Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/979487F01C1C11EFA1B8B63A7DDC24C2.roa
File:                     979487F01C1C11EFA1B8B63A7DDC24C2.roa (raw, json)
Hash identifier:          TZb90zNROYvZRR2Ca8mF2bVY9jXIT781lBr8rMLg3O0=
Subject key identifier:   A6:7E:06:12:81:5E:E2:0E:AA:0A:67:67:E1:67:18:C4:23:15:15:CF
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       16A5
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/979487F01C1C11EFA1B8B63A7DDC24C2.roa
Signing time:             Mon 27 May 2024 11:31:00 +0000
ROA not before:           Mon 27 May 2024 11:30:57 +0000
ROA not after:            Sat 30 May 2026 11:30:57 +0000
asID:                     834
IP address blocks:        154.16.179.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5797 (0x16a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 27 11:30:57 2024 GMT
            Not After : May 30 11:30:57 2026 GMT
        Subject: CN=66546ef4-8099
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:6a:1b:0e:a8:6d:3d:74:91:e0:f8:fd:24:e9:
                    95:fa:c9:ae:d6:75:96:16:b3:53:26:4c:9c:05:17:
                    ee:7a:dd:ec:41:6c:88:dc:00:5f:18:06:e4:05:9c:
                    6a:2c:73:44:1b:18:8d:1a:39:db:e0:e7:a7:a4:71:
                    68:d5:46:59:62:ca:5f:a7:57:5b:f7:c0:81:3c:4f:
                    e6:7b:7a:5b:4e:e1:29:f3:ca:86:34:b1:be:2d:67:
                    69:25:72:29:fe:9f:bd:85:cd:11:de:d5:56:97:22:
                    6b:ca:a0:53:89:aa:02:af:33:ac:b9:73:46:45:76:
                    35:32:6a:14:85:04:bf:b0:dd:40:72:74:90:af:20:
                    c9:9e:02:0d:67:aa:0f:3a:a2:9a:e9:f2:d1:d8:78:
                    e8:61:a4:98:4e:34:50:4b:ab:b8:dc:86:69:1f:55:
                    23:22:4d:e7:81:f9:02:5f:f9:90:06:c0:2d:66:0b:
                    7b:2f:c4:9d:a2:59:1a:90:69:a3:ad:1b:87:d2:30:
                    26:fa:6a:61:6e:95:ee:dd:63:46:e8:2b:45:a6:53:
                    18:49:5f:a6:23:1f:ee:86:40:48:61:34:15:f8:69:
                    38:cd:26:81:3a:ac:eb:cc:9b:75:4a:2f:b6:19:f3:
                    38:d1:e1:ff:1e:78:49:ea:27:33:f0:c9:1d:10:ab:
                    75:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:7E:06:12:81:5E:E2:0E:AA:0A:67:67:E1:67:18:C4:23:15:15:CF
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/979487F01C1C11EFA1B8B63A7DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cc:1b:cd:52:b4:2c:ec:5b:f9:5c:3e:ec:2b:2f:72:9c:b9:fd:
         cd:4e:d0:5c:c2:a1:6d:d9:1c:3d:fd:1d:b6:5a:72:02:8a:fc:
         51:a4:bc:0c:26:d0:70:8a:dc:b2:6b:d2:34:f5:92:cc:82:5c:
         5c:cf:2f:dd:63:3e:b3:e0:46:0d:51:4f:a5:9e:8b:8e:70:52:
         05:02:f5:94:32:a7:fc:61:b0:50:09:0d:b2:6f:e2:be:88:d9:
         43:19:3e:36:5e:76:3c:c1:83:06:40:b2:b1:af:98:08:02:be:
         68:41:f3:f8:d5:92:2f:01:ad:93:88:4e:99:88:b1:c0:84:fc:
         4c:13:03:00:6f:b2:cc:b4:b0:67:f9:b7:98:c7:8e:35:9c:9f:
         61:23:b4:d3:c0:53:62:56:6d:e5:62:17:3c:88:c3:12:5a:99:
         61:9e:cf:4a:54:55:5a:39:fb:9b:d8:cc:d4:1e:6f:f0:b8:3a:
         3c:d9:d3:63:c0:8e:de:75:36:55:81:3f:bb:97:05:bc:05:d8:
         65:ec:f9:d1:91:20:54:43:85:9d:a6:7d:f2:fc:9c:75:43:98:
         53:5d:bc:ba:a8:61:e8:73:4c:ba:a1:a5:95:35:d7:0a:a8:a9:
         ed:23:21:d8:9a:4f:21:a0:b3:ae:04:45:cf:a6:ac:19:e8:bc:
         3c:6b:17:92
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFqUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MjcxMTMwNTdaFw0yNjA1MzAxMTMwNTdaMBgxFjAU
BgNVBAMTDTY2NTQ2ZWY0LTgwOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDbahsOqG09dJHg+P0k6ZX6ya7WdZYWs1MmTJwFF+563exBbIjcAF8YBuQF
nGosc0QbGI0aOdvg56ekcWjVRlliyl+nV1v3wIE8T+Z7eltO4SnzyoY0sb4tZ2kl
cin+n72FzRHe1VaXImvKoFOJqgKvM6y5c0ZFdjUyahSFBL+w3UBydJCvIMmeAg1n
qg86oprp8tHYeOhhpJhONFBLq7jchmkfVSMiTeeB+QJf+ZAGwC1mC3svxJ2iWRqQ
aaOtG4fSMCb6amFule7dY0boK0WmUxhJX6YjH+6GQEhhNBX4aTjNJoE6rOvMm3VK
L7YZ8zjR4f8eeEnqJzPwyR0Qq3XdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpn4G
EoFe4g6qCmdn4WcYxCMVFc8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzk3OTQ4N0YwMUMxQzExRUZBMUI4QjYzQTdEREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaELMwDQYJKoZIhvcNAQEL
BQADggEBAMwbzVK0LOxb+Vw+7Csvcpy5/c1O0FzCoW3ZHD39HbZacgKK/FGkvAwm
0HCK3LJr0jT1ksyCXFzPL91jPrPgRg1RT6Wei45wUgUC9ZQyp/xhsFAJDbJv4r6I
2UMZPjZedjzBgwZAsrGvmAgCvmhB8/jVki8BrZOITpmIscCE/EwTAwBvssy0sGf5
t5jHjjWcn2EjtNPAU2JWbeViFzyIwxJamWGez0pUVVo5+5vYzNQeb/C4OjzZ02PA
jt51NlWBP7uXBbwF2GXs+dGRIFRDhZ2mffL8nHVDmFNdvLqoYehzTLqhpZU11wqo
qe0jIdiaTyGgs64ERc+mrBnovDxrF5I=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:44 2024 by rpki-client on console-fra.rpki-client.org