Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/56D5F3E47FBD11EEA5B8AC2F4AD9E6FC.roa
File:                     56D5F3E47FBD11EEA5B8AC2F4AD9E6FC.roa (raw, json)
Hash identifier:          qqHZglegW2jQ2TMsb7ErZqN2HU356YM8F1qOeC7Pgbc=
Subject key identifier:   92:1F:85:28:F2:C9:19:7A:60:B3:5B:CA:E4:E8:E7:46:48:0B:C2:9A
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1313
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/56D5F3E47FBD11EEA5B8AC2F4AD9E6FC.roa
Signing time:             Fri 10 Nov 2023 11:36:08 +0000
ROA not before:           Fri 10 Nov 2023 11:36:04 +0000
ROA not after:            Mon 10 Nov 2025 11:36:04 +0000
asID:                     9087
IP address blocks:        154.16.76.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4883 (0x1313)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 10 11:36:04 2023 GMT
            Not After : Nov 10 11:36:04 2025 GMT
        Subject: CN=654e15a8-60b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:13:6b:94:d3:9d:b7:9b:3f:a7:dd:58:14:a6:
                    72:bd:16:1e:e3:2d:24:cb:29:68:16:98:8e:a1:2d:
                    ff:61:9e:23:10:20:55:61:5a:57:cf:a6:ea:7c:a1:
                    04:8b:5f:81:5c:52:b4:19:42:d9:7c:b2:90:6b:71:
                    95:39:2b:74:d9:bd:14:41:b8:7a:b3:e7:65:3d:b0:
                    dd:f1:53:6e:54:df:cd:38:6b:f2:8f:33:25:da:8f:
                    b0:18:07:4c:6f:16:e6:f2:64:ca:be:b6:33:c2:2c:
                    c0:ec:e0:4d:32:75:bf:30:ea:5a:4f:02:7d:07:87:
                    fa:1c:56:48:95:0c:5b:fa:2b:b0:9f:55:82:52:e5:
                    c3:27:d4:92:69:9e:6a:2e:bf:80:d9:69:23:a9:05:
                    86:90:fc:a2:6d:0d:1f:9b:20:6a:4b:1f:87:db:44:
                    c9:9d:88:fc:91:3c:19:d1:c8:7c:89:17:46:8c:4a:
                    9c:a1:fb:24:6b:5a:3b:0f:9b:e3:9a:d1:2c:98:1b:
                    57:90:18:fd:49:63:d0:50:20:03:10:3a:49:6a:22:
                    9e:30:68:09:b3:a0:17:2e:84:1e:35:dd:36:84:49:
                    78:bb:cb:6f:08:ca:0e:16:65:4e:b4:06:e3:f6:38:
                    17:70:e3:0a:32:f5:6c:27:a5:67:86:47:bc:ca:f5:
                    d8:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:1F:85:28:F2:C9:19:7A:60:B3:5B:CA:E4:E8:E7:46:48:0B:C2:9A
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/56D5F3E47FBD11EEA5B8AC2F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:8e:b4:43:25:78:dd:65:3f:2d:84:1c:51:a5:76:aa:8e:16:
         b2:04:f4:91:b0:ef:61:41:e8:61:b3:ea:97:11:05:bc:60:62:
         1f:fa:f8:94:0e:79:33:34:6f:4e:7d:68:fd:12:e9:67:7b:bd:
         76:01:a7:12:d8:be:a8:fe:d2:e5:7a:9f:cd:7a:d4:6b:69:98:
         6b:e3:0b:2d:f7:1d:7d:3c:81:0e:86:6a:c3:71:3b:c0:dc:11:
         58:f3:1c:d7:18:bb:4b:b3:f2:f4:05:03:d7:07:6e:ae:76:16:
         fa:77:96:14:dd:c8:5d:ed:23:36:f7:8c:c9:ec:74:75:70:80:
         9e:8c:8c:44:0d:aa:15:ea:03:36:17:06:b4:81:f8:33:32:ef:
         19:e8:20:1c:8b:34:30:7b:7b:d6:bc:cf:3b:3e:be:08:75:37:
         e0:f1:5a:1d:23:40:f2:b0:26:2e:18:fd:08:8d:36:a5:4e:b6:
         f1:97:be:a5:6d:49:ae:0a:6b:04:f8:16:bb:76:25:6d:2b:3d:
         14:81:ea:a5:dd:a2:dd:ae:a9:e7:c0:50:1a:ad:07:1c:92:76:
         a7:3b:4d:fb:80:ca:ef:d6:94:84:e1:5c:93:8a:d4:9b:57:e3:
         47:ae:68:8e:56:ad:ed:88:71:dc:28:ef:93:f7:b3:e0:32:c7:
         44:15:a7:40
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICExMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMTAxMTM2MDRaFw0yNTExMTAxMTM2MDRaMBgxFjAU
BgNVBAMTDTY1NGUxNWE4LTYwYjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDgE2uU0523mz+n3VgUpnK9Fh7jLSTLKWgWmI6hLf9hniMQIFVhWlfPpup8
oQSLX4FcUrQZQtl8spBrcZU5K3TZvRRBuHqz52U9sN3xU25U3804a/KPMyXaj7AY
B0xvFubyZMq+tjPCLMDs4E0ydb8w6lpPAn0Hh/ocVkiVDFv6K7CfVYJS5cMn1JJp
nmouv4DZaSOpBYaQ/KJtDR+bIGpLH4fbRMmdiPyRPBnRyHyJF0aMSpyh+yRrWjsP
m+Oa0SyYG1eQGP1JY9BQIAMQOklqIp4waAmzoBcuhB413TaESXi7y28Iyg4WZU60
BuP2OBdw4woy9WwnpWeGR7zK9dhFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUkh+F
KPLJGXpgs1vK5OjnRkgLwpowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU2RDVGM0U0N0ZCRDExRUVBNUI4QUMyRjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEwwDQYJKoZIhvcNAQEL
BQADggEBAByOtEMleN1lPy2EHFGldqqOFrIE9JGw72FB6GGz6pcRBbxgYh/6+JQO
eTM0b059aP0S6Wd7vXYBpxLYvqj+0uV6n8161GtpmGvjCy33HX08gQ6GasNxO8Dc
EVjzHNcYu0uz8vQFA9cHbq52Fvp3lhTdyF3tIzb3jMnsdHVwgJ6MjEQNqhXqAzYX
BrSB+DMy7xnoIByLNDB7e9a8zzs+vgh1N+DxWh0jQPKwJi4Y/QiNNqVOtvGXvqVt
Sa4KawT4Frt2JW0rPRSB6qXdot2uqefAUBqtBxySdqc7TfuAyu/WlIThXJOK1JtX
40euaI5Wre2Icdwo75P3s+Ayx0QVp0A=
-----END CERTIFICATE-----
Generated at Sun Jul 14 02:50:28 2024 by rpki-client on console-ams.rpki-client.org