Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9892B98EA01011EE92380645D25BE465.roa
File:                     9892B98EA01011EE92380645D25BE465.roa (raw, json)
Hash identifier:          JLvgvAAXJh7AkQ9l1rJwwKitk4/mdj5rj51EchvTgJE=
Subject key identifier:   A8:98:37:AE:74:48:99:B6:2C:69:56:15:1A:6B:1D:75:66:24:3D:25
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       13EE
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9892B98EA01011EE92380645D25BE465.roa
Signing time:             Thu 21 Dec 2023 14:52:43 +0000
ROA not before:           Thu 21 Dec 2023 14:52:40 +0000
ROA not after:            Sun 21 Dec 2025 14:52:40 +0000
asID:                     400909
IP address blocks:        154.16.18.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5102 (0x13ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Dec 21 14:52:40 2023 GMT
            Not After : Dec 21 14:52:40 2025 GMT
        Subject: CN=6584513b-3e98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:04:4b:0d:f2:48:9e:56:45:ce:df:08:9e:bc:
                    bd:82:fc:b6:87:29:28:cb:b4:b1:fc:dc:df:f4:a4:
                    46:40:43:3d:a7:be:dd:00:7b:56:c1:e0:5e:08:88:
                    bd:f6:e7:89:ce:82:d1:5f:d5:9b:9c:ef:c5:ce:ec:
                    84:1e:a7:15:e3:b1:78:39:fe:f7:be:50:df:2e:31:
                    49:ce:23:7b:35:0d:3d:62:a5:ca:b2:06:1f:c8:77:
                    27:00:9d:01:96:a0:c9:f1:9e:f5:7a:1c:95:cb:51:
                    78:72:ab:af:a5:cf:83:37:4d:1d:c7:84:8a:e9:28:
                    f5:55:73:48:fa:94:17:fb:be:5d:ec:ce:b0:b9:9b:
                    f2:c9:f7:bb:41:c8:b2:33:57:32:d8:0a:65:36:c0:
                    3d:fb:19:db:6d:d6:01:e4:2b:f8:43:b9:60:42:34:
                    9b:4f:34:29:19:d5:f6:fc:9b:28:ae:e8:7d:26:77:
                    77:35:fe:92:a0:02:e2:bb:34:37:2d:4e:38:76:fd:
                    aa:bd:99:e0:ca:a3:86:b6:92:e0:d8:8e:88:be:a1:
                    d7:45:4d:85:c0:e6:ed:76:0d:09:7d:de:cf:a4:4f:
                    6a:ed:25:9f:dd:14:c9:ad:c9:70:10:f5:08:4f:6d:
                    c8:f7:7a:93:21:b7:22:15:4d:45:c8:08:28:31:96:
                    58:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:98:37:AE:74:48:99:B6:2C:69:56:15:1A:6B:1D:75:66:24:3D:25
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9892B98EA01011EE92380645D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:ab:9d:cf:06:09:76:ca:73:c0:d3:71:50:b0:8c:51:a7:46:
         b9:20:e5:6f:6f:9c:6a:bc:91:64:b7:d5:bb:6c:5f:22:9b:86:
         39:6e:dc:a9:1a:64:bc:73:48:b5:ae:11:7e:dd:9f:04:f9:45:
         0e:79:ab:d2:bc:96:8f:15:f5:52:72:1f:46:91:55:b7:4c:b4:
         37:88:28:ea:f9:62:30:54:94:9b:10:bf:d6:51:7b:08:3b:b1:
         46:a6:4d:13:5e:8c:df:ca:70:2e:ab:22:ff:02:ab:24:c9:5b:
         b6:d1:22:b9:ee:f5:9e:05:22:fe:45:bd:d9:f1:3b:a5:74:48:
         ef:c7:e9:c5:53:13:3d:13:78:b8:f2:c3:7a:40:0b:2f:36:d2:
         f4:0c:50:a5:b3:ec:b0:c1:d7:19:f9:9c:6e:13:b6:a9:1b:28:
         5e:f1:74:3a:a1:63:d4:87:08:54:4c:fd:4a:57:78:35:1e:f9:
         ea:78:9f:eb:35:f3:aa:1c:51:73:e9:88:6b:f5:a3:d3:ff:38:
         f6:85:e2:6d:58:52:d3:fd:4c:10:f3:50:29:25:ab:17:ab:9e:
         ea:c2:12:d4:b4:c8:79:10:66:da:77:8b:bb:4b:6e:de:b4:72:
         35:1e:8a:d5:62:1c:b1:60:21:2f:5b:d5:4f:c7:a6:ce:a4:e3:
         33:71:7b:7a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE+4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEyMjExNDUyNDBaFw0yNTEyMjExNDUyNDBaMBgxFjAU
BgNVBAMTDTY1ODQ1MTNiLTNlOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2BEsN8kieVkXO3wievL2C/LaHKSjLtLH83N/0pEZAQz2nvt0Ae1bB4F4I
iL3254nOgtFf1Zuc78XO7IQepxXjsXg5/ve+UN8uMUnOI3s1DT1ipcqyBh/IdycA
nQGWoMnxnvV6HJXLUXhyq6+lz4M3TR3HhIrpKPVVc0j6lBf7vl3szrC5m/LJ97tB
yLIzVzLYCmU2wD37Gdtt1gHkK/hDuWBCNJtPNCkZ1fb8myiu6H0md3c1/pKgAuK7
NDctTjh2/aq9meDKo4a2kuDYjoi+oddFTYXA5u12DQl93s+kT2rtJZ/dFMmtyXAQ
9QhPbcj3epMhtyIVTUXICCgxlliLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUqJg3
rnRImbYsaVYVGmsddWYkPSUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzk4OTJCOThFQTAxMDExRUU5MjM4MDY0NUQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBIwDQYJKoZIhvcNAQEL
BQADggEBAIirnc8GCXbKc8DTcVCwjFGnRrkg5W9vnGq8kWS31btsXyKbhjlu3Kka
ZLxzSLWuEX7dnwT5RQ55q9K8lo8V9VJyH0aRVbdMtDeIKOr5YjBUlJsQv9ZRewg7
sUamTRNejN/KcC6rIv8CqyTJW7bRIrnu9Z4FIv5FvdnxO6V0SO/H6cVTEz0TeLjy
w3pACy820vQMUKWz7LDB1xn5nG4TtqkbKF7xdDqhY9SHCFRM/UpXeDUe+ep4n+s1
86ocUXPpiGv1o9P/OPaF4m1YUtP9TBDzUCklqxernurCEtS0yHkQZtp3i7tLbt60
cjUeitViHLFgIS9b1U/Hps6k4zNxe3o=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:44 2024 by rpki-client on console-fra.rpki-client.org