Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6AE54DC8B69411EDA01633BEF1222468.roa
File:                     6AE54DC8B69411EDA01633BEF1222468.roa (raw, json)
Hash identifier:          /6gHGxQ8fdHySmxRohM1YM2c26iQwywS1SMhaOPmNSY=
Subject key identifier:   8F:43:19:C3:06:FA:DC:B7:99:D6:62:24:71:B1:06:A5:DF:86:EF:74
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0C61
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6AE54DC8B69411EDA01633BEF1222468.roa
Signing time:             Mon 27 Feb 2023 11:46:48 +0000
ROA not before:           Mon 27 Feb 2023 11:46:45 +0000
ROA not after:            Thu 27 Feb 2025 11:46:45 +0000
asID:                     61317
IP address blocks:        154.16.108.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3169 (0xc61)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 11:46:45 2023 GMT
            Not After : Feb 27 11:46:45 2025 GMT
        Subject: CN=63fc9828-7d8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fe:b4:e3:98:21:5e:76:44:2d:2d:dd:b4:d3:
                    45:51:85:5c:0c:e9:06:75:71:77:20:df:ab:fe:47:
                    3f:21:b2:d0:b8:8a:48:12:6e:73:fb:5f:5c:be:1c:
                    08:e2:2d:9c:01:c2:1c:44:9e:3d:96:ce:02:fd:52:
                    ff:5b:9c:40:b5:95:d5:95:a8:be:fa:97:5c:09:0c:
                    64:b0:b6:c8:1d:3f:0c:ef:7c:91:35:f1:e6:05:08:
                    02:60:43:fc:f9:8b:1f:e3:7c:c1:10:a2:b0:44:47:
                    dd:1e:03:48:b3:a2:12:43:76:48:4c:55:da:dd:59:
                    7b:6e:46:83:96:a8:59:cb:52:5c:21:31:58:ec:94:
                    2e:22:b6:ed:84:b0:1a:d9:61:a9:f7:f6:04:7c:40:
                    3a:8a:d0:fd:3e:f2:90:d7:97:5c:e5:9c:4f:bf:62:
                    2c:c5:11:4f:74:5c:cd:35:30:4e:54:1e:7c:21:4b:
                    7f:9b:fd:9e:9e:31:c3:b3:2b:74:7f:fb:3a:4a:52:
                    6f:5e:30:39:05:60:bd:e7:f5:6b:f7:f5:4b:a3:7a:
                    28:d1:0c:63:01:8d:ee:19:2d:36:b8:73:3a:23:8e:
                    21:4f:3a:72:3e:7f:5f:76:37:00:d8:c6:74:70:5d:
                    25:e1:b8:5b:04:e8:e4:ab:57:3f:53:bc:3d:a1:18:
                    f9:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:43:19:C3:06:FA:DC:B7:99:D6:62:24:71:B1:06:A5:DF:86:EF:74
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6AE54DC8B69411EDA01633BEF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:aa:cc:da:43:da:e8:55:e4:0a:b0:dc:65:84:16:1b:db:44:
         b9:04:f2:87:b7:fe:4f:d8:9c:be:98:cd:df:ff:41:1d:a9:d4:
         20:9e:1a:36:36:e3:57:20:70:72:39:e0:25:71:58:77:dd:47:
         f7:1e:2d:71:2e:4d:00:68:37:03:93:48:c6:8b:f2:17:93:c1:
         13:86:c0:74:54:41:b5:7c:1f:3e:d7:6d:88:95:52:87:45:60:
         b6:c8:04:ff:ee:a3:61:7a:2b:25:18:49:dc:c3:dc:28:ab:86:
         0c:05:b6:e8:7e:57:92:a0:14:fd:75:28:08:dd:1b:a5:c0:22:
         e5:05:a0:20:c7:50:b3:ab:c2:7a:25:6b:34:58:54:9a:d6:3a:
         ce:41:ed:dc:65:80:44:54:43:04:c9:86:76:14:65:42:47:ff:
         9f:ce:94:9a:67:62:17:af:e4:e0:4f:fc:d7:ab:39:d8:23:37:
         06:a5:cf:c4:d6:78:8f:2a:ac:64:c3:53:c2:e6:ed:e1:e1:66:
         4b:76:f3:cc:f7:5e:a7:bb:8b:0b:37:53:d3:4a:06:2f:ad:4d:
         6f:84:a3:08:bb:33:ee:3a:9f:28:24:ee:b7:fe:9d:1b:dc:83:
         94:cc:ce:46:5a:5f:48:e6:e3:20:b5:f9:da:fd:47:f0:4e:0f:
         63:17:b0:f3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDGEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjcxMTQ2NDVaFw0yNTAyMjcxMTQ2NDVaMBgxFjAU
BgNVBAMMDTYzZmM5ODI4LTdkOGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3/rTjmCFedkQtLd2000VRhVwM6QZ1cXcg36v+Rz8hstC4ikgSbnP7X1y+
HAjiLZwBwhxEnj2WzgL9Uv9bnEC1ldWVqL76l1wJDGSwtsgdPwzvfJE18eYFCAJg
Q/z5ix/jfMEQorBER90eA0izohJDdkhMVdrdWXtuRoOWqFnLUlwhMVjslC4itu2E
sBrZYan39gR8QDqK0P0+8pDXl1zlnE+/YizFEU90XM01ME5UHnwhS3+b/Z6eMcOz
K3R/+zpKUm9eMDkFYL3n9Wv39UujeijRDGMBje4ZLTa4czojjiFPOnI+f192NwDY
xnRwXSXhuFsE6OSrVz9TvD2hGPlZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUj0MZ
wwb63LeZ1mIkcbEGpd+G73QwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzZBRTU0REM4QjY5NDExRURBMDE2MzNCRUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGwwDQYJKoZIhvcNAQEL
BQADggEBAH2qzNpD2uhV5Aqw3GWEFhvbRLkE8oe3/k/YnL6Yzd//QR2p1CCeGjY2
41cgcHI54CVxWHfdR/ceLXEuTQBoNwOTSMaL8heTwROGwHRUQbV8Hz7XbYiVUodF
YLbIBP/uo2F6KyUYSdzD3CirhgwFtuh+V5KgFP11KAjdG6XAIuUFoCDHULOrwnol
azRYVJrWOs5B7dxlgERUQwTJhnYUZUJH/5/OlJpnYhev5OBP/NerOdgjNwalz8TW
eI8qrGTDU8Lm7eHhZkt288z3Xqe7iws3U9NKBi+tTW+Eowi7M+46nygk7rf+nRvc
g5TMzkZaX0jm4yC1+dr9R/BOD2MXsPM=
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:17 2024 by rpki-client on console-fra.rpki-client.org