Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8687D192D54A11EEAD7B2690775412E6.roa
File:                     8687D192D54A11EEAD7B2690775412E6.roa (raw, json)
Hash identifier:          6BkS6ZlUJFQRidJx45Q1phoq0LZacwWxTDB8uszwL0c=
Subject key identifier:   07:FB:5D:C2:63:C9:5F:62:80:AD:FA:82:CD:2B:7F:24:55:D8:44:FB
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       14F8
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8687D192D54A11EEAD7B2690775412E6.roa
Signing time:             Tue 27 Feb 2024 08:30:56 +0000
ROA not before:           Tue 27 Feb 2024 08:30:52 +0000
ROA not after:            Fri 27 Feb 2026 08:30:52 +0000
asID:                     201341
IP address blocks:        154.16.89.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5368 (0x14f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 08:30:52 2024 GMT
            Not After : Feb 27 08:30:52 2026 GMT
        Subject: CN=65dd9dc0-1084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e5:6b:20:1c:16:48:69:b5:ac:14:c1:4e:5e:
                    b7:73:ca:81:ec:b1:fd:c3:ae:89:c3:d6:fb:82:5f:
                    d3:55:91:82:06:b3:4c:9b:f1:bb:cd:04:69:fc:96:
                    03:10:1c:f4:62:83:c4:28:e7:9e:b4:ee:0b:d4:87:
                    e5:f5:57:9e:a6:f4:15:85:16:20:8b:b6:e2:57:6e:
                    65:89:52:5e:45:96:a9:d9:9d:8a:14:f5:37:ba:b9:
                    5b:d5:0a:56:b0:94:a9:35:13:e0:db:7d:3b:13:8e:
                    7f:0f:db:4e:e3:d1:20:da:01:19:d9:9f:24:b1:75:
                    c4:68:7b:46:f7:24:8d:ce:92:65:e2:85:55:02:59:
                    df:2e:1b:d5:fa:47:90:53:88:86:ed:e7:c5:66:eb:
                    fc:3d:10:21:af:3d:46:19:04:95:e5:28:4f:b1:80:
                    7f:a5:b0:77:ca:3f:6b:3f:1d:26:e7:f6:83:cc:05:
                    79:1e:04:e1:68:33:d2:5b:bc:85:d1:26:8a:dc:9d:
                    d7:5d:ef:b8:ba:47:5c:ee:86:2c:ba:e3:fb:c7:70:
                    37:68:6a:88:fc:d1:89:d3:47:3d:89:6f:92:2c:ed:
                    a5:07:5d:e4:a3:fd:41:4b:52:17:7f:24:c6:44:e7:
                    a8:5d:1c:0f:79:87:59:93:65:a2:f6:56:f4:0f:5e:
                    86:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:FB:5D:C2:63:C9:5F:62:80:AD:FA:82:CD:2B:7F:24:55:D8:44:FB
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8687D192D54A11EEAD7B2690775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:0e:4c:02:a6:23:d8:8a:70:d3:11:3d:84:d4:02:1b:d7:e9:
         c6:59:ae:ec:7e:98:14:96:d3:97:03:2a:52:66:10:d1:d0:72:
         a3:14:46:9f:3f:bd:dc:0f:44:03:97:59:a2:3d:96:a2:fd:2a:
         6c:13:83:b7:ad:2d:70:66:f3:79:98:da:ea:e0:3e:f4:05:4a:
         00:69:2e:73:24:26:47:ea:18:ea:90:22:52:9b:be:6f:32:89:
         3e:fc:3b:fe:2e:2d:04:e3:68:db:b5:23:60:73:9f:b9:ad:71:
         f3:77:2b:f3:87:a1:ea:40:80:17:bb:ed:a2:0a:72:03:05:a3:
         07:b5:ff:9b:8f:3f:74:cc:c1:97:4f:78:6e:a0:3c:15:0f:c4:
         e5:4e:95:15:68:92:30:2d:f6:70:db:29:37:72:11:75:c4:d4:
         7e:b2:b8:50:f9:9c:55:43:d1:c7:08:72:1e:47:57:39:01:17:
         80:67:90:2d:98:24:a2:8b:11:6f:07:35:22:4c:fe:4e:93:72:
         6b:fe:50:9a:7f:44:6f:b6:ef:9e:a0:fe:3c:36:a1:33:2e:b5:
         52:9c:70:fc:33:2d:d0:a0:fe:3d:10:19:eb:8a:02:07:b4:4c:
         61:a1:fb:1a:3e:95:b9:50:36:74:be:1d:76:9f:62:86:43:19:
         53:82:8b:67
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFPgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwODMwNTJaFw0yNjAyMjcwODMwNTJaMBgxFjAU
BgNVBAMTDTY1ZGQ5ZGMwLTEwODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDE5WsgHBZIabWsFMFOXrdzyoHssf3DronD1vuCX9NVkYIGs0yb8bvNBGn8
lgMQHPRig8Qo55607gvUh+X1V56m9BWFFiCLtuJXbmWJUl5FlqnZnYoU9Te6uVvV
ClawlKk1E+DbfTsTjn8P207j0SDaARnZnySxdcRoe0b3JI3OkmXihVUCWd8uG9X6
R5BTiIbt58Vm6/w9ECGvPUYZBJXlKE+xgH+lsHfKP2s/HSbn9oPMBXkeBOFoM9Jb
vIXRJorcnddd77i6R1zuhiy64/vHcDdoaoj80YnTRz2Jb5Is7aUHXeSj/UFLUhd/
JMZE56hdHA95h1mTZaL2VvQPXoZ9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUB/td
wmPJX2KArfqCzSt/JFXYRPswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzg2ODdEMTkyRDU0QTExRUVBRDdCMjY5MDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFkwDQYJKoZIhvcNAQEL
BQADggEBAI0OTAKmI9iKcNMRPYTUAhvX6cZZrux+mBSW05cDKlJmENHQcqMURp8/
vdwPRAOXWaI9lqL9KmwTg7etLXBm83mY2urgPvQFSgBpLnMkJkfqGOqQIlKbvm8y
iT78O/4uLQTjaNu1I2Bzn7mtcfN3K/OHoepAgBe77aIKcgMFowe1/5uPP3TMwZdP
eG6gPBUPxOVOlRVokjAt9nDbKTdyEXXE1H6yuFD5nFVD0ccIch5HVzkBF4BnkC2Y
JKKLEW8HNSJM/k6Tcmv+UJp/RG+2756g/jw2oTMutVKccPwzLdCg/j0QGeuKAge0
TGGh+xo+lblQNnS+HXafYoZDGVOCi2c=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:04 2024 by rpki-client on console-fra.rpki-client.org