Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5E3E578C8B8611EEA67ECE1A4AD9E6FC.roa
File:                     5E3E578C8B8611EEA67ECE1A4AD9E6FC.roa (raw, json)
Hash identifier:          1qyYJo353MVgj1xJQH/3j9Q52dBWjU9BU8UwHwA4NBQ=
Subject key identifier:   FE:35:61:3A:FD:E7:8B:22:9D:AE:AC:B6:F7:D6:B8:7E:CA:CF:12:CD
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       136B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5E3E578C8B8611EEA67ECE1A4AD9E6FC.roa
Signing time:             Sat 25 Nov 2023 11:32:52 +0000
ROA not before:           Sat 25 Nov 2023 11:32:48 +0000
ROA not after:            Tue 25 Nov 2025 11:32:48 +0000
asID:                     212238
IP address blocks:        154.16.60.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4971 (0x136b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 25 11:32:48 2023 GMT
            Not After : Nov 25 11:32:48 2025 GMT
        Subject: CN=6561db64-af60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:77:c6:01:b4:cb:21:73:91:ed:9c:d8:f5:15:
                    b6:8e:e4:a1:d8:c6:84:d2:e6:7c:d9:62:eb:80:6e:
                    e5:d5:08:cb:96:28:75:39:0d:e5:98:b7:fa:31:27:
                    df:c7:38:a1:4d:a7:f8:61:ff:3c:02:7c:b0:85:1d:
                    06:93:aa:b4:c2:b1:02:21:d4:3b:03:87:fa:e4:40:
                    fd:7f:1e:b7:c6:1c:6d:dc:56:57:1f:f8:d4:81:e4:
                    8f:de:74:5b:c3:0a:18:08:6d:23:8a:98:f3:51:8e:
                    e4:08:60:09:65:32:70:d0:6f:37:78:95:bf:be:d1:
                    c4:17:f9:f0:16:d0:df:ce:4d:7f:7c:4c:10:42:df:
                    37:ef:db:bd:f6:24:aa:9d:b5:c3:6f:4b:cf:e9:db:
                    c0:e9:93:ed:0a:c6:bf:ff:2b:4c:40:14:ee:14:33:
                    8a:f6:58:4b:b6:4a:e7:af:e4:22:59:d8:b5:db:98:
                    e8:21:c6:8c:93:06:f0:f7:e0:29:81:d7:38:d9:03:
                    7e:f0:57:32:db:28:81:fb:0b:9b:ca:06:a8:5f:46:
                    7e:95:dc:e1:9a:c0:6b:c0:48:d1:8f:42:6e:19:bb:
                    97:38:a7:01:79:31:18:50:5e:30:49:ae:89:56:16:
                    29:56:d8:81:8c:bd:79:c1:43:f0:d8:9a:74:3e:d2:
                    22:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:35:61:3A:FD:E7:8B:22:9D:AE:AC:B6:F7:D6:B8:7E:CA:CF:12:CD
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5E3E578C8B8611EEA67ECE1A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:13:ee:c5:bf:9e:ff:de:60:3c:19:bd:60:76:2d:22:f0:a5:
         10:4c:37:ec:49:0e:a7:fc:53:2b:8a:17:8f:95:e2:33:ef:92:
         a4:fa:26:0e:97:75:e6:96:9b:46:f2:52:bd:54:76:e5:f3:e3:
         6a:56:4f:12:0c:35:13:27:46:b5:22:e2:a3:97:2b:d4:aa:cf:
         27:b5:78:3c:c7:bb:e6:ec:f3:79:5e:d7:dd:a1:de:7e:29:ec:
         49:37:cd:c1:c0:67:6f:25:37:36:99:78:a5:ad:ed:a7:df:52:
         03:8c:1f:56:ac:15:4c:e0:e4:18:57:0b:28:70:f7:62:43:1c:
         82:bd:7d:84:7d:31:bf:6e:96:a7:6c:9e:a1:a8:65:68:36:9a:
         59:af:4c:dc:08:d0:de:16:8d:df:45:f7:98:4a:e9:bd:fe:55:
         f4:97:04:68:1b:6a:4e:b9:6a:b0:77:51:53:bd:b2:c6:8b:63:
         8e:d1:63:e2:ef:db:80:cd:dd:80:c5:b7:bf:11:a2:e7:3f:a6:
         d2:05:a6:f8:e4:bf:92:13:25:88:df:3a:fe:89:22:a6:c5:58:
         bf:55:46:35:33:f0:8a:49:34:16:c2:82:28:03:6b:ea:2f:6f:
         7c:e7:24:26:cc:14:58:88:2e:32:33:92:83:4a:81:fe:db:0e:
         64:a1:87:71
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE2swDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTMyNDhaFw0yNTExMjUxMTMyNDhaMBgxFjAU
BgNVBAMTDTY1NjFkYjY0LWFmNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDod8YBtMshc5HtnNj1FbaO5KHYxoTS5nzZYuuAbuXVCMuWKHU5DeWYt/ox
J9/HOKFNp/hh/zwCfLCFHQaTqrTCsQIh1DsDh/rkQP1/HrfGHG3cVlcf+NSB5I/e
dFvDChgIbSOKmPNRjuQIYAllMnDQbzd4lb++0cQX+fAW0N/OTX98TBBC3zfv2732
JKqdtcNvS8/p28Dpk+0Kxr//K0xAFO4UM4r2WEu2Suev5CJZ2LXbmOghxoyTBvD3
4CmB1zjZA37wVzLbKIH7C5vKBqhfRn6V3OGawGvASNGPQm4Zu5c4pwF5MRhQXjBJ
rolWFilW2IGMvXnBQ/DYmnQ+0iKRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU/jVh
Ov3niyKdrqy299a4fsrPEs0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzVFM0U1NzhDOEI4NjExRUVBNjdFQ0UxQTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDwwDQYJKoZIhvcNAQEL
BQADggEBAIgT7sW/nv/eYDwZvWB2LSLwpRBMN+xJDqf8UyuKF4+V4jPvkqT6Jg6X
deaWm0byUr1UduXz42pWTxIMNRMnRrUi4qOXK9Sqzye1eDzHu+bs83le192h3n4p
7Ek3zcHAZ28lNzaZeKWt7affUgOMH1asFUzg5BhXCyhw92JDHIK9fYR9Mb9ulqds
nqGoZWg2mlmvTNwI0N4Wjd9F95hK6b3+VfSXBGgbak65arB3UVO9ssaLY47RY+Lv
24DN3YDFt78Rouc/ptIFpvjkv5ITJYjfOv6JIqbFWL9VRjUz8IpJNBbCgigDa+ov
b3znJCbMFFiILjIzkoNKgf7bDmShh3E=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:04 2024 by rpki-client on console-fra.rpki-client.org