Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/563348A0A95811EEA1714D6E775412E6.roa
File:                     563348A0A95811EEA1714D6E775412E6.roa (raw, json)
Hash identifier:          TuNycjX903HCW5uG4eIZETfHDn0BmiW9WfSAeB3/N6w=
Subject key identifier:   BF:C0:F5:60:22:B8:E4:FE:F3:1D:78:48:CF:D9:92:BE:9E:8D:CE:06
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       143A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/563348A0A95811EEA1714D6E775412E6.roa
Signing time:             Tue 02 Jan 2024 10:18:56 +0000
ROA not before:           Tue 02 Jan 2024 10:18:53 +0000
ROA not after:            Thu 09 Jan 2025 10:18:53 +0000
asID:                     329384
IP address blocks:        154.16.62.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5178 (0x143a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jan  2 10:18:53 2024 GMT
            Not After : Jan  9 10:18:53 2025 GMT
        Subject: CN=6593e310-0c8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:1e:1f:e2:05:3a:eb:32:46:06:4a:bf:e3:70:
                    42:d4:58:b3:e1:1f:00:05:e3:a7:f7:dc:76:f9:c9:
                    0d:04:4f:b7:9f:30:40:65:f5:02:32:4b:59:64:fc:
                    5f:9e:a0:8e:7d:a7:ae:87:08:3e:5d:18:67:af:0c:
                    13:2a:09:5d:f1:a8:da:f4:bb:79:85:4c:e0:df:03:
                    56:25:c1:68:84:ef:4e:5e:e1:4b:58:e7:5d:99:d9:
                    03:06:85:5e:67:b2:50:d9:fa:6e:fd:7f:1d:50:af:
                    6b:20:37:17:71:34:c2:9c:e8:bf:77:21:ab:59:bf:
                    3a:cf:a6:fe:3d:1e:03:48:b7:06:9e:13:79:45:91:
                    df:03:a5:8a:e5:62:d3:3e:1b:ee:02:85:90:a5:07:
                    ad:23:38:cf:93:78:bc:1f:63:cc:98:2f:5e:71:06:
                    98:24:69:3a:71:8f:0a:88:cb:fe:fe:f9:bb:03:29:
                    a6:10:c5:39:71:81:e3:73:2f:8f:25:bf:77:1a:c9:
                    0b:dc:19:fb:02:05:cb:7c:15:2a:af:98:b5:e0:b6:
                    d8:b0:4d:14:20:f1:a4:bf:ce:0a:34:78:82:0b:c4:
                    b6:c5:b4:33:d4:ba:88:c8:b6:32:4d:13:65:be:e7:
                    bd:8f:21:bd:53:70:ad:65:c4:3c:4e:e0:e6:2a:bf:
                    77:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:C0:F5:60:22:B8:E4:FE:F3:1D:78:48:CF:D9:92:BE:9E:8D:CE:06
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/563348A0A95811EEA1714D6E775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:89:97:e2:43:2e:b0:bc:eb:e4:bf:76:a0:14:a7:c1:01:45:
         e9:2e:3a:11:3f:be:e7:2b:77:57:ff:3d:82:16:16:a8:3e:af:
         ea:9a:db:d8:ea:8f:b7:2c:98:82:a6:39:2c:8c:34:c3:61:be:
         9f:c3:b6:3c:7f:5e:0a:49:bb:73:af:90:34:89:65:90:56:d8:
         12:39:7f:69:89:c9:d5:6f:a5:73:34:6a:bb:5c:79:f4:3c:05:
         d1:a9:15:84:56:ba:da:07:9f:2b:3e:fe:40:b4:e8:e7:19:ef:
         6e:e1:42:96:40:f5:54:7a:9e:f1:2a:a9:f3:a3:c0:32:cc:36:
         b5:0d:1a:c9:c0:57:9b:13:9f:aa:7c:26:1d:f6:90:8e:b9:b8:
         7d:38:d9:98:4f:09:45:ef:8d:4d:a2:e3:fa:45:b2:c7:10:d6:
         79:bf:a4:ef:18:29:eb:1d:28:be:e7:b3:ab:c3:7f:f0:d8:f3:
         08:86:13:fa:cd:e2:76:45:e5:6c:45:e8:60:97:c8:d0:62:f1:
         ec:4e:05:e0:79:5a:ea:50:28:79:1c:53:fd:44:98:e9:5c:84:
         35:e8:82:84:04:1c:55:34:da:14:02:17:83:09:1f:5c:05:f4:
         91:a3:95:76:3d:57:53:de:82:49:d0:17:02:25:4e:10:06:97:
         a7:6f:4f:6b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFDowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAxMDIxMDE4NTNaFw0yNTAxMDkxMDE4NTNaMBgxFjAU
BgNVBAMTDTY1OTNlMzEwLTBjOGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdHh/iBTrrMkYGSr/jcELUWLPhHwAF46f33Hb5yQ0ET7efMEBl9QIyS1lk
/F+eoI59p66HCD5dGGevDBMqCV3xqNr0u3mFTODfA1YlwWiE705e4UtY512Z2QMG
hV5nslDZ+m79fx1Qr2sgNxdxNMKc6L93IatZvzrPpv49HgNItwaeE3lFkd8DpYrl
YtM+G+4ChZClB60jOM+TeLwfY8yYL15xBpgkaTpxjwqIy/7++bsDKaYQxTlxgeNz
L48lv3cayQvcGfsCBct8FSqvmLXgttiwTRQg8aS/zgo0eIILxLbFtDPUuojItjJN
E2W+572PIb1TcK1lxDxO4OYqv3e3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUv8D1
YCK45P7zHXhIz9mSvp6NzgYwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU2MzM0OEEwQTk1ODExRUVBMTcxNEQ2RTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaED4wDQYJKoZIhvcNAQEL
BQADggEBAK6Jl+JDLrC86+S/dqAUp8EBRekuOhE/vucrd1f/PYIWFqg+r+qa29jq
j7csmIKmOSyMNMNhvp/Dtjx/XgpJu3OvkDSJZZBW2BI5f2mJydVvpXM0artcefQ8
BdGpFYRWutoHnys+/kC06OcZ727hQpZA9VR6nvEqqfOjwDLMNrUNGsnAV5sTn6p8
Jh32kI65uH042ZhPCUXvjU2i4/pFsscQ1nm/pO8YKesdKL7ns6vDf/DY8wiGE/rN
4nZF5WxF6GCXyNBi8exOBeB5WupQKHkcU/1EmOlchDXogoQEHFU02hQCF4MJH1wF
9JGjlXY9V1PegknQFwIlThAGl6dvT2s=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:44 2024 by rpki-client on console-fra.rpki-client.org