Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/824C05A88B8511EE8BA339184AD9E6FC.roa
File:                     824C05A88B8511EE8BA339184AD9E6FC.roa (raw, json)
Hash identifier:          KL3ULzW8grafIXs7xXBi5LVgkx8gA5E7e4tnXGoKlck=
Subject key identifier:   EA:02:10:51:C8:FA:B9:DE:21:35:5B:BA:3B:BB:3C:53:A6:F7:4A:65
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1363
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/824C05A88B8511EE8BA339184AD9E6FC.roa
Signing time:             Sat 25 Nov 2023 11:26:43 +0000
ROA not before:           Sat 25 Nov 2023 11:26:40 +0000
ROA not after:            Tue 25 Nov 2025 11:26:40 +0000
asID:                     212238
IP address blocks:        154.16.39.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4963 (0x1363)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 25 11:26:40 2023 GMT
            Not After : Nov 25 11:26:40 2025 GMT
        Subject: CN=6561d9f3-d52e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:4f:29:23:3e:d8:63:ec:d0:cc:99:cc:fa:78:
                    ca:ca:0f:9a:35:4c:5c:9d:f3:a1:71:8e:82:d9:72:
                    ee:eb:d1:34:ef:bd:2f:f0:7d:70:79:ff:37:4f:f4:
                    66:dc:45:2c:49:f1:32:3b:8a:88:f7:f4:94:73:9f:
                    86:ea:ba:ce:8c:77:5f:7f:12:84:88:e5:20:88:30:
                    85:fb:0d:95:d5:1b:98:b3:79:e2:ba:88:08:78:24:
                    09:4f:bd:e7:96:b0:fd:8c:3b:87:38:fa:47:32:f4:
                    bb:d1:5e:a7:47:0e:12:d1:76:63:f9:d7:75:80:59:
                    46:f6:00:95:42:f6:8b:b3:8d:7c:e3:94:a9:d3:ed:
                    47:71:58:76:46:44:60:c4:7c:eb:32:04:bf:ec:6d:
                    1d:87:5b:10:7e:60:01:27:df:1f:37:3b:68:cc:29:
                    b4:31:e4:2f:65:eb:fe:0e:25:56:b0:b9:8d:b6:23:
                    a4:3a:58:5a:1c:f1:2d:26:1b:4d:59:7b:78:7d:93:
                    b6:37:36:3c:ef:2f:31:5f:8b:39:2e:a5:ca:86:c2:
                    5c:b8:78:94:d3:4d:36:14:9a:34:14:38:f9:2e:58:
                    e2:7c:01:95:70:0f:17:ee:34:1a:67:4f:6c:14:e2:
                    eb:63:fd:3d:bc:82:25:1b:f6:eb:ee:74:fc:22:7b:
                    4e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:02:10:51:C8:FA:B9:DE:21:35:5B:BA:3B:BB:3C:53:A6:F7:4A:65
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/824C05A88B8511EE8BA339184AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:bd:8d:66:9e:55:23:04:0c:4f:2a:28:dc:12:0c:3a:6a:60:
         c6:60:f8:51:96:54:c9:ab:42:2f:1f:c1:5f:28:7c:d1:6e:4a:
         fc:b4:43:49:97:67:ab:87:ed:f6:2b:0c:cb:3f:8a:25:f6:80:
         7b:eb:1b:af:ac:fd:3e:a3:6f:24:b4:53:a6:18:7c:04:55:2c:
         b3:6b:98:07:8c:e7:4a:41:bc:1f:69:13:cd:a2:a5:ad:ce:da:
         d8:58:73:5f:3c:f2:8b:fd:b0:67:89:5c:14:0d:a4:0b:fd:d3:
         21:85:df:fb:75:8f:b7:cc:d7:87:ce:4d:5b:86:3b:2e:36:ba:
         48:33:1f:2a:cd:2c:6b:f9:5c:45:5a:07:12:37:e7:6a:eb:a0:
         b4:cd:b8:2f:0b:91:3b:4b:a6:ea:17:f4:75:dd:84:cb:4f:00:
         f3:fb:63:84:e6:ee:ba:70:fd:54:ec:ae:09:7d:f1:f5:25:4c:
         95:2f:c8:e7:10:1f:8f:83:fb:10:5d:b9:4a:40:03:f0:dc:1b:
         8a:38:a1:62:01:5d:7a:54:c5:5c:0a:4c:1f:df:5f:ce:fa:95:
         fb:d5:d0:3e:bc:90:08:2d:ed:10:d1:7f:28:10:8b:1e:42:51:
         aa:37:27:56:0c:46:47:23:a9:05:70:ed:c0:a1:2b:78:f2:a2:
         6f:30:fd:5c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE2MwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTI2NDBaFw0yNTExMjUxMTI2NDBaMBgxFjAU
BgNVBAMTDTY1NjFkOWYzLWQ1MmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDATykjPthj7NDMmcz6eMrKD5o1TFyd86FxjoLZcu7r0TTvvS/wfXB5/zdP
9GbcRSxJ8TI7ioj39JRzn4bqus6Md19/EoSI5SCIMIX7DZXVG5izeeK6iAh4JAlP
veeWsP2MO4c4+kcy9LvRXqdHDhLRdmP513WAWUb2AJVC9ouzjXzjlKnT7UdxWHZG
RGDEfOsyBL/sbR2HWxB+YAEn3x83O2jMKbQx5C9l6/4OJVawuY22I6Q6WFoc8S0m
G01Ze3h9k7Y3NjzvLzFfizkupcqGwly4eJTTTTYUmjQUOPkuWOJ8AZVwDxfuNBpn
T2wU4utj/T28giUb9uvudPwie04HAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6gIQ
Ucj6ud4hNVu6O7s8U6b3SmUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzgyNEMwNUE4OEI4NTExRUU4QkEzMzkxODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECcwDQYJKoZIhvcNAQEL
BQADggEBAKi9jWaeVSMEDE8qKNwSDDpqYMZg+FGWVMmrQi8fwV8ofNFuSvy0Q0mX
Z6uH7fYrDMs/iiX2gHvrG6+s/T6jbyS0U6YYfARVLLNrmAeM50pBvB9pE82ipa3O
2thYc1888ov9sGeJXBQNpAv90yGF3/t1j7fM14fOTVuGOy42ukgzHyrNLGv5XEVa
BxI352rroLTNuC8LkTtLpuoX9HXdhMtPAPP7Y4Tm7rpw/VTsrgl98fUlTJUvyOcQ
H4+D+xBduUpAA/DcG4o4oWIBXXpUxVwKTB/fX876lfvV0D68kAgt7RDRfygQix5C
Uao3J1YMRkcjqQVw7cChK3jyom8w/Vw=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:04 2024 by rpki-client on console-fra.rpki-client.org