Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7B6C3E4AD54C11EE8CB17193775412E6.roa
File:                     7B6C3E4AD54C11EE8CB17193775412E6.roa (raw, json)
Hash identifier:          1hT9MxAXd+0dHT5UQs394NXDxC+WYRVeg3kdvA3rpg8=
Subject key identifier:   13:7B:AB:C8:E6:ED:84:7C:80:8A:4B:3F:15:AC:9D:B3:B8:67:4F:23
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1508
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7B6C3E4AD54C11EE8CB17193775412E6.roa
Signing time:             Tue 27 Feb 2024 08:44:56 +0000
ROA not before:           Tue 27 Feb 2024 08:44:53 +0000
ROA not after:            Fri 27 Feb 2026 08:44:53 +0000
asID:                     201341
IP address blocks:        154.16.107.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5384 (0x1508)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 08:44:53 2024 GMT
            Not After : Feb 27 08:44:53 2026 GMT
        Subject: CN=65dda108-057f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f9:85:b8:ae:73:25:e1:79:ae:44:ff:1d:b5:
                    6d:99:2f:e4:48:d7:8e:30:0e:77:84:6d:c5:02:a2:
                    62:23:c9:70:5a:57:67:91:44:42:6d:05:0e:85:57:
                    3f:a0:d3:40:de:30:15:99:94:1f:bb:50:65:67:d3:
                    76:62:ef:ef:1d:42:64:ad:66:5a:63:11:6d:b7:d7:
                    8e:26:21:2e:92:d5:dc:07:62:77:46:8d:31:28:9c:
                    cc:da:e0:4b:5b:3a:a9:a2:a0:81:54:c7:98:6a:07:
                    ca:b8:0e:95:af:8b:b8:51:9a:35:f3:5b:83:9f:eb:
                    97:78:d3:be:6d:09:12:54:57:0a:c7:b7:02:87:7d:
                    ba:e6:c9:5f:d7:c6:b7:49:af:51:5b:cb:aa:b7:81:
                    f8:5b:fe:60:4a:6a:a9:72:b0:6b:a7:79:c4:30:65:
                    5b:4d:b9:52:f5:85:54:23:8a:0d:48:db:05:2f:9a:
                    d7:b4:0e:ed:ed:1b:fc:3c:6e:b9:44:94:fc:53:0d:
                    29:45:07:64:85:51:07:1a:76:ac:c4:ec:27:43:6d:
                    3e:05:68:41:4a:26:be:4b:bb:eb:c6:fc:a2:6e:d7:
                    44:be:2a:93:4d:c0:8f:3b:b0:25:47:37:23:78:d4:
                    5f:15:5a:21:6e:31:e1:fb:36:f1:d6:35:68:24:a2:
                    f2:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:7B:AB:C8:E6:ED:84:7C:80:8A:4B:3F:15:AC:9D:B3:B8:67:4F:23
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7B6C3E4AD54C11EE8CB17193775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:86:5f:30:d0:a2:e6:24:4e:8d:ae:17:3b:03:ff:48:7c:42:
         31:4b:1b:87:f8:d4:2e:08:74:49:87:f6:22:79:a8:66:b0:4a:
         a4:ff:7f:e0:db:ee:e9:06:2d:e4:19:4d:9e:fe:b6:7f:95:d4:
         03:b3:06:9d:a1:cb:fb:0f:5a:79:96:29:b5:0a:38:28:7b:ea:
         44:22:f5:ba:c4:8d:3f:76:47:44:a1:1f:d8:cd:37:56:ec:54:
         6e:aa:e7:0d:45:d5:c5:d6:eb:c7:76:a5:e7:b2:fc:52:c1:79:
         88:76:9a:e3:42:88:8a:7d:1e:c0:bc:52:54:26:8d:39:d1:4b:
         9e:97:42:91:e3:4b:a2:12:be:31:18:a1:df:6b:c4:aa:aa:48:
         0f:18:28:12:99:69:b1:01:66:df:15:43:cf:14:7a:25:5a:81:
         ba:f8:4b:ef:31:73:8b:0e:ba:1a:5f:dd:da:1c:c9:78:a0:d9:
         af:dc:34:04:3a:d1:fc:24:7d:7c:63:62:32:4d:e9:68:1c:98:
         ba:11:c3:49:4f:e7:0a:03:f6:fb:4b:ff:b0:b7:46:3a:21:85:
         57:64:83:09:11:ea:b6:7a:28:de:4f:a2:81:df:86:97:a0:4f:
         e6:3d:d1:d7:42:5f:5f:15:cf:ee:7c:ca:52:e1:db:a7:9c:68:
         15:0a:45:9a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFQgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwODQ0NTNaFw0yNjAyMjcwODQ0NTNaMBgxFjAU
BgNVBAMTDTY1ZGRhMTA4LTA1N2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCx+YW4rnMl4XmuRP8dtW2ZL+RI144wDneEbcUComIjyXBaV2eRREJtBQ6F
Vz+g00DeMBWZlB+7UGVn03Zi7+8dQmStZlpjEW23144mIS6S1dwHYndGjTEonMza
4EtbOqmioIFUx5hqB8q4DpWvi7hRmjXzW4Of65d4075tCRJUVwrHtwKHfbrmyV/X
xrdJr1Fby6q3gfhb/mBKaqlysGunecQwZVtNuVL1hVQjig1I2wUvmte0Du3tG/w8
brlElPxTDSlFB2SFUQcadqzE7CdDbT4FaEFKJr5Lu+vG/KJu10S+KpNNwI87sCVH
NyN41F8VWiFuMeH7NvHWNWgkovKhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUE3ur
yObthHyAiks/Fayds7hnTyMwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzdCNkMzRTRBRDU0QzExRUU4Q0IxNzE5Mzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGswDQYJKoZIhvcNAQEL
BQADggEBAJ2GXzDQouYkTo2uFzsD/0h8QjFLG4f41C4IdEmH9iJ5qGawSqT/f+Db
7ukGLeQZTZ7+tn+V1AOzBp2hy/sPWnmWKbUKOCh76kQi9brEjT92R0ShH9jNN1bs
VG6q5w1F1cXW68d2peey/FLBeYh2muNCiIp9HsC8UlQmjTnRS56XQpHjS6ISvjEY
od9rxKqqSA8YKBKZabEBZt8VQ88UeiVagbr4S+8xc4sOuhpf3docyXig2a/cNAQ6
0fwkfXxjYjJN6WgcmLoRw0lP5woD9vtL/7C3RjohhVdkgwkR6rZ6KN5PooHfhpeg
T+Y90ddCX18Vz+58ylLh26ecaBUKRZo=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org