Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8D55D53AB74D11ED83695CEDF1222468.roa
File:                     8D55D53AB74D11ED83695CEDF1222468.roa (raw, json)
Hash identifier:          qOvnK3PnwVhmu4gnA0PS3Yl8xO2FDZxpr3wFLEc6a/A=
Subject key identifier:   AC:69:4B:01:13:CB:A4:6D:BF:D0:55:87:87:67:84:3C:6B:26:9E:73
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0C8E
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8D55D53AB74D11ED83695CEDF1222468.roa
Signing time:             Tue 28 Feb 2023 09:52:03 +0000
ROA not before:           Tue 28 Feb 2023 09:51:59 +0000
ROA not after:            Fri 28 Feb 2025 09:51:59 +0000
asID:                     61317
IP address blocks:        154.16.206.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3214 (0xc8e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 28 09:51:59 2023 GMT
            Not After : Feb 28 09:51:59 2025 GMT
        Subject: CN=63fdcec3-b0d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:06:3a:89:e4:1a:26:fe:6c:4a:fc:6f:31:c1:
                    6a:4e:00:f0:42:a5:0a:06:13:34:e6:10:13:80:49:
                    ef:9b:d0:53:3c:7b:b3:f2:ee:3e:6d:0d:77:08:41:
                    5f:99:4e:27:64:0f:e3:3e:48:f2:da:2a:e2:1f:e6:
                    8a:c2:e5:1c:6d:33:31:e8:b7:1b:c3:aa:ed:99:50:
                    da:ef:16:ff:f9:61:06:f1:4c:53:8f:75:59:8f:1d:
                    ab:0e:a5:64:d8:d6:75:11:a5:3c:2e:2f:ee:ce:4a:
                    b6:7f:5e:29:fc:d7:2a:a6:5b:ac:94:74:94:f4:95:
                    df:56:a9:d1:d3:68:0b:5e:29:ab:64:ab:4f:1a:18:
                    75:14:7f:a0:31:81:c0:3c:9c:cc:5b:8b:47:fd:ed:
                    9b:5a:96:e0:dd:99:17:02:0b:0d:71:2f:ad:f6:59:
                    21:cc:99:27:0b:93:9f:0f:5d:ec:dc:81:de:40:5f:
                    5f:40:6c:70:4e:19:03:8f:52:fc:ca:80:f0:34:f8:
                    08:89:92:30:ee:dc:b6:44:39:82:e9:f1:87:d5:bb:
                    24:4b:11:5b:1d:35:40:fc:61:b3:84:54:fe:4d:ab:
                    76:cd:ee:85:68:c0:47:ce:9f:b0:d7:5f:66:01:96:
                    45:ad:32:d6:19:a9:2a:18:2a:1e:64:44:82:7c:68:
                    c9:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:69:4B:01:13:CB:A4:6D:BF:D0:55:87:87:67:84:3C:6B:26:9E:73
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8D55D53AB74D11ED83695CEDF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:96:3a:f6:9b:39:f7:3d:a7:40:92:1e:9f:33:36:e6:a8:8a:
         3f:e8:cd:7f:fb:76:fd:49:48:3e:a1:3f:bd:ef:b3:83:44:e6:
         d0:6f:66:66:9c:3f:00:a1:19:7f:91:b2:ac:7f:09:94:10:bc:
         09:74:25:e8:4f:5a:28:7a:62:aa:34:8d:20:0b:00:13:5b:31:
         cc:c7:c3:d3:5c:da:3e:ea:0a:a9:b6:fc:b8:a8:69:12:65:17:
         2b:4a:4f:f0:5e:63:57:c4:95:1b:9f:23:c7:7f:5d:2b:5a:0e:
         f7:e6:29:b3:2a:26:39:f6:f8:77:34:43:d8:c1:23:c9:f9:49:
         8e:7d:d5:79:18:35:b8:73:03:88:75:28:40:65:e0:e4:f1:81:
         71:26:e9:26:c0:41:3c:a0:fc:00:b9:60:e3:b1:ad:a0:f2:f7:
         44:b8:fc:f5:bf:fe:dd:75:02:83:c0:13:f9:a5:15:13:7a:19:
         a4:ed:6c:1a:f1:c3:a7:97:4b:4a:9c:6f:bf:65:5a:28:6b:8a:
         1d:6e:42:88:32:01:5c:91:7d:58:9c:61:8e:0d:9d:2a:38:a0:
         0b:8c:3c:08:ee:aa:8a:ef:11:0b:85:a2:44:bf:76:d1:dc:a9:
         6a:d4:18:0a:a8:b1:d1:19:26:e6:6d:31:d7:34:a1:4e:b5:22:
         7e:66:7e:12
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDI4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjgwOTUxNTlaFw0yNTAyMjgwOTUxNTlaMBgxFjAU
BgNVBAMMDTYzZmRjZWMzLWIwZDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkBjqJ5Bom/mxK/G8xwWpOAPBCpQoGEzTmEBOASe+b0FM8e7Py7j5tDXcI
QV+ZTidkD+M+SPLaKuIf5orC5RxtMzHotxvDqu2ZUNrvFv/5YQbxTFOPdVmPHasO
pWTY1nURpTwuL+7OSrZ/Xin81yqmW6yUdJT0ld9WqdHTaAteKatkq08aGHUUf6Ax
gcA8nMxbi0f97ZtaluDdmRcCCw1xL632WSHMmScLk58PXezcgd5AX19AbHBOGQOP
UvzKgPA0+AiJkjDu3LZEOYLp8YfVuyRLEVsdNUD8YbOEVP5Nq3bN7oVowEfOn7DX
X2YBlkWtMtYZqSoYKh5kRIJ8aMk9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUrGlL
ARPLpG2/0FWHh2eEPGsmnnMwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzhENTVENTNBQjc0RDExRUQ4MzY5NUNFREYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEM4wDQYJKoZIhvcNAQEL
BQADggEBAIKWOvabOfc9p0CSHp8zNuaoij/ozX/7dv1JSD6hP73vs4NE5tBvZmac
PwChGX+Rsqx/CZQQvAl0JehPWih6Yqo0jSALABNbMczHw9Nc2j7qCqm2/LioaRJl
FytKT/BeY1fElRufI8d/XStaDvfmKbMqJjn2+Hc0Q9jBI8n5SY591XkYNbhzA4h1
KEBl4OTxgXEm6SbAQTyg/AC5YOOxraDy90S4/PW//t11AoPAE/mlFRN6GaTtbBrx
w6eXS0qcb79lWihrih1uQogyAVyRfVicYY4NnSo4oAuMPAjuqorvEQuFokS/dtHc
qWrUGAqosdEZJuZtMdc0oU61In5mfhI=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:04 2024 by rpki-client on console-fra.rpki-client.org