Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7C6FB7BEF9A511EDB869BA3D4AD9E6FC.roa
File:                     7C6FB7BEF9A511EDB869BA3D4AD9E6FC.roa (raw, json)
Hash identifier:          t5qoMx7mkZFM+wsZFK17DYo5Jaq8/J5EwKldH6U76qI=
Subject key identifier:   63:C5:88:06:29:88:6B:56:AE:24:AB:2F:91:D9:E5:1B:5E:1E:84:65
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0DD1
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7C6FB7BEF9A511EDB869BA3D4AD9E6FC.roa
Signing time:             Tue 23 May 2023 20:07:47 +0000
ROA not before:           Tue 23 May 2023 20:07:42 +0000
ROA not after:            Fri 23 May 2025 20:07:42 +0000
asID:                     46337
IP address blocks:        154.16.112.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3537 (0xdd1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 23 20:07:42 2023 GMT
            Not After : May 23 20:07:42 2025 GMT
        Subject: CN=646d1d13-b22a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:2c:46:b7:ef:58:dc:9b:35:b2:91:60:dc:c2:
                    db:5f:4f:7d:00:50:11:7a:18:ca:2b:e3:ad:cf:0c:
                    5b:dd:5c:c1:f8:c1:d5:cd:c8:d4:d4:fc:c8:29:78:
                    e4:e1:63:eb:bf:8e:0a:7b:59:1c:c7:aa:95:db:44:
                    91:cc:81:b5:b3:48:9a:da:1e:ae:65:bc:3b:4a:16:
                    20:34:24:4e:36:3f:06:4a:a9:9f:79:19:ea:f7:85:
                    d0:44:bc:7b:ff:50:be:71:d6:93:94:08:98:f8:ff:
                    70:b9:f4:b4:8b:bc:eb:79:d5:ff:be:37:05:57:1c:
                    e9:1a:a1:52:12:f1:3f:02:d5:84:4a:f1:b6:4d:59:
                    aa:5a:dc:5f:48:f9:c9:80:ab:19:bd:52:7c:a2:c4:
                    15:90:20:ba:9f:86:fb:20:1e:52:11:fd:07:1b:61:
                    84:0b:c7:47:42:a8:2b:d5:f5:e9:a3:d1:be:55:38:
                    c3:ec:bd:37:2c:55:a0:6c:9b:84:82:ab:29:7b:bc:
                    57:43:ab:17:53:3d:af:fc:4c:11:67:28:b3:06:36:
                    eb:36:11:2a:38:9e:04:81:56:06:ac:6e:0a:b2:2d:
                    87:3a:2b:ec:f5:ae:ea:cc:e7:68:76:f1:97:62:c6:
                    99:50:c6:3c:95:12:54:53:06:9f:01:55:92:ed:d7:
                    d9:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:C5:88:06:29:88:6B:56:AE:24:AB:2F:91:D9:E5:1B:5E:1E:84:65
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7C6FB7BEF9A511EDB869BA3D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:fe:6a:6e:4c:64:04:13:cf:87:fd:10:3f:1f:04:6e:49:19:
         45:4b:b6:ce:50:15:69:82:31:fa:02:2f:21:6b:92:2f:5f:da:
         01:f4:7b:a9:34:db:d6:73:25:e9:81:57:b6:59:37:a7:d0:4d:
         b7:2e:65:50:29:09:3d:95:fd:cb:76:24:c5:ff:9e:2f:78:a6:
         46:14:4a:82:46:25:61:66:27:6f:f0:b8:67:46:0c:90:10:94:
         cc:93:45:dd:b2:45:5c:ff:ec:8d:1e:a3:c4:ac:36:af:1d:40:
         57:88:4e:00:6d:9d:23:96:84:91:be:65:9b:19:13:be:ba:5d:
         25:e1:1d:e4:36:a9:8e:c0:0a:f5:71:06:d3:3a:1f:a5:4b:2a:
         0e:ac:86:5d:ef:df:2a:e5:a6:2c:76:39:12:0b:34:9d:b1:ae:
         04:ed:0c:9d:1c:7f:5a:ba:d9:91:63:e3:0d:ab:04:50:1c:bd:
         46:ab:00:9e:b1:3a:f5:bd:d0:27:f4:ae:ca:24:73:9c:88:af:
         d2:2e:24:32:cf:21:ec:91:c2:19:32:dc:26:28:20:04:02:13:
         63:9e:6c:f8:57:ff:2d:0d:bf:eb:60:0c:f5:ac:39:d0:01:7c:
         0b:12:32:49:00:96:64:89:57:f8:98:76:d6:29:37:ff:d9:d0:
         bb:d5:61:a2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDdEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA1MjMyMDA3NDJaFw0yNTA1MjMyMDA3NDJaMBgxFjAU
BgNVBAMTDTY0NmQxZDEzLWIyMmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDiLEa371jcmzWykWDcwttfT30AUBF6GMor463PDFvdXMH4wdXNyNTU/Mgp
eOThY+u/jgp7WRzHqpXbRJHMgbWzSJraHq5lvDtKFiA0JE42PwZKqZ95Ger3hdBE
vHv/UL5x1pOUCJj4/3C59LSLvOt51f++NwVXHOkaoVIS8T8C1YRK8bZNWapa3F9I
+cmAqxm9UnyixBWQILqfhvsgHlIR/QcbYYQLx0dCqCvV9emj0b5VOMPsvTcsVaBs
m4SCqyl7vFdDqxdTPa/8TBFnKLMGNus2ESo4ngSBVgasbgqyLYc6K+z1rurM52h2
8ZdixplQxjyVElRTBp8BVZLt19kXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUY8WI
BimIa1auJKsvkdnlG14ehGUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzdDNkZCN0JFRjlBNTExRURCODY5QkEzRDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHAwDQYJKoZIhvcNAQEL
BQADggEBACL+am5MZAQTz4f9ED8fBG5JGUVLts5QFWmCMfoCLyFrki9f2gH0e6k0
29ZzJemBV7ZZN6fQTbcuZVApCT2V/ct2JMX/ni94pkYUSoJGJWFmJ2/wuGdGDJAQ
lMyTRd2yRVz/7I0eo8SsNq8dQFeITgBtnSOWhJG+ZZsZE766XSXhHeQ2qY7ACvVx
BtM6H6VLKg6shl3v3yrlpix2ORILNJ2xrgTtDJ0cf1q62ZFj4w2rBFAcvUarAJ6x
OvW90Cf0rsokc5yIr9IuJDLPIeyRwhky3CYoIAQCE2OebPhX/y0Nv+tgDPWsOdAB
fAsSMkkAlmSJV/iYdtYpN//Z0LvVYaI=
-----END CERTIFICATE-----
Generated at Mon Nov 25 15:52:40 2024 by rpki-client on console-ams.rpki-client.org