Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5813BEEC0C8211EF8E7A0A4C017001B1.roa
File:                     5813BEEC0C8211EF8E7A0A4C017001B1.roa (raw, json)
Hash identifier:          pdP686ir/SVKtmemrceA0ryKiNneGjAClL1MV4yJIdI=
Subject key identifier:   77:97:F7:D0:18:D7:0F:38:9C:63:C5:85:02:3D:92:55:E7:3D:F3:08
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       162C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5813BEEC0C8211EF8E7A0A4C017001B1.roa
Signing time:             Tue 07 May 2024 14:59:04 +0000
ROA not before:           Tue 07 May 2024 14:59:00 +0000
ROA not after:            Sat 09 May 2026 14:59:00 +0000
asID:                     212238
IP address blocks:        154.16.139.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5676 (0x162c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May  7 14:59:00 2024 GMT
            Not After : May  9 14:59:00 2026 GMT
        Subject: CN=663a41b7-2f52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:35:f8:81:f8:a6:a3:f9:5c:10:20:0a:e4:1f:
                    36:09:42:c5:dc:8e:c8:0c:ca:7f:8f:a7:36:3c:ab:
                    54:0d:3d:9f:5c:f8:ba:7e:65:1a:d7:33:9b:ec:c4:
                    f4:b9:b6:d4:47:94:42:ab:d9:67:d5:c9:08:b7:85:
                    b3:54:5c:80:5a:84:62:02:f5:74:d4:94:71:65:47:
                    d4:a8:65:52:dd:15:3c:f5:a8:7c:b0:8e:26:f8:1f:
                    17:73:c6:4c:6d:12:a8:f2:85:50:34:f5:c7:73:1c:
                    6c:05:14:54:76:1d:b1:1d:7a:a6:46:15:4e:ed:42:
                    95:14:f3:63:1d:5f:41:fd:4f:8d:2d:f4:54:ae:65:
                    9f:98:4d:3b:87:5c:71:11:0e:d2:19:b7:b2:48:37:
                    8e:5e:c6:0c:fc:8d:50:c3:cf:07:17:9c:e1:24:fa:
                    ed:47:70:b2:98:f5:47:12:c1:de:ad:91:b9:61:86:
                    04:ff:93:73:3a:00:15:a9:06:a7:13:2d:cf:da:87:
                    eb:7e:58:ac:13:11:6a:8d:5f:68:54:7c:4f:e7:54:
                    aa:fc:f8:6d:d1:32:43:e1:47:fc:b6:69:15:43:9f:
                    99:fd:57:6e:6f:38:b3:75:85:90:72:7c:6b:11:50:
                    4d:a6:78:87:07:96:26:2c:93:0c:ab:e7:75:61:95:
                    78:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:97:F7:D0:18:D7:0F:38:9C:63:C5:85:02:3D:92:55:E7:3D:F3:08
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5813BEEC0C8211EF8E7A0A4C017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:ed:07:74:42:de:06:13:2d:7b:44:74:49:22:32:e2:c3:32:
         1e:d1:a7:00:61:43:33:c1:84:d4:8f:23:48:b2:99:d6:00:1f:
         87:f4:a4:3c:5a:d9:c6:c1:ce:b5:20:50:c4:24:a0:4d:39:58:
         7a:37:2d:0d:34:d5:14:3d:1a:b7:7b:1f:5f:50:4e:b2:10:80:
         ef:ea:c7:14:43:89:06:a4:67:1a:49:8f:30:60:37:41:e2:3c:
         7a:b9:0b:39:ae:cb:f4:52:81:ad:c0:5c:9e:00:0a:45:84:f7:
         a4:5f:8b:9a:75:ea:41:61:f5:94:e2:ad:8a:be:7a:4c:78:e7:
         9f:5a:d8:c5:1c:79:97:bd:c9:00:8c:1e:11:fe:51:da:4d:58:
         38:be:03:7b:e9:f9:28:d8:c5:68:4c:91:b5:a5:22:e3:4b:03:
         bb:90:65:d7:7b:bd:e4:4a:ed:c1:aa:b8:4b:57:89:3a:3c:3a:
         b4:cf:08:22:23:c3:35:ef:e3:f9:fa:bc:07:02:4d:36:53:ed:
         ba:6c:09:94:9e:71:24:a1:04:c9:07:49:6c:6e:84:85:25:88:
         9c:1a:01:7e:03:39:d8:dc:dc:cc:c5:10:28:0d:ec:2a:64:61:
         9e:5d:d0:0e:e2:36:de:53:f8:37:35:f2:86:2b:26:dd:5f:ba:
         ad:9d:8e:e2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFiwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MDcxNDU5MDBaFw0yNjA1MDkxNDU5MDBaMBgxFjAU
BgNVBAMTDTY2M2E0MWI3LTJmNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCsNfiB+Kaj+VwQIArkHzYJQsXcjsgMyn+PpzY8q1QNPZ9c+Lp+ZRrXM5vs
xPS5ttRHlEKr2WfVyQi3hbNUXIBahGIC9XTUlHFlR9SoZVLdFTz1qHywjib4Hxdz
xkxtEqjyhVA09cdzHGwFFFR2HbEdeqZGFU7tQpUU82MdX0H9T40t9FSuZZ+YTTuH
XHERDtIZt7JIN45exgz8jVDDzwcXnOEk+u1HcLKY9UcSwd6tkblhhgT/k3M6ABWp
BqcTLc/ah+t+WKwTEWqNX2hUfE/nVKr8+G3RMkPhR/y2aRVDn5n9V25vOLN1hZBy
fGsRUE2meIcHliYskwyr53VhlXhPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUd5f3
0BjXDzicY8WFAj2SVec98wgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU4MTNCRUVDMEM4MjExRUY4RTdBMEE0QzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIswDQYJKoZIhvcNAQEL
BQADggEBAHTtB3RC3gYTLXtEdEkiMuLDMh7RpwBhQzPBhNSPI0iymdYAH4f0pDxa
2cbBzrUgUMQkoE05WHo3LQ001RQ9Grd7H19QTrIQgO/qxxRDiQakZxpJjzBgN0Hi
PHq5Czmuy/RSga3AXJ4ACkWE96Rfi5p16kFh9ZTirYq+ekx4559a2MUceZe9yQCM
HhH+UdpNWDi+A3vp+SjYxWhMkbWlIuNLA7uQZdd7veRK7cGquEtXiTo8OrTPCCIj
wzXv4/n6vAcCTTZT7bpsCZSecSShBMkHSWxuhIUliJwaAX4DOdjc3MzFECgN7Cpk
YZ5d0A7iNt5T+Dc18oYrJt1fuq2djuI=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:02 2024 by rpki-client on console-ams.rpki-client.org