Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7D6EA438296D11EFAA5F46087DDC24C2.roa
File:                     7D6EA438296D11EFAA5F46087DDC24C2.roa (raw, json)
Hash identifier:          AyPr6NvMtKjrk+eDY+icCfOVvR+0lO3xSWJRfnpixkM=
Subject key identifier:   CD:CF:1E:C5:48:10:39:61:57:7C:62:A2:60:FC:A1:53:6A:2C:38:D7
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       16E2
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7D6EA438296D11EFAA5F46087DDC24C2.roa
Signing time:             Thu 13 Jun 2024 10:12:50 +0000
ROA not before:           Thu 13 Jun 2024 10:12:47 +0000
ROA not after:            Sat 13 Jun 2026 10:12:47 +0000
asID:                     834
IP address blocks:        154.16.5.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 20 Oct 2024 00:05:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5858 (0x16e2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun 13 10:12:47 2024 GMT
            Not After : Jun 13 10:12:47 2026 GMT
        Subject: CN=666ac622-aea5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:74:7a:74:6b:75:95:8f:5b:7a:9d:08:74:c8:
                    2c:9b:f6:2a:b6:40:8c:09:a6:02:97:c9:7f:6c:da:
                    67:c6:bc:85:7b:40:b5:d7:0e:52:6d:f3:88:cf:35:
                    c4:09:44:44:cf:25:69:1a:16:4a:28:74:9c:b7:5f:
                    a5:e7:62:7f:85:89:b6:64:5e:9a:4c:4e:01:67:ec:
                    c4:b8:27:b1:6c:2c:22:76:96:aa:62:9b:a9:7e:f4:
                    29:b7:45:f6:6e:1e:92:52:26:17:27:e9:8a:53:30:
                    79:54:22:2b:17:a1:d7:2a:e2:ff:55:b8:92:c7:3b:
                    c8:d4:ca:f0:48:42:0d:9f:50:9f:9f:99:0a:8d:d0:
                    2e:95:85:9d:a5:98:fd:92:c5:cb:f7:4e:2a:92:0b:
                    08:23:ff:49:75:a5:c7:4e:d3:46:a5:f7:91:c4:bf:
                    ec:33:bf:9f:22:e8:f2:d5:4b:1c:78:fb:07:b5:7f:
                    81:82:7d:ae:e7:b1:28:de:3b:94:5f:3c:c8:3d:47:
                    45:93:93:b0:7d:27:53:60:bf:36:33:39:c6:1d:31:
                    04:82:28:18:7f:5d:de:22:21:74:8e:b0:3c:c6:32:
                    ff:56:ab:61:c1:61:45:66:95:92:08:4b:7f:07:78:
                    b9:21:db:8c:5e:81:56:ce:c5:e7:7c:c1:0c:72:77:
                    04:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:CF:1E:C5:48:10:39:61:57:7C:62:A2:60:FC:A1:53:6A:2C:38:D7
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7D6EA438296D11EFAA5F46087DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:ca:aa:a0:57:19:7a:b2:ae:1e:f1:3f:88:14:8e:b0:c7:46:
         33:22:f4:ce:e2:87:a1:9f:aa:77:13:3b:b4:7a:9d:21:9c:8b:
         71:08:73:ad:9b:3a:95:e8:91:9c:09:21:86:27:04:09:aa:70:
         68:d1:fd:dc:24:ff:12:bf:d8:54:78:3e:d0:64:bf:c2:0e:9d:
         55:fd:43:c3:c5:a5:e7:35:9e:47:23:4f:f0:1a:e9:9b:35:69:
         a9:ed:8a:91:49:aa:5e:41:c3:1d:bd:5d:9d:26:6c:d9:4d:60:
         b3:16:29:c9:d0:b7:83:3b:44:c1:f6:f8:8c:e8:46:4b:6f:82:
         5d:04:10:d5:43:b9:f6:84:c1:f3:24:98:a0:7e:71:82:95:ed:
         8e:79:87:c8:6b:74:b7:fc:c9:d0:e6:ec:29:17:95:7d:0c:a3:
         aa:65:f2:8f:7d:54:87:3e:0c:5f:89:98:35:74:ce:6e:36:19:
         35:9b:f8:f7:b3:15:89:ab:2c:ad:d4:b5:27:0a:cb:45:2f:5f:
         b3:e3:d2:55:2a:2e:1b:be:7f:4e:bd:bc:fa:98:fb:11:3a:aa:
         88:cb:20:79:37:a0:1f:e0:5b:a3:77:af:38:ae:0b:69:61:7c:
         b6:08:e2:25:fc:82:90:e1:26:2f:11:76:8d:bb:c4:49:f9:04:
         15:93:19:36
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFuIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA2MTMxMDEyNDdaFw0yNjA2MTMxMDEyNDdaMBgxFjAU
BgNVBAMTDTY2NmFjNjIyLWFlYTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjdHp0a3WVj1t6nQh0yCyb9iq2QIwJpgKXyX9s2mfGvIV7QLXXDlJt84jP
NcQJRETPJWkaFkoodJy3X6XnYn+FibZkXppMTgFn7MS4J7FsLCJ2lqpim6l+9Cm3
RfZuHpJSJhcn6YpTMHlUIisXodcq4v9VuJLHO8jUyvBIQg2fUJ+fmQqN0C6VhZ2l
mP2Sxcv3TiqSCwgj/0l1pcdO00al95HEv+wzv58i6PLVSxx4+we1f4GCfa7nsSje
O5RfPMg9R0WTk7B9J1NgvzYzOcYdMQSCKBh/Xd4iIXSOsDzGMv9Wq2HBYUVmlZII
S38HeLkh24xegVbOxed8wQxydwT7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzc8e
xUgQOWFXfGKiYPyhU2osONcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzdENkVBNDM4Mjk2RDExRUZBQTVGNDYwODdEREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAUwDQYJKoZIhvcNAQEL
BQADggEBAJXKqqBXGXqyrh7xP4gUjrDHRjMi9M7ih6GfqncTO7R6nSGci3EIc62b
OpXokZwJIYYnBAmqcGjR/dwk/xK/2FR4PtBkv8IOnVX9Q8PFpec1nkcjT/Aa6Zs1
aantipFJql5Bwx29XZ0mbNlNYLMWKcnQt4M7RMH2+IzoRktvgl0EENVDufaEwfMk
mKB+cYKV7Y55h8hrdLf8ydDm7CkXlX0Mo6pl8o99VIc+DF+JmDV0zm42GTWb+Pez
FYmrLK3UtScKy0UvX7Pj0lUqLhu+f069vPqY+xE6qojLIHk3oB/gW6N3rziuC2lh
fLYI4iX8gpDhJi8Rdo27xEn5BBWTGTY=
-----END CERTIFICATE-----
Generated at Fri Oct 18 01:39:27 2024 by rpki-client on console-fra.rpki-client.org