvDHhN2HgIwDXaRVNNtttKroUyd07yWlzVCDZjOzsvaUWHCBaIr
agZdMMCQEc3brFztBLeRLqx8KcqVG9/RO5Unsexag/mx4gnvp8lVSq5xY6Jwcc1Z
RK1FySCnycMyxXZCqop/E3Ro9JD5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUyCRI
rsuZJ/VeS1js0w2tsa0+CnowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzRDRTM2REFDRTg2OTExRUU5MzJEODhBNDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENcwDQYJKoZIhvcNAQEL
BQADggEBAIjuu3hk20oED8yBnY+BDv/Zn74nYPX7A+yNN0sZO5Ejtc1be/taYjzM
ua70WaQDbFYtezEq+TzQQsZpJ8HAtw+7iu6owHDeN8D1aVhOCsbyjtRujR7Fzzm4
uZHAaCHlqkMMeqJeNnKt8FAF/CJwJDIkDW5K4ESIWMEukvbDP30foLJEOOaIhAht
e9NLkoI12lfBneqLaSzCSpRpezZwZC1q6f8fWCskNL517SPunn3UAAS/Xrz1yCPS
6EVDzCA0BWkCiwZ3RO52F9w9yG7FixseDSVG+enr4udsUYqSPbMysXhvLIa8nb8F
Y6yLZaddTXkoe0jqa9MM9bOiVyoAug4=
-----END CERTIFICATE-----
Generated at Sun Jul 14 02:50:28 2024 by rpki-client on console-ams.rpki-client.org