Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/55C8EDAE18F011EFBFAE8823017001B1.roa
File:                     55C8EDAE18F011EFBFAE8823017001B1.roa (raw, json)
Hash identifier:          43KhZ11rH+sHUVyNqCzbQSS1ALNn4aFhkXOk6X7enL0=
Subject key identifier:   95:19:47:CB:76:E5:16:A0:CD:E7:02:17:AA:58:F4:36:E2:71:7E:E0
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1675
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/55C8EDAE18F011EFBFAE8823017001B1.roa
Signing time:             Thu 23 May 2024 10:36:38 +0000
ROA not before:           Thu 23 May 2024 10:36:34 +0000
ROA not after:            Sat 23 May 2026 10:36:34 +0000
asID:                     834
IP address blocks:        154.16.161.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5749 (0x1675)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 23 10:36:34 2024 GMT
            Not After : May 23 10:36:34 2026 GMT
        Subject: CN=664f1c36-c4aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:bc:71:3c:43:49:10:70:ee:67:60:9c:86:6c:
                    e3:ac:bb:fc:da:50:d4:9d:46:71:ec:4a:03:95:44:
                    cb:8e:4c:0d:5e:ec:58:41:c7:df:06:e2:53:24:25:
                    93:eb:bf:fa:b6:ca:8c:d9:07:20:17:e5:ad:12:8e:
                    7b:8b:8c:f4:0e:07:04:13:60:e0:6f:f5:b4:a2:64:
                    2a:39:7b:d2:bd:51:be:63:2f:4e:48:87:d3:8a:b6:
                    a3:da:ad:81:47:a2:e3:22:e2:a4:e9:76:0e:5d:4f:
                    55:9e:97:66:68:b7:cf:35:6c:0f:97:4c:99:40:a5:
                    1e:84:87:b1:2a:3b:ae:94:e1:62:ea:0a:8c:a2:b6:
                    7c:a7:9a:d1:52:68:d7:15:47:2e:f4:56:a7:07:65:
                    a7:01:3a:8d:9c:ef:1a:44:ac:a0:4b:4e:c1:4e:91:
                    6f:f9:be:e6:f4:f3:d8:69:30:19:72:68:07:e3:ed:
                    93:ea:6c:aa:4a:8b:13:79:7b:c7:b0:06:6c:11:0b:
                    ef:4f:e8:39:00:6c:61:d2:35:48:3c:4e:d6:22:ae:
                    72:20:47:ed:81:0f:0f:f7:0b:a3:3e:9e:c3:1b:c2:
                    d5:7d:36:66:6a:35:f2:ed:fc:e9:c5:d6:b1:9f:99:
                    66:a2:c7:71:33:ac:0d:8e:c6:64:be:93:80:ac:60:
                    ca:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:19:47:CB:76:E5:16:A0:CD:E7:02:17:AA:58:F4:36:E2:71:7E:E0
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/55C8EDAE18F011EFBFAE8823017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:f5:72:80:67:b8:8d:22:76:f1:32:98:4f:a0:37:f5:9b:38:
         31:ca:70:fb:31:16:f3:ae:36:d0:f2:1b:e0:fe:fa:0a:90:ff:
         ae:c7:1e:36:70:b7:e5:d1:0f:aa:1e:37:98:2e:36:8b:4a:b3:
         b0:4f:c3:42:a6:02:3d:52:90:71:ce:f6:24:eb:00:cb:dd:8c:
         b8:8b:41:1c:3f:94:ef:ab:79:03:9c:88:fc:d1:dc:c3:04:ba:
         42:f0:73:8a:62:63:00:09:ee:ee:85:48:e4:4d:ea:8a:be:f7:
         63:23:a9:0c:c2:ce:7d:f8:49:6a:15:44:e8:96:0c:4d:a8:82:
         70:b8:b3:55:84:9e:c1:47:9f:4c:04:5f:69:e9:26:2d:ed:28:
         ed:62:41:80:ff:44:19:9b:5a:78:08:0b:11:8d:75:9e:1c:da:
         14:5b:8c:e5:f2:20:70:a1:f6:58:8d:7a:d3:08:2d:32:8f:d6:
         55:9f:96:6a:22:a6:7a:69:ea:12:b6:17:ea:35:37:41:46:57:
         d6:f9:d5:89:ba:67:88:8d:48:34:b2:10:14:e3:16:1b:f8:b4:
         53:e9:db:af:e1:38:ea:b2:cc:cc:cd:20:58:94:5a:db:a8:73:
         8d:bf:3f:f9:ef:02:c5:a2:47:7c:e8:12:b0:b6:d1:a6:55:15:
         b0:10:e3:65
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFnUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MjMxMDM2MzRaFw0yNjA1MjMxMDM2MzRaMBgxFjAU
BgNVBAMTDTY2NGYxYzM2LWM0YWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/vHE8Q0kQcO5nYJyGbOOsu/zaUNSdRnHsSgOVRMuOTA1e7FhBx98G4lMk
JZPrv/q2yozZByAX5a0SjnuLjPQOBwQTYOBv9bSiZCo5e9K9Ub5jL05Ih9OKtqPa
rYFHouMi4qTpdg5dT1Wel2Zot881bA+XTJlApR6Eh7EqO66U4WLqCoyitnynmtFS
aNcVRy70VqcHZacBOo2c7xpErKBLTsFOkW/5vub089hpMBlyaAfj7ZPqbKpKixN5
e8ewBmwRC+9P6DkAbGHSNUg8TtYirnIgR+2BDw/3C6M+nsMbwtV9NmZqNfLt/OnF
1rGfmWaix3EzrA2OxmS+k4CsYMplAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUlRlH
y3blFqDN5wIXqlj0NuJxfuAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU1QzhFREFFMThGMDExRUZCRkFFODgyMzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEKEwDQYJKoZIhvcNAQEL
BQADggEBAKf1coBnuI0idvEymE+gN/WbODHKcPsxFvOuNtDyG+D++gqQ/67HHjZw
t+XRD6oeN5guNotKs7BPw0KmAj1SkHHO9iTrAMvdjLiLQRw/lO+reQOciPzR3MME
ukLwc4piYwAJ7u6FSORN6oq+92MjqQzCzn34SWoVROiWDE2ognC4s1WEnsFHn0wE
X2npJi3tKO1iQYD/RBmbWngICxGNdZ4c2hRbjOXyIHCh9liNetMILTKP1lWflmoi
pnpp6hK2F+o1N0FGV9b51Ym6Z4iNSDSyEBTjFhv4tFPp26/hOOqyzMzNIFiUWtuo
c42/P/nvAsWiR3zoErC20aZVFbAQ42U=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:02 2024 by rpki-client on console-ams.rpki-client.org