Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/970459868E8311EEA2EDFDDD7D84E21B.roa
File:                     970459868E8311EEA2EDFDDD7D84E21B.roa (raw, json)
Hash identifier:          Y1FS7fDx/JLz9ehRaJzBCyBR8Rs++suKmEu03vUHMwg=
Subject key identifier:   87:F6:17:7D:1D:71:79:4E:D7:3F:AC:5F:D2:5E:9E:CB:77:31:56:45
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       13A8
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/970459868E8311EEA2EDFDDD7D84E21B.roa
Signing time:             Wed 29 Nov 2023 06:50:32 +0000
ROA not before:           Wed 29 Nov 2023 06:50:29 +0000
ROA not after:            Sat 29 Nov 2025 06:50:29 +0000
asID:                     3356
IP address blocks:        154.16.160.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5032 (0x13a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 29 06:50:29 2023 GMT
            Not After : Nov 29 06:50:29 2025 GMT
        Subject: CN=6566df38-5cd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b2:84:10:72:73:cd:7b:ba:3d:f0:27:0d:54:
                    3d:e3:f9:f5:f6:d0:55:4c:87:f2:a9:55:07:26:41:
                    58:9f:85:d4:f7:f7:15:75:69:8d:8d:f7:04:c9:71:
                    f2:00:4a:f7:db:3f:32:c8:12:09:fb:13:1b:8d:7c:
                    7f:31:dd:fe:e6:49:23:67:1a:3d:12:df:cf:fd:f3:
                    75:29:c2:82:9c:14:b9:fc:80:e4:92:64:b9:87:3e:
                    a0:d4:42:8e:b2:e9:63:94:e1:68:4a:41:6a:7a:3f:
                    35:8a:12:85:10:03:58:db:6b:70:4c:68:64:9d:a5:
                    ff:1e:0b:6c:1b:f1:ac:04:e0:86:d1:16:77:1f:40:
                    46:06:ab:be:0a:4f:8c:c8:f1:4f:d8:a1:81:1f:80:
                    2a:09:0d:7a:28:f4:a9:f5:4a:3b:3c:0b:18:fd:f2:
                    8c:23:e8:f2:a2:ba:31:91:ae:ce:a2:80:96:40:88:
                    a0:54:a5:24:43:ca:b7:bc:a9:63:61:8e:79:c0:e0:
                    e9:98:30:8b:b7:2e:7e:59:08:23:76:84:01:c4:1b:
                    99:b9:f2:68:8c:9f:62:ed:2f:a6:85:80:b3:8b:f2:
                    a6:f1:7c:85:31:8a:0e:96:43:34:15:24:36:54:26:
                    15:50:1b:28:6f:ef:15:a6:a0:70:eb:83:45:00:d3:
                    88:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:F6:17:7D:1D:71:79:4E:D7:3F:AC:5F:D2:5E:9E:CB:77:31:56:45
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/970459868E8311EEA2EDFDDD7D84E21B.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:4c:9b:e2:e2:a9:75:79:a2:09:e0:54:5b:00:5e:24:07:b0:
         c4:03:b6:71:30:69:d7:33:00:ca:4c:3f:05:98:41:08:fe:53:
         10:7b:63:56:3e:4f:45:8c:cb:cc:9c:9b:84:71:9c:57:be:1b:
         a7:a2:3f:b5:d3:f6:00:18:3c:7b:b9:03:b5:70:54:12:4d:8f:
         d6:09:93:cd:c7:83:52:39:1a:51:21:b6:0c:5b:02:fd:e0:41:
         de:f1:a5:ea:f8:b2:0b:fb:39:77:70:f7:d3:53:a9:5d:43:5e:
         14:66:a5:66:ff:70:36:88:33:76:43:df:87:18:41:cf:00:6a:
         87:38:b7:e4:fa:e1:b5:a9:6c:f6:b2:0e:8a:ee:6b:6b:24:c5:
         60:80:e4:a5:29:dd:72:3d:61:00:68:12:a0:ab:d1:73:5e:ea:
         18:99:af:ce:b0:90:bc:99:13:bf:28:bf:c4:f2:f3:8d:55:6d:
         2e:90:3c:53:94:49:bd:9e:8c:43:3f:e6:6a:f3:c9:ab:8b:60:
         52:ff:d8:2a:ae:b2:2f:20:8c:b8:66:8d:72:21:39:a5:8d:41:
         a4:72:e7:09:fc:f8:51:55:dc:76:78:c0:9c:17:50:14:b5:c2:
         64:f8:72:56:c1:97:8b:90:49:96:75:e0:20:7a:f1:8e:d7:e7:
         72:97:b7:7b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE6gwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjkwNjUwMjlaFw0yNTExMjkwNjUwMjlaMBgxFjAU
BgNVBAMTDTY1NjZkZjM4LTVjZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCasoQQcnPNe7o98CcNVD3j+fX20FVMh/KpVQcmQVifhdT39xV1aY2N9wTJ
cfIASvfbPzLIEgn7ExuNfH8x3f7mSSNnGj0S38/983UpwoKcFLn8gOSSZLmHPqDU
Qo6y6WOU4WhKQWp6PzWKEoUQA1jba3BMaGSdpf8eC2wb8awE4IbRFncfQEYGq74K
T4zI8U/YoYEfgCoJDXoo9Kn1Sjs8Cxj98owj6PKiujGRrs6igJZAiKBUpSRDyre8
qWNhjnnA4OmYMIu3Ln5ZCCN2hAHEG5m58miMn2LtL6aFgLOL8qbxfIUxig6WQzQV
JDZUJhVQGyhv7xWmoHDrg0UA04gZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUh/YX
fR1xeU7XP6xf0l6ey3cxVkUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzk3MDQ1OTg2OEU4MzExRUVBMkVERkRERDdEODRFMjFCLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEKAwDQYJKoZIhvcNAQEL
BQADggEBAG9Mm+LiqXV5ogngVFsAXiQHsMQDtnEwadczAMpMPwWYQQj+UxB7Y1Y+
T0WMy8ycm4RxnFe+G6eiP7XT9gAYPHu5A7VwVBJNj9YJk83Hg1I5GlEhtgxbAv3g
Qd7xper4sgv7OXdw99NTqV1DXhRmpWb/cDaIM3ZD34cYQc8Aaoc4t+T64bWpbPay
Dorua2skxWCA5KUp3XI9YQBoEqCr0XNe6hiZr86wkLyZE78ov8Ty841VbS6QPFOU
Sb2ejEM/5mrzyauLYFL/2Cqusi8gjLhmjXIhOaWNQaRy5wn8+FFV3HZ4wJwXUBS1
wmT4clbBl4uQSZZ14CB68Y7X53KXt3s=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:04 2024 by rpki-client on console-fra.rpki-client.org