Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5F903156B9ED11EE82800B96775412E6.roa
File:                     5F903156B9ED11EE82800B96775412E6.roa (raw, json)
Hash identifier:          Qs1toRKZdKPIn/x+wNxAMA2CmW09EX0fbhdSrbQ3fhE=
Subject key identifier:   1B:C9:54:44:A3:B4:A6:53:80:72:BC:0F:BB:03:B3:56:F9:F2:AB:FE
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1477
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5F903156B9ED11EE82800B96775412E6.roa
Signing time:             Tue 23 Jan 2024 12:46:06 +0000
ROA not before:           Tue 23 Jan 2024 12:46:02 +0000
ROA not after:            Fri 23 Jan 2026 12:46:02 +0000
asID:                     212238
IP address blocks:        154.16.142.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5239 (0x1477)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jan 23 12:46:02 2024 GMT
            Not After : Jan 23 12:46:02 2026 GMT
        Subject: CN=65afb50e-37c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:65:e8:2c:5e:e8:17:77:8e:8d:62:4a:ec:9d:
                    31:b6:f3:df:7b:34:c4:fa:c5:8d:7a:46:db:24:4d:
                    7b:6f:2e:8b:a1:14:f7:bd:97:66:9e:80:83:bc:7b:
                    53:ff:53:22:67:38:82:61:bb:df:86:a9:db:59:82:
                    11:9e:93:1d:5c:b6:cd:49:66:ed:73:57:19:8e:1c:
                    42:3b:89:fc:70:f1:b5:d2:60:dd:e0:c1:62:b1:d9:
                    62:39:44:41:50:70:ad:08:12:64:df:17:45:57:54:
                    38:15:d7:e9:6f:d5:89:eb:fa:cf:6a:2c:86:a8:92:
                    74:02:9f:25:5f:78:74:ca:0f:b0:49:0f:fe:c4:a4:
                    6a:86:22:fc:6d:48:5e:e6:e3:e9:d8:ba:1c:1b:2f:
                    4c:0c:b3:21:a7:89:ca:f8:ba:86:14:20:c2:08:c2:
                    88:09:43:b8:54:38:87:67:93:e2:e4:0e:d0:76:68:
                    ea:3b:1c:a7:46:b5:ec:0f:0a:b8:a4:a9:05:98:da:
                    55:b2:0d:7e:cc:74:66:d3:33:55:a2:69:a8:0c:36:
                    b4:f6:a4:a3:ff:e6:ae:fc:6f:69:ea:ec:14:5a:27:
                    b2:09:ef:4c:ab:a5:04:08:a1:b8:6d:ec:ce:14:9d:
                    ae:72:19:bb:73:cd:7f:04:19:df:ef:a3:e0:fc:e4:
                    0f:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:C9:54:44:A3:B4:A6:53:80:72:BC:0F:BB:03:B3:56:F9:F2:AB:FE
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5F903156B9ED11EE82800B96775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:89:ad:6f:29:f7:85:b8:e0:cf:71:2a:fe:63:b1:6b:26:25:
         e2:3d:b2:da:4a:96:18:6e:60:87:e7:89:ce:ad:3d:fd:9f:3c:
         fc:b0:ed:40:f3:e2:6c:df:0b:dc:c0:78:37:dd:97:e2:28:aa:
         82:be:e0:0d:0f:22:b0:43:73:ff:9f:dc:a6:0c:da:94:ac:69:
         ad:65:0f:d7:37:41:a8:7b:6e:27:19:81:56:53:01:85:3c:30:
         ac:ac:60:b0:c1:4b:49:1c:b9:99:03:09:29:04:6f:9c:d2:31:
         2b:4a:61:c2:89:cc:b3:dc:81:66:b4:a9:35:13:69:28:b4:86:
         f3:9f:89:30:f2:64:25:39:1e:14:bf:ce:7d:f5:f7:b5:5c:8a:
         9e:7f:85:d7:a5:79:29:97:c4:2a:80:12:9b:67:7b:ee:cd:03:
         6e:07:ef:2c:c3:81:2e:01:c4:14:73:99:60:13:6d:c8:dc:3a:
         5e:a4:aa:b0:5b:99:75:05:08:c4:4d:61:ce:16:20:1e:f0:a3:
         7b:77:16:97:a4:ff:48:97:08:8e:58:a0:4b:b4:88:da:5b:41:
         0d:1a:0a:b4:e3:f7:a1:62:4b:40:81:9a:ec:6d:ad:83:89:de:
         36:ec:27:92:77:96:dd:f6:d7:07:ba:08:dd:6d:53:3a:9e:bb:
         2c:b2:c9:d9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFHcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAxMjMxMjQ2MDJaFw0yNjAxMjMxMjQ2MDJaMBgxFjAU
BgNVBAMTDTY1YWZiNTBlLTM3YzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPZegsXugXd46NYkrsnTG28997NMT6xY16RtskTXtvLouhFPe9l2aegIO8
e1P/UyJnOIJhu9+GqdtZghGekx1cts1JZu1zVxmOHEI7ifxw8bXSYN3gwWKx2WI5
REFQcK0IEmTfF0VXVDgV1+lv1Ynr+s9qLIaoknQCnyVfeHTKD7BJD/7EpGqGIvxt
SF7m4+nYuhwbL0wMsyGnicr4uoYUIMIIwogJQ7hUOIdnk+LkDtB2aOo7HKdGtewP
CrikqQWY2lWyDX7MdGbTM1WiaagMNrT2pKP/5q78b2nq7BRaJ7IJ70yrpQQIobht
7M4Una5yGbtzzX8EGd/vo+D85A/TAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUG8lU
RKO0plOAcrwPuwOzVvnyq/4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzVGOTAzMTU2QjlFRDExRUU4MjgwMEI5Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEI4wDQYJKoZIhvcNAQEL
BQADggEBAIGJrW8p94W44M9xKv5jsWsmJeI9stpKlhhuYIfnic6tPf2fPPyw7UDz
4mzfC9zAeDfdl+IoqoK+4A0PIrBDc/+f3KYM2pSsaa1lD9c3Qah7bicZgVZTAYU8
MKysYLDBS0kcuZkDCSkEb5zSMStKYcKJzLPcgWa0qTUTaSi0hvOfiTDyZCU5HhS/
zn3197Vcip5/hdeleSmXxCqAEptne+7NA24H7yzDgS4BxBRzmWATbcjcOl6kqrBb
mXUFCMRNYc4WIB7wo3t3Fpek/0iXCI5YoEu0iNpbQQ0aCrTj96FiS0CBmuxtrYOJ
3jbsJ5J3lt321we6CN1tUzqeuyyyydk=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org