Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9077B91A128511EF95C2FB5C017001B1.roa
File:                     9077B91A128511EF95C2FB5C017001B1.roa (raw, json)
Hash identifier:          HmniyEA65fg6OTgVUYYBBYCtc4/ZgNKol+bb+uFnRGs=
Subject key identifier:   4C:AA:0C:4A:68:E3:85:E9:C0:84:22:0C:92:BB:31:09:21:6E:7A:70
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1659
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9077B91A128511EF95C2FB5C017001B1.roa
Signing time:             Wed 15 May 2024 06:37:14 +0000
ROA not before:           Wed 15 May 2024 06:37:10 +0000
ROA not after:            Fri 15 May 2026 06:37:10 +0000
asID:                     8220
IP address blocks:        154.16.213.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5721 (0x1659)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 15 06:37:10 2024 GMT
            Not After : May 15 06:37:10 2026 GMT
        Subject: CN=6644581a-7843
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:29:13:a8:39:4d:d3:1b:36:b6:4a:b0:28:30:
                    60:70:e9:bc:1e:be:d5:3c:94:de:64:8e:45:2d:be:
                    d6:f3:96:e3:67:25:34:ee:a2:55:d1:68:8c:4c:1c:
                    65:fa:fa:93:f1:a1:48:d1:cb:0d:9e:eb:20:db:ea:
                    a8:2b:53:b7:cb:37:70:2c:d8:85:0b:e6:a7:c3:d8:
                    5f:69:c6:df:28:7b:73:cd:86:66:c1:ac:79:20:08:
                    f4:fd:a1:24:4c:da:fd:87:17:b3:0f:4d:9f:53:3d:
                    18:59:fc:ba:6d:7b:f0:72:80:e9:4e:d1:dd:46:3b:
                    36:57:13:fa:58:e0:c2:63:98:dc:13:d2:5e:ef:d7:
                    4c:54:20:93:18:58:6a:fc:c1:d2:d5:5c:ec:3b:30:
                    4f:b5:e5:74:47:4d:ae:4e:04:22:68:4b:ea:38:3c:
                    41:ad:cb:4a:d3:9f:ac:d8:71:37:94:df:7b:03:a6:
                    b7:e7:a0:8e:f8:47:8b:8b:f0:14:81:b6:a1:60:f3:
                    c5:b5:ec:18:3e:c7:67:1a:8d:7f:a2:f6:26:65:4c:
                    b0:cb:8f:e7:15:e3:aa:0e:b2:f8:b0:f4:44:08:22:
                    95:e8:1b:ee:56:7d:7c:a4:42:7e:e7:9b:e7:33:27:
                    1a:50:56:b0:b8:eb:95:d3:f1:95:46:d6:83:71:42:
                    22:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:AA:0C:4A:68:E3:85:E9:C0:84:22:0C:92:BB:31:09:21:6E:7A:70
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9077B91A128511EF95C2FB5C017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:a1:b8:86:6b:27:6a:40:80:d1:7f:43:b3:54:ba:8a:da:5c:
         fc:e3:f5:94:cc:c1:57:7e:80:c9:1c:fd:6a:c8:e4:bd:4e:62:
         e1:e0:85:d6:07:f0:de:eb:5f:97:e3:e0:b3:d7:0c:d7:40:69:
         2f:33:3f:61:1e:62:55:08:b8:ee:e9:11:55:90:13:16:10:b0:
         27:ec:8e:cf:f4:54:e0:c7:cd:07:94:42:24:89:24:4a:78:c8:
         59:7d:15:26:8a:62:25:17:32:f1:bd:c7:ad:37:1f:85:e4:94:
         cd:bc:59:4e:19:41:e8:1c:8c:70:0f:5c:de:35:ca:5d:d9:98:
         a2:82:85:9b:89:16:18:d6:28:93:41:4c:64:8f:4e:f1:01:a1:
         e0:93:9b:91:df:dd:ad:e4:d3:7e:a4:75:f8:36:f8:f1:3b:3b:
         e8:ac:9c:c9:40:f3:83:b9:a9:9f:30:99:f8:39:19:4f:92:66:
         d6:32:2c:c7:c7:79:32:b5:14:25:2f:5f:19:c3:4b:33:98:e5:
         1b:8c:ee:ac:41:6b:53:1f:e8:83:9c:2b:64:3f:5f:59:53:1e:
         6b:a4:84:fa:d0:d5:f8:2c:51:90:77:b1:c3:6c:ae:c2:38:89:
         fc:b9:02:d8:04:14:8d:42:d7:60:7e:89:3d:35:77:b2:74:9a:
         ef:a5:10:6c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFlkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MTUwNjM3MTBaFw0yNjA1MTUwNjM3MTBaMBgxFjAU
BgNVBAMTDTY2NDQ1ODFhLTc4NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDcKROoOU3TGza2SrAoMGBw6bwevtU8lN5kjkUtvtbzluNnJTTuolXRaIxM
HGX6+pPxoUjRyw2e6yDb6qgrU7fLN3As2IUL5qfD2F9pxt8oe3PNhmbBrHkgCPT9
oSRM2v2HF7MPTZ9TPRhZ/Lpte/BygOlO0d1GOzZXE/pY4MJjmNwT0l7v10xUIJMY
WGr8wdLVXOw7ME+15XRHTa5OBCJoS+o4PEGty0rTn6zYcTeU33sDprfnoI74R4uL
8BSBtqFg88W17Bg+x2cajX+i9iZlTLDLj+cV46oOsviw9EQIIpXoG+5WfXykQn7n
m+czJxpQVrC465XT8ZVG1oNxQiLDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUTKoM
SmjjhenAhCIMkrsxCSFuenAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzkwNzdCOTFBMTI4NTExRUY5NUMyRkI1QzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENUwDQYJKoZIhvcNAQEL
BQADggEBAGehuIZrJ2pAgNF/Q7NUuoraXPzj9ZTMwVd+gMkc/WrI5L1OYuHghdYH
8N7rX5fj4LPXDNdAaS8zP2EeYlUIuO7pEVWQExYQsCfsjs/0VODHzQeUQiSJJEp4
yFl9FSaKYiUXMvG9x603H4XklM28WU4ZQegcjHAPXN41yl3ZmKKChZuJFhjWKJNB
TGSPTvEBoeCTm5Hf3a3k036kdfg2+PE7O+isnMlA84O5qZ8wmfg5GU+SZtYyLMfH
eTK1FCUvXxnDSzOY5RuM7qxBa1Mf6IOcK2Q/X1lTHmukhPrQ1fgsUZB3scNsrsI4
ify5AtgEFI1C12B+iT01d7J0mu+lEGw=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org