Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/614A8D0C3E7E11EDBA5ED7C4F1222468.roa
File:                     614A8D0C3E7E11EDBA5ED7C4F1222468.roa (raw, json)
Hash identifier:          ak//V+UZtXISvUJF1/eZKLSBbqAqhBFpHuKdKZoTdiA=
Subject key identifier:   B3:56:B1:F5:56:38:DF:A3:89:AE:00:2E:D7:3F:3C:A2:5C:8E:E7:2C
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       09C4
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/614A8D0C3E7E11EDBA5ED7C4F1222468.roa
Signing time:             Tue 27 Sep 2022 16:06:44 +0000
ROA not before:           Tue 27 Sep 2022 16:06:39 +0000
ROA not after:            Mon 30 Sep 2024 16:06:39 +0000
asID:                     212238
IP address blocks:        154.16.185.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2500 (0x9c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Sep 27 16:06:39 2022 GMT
            Not After : Sep 30 16:06:39 2024 GMT
        Subject: CN=63331f94-abbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:98:0f:29:1a:53:b3:9f:0a:89:e7:65:5c:a8:
                    2a:3c:b2:1d:5d:ed:c3:99:1f:83:22:1f:81:91:2c:
                    be:8b:e2:e5:e5:89:3f:fc:fe:7d:99:09:a7:6a:96:
                    8f:0e:31:89:0f:df:31:8a:c2:ab:75:74:ac:4f:6b:
                    e4:e3:33:c1:fd:d8:f9:de:17:ec:3e:37:97:59:ad:
                    5d:5b:6a:d1:58:9c:a5:73:47:01:62:af:d1:1b:3f:
                    ce:dd:56:05:dd:71:ed:87:a9:e5:54:46:20:9e:2c:
                    79:b6:44:62:53:29:5f:75:2c:28:cc:cb:88:a7:e8:
                    15:c1:f6:3d:d0:6b:d5:9c:dd:21:f8:f0:69:a3:57:
                    59:3a:ea:ba:71:4a:f5:6a:11:9b:28:42:f9:21:38:
                    71:61:d5:e4:66:b8:96:20:7c:71:b0:30:ac:42:63:
                    34:ab:87:65:ba:f8:5b:14:91:c9:f8:34:ae:de:43:
                    44:cc:a4:16:2d:fb:7b:96:66:9d:55:0e:7f:03:0e:
                    b1:81:06:c1:e0:7e:66:23:42:d1:f3:da:74:91:8a:
                    2e:8e:7e:83:16:cb:07:4b:12:44:fb:ef:ba:91:98:
                    d1:95:99:b0:cf:1d:eb:f7:22:81:77:36:83:aa:ae:
                    83:e4:e8:54:e6:79:1e:db:12:7f:36:45:2d:57:a2:
                    17:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:56:B1:F5:56:38:DF:A3:89:AE:00:2E:D7:3F:3C:A2:5C:8E:E7:2C
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/614A8D0C3E7E11EDBA5ED7C4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:74:00:f9:6e:4a:98:9b:22:4f:ea:e9:70:1f:32:d7:a5:56:
         71:22:58:8e:8a:fc:e8:02:b8:db:a7:ca:aa:d4:fb:78:bc:82:
         89:d1:b5:b9:26:ef:0f:88:34:07:b2:a6:bc:d6:78:2b:42:9e:
         a1:87:1e:e8:78:b9:dc:c1:cf:1b:e0:67:56:0c:01:3a:59:6c:
         a9:93:ac:7b:33:4d:f0:b8:fc:f1:1d:a3:dd:b5:92:46:fa:3b:
         6e:42:f8:e7:c1:3a:08:5f:23:d3:0d:b4:af:ec:66:72:c9:45:
         ee:cc:06:be:ae:5a:96:cd:44:85:a7:71:ae:e6:dd:6d:31:9c:
         cd:01:d8:7b:0d:25:ab:c1:3b:3c:9b:c1:65:cb:ac:22:5f:d3:
         fa:03:23:8b:5f:41:25:39:07:8e:eb:77:ac:c7:b3:08:13:4e:
         90:70:fb:7c:e8:3d:0a:24:53:21:bb:01:35:2f:f0:80:ce:f7:
         18:c9:63:ae:35:97:d9:49:4a:35:df:16:02:91:f1:9b:bf:c9:
         de:de:61:a7:0a:63:28:7c:49:c4:1a:80:5e:63:2c:80:40:f4:
         68:64:62:6f:1b:49:e1:16:dc:87:71:4c:0d:05:df:b2:a7:cc:
         29:d6:20:a1:3d:28:6f:f3:d9:ab:a6:80:39:e2:11:ee:9d:98:
         70:dd:e2:fe
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCcQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjA5MjcxNjA2MzlaFw0yNDA5MzAxNjA2MzlaMBgxFjAU
BgNVBAMMDTYzMzMxZjk0LWFiYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCxmA8pGlOznwqJ52VcqCo8sh1d7cOZH4MiH4GRLL6L4uXliT/8/n2ZCadq
lo8OMYkP3zGKwqt1dKxPa+TjM8H92PneF+w+N5dZrV1batFYnKVzRwFir9EbP87d
VgXdce2HqeVURiCeLHm2RGJTKV91LCjMy4in6BXB9j3Qa9Wc3SH48GmjV1k66rpx
SvVqEZsoQvkhOHFh1eRmuJYgfHGwMKxCYzSrh2W6+FsUkcn4NK7eQ0TMpBYt+3uW
Zp1VDn8DDrGBBsHgfmYjQtHz2nSRii6OfoMWywdLEkT777qRmNGVmbDPHev3IoF3
NoOqroPk6FTmeR7bEn82RS1XohdpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUs1ax
9VY436OJrgAu1z88olyO5ywwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzYxNEE4RDBDM0U3RTExRURCQTVFRDdDNEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaELkwDQYJKoZIhvcNAQEL
BQADggEBAC10APluSpibIk/q6XAfMtelVnEiWI6K/OgCuNunyqrU+3i8gonRtbkm
7w+INAeyprzWeCtCnqGHHuh4udzBzxvgZ1YMATpZbKmTrHszTfC4/PEdo921kkb6
O25C+OfBOghfI9MNtK/sZnLJRe7MBr6uWpbNRIWnca7m3W0xnM0B2HsNJavBOzyb
wWXLrCJf0/oDI4tfQSU5B47rd6zHswgTTpBw+3zoPQokUyG7ATUv8IDO9xjJY641
l9lJSjXfFgKR8Zu/yd7eYacKYyh8ScQagF5jLIBA9GhkYm8bSeEW3IdxTA0F37Kn
zCnWIKE9KG/z2aumgDniEe6dmHDd4v4=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:32:54 2024 by rpki-client on console-fra.rpki-client.org