Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5708E83419EC11EFA71A4A27017001B1.roa
File:                     5708E83419EC11EFA71A4A27017001B1.roa (raw, json)
Hash identifier:          JxJGkXoPBisFr6jD79sVooWmFzUMp3DriD0zWzsDS5g=
Subject key identifier:   2E:05:E3:AC:42:54:55:92:8B:50:12:FC:8A:45:EA:19:ED:14:C2:FF
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       168A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5708E83419EC11EFA71A4A27017001B1.roa
Signing time:             Fri 24 May 2024 16:40:33 +0000
ROA not before:           Fri 24 May 2024 16:40:30 +0000
ROA not after:            Sun 24 May 2026 16:40:30 +0000
asID:                     13213
IP address blocks:        154.16.212.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5770 (0x168a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 24 16:40:30 2024 GMT
            Not After : May 24 16:40:30 2026 GMT
        Subject: CN=6650c301-f576
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:98:67:a4:73:76:dc:aa:8c:68:02:e1:7c:90:
                    5e:29:70:c6:7d:cf:f4:fa:d9:f9:bb:5b:bc:68:77:
                    b8:0d:6e:27:8e:35:3a:66:e3:88:c2:ad:82:9b:1d:
                    35:1d:fb:63:a9:21:2e:4f:72:f4:75:60:78:24:d7:
                    f2:1f:80:52:9e:d5:ae:80:c4:7f:5b:dd:85:f8:6b:
                    59:1a:6b:29:50:bb:a9:35:6a:26:f8:20:51:03:68:
                    44:3c:cd:ff:c3:18:da:c0:93:98:c3:10:88:86:a1:
                    6f:b2:59:99:ea:ba:be:9e:96:3e:49:8e:5f:76:98:
                    1d:8c:62:8c:78:e3:ea:4f:18:60:69:62:5c:eb:5e:
                    43:11:f5:1f:7a:62:f6:cb:b6:7a:ab:4f:4b:d7:be:
                    6e:5c:2e:91:97:f8:c8:d2:72:8d:aa:e6:3c:19:dc:
                    80:2c:e2:25:e8:1e:0c:12:a3:8a:08:aa:59:6e:18:
                    c9:de:65:c1:c1:9a:99:8d:dd:b7:d0:70:9d:c1:1a:
                    ea:25:81:86:4b:0b:92:8e:02:4c:30:22:9e:2f:65:
                    74:70:13:c4:b4:37:24:b2:9f:37:b9:bf:8b:33:ea:
                    30:c3:23:a5:d0:26:c0:7f:eb:90:09:b0:88:66:d6:
                    34:e2:6a:6a:32:37:97:97:ba:3d:ab:e2:c3:bc:b6:
                    51:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:05:E3:AC:42:54:55:92:8B:50:12:FC:8A:45:EA:19:ED:14:C2:FF
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5708E83419EC11EFA71A4A27017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:61:bf:4d:03:88:dc:f8:f9:c3:23:d1:07:8e:f1:00:a6:36:
         08:a0:ba:8b:ea:94:43:16:fa:9c:c1:f1:33:8e:b3:76:cb:80:
         d7:7a:66:13:1d:e9:7e:90:40:a8:24:bf:7f:bb:f4:d5:bf:e2:
         d8:e9:0c:3b:19:97:94:e3:b4:52:d5:05:95:9c:8a:2c:76:39:
         89:98:05:6e:c7:87:a5:dd:57:7f:59:fd:d9:a9:5b:0a:7d:bb:
         23:9e:64:dd:93:9e:f7:89:2f:9e:72:3b:f3:a9:03:5f:8e:69:
         d7:c9:b5:bf:48:02:29:29:cb:0a:26:9d:5d:00:6e:79:3a:f5:
         67:b5:0c:07:92:c7:c6:aa:b2:7a:cc:71:01:bb:da:b9:f7:be:
         41:c2:e1:76:8a:d6:fa:48:0d:11:7b:23:5b:ba:82:35:2f:79:
         e6:00:ad:4a:32:66:db:b9:8c:a4:0e:ef:ab:a2:bb:d3:89:b5:
         18:4c:10:1a:07:92:7f:f1:c8:fc:00:b8:cf:6b:0d:b0:91:21:
         fc:9e:ad:e9:96:0f:a6:29:c4:df:7a:fb:be:97:e7:8b:5a:33:
         33:ff:a4:f5:0e:6d:a6:23:ba:ab:09:6f:00:63:8c:1f:cc:3f:
         27:15:a2:10:0f:82:45:9a:a5:34:65:b8:49:75:22:b8:d3:d4:
         49:c5:11:88
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFoowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MjQxNjQwMzBaFw0yNjA1MjQxNjQwMzBaMBgxFjAU
BgNVBAMTDTY2NTBjMzAxLWY1NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCimGekc3bcqoxoAuF8kF4pcMZ9z/T62fm7W7xod7gNbieONTpm44jCrYKb
HTUd+2OpIS5PcvR1YHgk1/IfgFKe1a6AxH9b3YX4a1kaaylQu6k1aib4IFEDaEQ8
zf/DGNrAk5jDEIiGoW+yWZnqur6elj5Jjl92mB2MYox44+pPGGBpYlzrXkMR9R96
YvbLtnqrT0vXvm5cLpGX+MjSco2q5jwZ3IAs4iXoHgwSo4oIqlluGMneZcHBmpmN
3bfQcJ3BGuolgYZLC5KOAkwwIp4vZXRwE8S0NySynze5v4sz6jDDI6XQJsB/65AJ
sIhm1jTiamoyN5eXuj2r4sO8tlHhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQULgXj
rEJUVZKLUBL8ikXqGe0Uwv8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU3MDhFODM0MTlFQzExRUZBNzFBNEEyNzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENQwDQYJKoZIhvcNAQEL
BQADggEBAB5hv00DiNz4+cMj0QeO8QCmNgiguovqlEMW+pzB8TOOs3bLgNd6ZhMd
6X6QQKgkv3+79NW/4tjpDDsZl5TjtFLVBZWciix2OYmYBW7Hh6XdV39Z/dmpWwp9
uyOeZN2TnveJL55yO/OpA1+OadfJtb9IAikpywomnV0Abnk69We1DAeSx8aqsnrM
cQG72rn3vkHC4XaK1vpIDRF7I1u6gjUveeYArUoyZtu5jKQO76uiu9OJtRhMEBoH
kn/xyPwAuM9rDbCRIfyeremWD6YpxN96+76X54taMzP/pPUObaYjuqsJbwBjjB/M
PycVohAPgkWapTRluEl1IrjT1EnFEYg=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:04 2024 by rpki-client on console-fra.rpki-client.org