Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8E9D1D16B43911ED88411B9FF1222468.roa
File:                     8E9D1D16B43911ED88411B9FF1222468.roa (raw, json)
Hash identifier:          qwWkeMG4kPfmrc+T1FE601SToJFTav+aCz180ReTwc8=
Subject key identifier:   F1:DC:D4:79:9C:8F:6D:35:BE:E8:93:3C:24:64:DE:92:83:D4:99:07
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0BF1
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8E9D1D16B43911ED88411B9FF1222468.roa
Signing time:             Fri 24 Feb 2023 11:51:22 +0000
ROA not before:           Fri 24 Feb 2023 11:51:18 +0000
ROA not after:            Sat 22 Feb 2025 11:51:18 +0000
asID:                     61317
IP address blocks:        154.16.20.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3057 (0xbf1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 24 11:51:18 2023 GMT
            Not After : Feb 22 11:51:18 2025 GMT
        Subject: CN=63f8a4ba-e762
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c1:03:d2:a6:5e:13:2f:57:45:ed:1a:01:1a:
                    81:dd:f2:b1:25:62:75:22:2d:ef:a2:e5:8b:1b:b4:
                    75:c2:2f:e3:ed:1f:ec:a5:05:0b:02:ed:cf:76:91:
                    00:ab:f8:8d:29:3e:ea:6e:05:2b:78:ac:34:c4:3b:
                    10:72:cd:9f:94:ca:42:bf:9b:f0:f3:fa:3c:36:fd:
                    77:9e:53:ad:4e:99:34:50:f2:c6:69:0f:a8:7b:21:
                    02:c7:9f:09:af:7e:83:b7:cc:d0:40:b2:2a:f4:57:
                    ff:75:38:00:70:a8:f3:3f:2d:bc:71:83:97:7a:60:
                    b7:6c:bf:0b:fe:04:6c:79:4c:4c:b9:15:82:2b:f4:
                    70:b9:b7:5e:98:dc:c9:da:1b:a9:f7:6a:d2:f5:10:
                    59:e1:58:16:25:c1:85:7d:62:df:00:c8:b6:27:36:
                    0c:5a:9f:76:e1:a1:c8:14:76:3b:54:e3:c1:6f:a4:
                    10:e5:89:f2:4c:cd:79:87:f7:06:e7:45:0b:4d:ad:
                    70:44:8c:d1:f7:e3:3c:fc:68:65:ca:58:b0:e5:1b:
                    18:2c:11:80:3a:21:01:bc:9f:fd:3b:fd:95:d7:dc:
                    da:17:63:ff:1f:55:6e:ba:10:a8:09:68:5f:7b:9c:
                    ce:70:e8:c3:54:2a:51:b9:bb:35:0f:df:28:e8:3a:
                    9a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:DC:D4:79:9C:8F:6D:35:BE:E8:93:3C:24:64:DE:92:83:D4:99:07
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8E9D1D16B43911ED88411B9FF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:11:d8:7a:8b:f4:f5:26:45:78:f1:e0:f1:5f:c9:71:d2:5e:
         eb:4b:a6:dd:e3:6f:29:9e:2a:c7:41:03:10:04:78:e4:49:1d:
         42:0e:fa:7c:6e:ec:34:1b:e6:84:60:2b:aa:e4:f4:ce:6f:80:
         a3:1f:ce:99:3c:cd:e0:f9:33:30:5e:8b:ea:d1:20:ef:d5:52:
         4d:27:60:73:3e:f3:e3:39:8d:cd:c6:24:f1:32:21:53:ae:1a:
         fe:7d:1b:cc:d4:c3:c1:8c:9d:34:95:42:20:cc:ce:47:20:0d:
         ed:3d:88:ba:3d:ab:c3:06:25:ed:12:8e:9a:b7:e9:5b:32:65:
         39:6a:53:db:a5:47:fd:23:3c:8d:88:11:69:b4:e2:46:6f:dd:
         f4:f5:b3:e0:28:90:2b:8c:f4:f8:e5:9c:54:2c:c7:c3:76:e7:
         c4:9a:be:75:12:e7:ad:51:fe:27:76:92:5e:59:70:b1:07:b1:
         92:32:cb:71:6b:b4:7e:3f:9d:6b:1d:e1:ef:4c:97:91:7a:28:
         8f:11:76:58:10:2e:79:3a:7f:73:43:23:00:e3:16:c5:ae:ff:
         e0:54:a3:2b:85:6b:a9:70:0f:a2:3f:05:fd:30:34:d0:a0:ce:
         f1:bf:db:82:55:15:7d:82:78:9f:b6:e1:97:c0:6f:b5:4e:90:
         9a:a5:97:02
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC/EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjQxMTUxMThaFw0yNTAyMjIxMTUxMThaMBgxFjAU
BgNVBAMMDTYzZjhhNGJhLWU3NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9wQPSpl4TL1dF7RoBGoHd8rElYnUiLe+i5YsbtHXCL+PtH+ylBQsC7c92
kQCr+I0pPupuBSt4rDTEOxByzZ+UykK/m/Dz+jw2/XeeU61OmTRQ8sZpD6h7IQLH
nwmvfoO3zNBAsir0V/91OABwqPM/Lbxxg5d6YLdsvwv+BGx5TEy5FYIr9HC5t16Y
3MnaG6n3atL1EFnhWBYlwYV9Yt8AyLYnNgxan3bhocgUdjtU48FvpBDlifJMzXmH
9wbnRQtNrXBEjNH34zz8aGXKWLDlGxgsEYA6IQG8n/07/ZXX3NoXY/8fVW66EKgJ
aF97nM5w6MNUKlG5uzUP3yjoOprlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8dzU
eZyPbTW+6JM8JGTekoPUmQcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzhFOUQxRDE2QjQzOTExRUQ4ODQxMUI5RkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBQwDQYJKoZIhvcNAQEL
BQADggEBADIR2HqL9PUmRXjx4PFfyXHSXutLpt3jbymeKsdBAxAEeORJHUIO+nxu
7DQb5oRgK6rk9M5vgKMfzpk8zeD5MzBei+rRIO/VUk0nYHM+8+M5jc3GJPEyIVOu
Gv59G8zUw8GMnTSVQiDMzkcgDe09iLo9q8MGJe0Sjpq36VsyZTlqU9ulR/0jPI2I
EWm04kZv3fT1s+AokCuM9PjlnFQsx8N258SavnUS561R/id2kl5ZcLEHsZIyy3Fr
tH4/nWsd4e9Ml5F6KI8RdlgQLnk6f3NDIwDjFsWu/+BUoyuFa6lwD6I/Bf0wNNCg
zvG/24JVFX2CeJ+24ZfAb7VOkJqllwI=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:17:41 2024 by rpki-client on console-ams.rpki-client.org