Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/93F5CCCCE86811EEA106EF9E775412E6.roa
File:                     93F5CCCCE86811EEA106EF9E775412E6.roa (raw, json)
Hash identifier:          6g1emVbW3LcupcrQnsQ8adyrjwSMb5T26i8/gZ/lk8U=
Subject key identifier:   17:E9:D0:CB:5B:E1:D2:59:7E:BB:4A:8F:8E:D5:C5:68:69:D6:5A:AD
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       156B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/93F5CCCCE86811EEA106EF9E775412E6.roa
Signing time:             Fri 22 Mar 2024 16:23:55 +0000
ROA not before:           Fri 22 Mar 2024 16:23:52 +0000
ROA not after:            Sun 22 Mar 2026 16:23:52 +0000
asID:                     29802
IP address blocks:        154.16.126.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5483 (0x156b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar 22 16:23:52 2024 GMT
            Not After : Mar 22 16:23:52 2026 GMT
        Subject: CN=65fdb09b-9613
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:5c:f1:7d:d0:d0:3f:fc:55:f8:af:ca:1c:72:
                    35:9b:9a:ee:53:d1:9a:db:e6:58:37:73:f3:b1:57:
                    c4:54:39:4e:df:4a:59:22:f4:0e:a1:02:e1:59:f0:
                    64:4c:2a:6a:5f:66:bd:3e:42:3d:d4:1c:69:a1:1e:
                    ad:ba:34:1c:41:f6:b6:7b:3e:23:f1:08:a1:8c:ef:
                    81:71:2e:f1:dd:2f:df:05:55:3b:35:4f:48:81:58:
                    21:0a:11:06:4f:5d:67:ad:c8:7e:fa:4a:cb:be:72:
                    5e:2b:cf:31:fc:5f:26:9f:b4:6c:fc:35:fc:69:af:
                    c4:0a:a7:1c:b6:de:99:a1:d3:14:0b:ec:41:80:2b:
                    af:9e:0d:e5:64:72:de:0e:92:1a:74:a6:f6:94:72:
                    f2:41:fe:1f:80:15:57:f5:5c:39:55:5d:17:0a:a1:
                    32:54:b6:fa:be:95:48:25:12:76:81:63:be:ff:5b:
                    33:8b:0e:56:84:1a:40:0d:e4:50:c2:26:f1:01:a9:
                    3d:4e:0c:2e:21:08:a5:8e:6b:7f:23:82:2e:bc:5e:
                    18:a7:5e:05:72:de:2f:45:cd:c5:9b:c7:55:fd:5f:
                    4e:e5:e1:6b:61:8f:2a:a0:98:e2:d3:c7:68:e6:89:
                    1f:95:13:be:70:44:33:af:1e:e5:19:06:6e:e7:75:
                    b0:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:E9:D0:CB:5B:E1:D2:59:7E:BB:4A:8F:8E:D5:C5:68:69:D6:5A:AD
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/93F5CCCCE86811EEA106EF9E775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:fc:61:50:52:59:63:c9:c8:15:69:0c:65:9b:b1:08:ed:dd:
         66:c9:59:16:ff:c6:57:2a:1c:82:a7:eb:bf:01:1b:d7:ec:77:
         91:51:b7:48:6f:98:14:85:3c:a1:72:7f:78:ff:d5:99:f4:3a:
         4a:7d:76:61:a2:12:e9:ed:35:60:34:7d:e7:74:a6:3d:0a:5d:
         68:79:d0:6f:38:b8:cf:70:7f:e7:4d:fe:0a:fb:f4:a9:90:e5:
         7a:4d:06:77:1a:59:b8:b0:70:45:0e:8d:e7:ee:cb:32:9e:6f:
         96:d6:c6:74:3e:36:e7:eb:68:49:54:40:6b:7d:6a:c3:f7:52:
         72:42:af:15:03:02:0e:03:27:e7:d3:36:2b:bc:8c:ff:b0:b2:
         80:06:e0:4a:47:76:f2:b2:7a:d7:1c:30:93:2f:d3:bc:9d:0b:
         f2:7a:51:d9:16:e8:c0:d3:52:e9:2d:d0:e3:93:31:68:aa:df:
         c4:92:6f:93:d2:e0:db:55:7b:f5:e8:40:e5:b8:6d:eb:33:e4:
         8f:9d:1b:2e:37:b2:8f:57:7e:52:be:a6:57:02:32:d1:b0:63:
         a7:57:56:7f:c7:7a:7e:6a:8f:db:9f:6a:20:0e:6e:1d:dd:6e:
         98:8f:0f:49:30:84:64:4d:f7:d8:b5:6f:16:44:50:21:df:89:
         87:4a:04:08
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFWswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMjIxNjIzNTJaFw0yNjAzMjIxNjIzNTJaMBgxFjAU
BgNVBAMTDTY1ZmRiMDliLTk2MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDvXPF90NA//FX4r8occjWbmu5T0Zrb5lg3c/OxV8RUOU7fSlki9A6hAuFZ
8GRMKmpfZr0+Qj3UHGmhHq26NBxB9rZ7PiPxCKGM74FxLvHdL98FVTs1T0iBWCEK
EQZPXWetyH76Ssu+cl4rzzH8XyaftGz8Nfxpr8QKpxy23pmh0xQL7EGAK6+eDeVk
ct4Okhp0pvaUcvJB/h+AFVf1XDlVXRcKoTJUtvq+lUglEnaBY77/WzOLDlaEGkAN
5FDCJvEBqT1ODC4hCKWOa38jgi68XhinXgVy3i9FzcWbx1X9X07l4WthjyqgmOLT
x2jmiR+VE75wRDOvHuUZBm7ndbCzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUF+nQ
y1vh0ll+u0qPjtXFaGnWWq0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzkzRjVDQ0NDRTg2ODExRUVBMTA2RUY5RTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEH4wDQYJKoZIhvcNAQEL
BQADggEBAB/8YVBSWWPJyBVpDGWbsQjt3WbJWRb/xlcqHIKn678BG9fsd5FRt0hv
mBSFPKFyf3j/1Zn0Okp9dmGiEuntNWA0fed0pj0KXWh50G84uM9wf+dN/gr79KmQ
5XpNBncaWbiwcEUOjefuyzKeb5bWxnQ+NufraElUQGt9asP3UnJCrxUDAg4DJ+fT
Niu8jP+wsoAG4EpHdvKyetccMJMv07ydC/J6UdkW6MDTUukt0OOTMWiq38SSb5PS
4NtVe/XoQOW4besz5I+dGy43so9XflK+plcCMtGwY6dXVn/Hen5qj9ufaiAObh3d
bpiPD0kwhGRN99i1bxZEUCHfiYdKBAg=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:04 2024 by rpki-client on console-fra.rpki-client.org