Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6956010E032911EFA7FF7B26017001B1.roa
File:                     6956010E032911EFA7FF7B26017001B1.roa (raw, json)
Hash identifier:          riX5mH+y6HVMu7a/hqTf8fH8x8d1a8R2DC+hTiY0NBE=
Subject key identifier:   D1:84:05:A2:3A:8D:CB:6C:7B:5E:B7:B3:33:79:CC:E5:7A:2F:6D:4D
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1613
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6956010E032911EFA7FF7B26017001B1.roa
Signing time:             Thu 25 Apr 2024 17:29:47 +0000
ROA not before:           Thu 25 Apr 2024 17:29:43 +0000
ROA not after:            Sat 25 Apr 2026 17:29:43 +0000
asID:                     22168
IP address blocks:        154.16.240.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5651 (0x1613)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 25 17:29:43 2024 GMT
            Not After : Apr 25 17:29:43 2026 GMT
        Subject: CN=662a930b-57fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:88:cf:d4:19:66:c3:fe:6b:1e:88:24:50:0b:
                    df:92:98:ef:a5:13:d8:3a:a1:ea:68:5f:03:8d:4b:
                    23:3e:9d:23:b1:e8:22:a9:cc:9f:5d:bd:44:8e:1b:
                    27:09:b3:b0:87:28:ef:06:1d:b4:e0:5f:4b:9e:a4:
                    b8:29:ac:cf:31:4d:8a:bc:2a:f2:05:ee:44:20:40:
                    fa:be:3e:29:26:64:b1:2a:79:9a:47:8d:81:93:4e:
                    7b:8e:6a:63:0d:50:bf:e7:3d:f6:75:37:e1:b3:56:
                    7a:54:1f:71:4c:76:b5:d4:5d:4c:ea:ef:b5:5a:b2:
                    3a:51:43:54:88:a7:e9:23:0c:63:62:05:19:c2:1c:
                    84:80:2c:01:38:f5:43:3e:87:df:a8:5b:2f:7f:b9:
                    24:6d:6c:ea:c3:64:c4:99:0d:9f:47:d3:74:4c:50:
                    19:0e:a5:79:69:2f:bf:ea:82:02:d4:89:57:4a:30:
                    52:53:02:ae:76:bf:b5:da:01:24:6c:0d:5d:f0:06:
                    13:bd:77:62:34:d8:6f:92:42:82:32:34:b6:83:d1:
                    5e:59:bf:51:5c:b6:10:07:9d:90:a3:71:2f:ae:4b:
                    2a:9a:fe:67:1e:95:af:2a:df:5d:f6:c8:87:02:4a:
                    8f:3a:38:21:c0:e3:18:a6:4e:a0:c6:ef:31:51:56:
                    c0:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:84:05:A2:3A:8D:CB:6C:7B:5E:B7:B3:33:79:CC:E5:7A:2F:6D:4D
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6956010E032911EFA7FF7B26017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:85:b2:b0:8f:a7:96:e2:a7:92:5b:8b:3f:04:5e:ce:74:1f:
         38:3d:b1:7b:59:54:a7:6a:5c:f3:4e:a4:bb:56:a4:2a:93:db:
         1b:c5:5a:8f:b5:65:59:ba:84:75:8f:d0:d4:00:61:49:7d:2a:
         63:5c:83:64:37:84:92:19:98:48:4b:a3:50:b7:65:3b:b4:a8:
         ac:bd:80:50:02:bc:41:a1:a7:a9:6c:02:4f:7d:a0:d5:cb:a9:
         3e:d2:0d:6e:b1:8a:32:e7:26:93:4e:10:0f:28:27:05:de:07:
         c5:75:32:dd:d2:b0:ab:4c:a5:d6:cd:f4:6e:20:5b:11:fc:65:
         44:25:c2:11:18:df:b2:80:89:22:fa:1b:d6:7f:35:66:02:14:
         cf:8a:b9:e2:f8:07:d9:a8:e0:1b:91:f0:8e:7d:c6:95:c5:58:
         56:7b:bd:58:7e:76:9c:20:de:43:fd:27:29:2b:b4:77:38:f2:
         48:d8:d8:c4:ff:d9:d0:5a:96:69:1a:16:78:0e:11:f6:f8:50:
         29:ad:44:2f:81:d7:14:b1:05:b5:c0:fc:a5:5f:a1:bb:70:68:
         f5:90:51:68:c0:05:ca:29:1c:5b:12:16:31:32:f7:fc:a7:0b:
         f3:fd:4d:36:48:83:c6:e5:87:1c:82:e4:7d:47:89:3c:07:97:
         a1:30:32:04
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFhMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MjUxNzI5NDNaFw0yNjA0MjUxNzI5NDNaMBgxFjAU
BgNVBAMTDTY2MmE5MzBiLTU3ZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCmiM/UGWbD/mseiCRQC9+SmO+lE9g6oepoXwONSyM+nSOx6CKpzJ9dvUSO
GycJs7CHKO8GHbTgX0uepLgprM8xTYq8KvIF7kQgQPq+PikmZLEqeZpHjYGTTnuO
amMNUL/nPfZ1N+GzVnpUH3FMdrXUXUzq77VasjpRQ1SIp+kjDGNiBRnCHISALAE4
9UM+h9+oWy9/uSRtbOrDZMSZDZ9H03RMUBkOpXlpL7/qggLUiVdKMFJTAq52v7Xa
ASRsDV3wBhO9d2I02G+SQoIyNLaD0V5Zv1FcthAHnZCjcS+uSyqa/mcela8q3132
yIcCSo86OCHA4ximTqDG7zFRVsCJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0YQF
ojqNy2x7XrezM3nM5XovbU0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzY5NTYwMTBFMDMyOTExRUZBN0ZGN0IyNjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPAwDQYJKoZIhvcNAQEL
BQADggEBAAqFsrCPp5bip5Jbiz8EXs50Hzg9sXtZVKdqXPNOpLtWpCqT2xvFWo+1
ZVm6hHWP0NQAYUl9KmNcg2Q3hJIZmEhLo1C3ZTu0qKy9gFACvEGhp6lsAk99oNXL
qT7SDW6xijLnJpNOEA8oJwXeB8V1Mt3SsKtMpdbN9G4gWxH8ZUQlwhEY37KAiSL6
G9Z/NWYCFM+KueL4B9mo4BuR8I59xpXFWFZ7vVh+dpwg3kP9JykrtHc48kjY2MT/
2dBalmkaFngOEfb4UCmtRC+B1xSxBbXA/KVfobtwaPWQUWjABcopHFsSFjEy9/yn
C/P9TTZIg8blhxyC5H1HiTwHl6EwMgQ=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org