Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/78ECFFC006D411EE9D8750564AD9E6FC.roa
File:                     78ECFFC006D411EE9D8750564AD9E6FC.roa (raw, json)
Hash identifier:          r8Eov97qQFA8/cqfBBF/ChbxwTI8wobgqGjlpDwsN/0=
Subject key identifier:   BE:47:4F:4D:58:85:80:81:1A:4C:BD:D5:87:22:FB:BA:B5:72:F0:B9
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0F11
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/78ECFFC006D411EE9D8750564AD9E6FC.roa
Signing time:             Fri 09 Jun 2023 14:46:53 +0000
ROA not before:           Fri 09 Jun 2023 14:46:48 +0000
ROA not after:            Mon 30 Jun 2025 14:46:48 +0000
asID:                     43350
IP address blocks:        154.16.16.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3857 (0xf11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun  9 14:46:48 2023 GMT
            Not After : Jun 30 14:46:48 2025 GMT
        Subject: CN=64833b5d-ae60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:71:34:85:5f:65:c7:49:8e:4f:92:33:0f:1d:
                    9b:9d:dd:f8:11:0b:ef:0e:a8:18:89:75:bb:54:7c:
                    9b:a3:15:21:c9:cc:a1:84:b3:02:59:52:a0:fe:90:
                    39:c6:d3:8b:0a:0f:7f:e2:0e:db:3d:ae:5a:59:13:
                    81:85:29:5a:61:fa:09:32:7c:87:b4:1e:37:af:53:
                    47:23:8e:15:44:fb:62:df:1a:f3:93:92:fe:41:91:
                    e0:50:12:17:81:92:c3:14:a8:22:b9:a1:30:ee:a3:
                    c6:1b:04:b2:8a:10:65:e4:47:9b:72:fe:45:bf:0b:
                    c2:a7:fa:9c:ba:91:0b:f0:ea:39:f8:24:80:a7:2a:
                    fb:9f:15:45:db:06:d4:91:cc:57:fb:ad:d4:ec:44:
                    ad:e1:7a:f6:03:ea:a9:c8:2f:fe:08:5e:6a:74:7e:
                    13:0f:24:6f:d1:07:bb:49:9b:5b:34:b2:9a:8b:83:
                    b4:f6:1e:47:ea:38:37:91:5f:ab:25:69:fd:75:10:
                    cd:3a:02:d5:c3:04:2a:cf:1a:c0:2f:e3:a6:67:ed:
                    e6:67:36:fc:58:28:d9:7c:d3:0e:29:97:97:3f:dd:
                    2c:cf:38:f1:0f:b4:12:6c:f9:e1:1f:0c:3b:f2:b5:
                    3e:4d:e9:c0:57:e4:2d:81:eb:68:b2:02:55:2f:59:
                    c6:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:47:4F:4D:58:85:80:81:1A:4C:BD:D5:87:22:FB:BA:B5:72:F0:B9
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/78ECFFC006D411EE9D8750564AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:d1:53:ef:d8:a1:ee:f2:64:08:5a:c1:ff:27:a3:ea:42:96:
         10:a2:f9:e7:57:b8:12:f6:c3:e1:4f:c9:c1:b5:c8:ed:0c:80:
         b2:39:f0:a4:40:12:fd:c6:66:d2:ea:11:2a:e7:c5:e5:62:71:
         1b:c2:8a:00:dd:c6:c5:f9:86:31:79:68:f9:c8:d3:8c:5e:77:
         f4:13:0f:e8:33:62:aa:0a:7a:3d:2f:4c:3e:c9:5f:99:c5:d0:
         0b:2c:4a:75:36:f2:d8:f7:6a:60:12:5e:65:1f:74:8f:f4:90:
         0c:bd:cf:8e:53:da:2b:4a:52:b0:c4:bd:4f:dc:17:60:60:f0:
         41:e0:41:d1:68:e4:f0:27:c1:54:39:11:11:d2:e4:07:90:34:
         2a:b2:a1:2c:6b:f4:81:5d:65:d9:58:cd:e7:40:71:94:85:11:
         3c:0b:81:d5:cd:73:0e:dc:3e:c0:99:eb:2a:c5:c8:3c:1e:5a:
         34:ef:1f:21:2b:95:28:01:5b:80:04:c5:a8:81:26:35:95:28:
         b0:05:5d:4f:29:3b:7b:35:8f:50:af:bf:c2:99:df:3a:b4:10:
         62:04:02:f6:af:0b:fd:eb:17:7a:8c:47:c0:83:ee:01:d4:b5:
         33:16:95:da:b8:00:78:a8:8f:44:14:0d:65:e5:cf:70:cc:be:
         da:bc:b6:de
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDxEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MDkxNDQ2NDhaFw0yNTA2MzAxNDQ2NDhaMBgxFjAU
BgNVBAMTDTY0ODMzYjVkLWFlNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAcTSFX2XHSY5PkjMPHZud3fgRC+8OqBiJdbtUfJujFSHJzKGEswJZUqD+
kDnG04sKD3/iDts9rlpZE4GFKVph+gkyfIe0HjevU0cjjhVE+2LfGvOTkv5BkeBQ
EheBksMUqCK5oTDuo8YbBLKKEGXkR5ty/kW/C8Kn+py6kQvw6jn4JICnKvufFUXb
BtSRzFf7rdTsRK3hevYD6qnIL/4IXmp0fhMPJG/RB7tJm1s0spqLg7T2HkfqODeR
X6slaf11EM06AtXDBCrPGsAv46Zn7eZnNvxYKNl80w4pl5c/3SzPOPEPtBJs+eEf
DDvytT5N6cBX5C2B62iyAlUvWcbNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUvkdP
TViFgIEaTL3VhyL7urVy8LkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzc4RUNGRkMwMDZENDExRUU5RDg3NTA1NjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBAwDQYJKoZIhvcNAQEL
BQADggEBAJfRU+/Yoe7yZAhawf8no+pClhCi+edXuBL2w+FPycG1yO0MgLI58KRA
Ev3GZtLqESrnxeVicRvCigDdxsX5hjF5aPnI04xed/QTD+gzYqoKej0vTD7JX5nF
0AssSnU28tj3amASXmUfdI/0kAy9z45T2itKUrDEvU/cF2Bg8EHgQdFo5PAnwVQ5
ERHS5AeQNCqyoSxr9IFdZdlYzedAcZSFETwLgdXNcw7cPsCZ6yrFyDweWjTvHyEr
lSgBW4AExaiBJjWVKLAFXU8pO3s1j1Cvv8KZ3zq0EGIEAvavC/3rF3qMR8CD7gHU
tTMWldq4AHioj0QUDWXlz3DMvtq8tt4=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:32:54 2024 by rpki-client on console-fra.rpki-client.org