Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/831E55F82C8E11EF9D3F833C7DDC24C2.roa
File:                     831E55F82C8E11EF9D3F833C7DDC24C2.roa (raw, json)
Hash identifier:          +K3wKLLjd25UXkUf2FG00OxjlfW1DxXevk47R8OMPfE=
Subject key identifier:   B1:08:DE:11:8D:89:7F:01:D4:68:39:EC:6F:44:AC:B7:E7:6C:79:0B
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       16F6
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/831E55F82C8E11EF9D3F833C7DDC24C2.roa
Signing time:             Mon 17 Jun 2024 09:46:47 +0000
ROA not before:           Mon 17 Jun 2024 09:46:43 +0000
ROA not after:            Wed 17 Jun 2026 09:46:43 +0000
asID:                     834
IP address blocks:        154.16.9.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5878 (0x16f6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun 17 09:46:43 2024 GMT
            Not After : Jun 17 09:46:43 2026 GMT
        Subject: CN=66700607-ec2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:5f:f4:f7:50:3d:d8:39:4f:aa:af:cf:7d:76:
                    a7:fa:38:3b:bc:65:1e:91:ab:74:a1:bc:a8:c4:fc:
                    e7:c3:5e:8c:98:32:ba:02:ae:99:2c:f7:e5:ea:80:
                    27:43:14:0a:03:37:2f:6b:03:e6:82:f6:bd:73:02:
                    92:a0:98:8b:48:e4:6f:60:a2:48:17:57:0f:dc:63:
                    6c:72:05:52:9e:c9:f0:95:5e:91:57:6c:d3:74:f7:
                    0a:52:66:bd:9f:1f:98:b7:d1:e3:90:20:8c:bb:9d:
                    4c:14:e5:ac:17:df:0a:1c:24:85:77:d2:17:2c:0f:
                    32:29:bd:3f:84:36:02:41:19:54:c5:ba:c3:c3:70:
                    15:55:3b:99:28:2d:65:73:c1:7d:a0:6d:bc:f2:92:
                    60:6a:5b:76:d4:2a:c3:8e:64:59:b2:94:73:e9:d2:
                    05:7e:a2:c9:68:98:53:ac:4a:2b:44:a3:00:ed:28:
                    99:e9:38:3f:d3:6f:d4:f8:3a:64:13:9a:09:93:5a:
                    7a:af:8a:59:75:25:98:6e:3c:4c:c5:42:1a:5a:32:
                    d6:84:72:a2:18:57:fb:7c:52:1f:35:ce:7a:79:b9:
                    92:e0:a5:fd:ef:ef:3f:50:1c:b2:06:a8:c3:4e:c7:
                    b1:87:89:f5:c1:ea:bf:84:eb:63:3e:78:47:d6:5b:
                    dd:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:08:DE:11:8D:89:7F:01:D4:68:39:EC:6F:44:AC:B7:E7:6C:79:0B
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/831E55F82C8E11EF9D3F833C7DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:a4:c0:b1:1d:ec:37:b9:aa:7f:90:55:6e:47:05:fe:5e:b9:
         7e:39:20:e6:e5:e3:3b:a3:0f:39:e0:9d:b2:50:5a:b4:0f:d2:
         f6:f0:91:11:d8:7a:1b:53:45:b1:90:ab:3a:3c:dc:c8:4f:18:
         bc:97:cb:df:87:4c:0f:c8:48:eb:a6:4c:cd:fa:a7:6f:c6:d7:
         48:fe:4b:3b:48:1a:ca:e9:d3:e5:13:16:47:04:3d:71:a3:e7:
         b1:ac:78:0e:86:f3:aa:02:4d:9e:8e:3c:fd:be:9e:01:01:5a:
         18:8c:28:26:e7:31:84:12:b3:2a:fb:5c:0e:79:c4:0c:4a:db:
         59:be:c7:0b:5e:7f:04:02:ca:54:54:56:74:db:25:63:72:99:
         22:ef:45:09:da:2e:ec:44:cd:0a:0a:51:20:7f:e0:f8:68:89:
         88:7e:bc:d4:33:45:bd:03:ad:82:2b:b0:95:e8:3e:f9:f1:4d:
         02:82:71:74:cd:aa:8f:cc:03:55:ba:ef:02:7f:96:de:92:00:
         9d:3f:1a:0b:e7:31:3b:be:0c:03:51:1e:7d:30:d0:65:d4:f8:
         0b:c9:f0:6e:d1:e4:11:b9:24:f3:c6:74:bb:6a:23:97:dd:e3:
         bd:22:3b:50:91:b5:d2:de:bc:fe:0d:88:d9:80:d7:c0:3e:43:
         36:31:78:1a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFvYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA2MTcwOTQ2NDNaFw0yNjA2MTcwOTQ2NDNaMBgxFjAU
BgNVBAMTDTY2NzAwNjA3LWVjMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDZX/T3UD3YOU+qr899dqf6ODu8ZR6Rq3ShvKjE/OfDXoyYMroCrpks9+Xq
gCdDFAoDNy9rA+aC9r1zApKgmItI5G9gokgXVw/cY2xyBVKeyfCVXpFXbNN09wpS
Zr2fH5i30eOQIIy7nUwU5awX3wocJIV30hcsDzIpvT+ENgJBGVTFusPDcBVVO5ko
LWVzwX2gbbzykmBqW3bUKsOOZFmylHPp0gV+oslomFOsSitEowDtKJnpOD/Tb9T4
OmQTmgmTWnqvill1JZhuPEzFQhpaMtaEcqIYV/t8Uh81znp5uZLgpf3v7z9QHLIG
qMNOx7GHifXB6r+E62M+eEfWW92ZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUsQje
EY2JfwHUaDnsb0Sst+dseQswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzgzMUU1NUY4MkM4RTExRUY5RDNGODMzQzdEREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAkwDQYJKoZIhvcNAQEL
BQADggEBAAWkwLEd7De5qn+QVW5HBf5euX45IObl4zujDzngnbJQWrQP0vbwkRHY
ehtTRbGQqzo83MhPGLyXy9+HTA/ISOumTM36p2/G10j+SztIGsrp0+UTFkcEPXGj
57GseA6G86oCTZ6OPP2+ngEBWhiMKCbnMYQSsyr7XA55xAxK21m+xwtefwQCylRU
VnTbJWNymSLvRQnaLuxEzQoKUSB/4PhoiYh+vNQzRb0DrYIrsJXoPvnxTQKCcXTN
qo/MA1W67wJ/lt6SAJ0/GgvnMTu+DANRHn0w0GXU+AvJ8G7R5BG5JPPGdLtqI5fd
470iO1CRtdLevP4NiNmA18A+QzYxeBo=
-----END CERTIFICATE-----
Generated at Sun Jul 14 02:50:29 2024 by rpki-client on console-ams.rpki-client.org