Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/90C08BFA24B311EFB6A948EB7CDC24C2.roa
File:                     90C08BFA24B311EFB6A948EB7CDC24C2.roa (raw, json)
Hash identifier:          EYh4BpBelAqTYUaHHthB7yVNYR4il+bnBhKDsQnR+Ac=
Subject key identifier:   04:3F:72:4F:01:3E:01:AE:11:D4:20:18:C9:D5:F3:D7:9E:F4:B1:0F
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       16C4
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/90C08BFA24B311EFB6A948EB7CDC24C2.roa
Signing time:             Fri 07 Jun 2024 09:51:52 +0000
ROA not before:           Fri 07 Jun 2024 09:51:48 +0000
ROA not after:            Sun 07 Jun 2026 09:51:48 +0000
asID:                     13213
IP address blocks:        154.16.235.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5828 (0x16c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun  7 09:51:48 2024 GMT
            Not After : Jun  7 09:51:48 2026 GMT
        Subject: CN=6662d838-8b49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d5:60:5a:57:55:af:c4:13:05:df:50:64:60:
                    67:97:e5:4d:e0:f5:07:9d:5b:cc:a4:60:6b:7e:02:
                    ea:d8:ce:b7:b6:79:bb:3f:93:1c:3a:42:05:6c:dc:
                    8a:a1:8c:33:75:96:ae:59:1e:f7:ef:ec:be:e3:b6:
                    05:d9:2c:91:f0:7b:41:fb:69:53:b8:86:56:92:5a:
                    7c:37:25:3c:40:6b:6c:ba:a2:9b:b2:e7:07:53:e4:
                    43:7d:65:39:3e:4a:64:1f:f8:bc:dc:bd:36:1e:06:
                    3d:0e:d3:17:87:dc:09:e6:ce:d4:be:06:77:7d:61:
                    77:96:98:20:26:eb:14:ea:e3:f3:f0:7b:d3:e3:70:
                    c8:54:1f:7c:e9:4b:40:fb:b8:a9:00:78:1b:12:0d:
                    6f:cf:01:b9:0c:4e:b6:9c:1d:03:d3:b2:a3:74:1a:
                    d7:63:7e:d2:92:7d:f8:7c:7b:51:66:89:5b:ac:fb:
                    e6:8a:eb:a3:f4:56:b6:61:f6:0f:23:ea:ea:23:6a:
                    50:e1:02:2b:8b:93:ee:1d:cc:e6:1a:ab:23:fa:3e:
                    95:99:e3:2b:ba:f1:a4:4e:e7:87:4a:b8:54:a2:f9:
                    ae:ce:35:89:e4:aa:4c:24:a6:26:8e:8e:7d:01:0a:
                    69:dc:cf:ff:86:fc:5a:ba:30:77:9e:fc:9a:af:a9:
                    bb:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:3F:72:4F:01:3E:01:AE:11:D4:20:18:C9:D5:F3:D7:9E:F4:B1:0F
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/90C08BFA24B311EFB6A948EB7CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:f5:11:e5:31:2c:8b:0f:21:47:3e:b6:34:37:e6:77:bb:79:
         fd:d1:b3:de:0a:fe:b8:b3:7b:e2:55:0b:45:c9:f8:bb:32:73:
         f3:f1:52:42:53:b3:78:89:9a:50:52:1b:85:61:06:37:0b:23:
         0d:9b:4d:f7:84:73:35:d2:1b:07:97:c4:79:90:2b:69:8d:01:
         58:1f:d4:63:8a:ba:07:48:86:8c:0e:fc:c4:05:ff:42:65:54:
         31:a2:65:22:3c:61:81:d8:06:bc:a3:ed:33:c2:e2:3f:d2:de:
         a0:1d:91:74:6f:a9:9d:68:30:9e:3c:07:71:34:a9:8a:e7:9e:
         fe:7a:25:d0:fb:0b:1e:60:2d:2b:78:c9:35:3e:cf:b0:bd:1f:
         5a:18:34:cd:bb:92:e4:4a:22:1e:68:7d:ba:48:d6:7e:41:71:
         4c:0e:f5:05:5d:54:cd:71:b6:1d:b0:fa:88:66:e9:c8:7f:31:
         27:4c:58:b2:62:87:a5:5b:36:fa:b5:3f:45:82:36:7d:80:96:
         53:c3:f5:6a:bd:23:fb:be:32:e5:ae:8f:5c:61:be:40:e2:98:
         c2:68:6c:ab:c8:13:59:6f:a3:ed:3b:51:91:f9:0f:66:b1:7b:
         a8:91:30:55:73:45:5c:73:d4:e9:5d:3e:be:9c:20:d1:db:19:
         82:4f:d8:27
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFsQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA2MDcwOTUxNDhaFw0yNjA2MDcwOTUxNDhaMBgxFjAU
BgNVBAMTDTY2NjJkODM4LThiNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC21WBaV1WvxBMF31BkYGeX5U3g9QedW8ykYGt+AurYzre2ebs/kxw6QgVs
3IqhjDN1lq5ZHvfv7L7jtgXZLJHwe0H7aVO4hlaSWnw3JTxAa2y6opuy5wdT5EN9
ZTk+SmQf+LzcvTYeBj0O0xeH3AnmztS+Bnd9YXeWmCAm6xTq4/Pwe9PjcMhUH3zp
S0D7uKkAeBsSDW/PAbkMTracHQPTsqN0GtdjftKSffh8e1FmiVus++aK66P0VrZh
9g8j6uojalDhAiuLk+4dzOYaqyP6PpWZ4yu68aRO54dKuFSi+a7ONYnkqkwkpiaO
jn0BCmncz/+G/Fq6MHee/JqvqbuhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUBD9y
TwE+Aa4R1CAYydXz1570sQ8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzkwQzA4QkZBMjRCMzExRUZCNkE5NDhFQjdDREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOswDQYJKoZIhvcNAQEL
BQADggEBAEP1EeUxLIsPIUc+tjQ35ne7ef3Rs94K/rize+JVC0XJ+Lsyc/PxUkJT
s3iJmlBSG4VhBjcLIw2bTfeEczXSGweXxHmQK2mNAVgf1GOKugdIhowO/MQF/0Jl
VDGiZSI8YYHYBryj7TPC4j/S3qAdkXRvqZ1oMJ48B3E0qYrnnv56JdD7Cx5gLSt4
yTU+z7C9H1oYNM27kuRKIh5ofbpI1n5BcUwO9QVdVM1xth2w+ohm6ch/MSdMWLJi
h6VbNvq1P0WCNn2AllPD9Wq9I/u+MuWuj1xhvkDimMJobKvIE1lvo+07UZH5D2ax
e6iRMFVzRVxz1OldPr6cINHbGYJP2Cc=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org