Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9B34FF6E1BEC11EFA7A0EFF37CDC24C2.roa
File:                     9B34FF6E1BEC11EFA7A0EFF37CDC24C2.roa (raw, json)
Hash identifier:          O8IhTtgmd/5CC4sFW2hXGUKwB5V29cr9Y8/JicQH9S0=
Subject key identifier:   26:FC:D8:B4:08:86:AA:B7:B4:8D:D8:8F:DD:D2:E8:EB:EA:7D:7E:EC
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1692
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9B34FF6E1BEC11EFA7A0EFF37CDC24C2.roa
Signing time:             Mon 27 May 2024 05:47:30 +0000
ROA not before:           Mon 27 May 2024 05:47:27 +0000
ROA not after:            Thu 07 May 2026 05:47:27 +0000
asID:                     834
IP address blocks:        154.16.241.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5778 (0x1692)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 27 05:47:27 2024 GMT
            Not After : May  7 05:47:27 2026 GMT
        Subject: CN=66541e72-bdb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:27:f2:a5:19:92:57:59:cf:55:cd:5c:4c:bd:
                    16:68:37:f4:9a:fa:49:96:0d:e6:0f:ea:34:85:e7:
                    53:b5:d6:3e:11:1a:81:ec:3d:02:47:8a:4c:49:fb:
                    35:a3:b5:c5:d8:11:96:f5:8d:f8:52:ae:ed:ec:a7:
                    e2:4f:82:70:7d:21:51:93:6e:fa:72:4f:fb:42:9a:
                    dd:e7:28:c1:3c:d2:55:0f:f8:80:54:e8:54:a5:ed:
                    5b:98:db:89:02:9e:58:5c:2e:17:5f:f3:f7:b7:8f:
                    b3:bf:6d:af:a8:53:f4:90:aa:a5:01:b6:b3:f6:90:
                    cb:11:3b:76:cf:b9:2e:cb:1c:15:6b:91:31:32:76:
                    a4:16:fb:b8:f1:d1:36:aa:7e:d9:76:0e:a8:7b:57:
                    f2:24:0d:8d:d5:08:e7:0d:50:97:8d:b4:e0:be:c5:
                    78:bd:f8:2e:00:0c:7f:49:d2:6e:c9:3d:3c:ab:24:
                    c9:0c:05:47:95:57:74:12:50:66:2d:da:d7:85:a0:
                    47:ad:27:e7:9a:04:62:9a:b3:86:e8:9e:79:c9:54:
                    56:7a:0e:10:66:5d:2f:80:30:c3:80:3c:83:1b:40:
                    e5:39:71:b7:09:8f:1c:b6:10:e3:96:54:33:59:f4:
                    1e:0b:3d:f1:ea:9d:fc:4b:b1:97:8a:58:d1:82:04:
                    74:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:FC:D8:B4:08:86:AA:B7:B4:8D:D8:8F:DD:D2:E8:EB:EA:7D:7E:EC
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9B34FF6E1BEC11EFA7A0EFF37CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:17:70:d7:a3:60:42:ab:4c:10:bc:4e:db:0f:8f:50:7f:00:
         aa:10:c7:59:66:9e:62:85:05:04:9b:aa:4c:6a:2a:f2:5f:8e:
         bf:70:ae:ae:7e:3a:d0:b9:6a:51:79:24:a2:aa:9d:d0:94:a8:
         df:8f:d1:6d:c7:33:59:34:e2:6f:c8:96:2c:5e:d5:fe:74:9a:
         34:81:9b:57:3a:c2:14:10:8a:67:7f:82:ff:bb:18:44:9b:7f:
         3a:a3:60:17:c4:d4:fc:f4:64:6f:60:43:ac:e9:35:61:9a:c3:
         28:59:42:fa:52:21:88:e4:77:c4:a5:54:72:7f:2f:c4:b4:1c:
         d2:89:1a:4f:6a:4a:2f:22:3c:c7:64:07:69:17:12:79:74:53:
         6c:a9:d5:cd:61:6f:52:97:b9:e8:26:2f:4a:f5:72:cc:3e:7e:
         1d:52:19:ee:78:6b:3f:00:ab:0b:77:3b:53:b7:a7:4a:4a:21:
         c1:f0:0e:d9:82:6a:24:a4:f3:83:0d:32:ae:a9:e7:38:1c:df:
         e3:b9:0d:e2:2c:b5:e4:20:4c:a4:30:11:25:02:e0:8c:fc:7e:
         8d:f7:8d:33:85:65:9e:c1:b8:1d:f2:de:88:9a:62:26:bf:ad:
         c7:37:d4:c2:58:bf:fa:bb:26:d6:68:bc:c0:f9:25:21:3a:4e:
         31:2b:cc:b2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFpIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MjcwNTQ3MjdaFw0yNjA1MDcwNTQ3MjdaMBgxFjAU
BgNVBAMTDTY2NTQxZTcyLWJkYjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAJ/KlGZJXWc9VzVxMvRZoN/Sa+kmWDeYP6jSF51O11j4RGoHsPQJHikxJ
+zWjtcXYEZb1jfhSru3sp+JPgnB9IVGTbvpyT/tCmt3nKME80lUP+IBU6FSl7VuY
24kCnlhcLhdf8/e3j7O/ba+oU/SQqqUBtrP2kMsRO3bPuS7LHBVrkTEydqQW+7jx
0Taqftl2Dqh7V/IkDY3VCOcNUJeNtOC+xXi9+C4ADH9J0m7JPTyrJMkMBUeVV3QS
UGYt2teFoEetJ+eaBGKas4bonnnJVFZ6DhBmXS+AMMOAPIMbQOU5cbcJjxy2EOOW
VDNZ9B4LPfHqnfxLsZeKWNGCBHTTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJvzY
tAiGqre0jdiP3dLo6+p9fuwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzlCMzRGRjZFMUJFQzExRUZBN0EwRUZGMzdDREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPEwDQYJKoZIhvcNAQEL
BQADggEBAH8XcNejYEKrTBC8TtsPj1B/AKoQx1lmnmKFBQSbqkxqKvJfjr9wrq5+
OtC5alF5JKKqndCUqN+P0W3HM1k04m/Ilixe1f50mjSBm1c6whQQimd/gv+7GESb
fzqjYBfE1Pz0ZG9gQ6zpNWGawyhZQvpSIYjkd8SlVHJ/L8S0HNKJGk9qSi8iPMdk
B2kXEnl0U2yp1c1hb1KXuegmL0r1csw+fh1SGe54az8Aqwt3O1O3p0pKIcHwDtmC
aiSk84MNMq6p5zgc3+O5DeIsteQgTKQwESUC4Iz8fo33jTOFZZ7BuB3y3oiaYia/
rcc31MJYv/q7JtZovMD5JSE6TjErzLI=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org