Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8D4C5DB68E8411EEB181B1DF7D84E21B.roa
File:                     8D4C5DB68E8411EEB181B1DF7D84E21B.roa (raw, json)
Hash identifier:          2XnniFLx3pc90kbr1ywxm400962wkgx7WwyZ3TIbff0=
Subject key identifier:   29:D3:97:1E:D0:37:94:E6:A0:64:DB:4F:E8:25:E4:D3:C6:40:39:AE
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       13AE
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8D4C5DB68E8411EEB181B1DF7D84E21B.roa
Signing time:             Wed 29 Nov 2023 06:57:25 +0000
ROA not before:           Wed 29 Nov 2023 06:57:22 +0000
ROA not after:            Sat 29 Nov 2025 06:57:22 +0000
asID:                     3356
IP address blocks:        154.16.153.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5038 (0x13ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 29 06:57:22 2023 GMT
            Not After : Nov 29 06:57:22 2025 GMT
        Subject: CN=6566e0d5-2134
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ca:b3:1d:00:f3:1a:b7:c0:07:81:db:89:d6:
                    06:55:df:e5:31:34:e1:71:56:5a:05:37:a3:76:d0:
                    a3:0b:a4:81:83:47:d4:14:c7:2d:23:39:40:86:8c:
                    29:47:9f:5e:4d:c1:95:9c:e8:14:5c:71:a8:70:b2:
                    a8:84:a9:b3:4a:db:61:3b:c2:3b:f1:de:92:d5:e9:
                    4f:b9:cd:13:9b:6c:a8:e6:f5:85:25:52:4f:35:9c:
                    61:f8:31:ee:ad:dd:b3:66:b1:81:08:48:9b:cf:80:
                    e9:69:f2:70:c1:4f:15:5f:32:a7:f4:78:1c:31:43:
                    5e:39:03:be:01:c0:3b:f8:48:75:f6:59:2f:d9:5a:
                    35:f2:39:1f:ad:e1:69:28:48:dd:95:36:4a:c7:cb:
                    9d:0e:89:bc:f5:84:1e:4b:be:18:ad:f5:c0:bc:ee:
                    dd:98:31:f6:f3:e6:93:16:ed:1c:fa:b5:b8:99:f7:
                    d5:93:00:25:99:15:f1:34:3f:fc:a4:10:ad:61:75:
                    08:8f:f9:7e:61:89:d1:e5:c5:5c:13:dc:e5:b9:fa:
                    32:d8:e2:3d:55:57:e8:fe:5d:17:b4:0a:4a:13:e4:
                    8e:e1:0a:f5:a9:30:38:62:e6:05:23:dc:c3:17:1b:
                    e5:0d:60:3e:af:20:19:88:1f:1f:f4:7c:0f:a6:88:
                    cd:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:D3:97:1E:D0:37:94:E6:A0:64:DB:4F:E8:25:E4:D3:C6:40:39:AE
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8D4C5DB68E8411EEB181B1DF7D84E21B.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:a6:9c:9a:34:2c:c9:15:d9:df:07:99:de:72:69:84:e5:14:
         12:67:b8:f0:bc:f6:82:16:33:13:32:c2:09:80:13:dd:24:4b:
         a0:80:40:bd:41:2f:06:47:c9:c6:91:65:e4:51:fd:f4:97:e6:
         5c:25:1c:e1:48:1f:93:cc:7c:a1:be:81:f2:b0:e8:28:89:f2:
         07:fa:26:28:70:90:a2:eb:b5:df:18:d4:60:0d:9e:47:8d:1a:
         a5:4a:b4:70:0c:41:1a:a8:8a:7e:46:af:d1:74:13:a1:5f:5e:
         0d:90:cb:a8:6e:8d:30:e9:9d:b9:21:35:d7:f6:d5:d9:31:c5:
         77:09:22:d0:42:1f:d5:95:33:b5:3b:95:29:17:9f:e3:6d:f6:
         a6:be:e8:e4:12:87:2d:7f:5d:62:0f:a1:35:d5:c5:0f:86:6c:
         6a:cd:4e:30:1d:e8:5c:55:06:48:4d:61:f1:c9:f1:9d:21:d4:
         03:b8:40:d3:37:84:ee:d5:08:8c:a7:e0:44:09:9f:3a:22:e3:
         44:cf:0a:66:e0:45:91:11:25:c0:46:9b:85:fb:28:9f:4e:bc:
         59:2f:5f:c2:1d:6f:62:0b:1b:9c:7a:37:e8:2d:26:b2:50:72:
         a6:3e:e6:10:99:40:24:62:e8:23:35:92:ba:30:1f:f1:3d:76:
         56:e6:7c:c6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE64wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjkwNjU3MjJaFw0yNTExMjkwNjU3MjJaMBgxFjAU
BgNVBAMTDTY1NjZlMGQ1LTIxMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCyyrMdAPMat8AHgduJ1gZV3+UxNOFxVloFN6N20KMLpIGDR9QUxy0jOUCG
jClHn15NwZWc6BRccahwsqiEqbNK22E7wjvx3pLV6U+5zRObbKjm9YUlUk81nGH4
Me6t3bNmsYEISJvPgOlp8nDBTxVfMqf0eBwxQ145A74BwDv4SHX2WS/ZWjXyOR+t
4WkoSN2VNkrHy50Oibz1hB5Lvhit9cC87t2YMfbz5pMW7Rz6tbiZ99WTACWZFfE0
P/ykEK1hdQiP+X5hidHlxVwT3OW5+jLY4j1VV+j+XRe0CkoT5I7hCvWpMDhi5gUj
3MMXG+UNYD6vIBmIHx/0fA+miM1FAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKdOX
HtA3lOagZNtP6CXk08ZAOa4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzhENEM1REI2OEU4NDExRUVCMTgxQjFERjdEODRFMjFCLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJkwDQYJKoZIhvcNAQEL
BQADggEBAGumnJo0LMkV2d8Hmd5yaYTlFBJnuPC89oIWMxMywgmAE90kS6CAQL1B
LwZHycaRZeRR/fSX5lwlHOFIH5PMfKG+gfKw6CiJ8gf6JihwkKLrtd8Y1GANnkeN
GqVKtHAMQRqoin5Gr9F0E6FfXg2Qy6hujTDpnbkhNdf21dkxxXcJItBCH9WVM7U7
lSkXn+Nt9qa+6OQShy1/XWIPoTXVxQ+GbGrNTjAd6FxVBkhNYfHJ8Z0h1AO4QNM3
hO7VCIyn4EQJnzoi40TPCmbgRZERJcBGm4X7KJ9OvFkvX8Idb2ILG5x6N+gtJrJQ
cqY+5hCZQCRi6CM1krowH/E9dlbmfMY=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org