Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8679BA8404C711EEA41543154AD9E6FC.roa
File:                     8679BA8404C711EEA41543154AD9E6FC.roa (raw, json)
Hash identifier:          Y6QCIRe61TBuUZyEmN0IWwMgUNbZLsXIKLVeQc/7IeU=
Subject key identifier:   D4:67:55:BE:84:B3:EB:E1:49:99:86:7D:E5:6B:24:32:E4:B3:8F:07
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0EE9
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8679BA8404C711EEA41543154AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 00:09:10 +0000
ROA not before:           Wed 07 Jun 2023 00:00:06 +0000
ROA not after:            Sat 07 Jun 2025 00:00:06 +0000
asID:                     61317
IP address blocks:        154.16.92.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3817 (0xee9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun  7 00:00:06 2023 GMT
            Not After : Jun  7 00:00:06 2025 GMT
        Subject: CN=647fcaa6-77f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:12:ff:c1:7d:2e:1a:3e:be:a7:5c:c2:85:84:
                    95:d8:6d:5a:23:d8:75:a3:3a:9d:4b:22:b3:cb:29:
                    7e:b2:ca:a8:15:cc:4f:08:2b:e9:4c:74:bf:d4:64:
                    70:1a:25:50:f2:d3:e2:de:69:b1:38:e4:8b:d4:e4:
                    8e:5a:71:15:e2:9a:6c:8f:f1:20:80:66:99:a6:30:
                    bc:de:3b:dd:8e:0d:b3:0d:29:e3:17:79:76:a1:e8:
                    80:23:63:6d:39:a1:b5:72:a7:1d:bf:68:95:d8:fe:
                    3f:e2:4f:ef:3d:50:89:d5:38:92:e3:6d:d0:92:69:
                    75:19:29:af:04:d3:b0:c0:f3:5e:44:6b:03:b6:92:
                    50:c9:29:27:77:4a:3a:77:66:92:dc:d2:38:5d:4a:
                    e2:f9:84:7a:0d:c8:1f:bd:c1:37:94:08:53:9c:2b:
                    f0:b1:13:58:84:23:6f:48:63:1e:a4:67:4e:4a:ec:
                    9a:f2:eb:7e:0b:8a:f3:aa:6e:cc:01:94:50:9a:b2:
                    7e:73:4f:ed:ae:5c:c5:72:fd:b1:9d:23:c2:af:ec:
                    cf:a0:97:76:4f:cb:d0:98:43:6d:b8:ad:78:f0:3c:
                    d5:b9:96:42:1c:ea:9b:37:73:93:4c:a1:ee:6a:48:
                    f6:e3:c5:12:89:a8:c6:5d:f4:85:00:b3:97:e3:f1:
                    c3:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:67:55:BE:84:B3:EB:E1:49:99:86:7D:E5:6B:24:32:E4:B3:8F:07
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8679BA8404C711EEA41543154AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:ae:ef:5f:be:61:a1:3e:6c:a5:51:58:65:5d:a7:b8:9a:b6:
         d0:36:5a:37:20:f5:99:1d:e4:7e:06:15:42:d3:72:e5:de:29:
         3a:9c:09:e8:85:30:c1:90:56:e5:a8:a5:9e:2f:b8:b2:50:a8:
         1b:3e:1e:7b:7c:22:fd:42:d8:b3:36:e2:52:0d:fb:69:9d:da:
         09:d7:e2:3d:66:52:50:e4:18:9f:c0:55:d1:f5:9f:40:ee:85:
         67:bd:22:5e:86:c6:79:07:cf:36:84:49:94:1a:e5:e5:da:7e:
         5a:31:97:22:7e:fa:d0:09:c3:2f:3f:4d:92:eb:fa:fb:2e:56:
         07:84:47:62:56:19:f1:61:e3:44:50:4a:29:3c:99:b8:1d:ec:
         0d:f4:45:f8:f2:b1:6b:2c:84:c6:9d:54:1e:ae:72:aa:24:09:
         36:2f:ff:ad:b9:0c:cd:b2:38:6c:0e:eb:f0:56:3d:fb:e8:3b:
         fd:e7:68:7b:1d:1f:94:9f:89:68:7c:2c:6f:cf:87:41:bd:02:
         a1:b1:6c:37:0a:00:d9:64:bf:e0:81:65:f2:49:79:86:15:81:
         94:42:41:2a:71:76:30:2d:32:1d:35:75:1b:26:46:54:74:f0:
         ee:e1:ee:f8:06:1c:6c:92:5e:4d:0e:a8:81:40:37:b2:68:2a:
         28:48:04:93
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDukwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MDcwMDAwMDZaFw0yNTA2MDcwMDAwMDZaMBgxFjAU
BgNVBAMTDTY0N2ZjYWE2LTc3ZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzEv/BfS4aPr6nXMKFhJXYbVoj2HWjOp1LIrPLKX6yyqgVzE8IK+lMdL/U
ZHAaJVDy0+LeabE45IvU5I5acRXimmyP8SCAZpmmMLzeO92ODbMNKeMXeXah6IAj
Y205obVypx2/aJXY/j/iT+89UInVOJLjbdCSaXUZKa8E07DA815EawO2klDJKSd3
Sjp3ZpLc0jhdSuL5hHoNyB+9wTeUCFOcK/CxE1iEI29IYx6kZ05K7Jry634LivOq
bswBlFCasn5zT+2uXMVy/bGdI8Kv7M+gl3ZPy9CYQ224rXjwPNW5lkIc6ps3c5NM
oe5qSPbjxRKJqMZd9IUAs5fj8cNbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU1GdV
voSz6+FJmYZ95WskMuSzjwcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzg2NzlCQTg0MDRDNzExRUVBNDE1NDMxNTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFwwDQYJKoZIhvcNAQEL
BQADggEBAIWu71++YaE+bKVRWGVdp7iattA2Wjcg9Zkd5H4GFULTcuXeKTqcCeiF
MMGQVuWopZ4vuLJQqBs+Hnt8Iv1C2LM24lIN+2md2gnX4j1mUlDkGJ/AVdH1n0Du
hWe9Il6GxnkHzzaESZQa5eXafloxlyJ++tAJwy8/TZLr+vsuVgeER2JWGfFh40RQ
Sik8mbgd7A30RfjysWsshMadVB6ucqokCTYv/625DM2yOGwO6/BWPfvoO/3naHsd
H5SfiWh8LG/Ph0G9AqGxbDcKANlkv+CBZfJJeYYVgZRCQSpxdjAtMh01dRsmRlR0
8O7h7vgGHGySXk0OqIFAN7JoKihIBJM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:27 2024 by rpki-client on console-ams.rpki-client.org