Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/71301844D54611EE81E2BD89775412E6.roa
File:                     71301844D54611EE81E2BD89775412E6.roa (raw, json)
Hash identifier:          Nzzu3vQ2XAWDBfFkPnlo7061y9dzoywDTbjQegWZ8jY=
Subject key identifier:   67:A9:AD:ED:25:27:94:89:7B:A4:D6:4A:DC:D2:43:87:BB:C1:21:5C
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       14DE
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/71301844D54611EE81E2BD89775412E6.roa
Signing time:             Tue 27 Feb 2024 08:01:42 +0000
ROA not before:           Tue 27 Feb 2024 08:01:38 +0000
ROA not after:            Fri 27 Feb 2026 08:01:38 +0000
asID:                     201341
IP address blocks:        154.16.23.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5342 (0x14de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 08:01:38 2024 GMT
            Not After : Feb 27 08:01:38 2026 GMT
        Subject: CN=65dd96e6-678b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:67:38:2e:b7:e5:15:0a:fd:d9:26:a6:54:b4:
                    d7:69:c0:ca:35:e6:34:91:95:2f:c5:f9:29:f0:a8:
                    1a:99:a1:50:2d:e4:c0:76:94:f1:8d:74:ec:86:0c:
                    fd:50:14:2b:d8:4c:c7:a9:a5:2e:52:b0:b8:e0:78:
                    74:a1:37:d1:c7:97:79:a4:eb:90:13:63:ba:15:8e:
                    e3:5f:59:87:5b:f6:d7:01:fa:bc:6e:ce:e8:d1:4f:
                    c9:9a:9a:0e:32:9a:40:f6:fe:44:0c:d0:4e:5e:ec:
                    dd:76:b3:db:31:93:86:3f:dd:82:6c:49:d3:a4:7e:
                    6a:2c:e2:08:c6:2e:49:47:6f:09:32:e4:3a:34:1f:
                    12:64:84:eb:5d:81:93:2d:0b:65:24:b0:7f:4e:f2:
                    84:2e:3d:69:c9:11:1a:b2:b5:84:b2:9e:b7:f9:e7:
                    98:bb:65:c0:38:7f:25:4e:b1:11:f7:26:4a:bb:7e:
                    f6:27:10:f9:45:41:79:19:7d:44:98:80:e3:77:66:
                    64:54:75:68:dd:d3:b5:91:03:d3:1f:7b:ba:45:b1:
                    51:65:65:b1:7d:4b:37:59:ec:ab:93:30:bf:60:8b:
                    37:8e:fb:18:ae:f2:b0:ad:86:bc:da:89:b6:6f:50:
                    df:49:ca:78:5d:b3:0e:00:40:94:94:d6:52:49:b1:
                    8a:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:A9:AD:ED:25:27:94:89:7B:A4:D6:4A:DC:D2:43:87:BB:C1:21:5C
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/71301844D54611EE81E2BD89775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:3a:ee:37:2a:58:bc:7a:de:0a:34:14:77:f8:99:d3:40:36:
         2f:b5:90:68:78:50:df:93:d7:ac:44:48:5b:b4:0b:ab:8d:47:
         01:8d:37:68:a6:1d:4d:85:b1:d7:39:e8:6d:82:76:d1:56:a0:
         0c:0c:60:ff:52:b9:55:d9:33:83:89:a6:4a:71:b3:b9:d1:b5:
         04:04:c6:e1:4f:1f:a1:45:23:b7:38:33:74:3d:8f:28:a7:bb:
         4a:07:92:ce:7b:84:3a:67:de:17:06:78:8e:02:10:d2:50:ad:
         53:57:df:9c:2d:23:2e:f3:ca:8e:20:91:0d:e5:a6:a9:04:38:
         0b:16:d7:a2:41:78:c7:41:ad:03:1d:d4:5d:1c:08:f2:9b:46:
         93:51:3a:6b:94:20:aa:84:14:21:c4:a4:e6:c5:60:d8:86:fd:
         71:e5:57:9d:63:21:5b:19:c9:e5:96:9e:82:8a:d1:3e:fd:f6:
         85:7b:17:b4:9c:fd:68:bf:ca:0d:1c:c2:c8:b3:6d:65:4a:91:
         b1:4e:40:c8:00:ea:63:b1:35:f3:6e:50:9e:05:f4:3f:d5:1a:
         dc:bf:0f:a3:4f:4c:43:a9:34:00:96:d7:e0:10:0d:c6:5e:d5:
         f5:41:d1:12:b0:77:8b:db:ca:5c:83:e3:48:cd:ee:98:e0:f1:
         8e:35:62:aa
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFN4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwODAxMzhaFw0yNjAyMjcwODAxMzhaMBgxFjAU
BgNVBAMTDTY1ZGQ5NmU2LTY3OGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD4Zzgut+UVCv3ZJqZUtNdpwMo15jSRlS/F+SnwqBqZoVAt5MB2lPGNdOyG
DP1QFCvYTMeppS5SsLjgeHShN9HHl3mk65ATY7oVjuNfWYdb9tcB+rxuzujRT8ma
mg4ymkD2/kQM0E5e7N12s9sxk4Y/3YJsSdOkfmos4gjGLklHbwky5Do0HxJkhOtd
gZMtC2UksH9O8oQuPWnJERqytYSynrf555i7ZcA4fyVOsRH3Jkq7fvYnEPlFQXkZ
fUSYgON3ZmRUdWjd07WRA9Mfe7pFsVFlZbF9SzdZ7KuTML9gizeO+xiu8rCthrza
ibZvUN9Jynhdsw4AQJSU1lJJsYpDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZ6mt
7SUnlIl7pNZK3NJDh7vBIVwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzcxMzAxODQ0RDU0NjExRUU4MUUyQkQ4OTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBcwDQYJKoZIhvcNAQEL
BQADggEBAGQ67jcqWLx63go0FHf4mdNANi+1kGh4UN+T16xESFu0C6uNRwGNN2im
HU2Fsdc56G2CdtFWoAwMYP9SuVXZM4OJpkpxs7nRtQQExuFPH6FFI7c4M3Q9jyin
u0oHks57hDpn3hcGeI4CENJQrVNX35wtIy7zyo4gkQ3lpqkEOAsW16JBeMdBrQMd
1F0cCPKbRpNROmuUIKqEFCHEpObFYNiG/XHlV51jIVsZyeWWnoKK0T799oV7F7Sc
/Wi/yg0cwsizbWVKkbFOQMgA6mOxNfNuUJ4F9D/VGty/D6NPTEOpNACW1+AQDcZe
1fVB0RKwd4vbylyD40jN7pjg8Y41Yqo=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:44 2024 by rpki-client on console-fra.rpki-client.org