Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/99400EB6D54611EEA339048A775412E6.roa
File:                     99400EB6D54611EEA339048A775412E6.roa (raw, json)
Hash identifier:          II9MuMatvUglXPJmnSt2isx6F2HaHmn/V7zHFWz1yFM=
Subject key identifier:   C5:63:18:68:FC:DD:87:BB:9E:BF:A2:2E:D5:5C:9C:DD:01:CD:24:12
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       14E0
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/99400EB6D54611EEA339048A775412E6.roa
Signing time:             Tue 27 Feb 2024 08:02:49 +0000
ROA not before:           Tue 27 Feb 2024 08:02:46 +0000
ROA not after:            Fri 27 Feb 2026 08:02:46 +0000
asID:                     201341
IP address blocks:        154.16.24.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5344 (0x14e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 08:02:46 2024 GMT
            Not After : Feb 27 08:02:46 2026 GMT
        Subject: CN=65dd9729-1a32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a9:7e:e6:85:d5:7b:55:73:21:1d:6a:20:c7:
                    f8:23:10:3f:ec:fa:e8:1d:66:52:86:cb:82:b2:9b:
                    7c:4e:20:08:76:7a:b7:3c:87:b8:91:aa:d1:33:5d:
                    da:31:18:51:43:2e:dc:2c:18:fd:79:cd:ea:ee:46:
                    88:3a:7c:03:fe:43:fc:fb:b7:68:ff:f0:a9:d8:93:
                    3e:94:26:eb:ef:f7:79:15:9a:62:6e:cf:ca:a4:73:
                    c3:57:0b:41:4e:ec:d4:ef:62:0e:e0:e3:df:f4:07:
                    f1:54:79:9d:cc:cf:01:ea:fd:1c:63:83:17:65:fc:
                    4c:c2:40:6d:52:06:1c:ce:67:9e:00:85:66:a0:de:
                    6a:6e:f0:2e:2c:59:18:63:18:20:3c:68:e8:38:48:
                    44:29:62:39:85:51:e0:8d:75:ce:8a:8a:e0:89:3c:
                    1f:26:c6:bd:d5:c7:2b:70:19:fc:8d:51:5c:4a:37:
                    55:7d:00:ac:be:8d:5f:b8:7d:ed:7d:20:19:17:fd:
                    20:0e:4a:df:3b:50:c3:a1:15:fe:d6:27:fa:01:6c:
                    08:d2:02:20:ad:52:ff:23:57:3e:6f:74:81:25:6c:
                    69:36:d0:06:6c:b0:85:d1:35:de:72:e7:82:7c:aa:
                    ef:27:8d:8d:78:17:ba:05:3e:0e:ce:6b:c7:29:ae:
                    79:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:63:18:68:FC:DD:87:BB:9E:BF:A2:2E:D5:5C:9C:DD:01:CD:24:12
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/99400EB6D54611EEA339048A775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:f9:9c:9f:d9:d9:0d:f7:a4:0a:c1:16:e3:c5:33:11:5d:df:
         88:78:b9:f9:e7:8b:c1:67:4a:15:65:c2:70:dc:1d:9d:ee:c6:
         9b:f1:47:55:05:ce:20:ea:03:94:aa:fd:b7:a1:93:97:81:f6:
         d6:ac:85:c7:ef:d3:93:5b:1a:a2:e4:d0:16:d8:58:38:09:06:
         01:e8:b4:f3:67:82:59:23:a5:ab:7e:67:bc:f8:7e:2e:dd:a9:
         99:05:75:2b:16:07:d1:bd:f7:64:82:f0:3d:14:73:90:31:e3:
         1e:23:1a:2c:9e:05:f2:07:f9:ba:4c:52:a9:2a:a5:04:67:7b:
         f6:63:51:9e:81:b3:b7:84:6c:8a:88:76:c1:a0:c3:86:27:12:
         9f:6a:67:3f:37:cf:73:7c:99:3d:58:22:8a:a8:9f:2b:39:2e:
         f3:d3:99:b8:f9:f8:53:f7:64:27:8d:d4:29:b7:43:94:8e:a5:
         c1:0e:8b:80:9c:e9:31:63:42:10:a6:bd:2f:00:f8:f4:1d:6f:
         5c:65:41:9f:f2:b1:ce:a5:6e:03:99:4a:93:f2:a8:76:fe:0e:
         39:fc:79:7f:ca:ea:02:8d:f3:f5:33:fe:82:45:29:3d:52:a7:
         98:35:43:a2:9d:ec:0e:fc:67:e0:21:20:96:43:d8:ce:41:1f:
         ef:de:c6:25
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFOAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwODAyNDZaFw0yNjAyMjcwODAyNDZaMBgxFjAU
BgNVBAMTDTY1ZGQ5NzI5LTFhMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQClqX7mhdV7VXMhHWogx/gjED/s+ugdZlKGy4Kym3xOIAh2erc8h7iRqtEz
XdoxGFFDLtwsGP15zeruRog6fAP+Q/z7t2j/8KnYkz6UJuvv93kVmmJuz8qkc8NX
C0FO7NTvYg7g49/0B/FUeZ3MzwHq/Rxjgxdl/EzCQG1SBhzOZ54AhWag3mpu8C4s
WRhjGCA8aOg4SEQpYjmFUeCNdc6KiuCJPB8mxr3VxytwGfyNUVxKN1V9AKy+jV+4
fe19IBkX/SAOSt87UMOhFf7WJ/oBbAjSAiCtUv8jVz5vdIElbGk20AZssIXRNd5y
54J8qu8njY14F7oFPg7Oa8cprnmtAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxWMY
aPzdh7uev6Iu1Vyc3QHNJBIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzk5NDAwRUI2RDU0NjExRUVBMzM5MDQ4QTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBgwDQYJKoZIhvcNAQEL
BQADggEBABn5nJ/Z2Q33pArBFuPFMxFd34h4ufnni8FnShVlwnDcHZ3uxpvxR1UF
ziDqA5Sq/behk5eB9tashcfv05NbGqLk0BbYWDgJBgHotPNnglkjpat+Z7z4fi7d
qZkFdSsWB9G992SC8D0Uc5Ax4x4jGiyeBfIH+bpMUqkqpQRne/ZjUZ6Bs7eEbIqI
dsGgw4YnEp9qZz83z3N8mT1YIoqonys5LvPTmbj5+FP3ZCeN1Cm3Q5SOpcEOi4Cc
6TFjQhCmvS8A+PQdb1xlQZ/ysc6lbgOZSpPyqHb+Djn8eX/K6gKN8/Uz/oJFKT1S
p5g1Q6Kd7A78Z+AhIJZD2M5BH+/exiU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:56 2024 by rpki-client on console-fra.rpki-client.org