Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6020446CFFD011EDA25D9F784AD9E6FC.roa
File:                     6020446CFFD011EDA25D9F784AD9E6FC.roa (raw, json)
Hash identifier:          gploBIKklAx0zCGykPFsfi/MSaO412KATe4fEh7ZY/Q=
Subject key identifier:   97:F7:57:66:33:04:4E:B5:1C:57:01:E8:41:C1:F2:B4:F3:94:77:0F
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0E2E
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6020446CFFD011EDA25D9F784AD9E6FC.roa
Signing time:             Wed 31 May 2023 16:29:55 +0000
ROA not before:           Wed 31 May 2023 16:29:51 +0000
ROA not after:            Sat 31 May 2025 16:29:51 +0000
asID:                     834
IP address blocks:        154.16.43.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3630 (0xe2e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 31 16:29:51 2023 GMT
            Not After : May 31 16:29:51 2025 GMT
        Subject: CN=64777603-92e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f4:3a:07:19:92:59:39:6d:11:93:c2:e9:91:
                    0a:a8:46:a2:79:2e:0b:71:61:6a:ab:81:ae:32:ca:
                    eb:89:7b:e4:94:e1:a4:ec:70:1a:42:82:d4:57:ac:
                    71:de:7c:56:e4:35:fe:e9:38:dc:4e:f5:5e:97:0c:
                    95:e2:2c:44:cb:7d:eb:14:81:db:f0:7c:49:40:6e:
                    90:7f:c1:56:2f:96:7d:20:68:9a:cf:ed:14:c2:4b:
                    68:4d:1b:5a:6f:3f:00:a1:42:c6:3a:6d:ac:c1:cf:
                    06:01:ae:01:b4:5a:fd:f8:a9:c4:2c:3e:db:5a:3b:
                    21:44:3f:d8:a6:95:b3:d1:30:07:d3:e5:a1:21:a2:
                    f7:29:f0:69:85:1e:84:77:13:0c:9f:c8:5d:a0:cb:
                    36:45:10:08:bb:22:fa:5a:c5:df:a6:e3:25:64:e5:
                    72:36:0f:87:44:88:5e:e5:22:17:46:f8:67:65:b8:
                    20:74:77:46:6c:d8:b2:ab:47:74:c3:03:23:b1:9f:
                    86:df:85:01:65:8b:52:a8:a0:09:9c:61:07:98:3c:
                    da:4e:7a:5c:a4:76:76:27:b8:88:55:c6:c4:83:82:
                    c2:fb:0b:5b:8f:c9:81:79:c9:5d:1d:10:fc:a3:7a:
                    28:46:30:22:9a:3e:35:71:97:a8:d3:18:69:7a:79:
                    5e:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:F7:57:66:33:04:4E:B5:1C:57:01:E8:41:C1:F2:B4:F3:94:77:0F
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6020446CFFD011EDA25D9F784AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:2d:7c:3c:d3:bf:bf:29:cb:08:1d:ba:19:35:3a:df:ab:d6:
         f3:4e:06:63:30:44:01:65:85:2a:d5:3b:1d:67:dc:02:68:93:
         a3:7e:c2:1e:df:39:99:ac:31:51:60:97:63:f5:18:8d:26:5e:
         a6:79:c9:9a:15:23:ad:ce:7f:91:62:ab:d9:c2:51:95:99:0b:
         2f:e9:a3:0d:ca:1f:d6:2c:84:b4:a7:da:23:84:74:18:16:d6:
         39:bd:07:3d:8f:ba:fa:e9:97:b4:ce:d9:08:ad:1b:2b:1b:6e:
         fb:d2:8c:54:b0:a0:c3:29:2b:27:13:5c:68:36:31:21:9a:3a:
         ed:18:4e:0f:c3:8c:88:17:36:a9:3c:22:74:c3:4d:32:0b:50:
         56:ae:a2:92:bd:99:b7:10:7e:ab:03:5d:4b:ba:58:43:60:01:
         b5:0f:30:29:6e:13:cf:18:e3:ee:82:d2:35:4b:f5:b5:b2:aa:
         88:ad:8e:c2:86:f5:3b:8e:2a:20:ab:66:20:1c:60:6c:d8:5c:
         19:f1:71:7f:9d:a6:e1:15:56:4d:8d:79:34:58:20:34:0a:d8:
         3f:8d:63:a9:42:8d:0e:68:e6:98:c0:46:a4:c2:8e:af:1c:e2:
         d9:36:b5:44:5e:bd:8d:53:41:6e:94:0c:16:c7:6b:80:44:8b:
         09:ed:0b:64
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDi4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA1MzExNjI5NTFaFw0yNTA1MzExNjI5NTFaMBgxFjAU
BgNVBAMTDTY0Nzc3NjAzLTkyZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDH9DoHGZJZOW0Rk8LpkQqoRqJ5LgtxYWqrga4yyuuJe+SU4aTscBpCgtRX
rHHefFbkNf7pONxO9V6XDJXiLETLfesUgdvwfElAbpB/wVYvln0gaJrP7RTCS2hN
G1pvPwChQsY6bazBzwYBrgG0Wv34qcQsPttaOyFEP9imlbPRMAfT5aEhovcp8GmF
HoR3EwyfyF2gyzZFEAi7Ivpaxd+m4yVk5XI2D4dEiF7lIhdG+GdluCB0d0Zs2LKr
R3TDAyOxn4bfhQFli1KooAmcYQeYPNpOelykdnYnuIhVxsSDgsL7C1uPyYF5yV0d
EPyjeihGMCKaPjVxl6jTGGl6eV4rAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUl/dX
ZjMETrUcVwHoQcHytPOUdw8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzYwMjA0NDZDRkZEMDExRURBMjVEOUY3ODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECswDQYJKoZIhvcNAQEL
BQADggEBAJYtfDzTv78pywgduhk1Ot+r1vNOBmMwRAFlhSrVOx1n3AJok6N+wh7f
OZmsMVFgl2P1GI0mXqZ5yZoVI63Of5Fiq9nCUZWZCy/pow3KH9YshLSn2iOEdBgW
1jm9Bz2Puvrpl7TO2QitGysbbvvSjFSwoMMpKycTXGg2MSGaOu0YTg/DjIgXNqk8
InTDTTILUFauopK9mbcQfqsDXUu6WENgAbUPMCluE88Y4+6C0jVL9bWyqoitjsKG
9TuOKiCrZiAcYGzYXBnxcX+dpuEVVk2NeTRYIDQK2D+NY6lCjQ5o5pjARqTCjq8c
4tk2tURevY1TQW6UDBbHa4BEiwntC2Q=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:32:54 2024 by rpki-client on console-fra.rpki-client.org