Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8CBA0C2827DF11EF9668FFEE7CDC24C2.roa
File:                     8CBA0C2827DF11EF9668FFEE7CDC24C2.roa (raw, json)
Hash identifier:          HajhJdnqxI6gpSVwdnJRv6RPCsj2QGixVJUGQQJSXNY=
Subject key identifier:   ED:39:7A:BC:3F:74:DE:FE:A6:49:CC:96:44:8E:26:6B:1E:6C:72:09
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       16DB
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8CBA0C2827DF11EF9668FFEE7CDC24C2.roa
Signing time:             Tue 11 Jun 2024 10:44:16 +0000
ROA not before:           Tue 11 Jun 2024 10:44:13 +0000
ROA not after:            Thu 11 Jun 2026 10:44:13 +0000
asID:                     13213
IP address blocks:        154.16.211.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5851 (0x16db)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun 11 10:44:13 2024 GMT
            Not After : Jun 11 10:44:13 2026 GMT
        Subject: CN=66682a80-e233
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:3a:10:49:a1:95:6e:4c:ff:00:e1:2d:89:9e:
                    6d:34:a6:1f:03:7a:5f:b0:f0:7b:06:f2:08:31:fd:
                    98:cb:2a:a8:ce:d6:2a:21:06:97:02:3b:fd:62:64:
                    1b:1d:22:7e:90:d5:27:15:52:16:a0:0c:2f:68:0c:
                    0b:d8:08:b4:b9:af:51:4e:7c:08:29:22:44:41:04:
                    61:91:d3:02:26:1b:01:fd:7c:60:85:10:6d:91:1c:
                    d5:9c:b4:5e:55:86:fa:44:90:16:e8:b3:92:68:49:
                    29:97:85:7d:da:d5:e4:db:42:d3:b6:c4:ec:31:de:
                    d6:73:2c:79:3a:6e:b0:dc:05:d5:f5:a7:0d:bb:9c:
                    a7:6c:82:34:60:83:d5:e0:d3:97:29:52:b8:a1:45:
                    83:ae:91:44:87:44:fe:5e:8c:89:83:95:af:6e:c7:
                    09:bd:e3:e1:fe:f1:24:91:a2:3a:6a:9c:26:2d:da:
                    16:16:7d:cd:a7:4c:49:e7:bd:6e:5f:2c:52:e4:c2:
                    a1:49:ed:a7:98:fa:3c:40:ae:f2:c9:c6:34:58:f2:
                    d7:21:a1:d7:71:09:b7:ce:fb:b9:82:0e:c4:4d:18:
                    c4:03:8f:6f:4d:c7:4f:6e:97:3e:ba:9d:f5:0e:d7:
                    8d:6d:cd:9b:87:a3:6f:45:6b:48:e0:3b:50:9b:a2:
                    41:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:39:7A:BC:3F:74:DE:FE:A6:49:CC:96:44:8E:26:6B:1E:6C:72:09
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8CBA0C2827DF11EF9668FFEE7CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ca:42:1b:2a:2c:e2:38:c0:66:2a:31:93:82:cf:49:94:2b:fe:
         2a:f9:bb:9d:71:53:79:6e:d9:ad:2a:d3:fe:b0:83:5e:e6:a8:
         34:71:8c:b1:12:14:cc:84:60:6a:ac:a0:df:98:ed:71:e1:21:
         cd:2f:60:06:38:3f:a9:68:0f:57:d0:b4:33:51:1b:1c:84:48:
         85:9c:cf:47:13:94:0b:b4:f3:64:de:f6:97:c6:09:ba:94:50:
         37:50:67:8f:9f:f5:37:82:18:4a:a7:aa:71:c7:06:79:96:2d:
         50:43:27:39:a2:39:47:5a:56:6b:86:42:b9:06:fa:2a:0d:9c:
         a4:99:56:d7:e3:d3:26:ea:2c:53:c0:8d:7a:93:6a:e4:56:77:
         8a:7b:60:58:2d:c1:1e:cf:94:50:de:af:a2:c2:26:50:63:af:
         d8:6b:20:51:79:e5:5d:16:bc:74:74:0e:3f:69:9a:96:49:bc:
         01:4a:dd:a5:3b:af:a0:9a:07:79:c6:3d:6e:c0:67:85:7c:27:
         a2:50:81:93:55:bc:72:a2:61:99:f0:bf:b3:ad:00:ff:9a:24:
         65:f6:ec:a8:63:e0:28:4a:1f:ff:e3:ef:98:fd:f3:33:c4:09:
         64:af:00:fc:00:69:bf:fa:ec:42:e4:ae:a2:73:8b:5c:51:49:
         62:d9:53:7d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFtswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA2MTExMDQ0MTNaFw0yNjA2MTExMDQ0MTNaMBgxFjAU
BgNVBAMTDTY2NjgyYTgwLWUyMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCsOhBJoZVuTP8A4S2Jnm00ph8Del+w8HsG8ggx/ZjLKqjO1iohBpcCO/1i
ZBsdIn6Q1ScVUhagDC9oDAvYCLS5r1FOfAgpIkRBBGGR0wImGwH9fGCFEG2RHNWc
tF5VhvpEkBbos5JoSSmXhX3a1eTbQtO2xOwx3tZzLHk6brDcBdX1pw27nKdsgjRg
g9Xg05cpUrihRYOukUSHRP5ejImDla9uxwm94+H+8SSRojpqnCYt2hYWfc2nTEnn
vW5fLFLkwqFJ7aeY+jxArvLJxjRY8tchoddxCbfO+7mCDsRNGMQDj29Nx09ulz66
nfUO141tzZuHo29Fa0jgO1CbokFnAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU7Tl6
vD903v6mScyWRI4max5scgkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzhDQkEwQzI4MjdERjExRUY5NjY4RkZFRTdDREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENMwDQYJKoZIhvcNAQEL
BQADggEBAMpCGyos4jjAZioxk4LPSZQr/ir5u51xU3lu2a0q0/6wg17mqDRxjLES
FMyEYGqsoN+Y7XHhIc0vYAY4P6loD1fQtDNRGxyESIWcz0cTlAu082Te9pfGCbqU
UDdQZ4+f9TeCGEqnqnHHBnmWLVBDJzmiOUdaVmuGQrkG+ioNnKSZVtfj0ybqLFPA
jXqTauRWd4p7YFgtwR7PlFDer6LCJlBjr9hrIFF55V0WvHR0Dj9pmpZJvAFK3aU7
r6CaB3nGPW7AZ4V8J6JQgZNVvHKiYZnwv7OtAP+aJGX27Khj4ChKH//j75j98zPE
CWSvAPwAab/67ELkrqJzi1xRSWLZU30=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org