Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9B00EAE046C211ED91CD1FA4F1222468.roa
File:                     9B00EAE046C211ED91CD1FA4F1222468.roa (raw, json)
Hash identifier:          vQ2nKSApt8bfaYkO1YI/Xjw7yXfzDevCK+0sPfAjVHw=
Subject key identifier:   23:A6:E1:81:4A:5D:65:17:E2:5D:88:C9:C7:A5:58:53:AF:92:69:40
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       09EA
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9B00EAE046C211ED91CD1FA4F1222468.roa
Signing time:             Sat 08 Oct 2022 04:35:16 +0000
ROA not before:           Sat 08 Oct 2022 04:35:10 +0000
ROA not after:            Wed 09 Oct 2024 04:35:10 +0000
asID:                     18345
IP address blocks:        154.16.81.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2538 (0x9ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct  8 04:35:10 2022 GMT
            Not After : Oct  9 04:35:10 2024 GMT
        Subject: CN=6340fe04-3ca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:39:17:bc:73:55:1b:37:2b:98:91:63:4a:41:
                    b3:cf:1e:f4:07:75:0a:4d:e4:43:0c:c2:b0:9a:52:
                    7c:d1:33:c3:38:5c:45:a8:6d:89:70:b6:3e:8c:56:
                    0e:22:05:d7:88:c6:0a:6b:0f:8a:fb:3a:cd:f2:3a:
                    dd:db:4a:64:2a:de:2b:1d:b2:e2:4f:ff:68:ed:60:
                    b2:07:63:80:10:ba:1e:82:01:0b:13:42:98:73:28:
                    53:a3:5a:6d:9b:a9:49:7f:6d:82:0a:23:e3:d6:83:
                    55:22:1b:08:70:2a:a3:b8:df:30:81:fb:96:c0:71:
                    82:4a:9d:9f:f7:e7:f1:0f:3c:8d:3f:c9:b0:93:72:
                    ef:36:25:e1:00:60:62:ca:b4:fd:66:82:fe:99:2c:
                    61:2d:98:7d:8a:52:86:3c:eb:b9:24:c2:0f:f5:14:
                    af:0e:2f:67:be:43:9b:c0:4c:fc:4e:f3:b3:b8:e9:
                    67:b5:67:d5:e8:3b:bc:e5:65:9a:9d:06:88:7a:65:
                    a6:b0:b1:a6:07:6b:b8:6d:53:89:e7:a6:8f:1c:fc:
                    b1:59:a3:67:ce:0d:0e:1d:15:0f:1b:9d:23:f0:db:
                    ab:7a:a2:59:0b:f0:2d:f2:4d:da:e5:5f:d1:42:25:
                    57:a8:93:30:9f:79:d0:8a:9c:2f:10:89:ab:dd:33:
                    59:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:A6:E1:81:4A:5D:65:17:E2:5D:88:C9:C7:A5:58:53:AF:92:69:40
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9B00EAE046C211ED91CD1FA4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:f8:b1:e5:19:16:73:af:be:2f:f8:b3:60:53:d4:0c:ca:03:
         a9:c5:4c:f0:83:cf:49:e3:05:0e:42:5e:18:78:48:1e:a2:72:
         ed:a3:ee:f4:33:f8:7a:f1:e3:6f:bd:50:66:5f:ba:40:73:50:
         7a:9a:91:36:0c:4e:a0:01:84:c4:e8:ee:57:fa:8d:be:9c:2c:
         13:6c:ae:ca:de:ec:0c:8d:b6:f5:ba:c4:5e:13:2b:04:05:69:
         ac:dc:dd:97:f5:82:4c:00:30:8e:e0:58:7a:7d:cb:6e:fc:bb:
         ea:be:de:2e:67:7b:c3:89:f8:16:9c:f6:67:f1:36:d4:6c:e5:
         92:e2:a2:9b:59:6c:d1:17:c0:da:76:bf:27:90:3b:aa:e8:05:
         a3:4d:fc:5a:77:1a:f2:85:91:75:63:a5:27:5a:59:a6:3e:21:
         e6:89:db:1d:84:fc:ed:14:0b:09:87:ed:63:a2:d4:4c:f3:65:
         c8:40:d2:34:f0:50:8b:29:98:6b:a4:6d:d1:a6:c5:1d:a8:1a:
         73:c0:70:57:38:9f:14:ec:74:b2:42:d1:0f:cc:7e:31:e1:f0:
         17:4d:a2:5f:ef:cf:2e:9d:fe:aa:58:4a:ed:a1:5a:de:e8:aa:
         30:90:00:5a:5d:3a:2d:3b:66:f2:aa:00:2b:88:ba:bd:1a:6c:
         2f:6c:76:9a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCeowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMDgwNDM1MTBaFw0yNDEwMDkwNDM1MTBaMBgxFjAU
BgNVBAMMDTYzNDBmZTA0LTNjYTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzORe8c1UbNyuYkWNKQbPPHvQHdQpN5EMMwrCaUnzRM8M4XEWobYlwtj6M
Vg4iBdeIxgprD4r7Os3yOt3bSmQq3isdsuJP/2jtYLIHY4AQuh6CAQsTQphzKFOj
Wm2bqUl/bYIKI+PWg1UiGwhwKqO43zCB+5bAcYJKnZ/35/EPPI0/ybCTcu82JeEA
YGLKtP1mgv6ZLGEtmH2KUoY867kkwg/1FK8OL2e+Q5vATPxO87O46We1Z9XoO7zl
ZZqdBoh6ZaawsaYHa7htU4nnpo8c/LFZo2fODQ4dFQ8bnSPw26t6olkL8C3yTdrl
X9FCJVeokzCfedCKnC8QiavdM1mJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUI6bh
gUpdZRfiXYjJx6VYU6+SaUAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzlCMDBFQUUwNDZDMjExRUQ5MUNEMUZBNEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFEwDQYJKoZIhvcNAQEL
BQADggEBAKb4seUZFnOvvi/4s2BT1AzKA6nFTPCDz0njBQ5CXhh4SB6icu2j7vQz
+Hrx42+9UGZfukBzUHqakTYMTqABhMTo7lf6jb6cLBNsrsre7AyNtvW6xF4TKwQF
aazc3Zf1gkwAMI7gWHp9y278u+q+3i5ne8OJ+Bac9mfxNtRs5ZLioptZbNEXwNp2
vyeQO6roBaNN/Fp3GvKFkXVjpSdaWaY+IeaJ2x2E/O0UCwmH7WOi1EzzZchA0jTw
UIspmGukbdGmxR2oGnPAcFc4nxTsdLJC0Q/MfjHh8BdNol/vzy6d/qpYSu2hWt7o
qjCQAFpdOi07ZvKqACuIur0abC9sdpo=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:32:54 2024 by rpki-client on console-fra.rpki-client.org