Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8629F722F8CA11EEADEAB71C017001B1.roa
File:                     8629F722F8CA11EEADEAB71C017001B1.roa (raw, json)
Hash identifier:          N31YYCbB3xqALran2u5UkXs4sCafD8vEzU9vSEWpnQs=
Subject key identifier:   F4:94:6A:18:69:30:02:D1:FA:89:6E:97:D8:D1:7F:B4:EE:8B:00:3A
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       15AB
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8629F722F8CA11EEADEAB71C017001B1.roa
Signing time:             Fri 12 Apr 2024 12:45:21 +0000
ROA not before:           Fri 12 Apr 2024 12:45:17 +0000
ROA not after:            Sun 12 Apr 2026 12:45:17 +0000
asID:                     400909
IP address blocks:        154.16.70.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5547 (0x15ab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 12 12:45:17 2024 GMT
            Not After : Apr 12 12:45:17 2026 GMT
        Subject: CN=66192ce1-36eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c1:b7:67:86:a0:53:ab:11:6a:40:96:dd:64:
                    d9:79:d1:33:a7:c5:a3:5e:7f:0f:62:49:3e:5e:45:
                    a0:8c:4b:c7:70:4a:9b:fd:70:5e:65:84:2c:69:65:
                    63:1b:c8:04:5e:b3:94:2c:79:01:c6:91:d8:46:62:
                    0c:19:0a:12:7f:42:f0:19:2b:da:15:47:34:80:df:
                    16:51:53:e0:d2:a3:30:8e:8c:50:66:9e:06:be:11:
                    0b:92:d2:ab:5f:0d:4e:6e:81:92:70:60:11:6e:4b:
                    a1:24:77:1d:ec:2a:76:5b:e7:bd:28:0b:53:2d:0f:
                    b8:db:98:f8:a9:af:17:bd:72:98:f1:c2:48:44:24:
                    08:cf:37:e3:b4:9a:d0:3d:be:e2:6e:26:ed:35:a3:
                    f1:8c:ec:7d:c8:e5:ce:d1:2f:68:90:e8:06:8e:08:
                    3d:02:2c:1a:0f:52:37:5e:2b:09:b3:af:25:cc:78:
                    c1:d1:8f:c3:ea:38:d7:75:c5:06:75:a0:f7:49:15:
                    05:9a:a7:3c:23:01:a0:0e:2c:a9:74:64:ed:c9:df:
                    01:6b:dc:3a:f0:34:a5:54:c9:d4:88:30:1b:06:0e:
                    0c:37:d6:d4:c5:d1:a7:db:63:4e:32:43:0f:13:2c:
                    05:fa:d6:de:64:36:d6:e1:3b:b7:b6:6f:a4:64:ce:
                    e9:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:94:6A:18:69:30:02:D1:FA:89:6E:97:D8:D1:7F:B4:EE:8B:00:3A
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8629F722F8CA11EEADEAB71C017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.70.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a3:2c:b3:9f:aa:f9:1a:15:9a:53:fc:ca:f4:79:88:b5:84:ca:
         5f:0f:1c:18:4b:5a:e2:c5:9e:d4:39:c8:ce:7a:fb:19:da:e9:
         d7:6f:80:f5:88:e3:ff:b0:08:21:dd:f6:16:04:1d:ec:df:3d:
         a2:b7:46:29:3c:93:8f:e3:7b:36:12:72:66:cc:a5:58:0f:6b:
         5e:54:a1:a8:a8:c4:8d:0c:6d:06:83:96:d6:9a:e7:b7:87:5d:
         d8:c9:40:1d:4d:3e:a0:95:dc:2c:0b:32:68:c4:0a:64:2c:2d:
         a3:14:d7:43:e4:13:e6:84:1b:09:69:98:04:f0:25:ef:17:18:
         a4:4a:e4:15:38:df:ad:f5:71:12:42:51:8a:77:21:f2:e8:5f:
         fb:6c:c9:1b:1e:47:46:2b:ad:92:20:7f:53:7e:6d:0d:5c:32:
         ac:f9:1e:2c:ae:e8:f3:de:b6:12:a7:65:54:70:db:c7:d3:26:
         2d:91:df:0b:b4:e6:9b:df:35:75:fa:c8:d2:c7:b8:5d:64:ef:
         d4:ca:da:54:39:e0:39:82:cd:15:2c:34:6e:b6:1c:ff:f9:72:
         60:90:0c:c0:14:57:41:0d:5c:37:87:4b:a2:9b:45:9d:4b:c9:
         52:90:68:3f:62:d8:a3:40:2e:61:5d:8b:26:d4:45:5d:78:44:
         7e:32:50:3d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFaswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MTIxMjQ1MTdaFw0yNjA0MTIxMjQ1MTdaMBgxFjAU
BgNVBAMTDTY2MTkyY2UxLTM2ZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCrwbdnhqBTqxFqQJbdZNl50TOnxaNefw9iST5eRaCMS8dwSpv9cF5lhCxp
ZWMbyARes5QseQHGkdhGYgwZChJ/QvAZK9oVRzSA3xZRU+DSozCOjFBmnga+EQuS
0qtfDU5ugZJwYBFuS6Ekdx3sKnZb570oC1MtD7jbmPiprxe9cpjxwkhEJAjPN+O0
mtA9vuJuJu01o/GM7H3I5c7RL2iQ6AaOCD0CLBoPUjdeKwmzryXMeMHRj8PqONd1
xQZ1oPdJFQWapzwjAaAOLKl0ZO3J3wFr3DrwNKVUydSIMBsGDgw31tTF0afbY04y
Qw8TLAX61t5kNtbhO7e2b6RkzukrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9JRq
GGkwAtH6iW6X2NF/tO6LADowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzg2MjlGNzIyRjhDQTExRUVBREVBQjcxQzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEEYwDQYJKoZIhvcNAQEL
BQADggEBAKMss5+q+RoVmlP8yvR5iLWEyl8PHBhLWuLFntQ5yM56+xna6ddvgPWI
4/+wCCHd9hYEHezfPaK3Rik8k4/jezYScmbMpVgPa15UoaioxI0MbQaDltaa57eH
XdjJQB1NPqCV3CwLMmjECmQsLaMU10PkE+aEGwlpmATwJe8XGKRK5BU43631cRJC
UYp3IfLoX/tsyRseR0YrrZIgf1N+bQ1cMqz5Hiyu6PPethKnZVRw28fTJi2R3wu0
5pvfNXX6yNLHuF1k79TK2lQ54DmCzRUsNG62HP/5cmCQDMAUV0ENXDeHS6KbRZ1L
yVKQaD9i2KNALmFdiybURV14RH4yUD0=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:44 2024 by rpki-client on console-fra.rpki-client.org