Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/57F825CCF9B611ED928E566F4AD9E6FC.roa
File:                     57F825CCF9B611ED928E566F4AD9E6FC.roa (raw, json)
Hash identifier:          4Fx65b+84xVJ831zCcvQLV7xf5r7UYSHbq8zcxJqIys=
Subject key identifier:   E4:FF:42:E9:D8:B8:37:F0:0C:5D:A4:F4:0B:14:57:73:38:6A:2D:7C
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0DD5
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/57F825CCF9B611ED928E566F4AD9E6FC.roa
Signing time:             Tue 23 May 2023 22:08:27 +0000
ROA not before:           Tue 23 May 2023 22:08:23 +0000
ROA not after:            Thu 29 May 2025 22:08:23 +0000
asID:                     46337
IP address blocks:        154.16.117.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3541 (0xdd5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 23 22:08:23 2023 GMT
            Not After : May 29 22:08:23 2025 GMT
        Subject: CN=646d395b-b186
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:70:bd:10:13:f5:f4:d6:07:b3:52:a9:b4:93:
                    a2:58:81:d6:5b:ba:c7:99:1a:9e:74:39:19:ad:26:
                    15:5f:53:42:70:4c:14:f3:c2:76:b8:2f:4f:9d:fb:
                    3f:9f:e3:64:f6:c2:b0:4f:59:e8:74:55:7a:ec:a3:
                    22:cb:5f:c1:b6:ae:98:ec:ef:47:f0:a0:de:b7:53:
                    b6:4b:e6:17:da:48:a4:b2:57:8c:1e:f6:02:48:7a:
                    7b:1b:c3:7a:ff:a7:51:69:02:a7:ee:10:0a:12:e6:
                    d3:b4:0a:dc:a2:16:7f:58:5b:0a:ba:f7:6c:7d:d6:
                    0e:70:59:36:a7:36:95:1f:3f:54:3c:1c:7b:1c:8d:
                    b3:ad:2c:b2:44:9c:e0:6b:50:2e:74:b6:db:1c:d4:
                    99:e5:b6:9e:c8:01:e1:5c:07:83:f3:60:76:73:95:
                    19:2e:97:70:f2:20:ad:86:ce:76:6d:67:21:80:d0:
                    2c:a7:03:23:b8:e7:11:a9:65:37:d7:7a:d1:19:95:
                    04:03:00:52:98:57:18:90:14:6c:8b:85:9b:10:e4:
                    ad:1b:6b:e8:43:45:44:1a:04:f5:af:e9:cd:56:93:
                    44:90:0c:e2:d1:5c:72:8d:c6:c0:88:34:78:9c:70:
                    9b:31:e5:29:34:55:81:40:40:7e:3e:2e:3b:2e:60:
                    a3:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:FF:42:E9:D8:B8:37:F0:0C:5D:A4:F4:0B:14:57:73:38:6A:2D:7C
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/57F825CCF9B611ED928E566F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:b8:a6:03:67:c5:b6:9a:aa:c2:d6:db:e0:ae:f7:29:09:fc:
         df:8d:78:65:19:93:ae:2d:19:4d:4d:5a:b4:b3:cd:6a:01:13:
         66:2c:83:3b:e7:fd:9d:02:e5:a6:62:bc:c4:c6:e4:39:d7:fd:
         3e:8d:9e:49:28:f2:d4:90:a1:06:91:1f:06:79:54:62:25:1c:
         87:21:ac:82:4c:c1:df:07:b4:cb:86:41:31:7c:dd:24:87:d0:
         38:d0:ea:f9:dd:37:16:92:89:85:6a:f2:48:03:e2:37:63:44:
         11:7b:21:47:c1:75:59:1c:3d:15:e6:38:ef:92:c0:58:13:78:
         f4:73:21:41:bc:ba:e2:73:f9:8d:b2:41:39:e2:b1:22:9f:da:
         0d:30:ca:f2:be:9b:b8:e9:44:c0:27:73:58:b6:7d:5c:c4:ce:
         ed:d0:61:8c:00:ef:1e:42:a2:d0:52:15:0f:dc:54:13:f2:78:
         d1:29:77:df:02:23:a9:15:c9:ae:d3:4d:8c:77:7d:87:bd:5c:
         7a:f9:fd:2a:a6:ac:a3:53:45:a6:89:e7:8d:52:67:6b:55:39:
         06:71:b5:11:20:49:76:aa:40:cb:19:bd:31:62:cf:3a:2c:6f:
         46:bf:3b:91:09:ba:c1:e1:1e:8f:80:e8:db:9a:e0:8c:d1:bc:
         fb:78:bd:fa
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDdUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA1MjMyMjA4MjNaFw0yNTA1MjkyMjA4MjNaMBgxFjAU
BgNVBAMTDTY0NmQzOTViLWIxODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5cL0QE/X01gezUqm0k6JYgdZbuseZGp50ORmtJhVfU0JwTBTzwna4L0+d
+z+f42T2wrBPWeh0VXrsoyLLX8G2rpjs70fwoN63U7ZL5hfaSKSyV4we9gJIensb
w3r/p1FpAqfuEAoS5tO0CtyiFn9YWwq692x91g5wWTanNpUfP1Q8HHscjbOtLLJE
nOBrUC50ttsc1Jnltp7IAeFcB4PzYHZzlRkul3DyIK2GznZtZyGA0CynAyO45xGp
ZTfXetEZlQQDAFKYVxiQFGyLhZsQ5K0ba+hDRUQaBPWv6c1Wk0SQDOLRXHKNxsCI
NHiccJsx5Sk0VYFAQH4+LjsuYKMjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU5P9C
6di4N/AMXaT0CxRXczhqLXwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU3RjgyNUNDRjlCNjExRUQ5MjhFNTY2RjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHUwDQYJKoZIhvcNAQEL
BQADggEBAGq4pgNnxbaaqsLW2+Cu9ykJ/N+NeGUZk64tGU1NWrSzzWoBE2Ysgzvn
/Z0C5aZivMTG5DnX/T6Nnkko8tSQoQaRHwZ5VGIlHIchrIJMwd8HtMuGQTF83SSH
0DjQ6vndNxaSiYVq8kgD4jdjRBF7IUfBdVkcPRXmOO+SwFgTePRzIUG8uuJz+Y2y
QTnisSKf2g0wyvK+m7jpRMAnc1i2fVzEzu3QYYwA7x5CotBSFQ/cVBPyeNEpd98C
I6kVya7TTYx3fYe9XHr5/SqmrKNTRaaJ541SZ2tVOQZxtREgSXaqQMsZvTFizzos
b0a/O5EJusHhHo+A6Nua4IzRvPt4vfo=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:05 2024 by rpki-client on console-ams.rpki-client.org