Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9D1ABC048B8411EEBF5B9B154AD9E6FC.roa
File:                     9D1ABC048B8411EEBF5B9B154AD9E6FC.roa (raw, json)
Hash identifier:          6XNkQFhMk+tsMvX/B0XaWlOVRQ4EAfAakhaIKJALZ8w=
Subject key identifier:   9B:B1:34:40:CF:EB:50:A0:28:98:72:04:67:69:FB:4F:E4:91:91:8F
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1359
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9D1ABC048B8411EEBF5B9B154AD9E6FC.roa
Signing time:             Sat 25 Nov 2023 11:20:18 +0000
ROA not before:           Sat 25 Nov 2023 11:20:15 +0000
ROA not after:            Tue 25 Nov 2025 11:20:15 +0000
asID:                     212238
IP address blocks:        154.16.23.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4953 (0x1359)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 25 11:20:15 2023 GMT
            Not After : Nov 25 11:20:15 2025 GMT
        Subject: CN=6561d872-606c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:9f:bf:0f:76:ae:6c:ec:4b:68:81:92:b8:bc:
                    08:7e:ad:5f:9b:5b:fb:24:6c:65:81:8a:d5:ed:f9:
                    2f:cf:42:d5:19:05:15:2f:6d:7c:9f:05:6e:e4:7a:
                    2a:9f:77:18:94:17:78:9b:26:80:32:7e:b5:5b:9e:
                    2f:63:1a:0a:85:56:b9:e6:3f:0a:d2:7b:4a:b0:f2:
                    67:74:ba:e8:ee:e1:f4:91:ef:f1:e5:b5:45:fe:73:
                    af:88:20:3f:a2:27:b2:6c:6c:9c:88:7e:64:d8:3a:
                    bd:4b:a7:b8:a0:d3:aa:2a:e7:a2:f5:38:c7:20:5a:
                    33:8c:47:d8:ba:a4:5c:9c:af:ef:c1:f8:9d:6d:f8:
                    6a:f8:37:6b:93:f3:82:99:71:b0:f5:38:24:c0:de:
                    c7:40:50:08:b8:7f:65:94:4a:8a:74:56:09:6d:dc:
                    7e:7d:d1:e2:62:ed:e8:5e:88:f7:ca:5d:55:42:27:
                    0a:48:8d:8e:ce:6a:82:15:e7:5e:3d:bb:f6:8b:fc:
                    1e:7c:e0:39:43:c8:85:1d:0f:fa:e2:9f:97:81:35:
                    d0:76:dd:5c:3f:23:b1:6d:f7:6e:8c:57:a6:49:c8:
                    69:11:da:e6:a1:e8:94:60:4a:dc:dc:29:c4:b0:9f:
                    55:cd:2f:e7:fa:29:b8:9a:90:f0:9b:ed:c0:6a:70:
                    aa:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:B1:34:40:CF:EB:50:A0:28:98:72:04:67:69:FB:4F:E4:91:91:8F
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9D1ABC048B8411EEBF5B9B154AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:03:dd:ee:64:98:ca:58:7d:bc:13:c8:65:fc:5f:5f:75:31:
         25:6b:90:8c:c6:f6:5b:f4:da:0c:59:56:20:05:71:0d:e7:24:
         71:45:30:c5:86:08:b3:00:45:61:be:92:d5:ac:c0:19:9e:8b:
         82:6b:c7:60:eb:89:55:ce:23:c2:08:48:4e:a5:e4:5d:31:3b:
         ce:09:21:ac:42:ff:68:39:df:9c:e4:da:63:a2:7b:81:9a:dd:
         12:18:82:2c:4d:37:55:38:87:98:db:e2:f0:f9:cf:90:16:ea:
         d4:fe:42:1e:2e:6b:bd:00:37:97:fc:57:39:4e:ac:40:cc:25:
         c2:22:57:b8:25:13:62:ce:ae:7f:f0:73:ad:91:ee:89:c6:2c:
         e3:ef:1e:c6:a6:96:f7:7c:ab:04:8e:8d:d9:e7:51:35:53:63:
         8e:67:9d:5a:0e:39:60:23:b0:0e:43:c9:0d:cd:c4:b9:27:cf:
         34:69:46:4f:a1:2b:b4:ec:48:d8:81:c0:ff:2d:18:d5:35:c1:
         e2:cb:a2:bd:51:32:83:18:6e:ff:15:cc:7e:75:1c:7e:81:70:
         07:d1:ea:d6:24:69:03:de:df:3c:e3:1f:ef:f9:3e:03:66:3e:
         de:6e:50:f8:a5:87:ff:ef:89:aa:b8:ad:3b:05:f5:e8:f8:4e:
         7b:d4:e8:7f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE1kwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTIwMTVaFw0yNTExMjUxMTIwMTVaMBgxFjAU
BgNVBAMTDTY1NjFkODcyLTYwNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDZn78Pdq5s7EtogZK4vAh+rV+bW/skbGWBitXt+S/PQtUZBRUvbXyfBW7k
eiqfdxiUF3ibJoAyfrVbni9jGgqFVrnmPwrSe0qw8md0uuju4fSR7/HltUX+c6+I
ID+iJ7JsbJyIfmTYOr1Lp7ig06oq56L1OMcgWjOMR9i6pFycr+/B+J1t+Gr4N2uT
84KZcbD1OCTA3sdAUAi4f2WUSop0Vglt3H590eJi7eheiPfKXVVCJwpIjY7OaoIV
5149u/aL/B584DlDyIUdD/rin5eBNdB23Vw/I7Ft926MV6ZJyGkR2uah6JRgStzc
KcSwn1XNL+f6KbiakPCb7cBqcKptAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUm7E0
QM/rUKAomHIEZ2n7T+SRkY8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzlEMUFCQzA0OEI4NDExRUVCRjVCOUIxNTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBcwDQYJKoZIhvcNAQEL
BQADggEBAGsD3e5kmMpYfbwTyGX8X191MSVrkIzG9lv02gxZViAFcQ3nJHFFMMWG
CLMARWG+ktWswBmei4Jrx2DriVXOI8IISE6l5F0xO84JIaxC/2g535zk2mOie4Ga
3RIYgixNN1U4h5jb4vD5z5AW6tT+Qh4ua70AN5f8VzlOrEDMJcIiV7glE2LOrn/w
c62R7onGLOPvHsamlvd8qwSOjdnnUTVTY45nnVoOOWAjsA5DyQ3NxLknzzRpRk+h
K7TsSNiBwP8tGNU1weLLor1RMoMYbv8VzH51HH6BcAfR6tYkaQPe3zzjH+/5PgNm
Pt5uUPilh//viaq4rTsF9ej4TnvU6H8=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:04 2024 by rpki-client on console-fra.rpki-client.org