Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5BB54744078011EE8310A75A4AD9E6FC.roa
File:                     5BB54744078011EE8310A75A4AD9E6FC.roa (raw, json)
Hash identifier:          8emrIl4QravV+msgRcdZxkIzf6auwsriDcJBMr2xL2M=
Subject key identifier:   4E:99:A2:B2:D9:22:47:57:58:79:B0:93:30:C4:5F:67:D2:95:99:C2
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0F28
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5BB54744078011EE8310A75A4AD9E6FC.roa
Signing time:             Sat 10 Jun 2023 11:17:17 +0000
ROA not before:           Sat 10 Jun 2023 11:17:13 +0000
ROA not after:            Tue 10 Jun 2025 11:17:13 +0000
asID:                     14445
IP address blocks:        154.16.43.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3880 (0xf28)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun 10 11:17:13 2023 GMT
            Not After : Jun 10 11:17:13 2025 GMT
        Subject: CN=64845bbd-4a1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:70:5d:eb:6b:eb:a1:91:f9:47:cf:72:40:f3:
                    6a:3a:3b:6d:d5:31:f1:00:84:ab:20:b7:a5:8b:2e:
                    7e:dc:3a:8e:f6:28:e5:22:07:f4:17:ea:19:3e:38:
                    95:8e:7b:9d:87:c6:4e:2b:ad:e5:a0:cb:71:2a:a9:
                    f6:0c:0e:36:eb:5a:16:ac:15:64:53:39:ed:6d:04:
                    f6:d6:b8:ec:b4:e1:3c:3f:f9:50:3c:78:e1:c0:3c:
                    b4:ec:23:95:b9:62:8d:af:12:74:eb:33:cd:58:17:
                    55:0b:ef:ad:e9:b5:84:bc:94:86:0c:dc:aa:b4:0b:
                    df:71:72:bb:7d:b3:5a:32:ec:f3:47:74:6c:c5:7b:
                    91:7f:d2:2a:9b:6d:79:24:e5:ea:31:b4:d5:c4:97:
                    9a:0a:d0:f6:12:39:8c:bd:37:bb:d9:0b:3d:1d:dc:
                    ef:7c:55:56:fc:9b:86:38:cc:b9:1b:90:84:26:77:
                    51:f4:5b:58:20:c3:0b:fc:83:0f:28:3c:32:4d:49:
                    54:a4:6b:15:ce:61:04:1d:5b:73:9f:61:c5:1e:81:
                    46:dc:2c:7c:6c:fa:f5:1d:5d:94:89:60:e1:3a:7c:
                    fb:0d:b4:6b:21:c1:db:ec:93:f4:95:68:13:6a:67:
                    dc:e7:3e:df:b9:9e:17:08:8f:35:8e:33:5b:64:59:
                    0b:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:99:A2:B2:D9:22:47:57:58:79:B0:93:30:C4:5F:67:D2:95:99:C2
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5BB54744078011EE8310A75A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c2:31:07:2a:da:04:39:e4:a0:66:64:71:22:4d:84:33:be:47:
         89:16:71:18:42:f7:d3:f9:9f:f1:41:06:c3:45:06:80:51:ba:
         da:80:3a:3c:27:c1:e9:02:8d:09:17:c1:87:3b:32:ec:5e:02:
         b6:01:59:27:1e:62:76:75:a6:71:0c:18:da:0b:7c:a5:5a:31:
         91:9e:76:d4:85:32:b3:18:ff:df:8c:77:11:bd:c0:a9:58:0f:
         ab:e2:00:10:97:b0:03:55:39:01:67:ff:14:20:df:f9:39:ae:
         c2:a3:1b:db:75:0e:82:76:bc:21:7a:4b:66:08:c0:c4:a8:fe:
         a8:fc:8e:de:5d:4b:37:de:44:9e:a3:ac:5b:82:27:ab:a1:92:
         8a:11:17:60:4a:6c:c7:9b:17:3d:e1:ee:0e:30:30:1f:cc:17:
         03:fc:0f:3e:1e:fa:b3:7a:83:84:6a:88:d2:0b:6e:0d:82:22:
         7f:1c:a2:74:0f:d4:0d:f2:40:38:47:27:86:a9:d8:f2:57:17:
         6b:69:6c:b4:ff:d0:13:69:9c:0c:13:f7:21:e7:25:44:d9:07:
         49:c7:90:11:09:f7:30:d0:c2:65:ed:2d:82:2e:3a:18:32:a8:
         75:c7:71:22:d9:35:7e:76:b3:e9:1d:41:fb:d1:a7:11:67:e2:
         ff:c9:71:07
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDygwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MTAxMTE3MTNaFw0yNTA2MTAxMTE3MTNaMBgxFjAU
BgNVBAMTDTY0ODQ1YmJkLTRhMWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJcF3ra+uhkflHz3JA82o6O23VMfEAhKsgt6WLLn7cOo72KOUiB/QX6hk+
OJWOe52Hxk4rreWgy3EqqfYMDjbrWhasFWRTOe1tBPbWuOy04Tw/+VA8eOHAPLTs
I5W5Yo2vEnTrM81YF1UL763ptYS8lIYM3Kq0C99xcrt9s1oy7PNHdGzFe5F/0iqb
bXkk5eoxtNXEl5oK0PYSOYy9N7vZCz0d3O98VVb8m4Y4zLkbkIQmd1H0W1ggwwv8
gw8oPDJNSVSkaxXOYQQdW3OfYcUegUbcLHxs+vUdXZSJYOE6fPsNtGshwdvsk/SV
aBNqZ9znPt+5nhcIjzWOM1tkWQv9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUTpmi
stkiR1dYebCTMMRfZ9KVmcIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzVCQjU0NzQ0MDc4MDExRUU4MzEwQTc1QTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECswDQYJKoZIhvcNAQEL
BQADggEBAMIxByraBDnkoGZkcSJNhDO+R4kWcRhC99P5n/FBBsNFBoBRutqAOjwn
wekCjQkXwYc7MuxeArYBWSceYnZ1pnEMGNoLfKVaMZGedtSFMrMY/9+MdxG9wKlY
D6viABCXsANVOQFn/xQg3/k5rsKjG9t1DoJ2vCF6S2YIwMSo/qj8jt5dSzfeRJ6j
rFuCJ6uhkooRF2BKbMebFz3h7g4wMB/MFwP8Dz4e+rN6g4RqiNILbg2CIn8conQP
1A3yQDhHJ4ap2PJXF2tpbLT/0BNpnAwT9yHnJUTZB0nHkBEJ9zDQwmXtLYIuOhgy
qHXHcSLZNX52s+kdQfvRpxFn4v/JcQc=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:50 2024 by rpki-client on console-ams.rpki-client.org