Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/99293B2A004C11EE8126D9784AD9E6FC.roa
File:                     99293B2A004C11EE8126D9784AD9E6FC.roa (raw, json)
Hash identifier:          KVGP24uz6Fmb4PaEKKrBhrgfRNUNzIU7LOIlfHJPNtc=
Subject key identifier:   49:B6:BD:C9:CE:67:EF:DD:1E:E8:FE:1A:FE:2E:18:A3:93:B2:C4:1D
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0E6B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/99293B2A004C11EE8126D9784AD9E6FC.roa
Signing time:             Thu 01 Jun 2023 07:19:08 +0000
ROA not before:           Thu 01 Jun 2023 07:19:05 +0000
ROA not after:            Sun 01 Jun 2025 07:19:05 +0000
asID:                     834
IP address blocks:        154.16.26.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Jul 2023 00:03:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3691 (0xe6b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun  1 07:19:05 2023 GMT
            Not After : Jun  1 07:19:05 2025 GMT
        Subject: CN=6478466c-082d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:97:2f:98:16:18:c4:32:1e:e7:f7:15:1b:ec:
                    0a:1a:42:14:6b:20:be:4a:55:06:4c:8b:e3:e1:ac:
                    7a:8c:2b:83:86:90:a8:17:f2:73:74:b5:77:04:81:
                    33:de:76:28:13:2d:d7:6b:8d:90:fd:52:66:0e:e0:
                    01:b9:ce:9d:bc:6d:d3:03:76:52:b9:00:44:1b:ea:
                    a7:f6:88:88:f7:e8:75:c1:c3:75:c4:cd:23:2f:d2:
                    ef:29:77:b8:1d:3c:74:de:69:1f:21:c1:69:16:6d:
                    f0:8c:47:c8:c2:6b:69:a2:ed:9e:9b:58:6d:f3:3d:
                    29:3f:8f:f1:ee:20:29:9c:60:a6:bd:7f:bd:d5:86:
                    32:d0:8a:1e:2d:6f:05:55:fa:e3:6b:a5:85:92:e3:
                    8c:79:e5:05:ae:71:f6:b1:5c:d0:6f:3b:3b:3c:93:
                    96:1f:bf:46:e1:8d:ab:99:21:30:30:db:44:99:e6:
                    70:20:87:5f:88:5b:80:22:b1:19:8e:b8:72:30:06:
                    81:23:87:13:67:7f:64:58:bb:ca:05:43:d9:e8:18:
                    ef:cb:64:1b:cd:7b:67:9f:a9:45:99:c1:9c:b8:fe:
                    4c:49:49:6f:7c:af:f0:42:d0:ab:b3:e6:e8:8e:3e:
                    4d:8e:5c:14:da:cd:aa:02:da:9c:33:6c:ab:1e:77:
                    6e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:B6:BD:C9:CE:67:EF:DD:1E:E8:FE:1A:FE:2E:18:A3:93:B2:C4:1D
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/99293B2A004C11EE8126D9784AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:11:b0:78:e3:ec:6e:60:10:46:a8:e8:97:bd:07:3e:34:cc:
         8d:3e:6b:36:51:31:ce:ca:d9:96:6f:5a:20:c2:bd:c3:31:9a:
         66:91:e6:6e:d3:75:a8:ce:92:dd:2d:07:43:41:b7:36:ab:36:
         89:29:26:f2:a0:f8:37:69:3b:7e:d5:15:82:bb:50:30:dd:36:
         87:ba:9e:78:a1:e1:13:33:36:b6:71:d6:ef:3c:d1:e1:e2:1a:
         39:98:2b:78:87:b1:02:ab:b3:21:81:53:f8:6a:3b:18:e5:5d:
         3a:8a:0f:db:98:30:42:39:c1:07:50:0a:ca:a3:9e:63:03:a0:
         41:39:8c:09:99:e8:27:95:75:30:43:8d:da:7a:6f:16:50:8c:
         3d:c3:5f:a2:a0:17:fb:db:9c:bd:c1:1a:db:5e:b1:43:1f:40:
         91:6c:28:4d:3c:69:0c:51:07:b8:0c:4c:25:e5:96:5a:c9:91:
         9e:93:7b:fb:b6:f3:fa:42:55:58:5f:41:a9:cb:c5:16:72:15:
         23:c4:99:5e:d2:50:71:3e:31:ec:45:fd:31:6d:71:d7:cf:2d:
         c7:d3:2a:17:34:62:c5:21:6f:f0:fc:fa:52:c0:c5:27:35:ee:
         5d:4b:a3:fd:9b:9f:8b:2a:8e:25:52:73:46:17:99:f2:ac:df:
         33:5a:ad:a7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDmswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MDEwNzE5MDVaFw0yNTA2MDEwNzE5MDVaMBgxFjAU
BgNVBAMTDTY0Nzg0NjZjLTA4MmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDTly+YFhjEMh7n9xUb7AoaQhRrIL5KVQZMi+PhrHqMK4OGkKgX8nN0tXcE
gTPedigTLddrjZD9UmYO4AG5zp28bdMDdlK5AEQb6qf2iIj36HXBw3XEzSMv0u8p
d7gdPHTeaR8hwWkWbfCMR8jCa2mi7Z6bWG3zPSk/j/HuICmcYKa9f73VhjLQih4t
bwVV+uNrpYWS44x55QWucfaxXNBvOzs8k5Yfv0bhjauZITAw20SZ5nAgh1+IW4Ai
sRmOuHIwBoEjhxNnf2RYu8oFQ9noGO/LZBvNe2efqUWZwZy4/kxJSW98r/BC0Kuz
5uiOPk2OXBTazaoC2pwzbKsed26bAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUSba9
yc5n790e6P4a/i4Yo5OyxB0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzk5MjkzQjJBMDA0QzExRUU4MTI2RDk3ODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBowDQYJKoZIhvcNAQEL
BQADggEBAEcRsHjj7G5gEEao6Je9Bz40zI0+azZRMc7K2ZZvWiDCvcMxmmaR5m7T
dajOkt0tB0NBtzarNokpJvKg+DdpO37VFYK7UDDdNoe6nnih4RMzNrZx1u880eHi
GjmYK3iHsQKrsyGBU/hqOxjlXTqKD9uYMEI5wQdQCsqjnmMDoEE5jAmZ6CeVdTBD
jdp6bxZQjD3DX6KgF/vbnL3BGttesUMfQJFsKE08aQxRB7gMTCXlllrJkZ6Te/u2
8/pCVVhfQanLxRZyFSPEmV7SUHE+MexF/TFtcdfPLcfTKhc0YsUhb/D8+lLAxSc1
7l1Lo/2bn4sqjiVSc0YXmfKs3zNarac=
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:34:10 2023 by rpki-client on console-ams.rpki-client.org