Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8BDA6CF48AA511ED8C3292B0F1222468.roa
File:                     8BDA6CF48AA511ED8C3292B0F1222468.roa (raw, json)
Hash identifier:          0vjQaU19DG16ITtPpssXvPPNb7J0jhfB7cZWWVmbYu0=
Subject key identifier:   66:CB:2A:E8:49:81:90:C7:E0:2B:A9:D9:D3:5C:DD:D7:A8:41:AB:74
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0B30
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8BDA6CF48AA511ED8C3292B0F1222468.roa
Signing time:             Mon 02 Jan 2023 13:58:34 +0000
ROA not before:           Mon 02 Jan 2023 13:58:30 +0000
ROA not after:            Thu 02 Jan 2025 13:58:30 +0000
asID:                     400040
IP address blocks:        154.16.237.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2864 (0xb30)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jan  2 13:58:30 2023 GMT
            Not After : Jan  2 13:58:30 2025 GMT
        Subject: CN=63b2e30a-067b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e7:57:da:fd:d6:66:a6:b5:9a:87:30:a7:c9:
                    76:4f:b0:a5:a2:f5:0c:03:0a:37:20:33:76:2d:47:
                    14:e3:47:6a:19:7a:fb:22:10:00:11:e9:54:1f:2e:
                    ee:7a:9f:d3:22:0c:0b:38:b8:6e:6d:b9:a4:99:f1:
                    bb:8a:19:3f:db:68:5f:22:46:48:ed:64:7d:32:0d:
                    12:d3:96:35:91:9c:9b:3d:a0:1f:45:03:82:01:2e:
                    61:58:5f:89:ed:89:0f:84:3b:cd:a6:68:9b:99:79:
                    9a:e8:d2:de:13:52:22:53:c4:df:43:3f:17:77:13:
                    fc:ee:dd:35:7f:d4:0b:0f:e3:0c:3e:ba:5e:5e:a4:
                    1d:d6:e1:42:8e:ae:45:a9:86:1a:f2:c7:ad:f5:39:
                    33:c3:b4:53:4d:37:3f:9b:c2:6f:3a:68:d5:c5:de:
                    08:4d:e5:71:6b:ca:83:79:92:f0:b7:25:3c:53:ba:
                    d1:8b:62:08:a1:42:e3:48:c7:be:24:8a:82:b7:02:
                    2e:82:36:02:b7:7c:cc:85:a8:31:44:36:c9:da:95:
                    e2:29:48:a5:87:37:ad:33:97:ec:c1:fe:25:73:5d:
                    81:a0:c1:3e:d6:21:e7:86:09:bf:0b:9d:4a:a6:00:
                    58:bb:0d:76:7c:68:f0:2f:e3:a1:6d:52:51:5a:7c:
                    8b:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:CB:2A:E8:49:81:90:C7:E0:2B:A9:D9:D3:5C:DD:D7:A8:41:AB:74
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8BDA6CF48AA511ED8C3292B0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:21:d8:cb:95:54:21:30:ff:07:3d:d5:30:6f:ea:80:67:14:
         64:e5:d7:6d:70:26:74:80:aa:e7:e1:3e:d3:cc:94:25:f3:e0:
         36:f7:c7:8b:8f:af:66:92:9b:3d:33:f0:9f:5d:bc:7b:16:65:
         cb:d7:cb:25:8b:f0:f3:68:ec:ef:e3:20:cb:bf:d3:c2:00:a6:
         f1:fb:d5:31:51:b4:a4:86:aa:04:fe:e7:99:c5:73:bb:c9:7f:
         c5:45:78:8d:e7:72:02:6f:81:69:9c:a9:76:bf:bd:de:46:8e:
         67:db:c1:a9:01:37:6f:93:1b:5d:88:22:c4:6a:af:18:c5:14:
         9a:f4:55:93:a2:2c:78:1f:8b:e0:8f:ae:7c:5a:6f:33:8a:83:
         e8:bf:49:51:d7:5f:a0:4c:cb:6e:0d:94:4d:df:d6:b7:a1:cb:
         48:85:f6:6b:9d:05:19:7e:06:86:6b:0c:7e:d2:d9:3c:0c:7d:
         aa:0d:ca:d7:fc:9c:8c:50:6c:f5:d0:c0:1e:0b:35:ca:ba:68:
         6c:a2:e3:16:60:27:36:4f:c5:57:ba:4a:67:db:a7:c7:f1:6c:
         4a:46:db:a5:21:64:16:03:7a:de:e2:b5:2b:af:45:6a:70:f4:
         fc:50:93:03:48:59:6b:44:2e:7c:61:50:0e:01:6b:f8:2e:ac:
         51:26:98:51
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCzAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAxMDIxMzU4MzBaFw0yNTAxMDIxMzU4MzBaMBgxFjAU
BgNVBAMMDTYzYjJlMzBhLTA2N2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCy51fa/dZmprWahzCnyXZPsKWi9QwDCjcgM3YtRxTjR2oZevsiEAAR6VQf
Lu56n9MiDAs4uG5tuaSZ8buKGT/baF8iRkjtZH0yDRLTljWRnJs9oB9FA4IBLmFY
X4ntiQ+EO82maJuZeZro0t4TUiJTxN9DPxd3E/zu3TV/1AsP4ww+ul5epB3W4UKO
rkWphhryx631OTPDtFNNNz+bwm86aNXF3ghN5XFryoN5kvC3JTxTutGLYgihQuNI
x74kioK3Ai6CNgK3fMyFqDFENsnaleIpSKWHN60zl+zB/iVzXYGgwT7WIeeGCb8L
nUqmAFi7DXZ8aPAv46FtUlFafIuhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZssq
6EmBkMfgK6nZ01zd16hBq3QwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzhCREE2Q0Y0OEFBNTExRUQ4QzMyOTJCMEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEO0wDQYJKoZIhvcNAQEL
BQADggEBAFEh2MuVVCEw/wc91TBv6oBnFGTl121wJnSAqufhPtPMlCXz4Db3x4uP
r2aSmz0z8J9dvHsWZcvXyyWL8PNo7O/jIMu/08IApvH71TFRtKSGqgT+55nFc7vJ
f8VFeI3ncgJvgWmcqXa/vd5GjmfbwakBN2+TG12IIsRqrxjFFJr0VZOiLHgfi+CP
rnxabzOKg+i/SVHXX6BMy24NlE3f1rehy0iF9mudBRl+BoZrDH7S2TwMfaoNytf8
nIxQbPXQwB4LNcq6aGyi4xZgJzZPxVe6Smfbp8fxbEpG26UhZBYDet7itSuvRWpw
9PxQkwNIWWtELnxhUA4Ba/gurFEmmFE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:46 2024 by rpki-client on console-ams.rpki-client.org