Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9D334106B8F911ED848BD2F8F1222468.roa
File:                     9D334106B8F911ED848BD2F8F1222468.roa (raw, json)
Hash identifier:          rxChLYKKgHKBTKKXVKUq8E14HtbKwuVWCwfcfpFv3LQ=
Subject key identifier:   2D:81:A6:A3:A2:A6:A9:78:B6:2D:D4:D0:58:21:8C:07:1B:2E:35:CE
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0CBD
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9D334106B8F911ED848BD2F8F1222468.roa
Signing time:             Thu 02 Mar 2023 12:56:14 +0000
ROA not before:           Thu 02 Mar 2023 12:56:11 +0000
ROA not after:            Sat 01 Mar 2025 12:56:11 +0000
asID:                     61317
IP address blocks:        154.16.238.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3261 (0xcbd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar  2 12:56:11 2023 GMT
            Not After : Mar  1 12:56:11 2025 GMT
        Subject: CN=64009cee-40da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:59:6b:e4:64:2b:6c:fc:18:02:88:ef:cd:09:
                    8f:9c:1b:a9:16:f1:5c:79:f7:40:11:ae:ff:0f:c9:
                    7f:59:07:24:1d:be:3d:30:a8:87:eb:bf:1c:34:f9:
                    30:1c:b0:8d:51:0a:97:56:b1:ab:0e:71:f5:6f:0c:
                    20:63:8f:7c:b2:f2:ae:4b:65:d2:91:c4:08:d7:9d:
                    b1:8a:d1:85:38:ac:87:bd:9c:eb:db:77:99:f2:52:
                    8e:6a:11:30:f3:6a:a9:77:4c:09:08:78:ce:da:0d:
                    bf:b5:e3:bb:17:e3:28:e4:90:05:f5:2d:7f:6c:0d:
                    6d:86:31:8c:dd:3d:ed:68:ef:86:c3:0d:b4:90:3a:
                    38:1a:68:eb:f2:e8:71:77:c3:65:e6:e9:d6:eb:88:
                    c3:ba:61:5e:47:c9:91:66:fd:17:cf:a7:64:6f:89:
                    48:08:06:9d:91:ed:43:b3:2a:dd:26:f6:e1:07:41:
                    d6:69:f4:29:34:95:98:fa:f8:bf:ea:dd:49:60:60:
                    6a:8a:2f:cf:50:ec:7a:6a:da:6c:1f:ce:b6:9d:04:
                    df:cc:63:e7:e7:32:d7:8f:c5:79:94:14:8c:a8:0c:
                    94:d5:7c:59:22:e4:c8:b5:f2:f2:f8:fd:54:65:6a:
                    98:00:da:65:a7:dc:e8:1f:ca:9a:c6:ee:8b:96:29:
                    ea:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:81:A6:A3:A2:A6:A9:78:B6:2D:D4:D0:58:21:8C:07:1B:2E:35:CE
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9D334106B8F911ED848BD2F8F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c2:f4:26:a6:7b:49:a9:5b:15:6d:ed:aa:e3:79:36:49:f7:89:
         82:37:8f:c0:86:c4:76:32:04:ed:41:12:26:5d:19:e5:48:a6:
         a1:7b:ea:80:0a:6f:29:8a:ea:f4:22:7b:ff:de:f1:ec:fd:61:
         dd:5a:f0:58:85:f2:43:a4:4c:73:08:32:2a:be:ed:ac:1b:d6:
         76:e7:09:8e:94:6f:f1:a4:e3:09:92:d8:0a:97:42:fb:bb:23:
         5c:88:21:7f:ed:75:8e:3f:3b:dc:54:1e:3d:99:51:dc:46:b8:
         98:bd:2f:d0:5e:7f:74:18:1f:d6:22:e8:b1:c0:00:24:aa:55:
         37:de:ba:e2:a0:82:ab:67:1f:c1:47:82:0f:77:4d:f1:c6:47:
         11:2c:49:1f:f9:30:27:38:5d:41:69:28:8e:d2:f8:9a:c2:bb:
         50:87:5b:78:4c:6b:ca:62:8f:6e:ba:1d:51:9c:67:10:c1:04:
         fe:c5:cf:5d:52:0f:15:5c:95:f4:d9:a3:a5:f3:b9:36:18:a8:
         14:b4:24:fb:eb:39:fe:40:f0:21:97:36:c4:29:80:76:cb:78:
         10:e5:a6:c7:84:6e:6d:7a:80:e8:55:9f:5b:18:16:7a:5c:0b:
         21:79:0a:3f:34:bf:ed:be:92:91:8e:c2:76:d1:a1:39:4c:b1:
         4b:16:9a:2f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDL0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAzMDIxMjU2MTFaFw0yNTAzMDExMjU2MTFaMBgxFjAU
BgNVBAMMDTY0MDA5Y2VlLTQwZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDZWWvkZCts/BgCiO/NCY+cG6kW8Vx590ARrv8PyX9ZByQdvj0wqIfrvxw0
+TAcsI1RCpdWsasOcfVvDCBjj3yy8q5LZdKRxAjXnbGK0YU4rIe9nOvbd5nyUo5q
ETDzaql3TAkIeM7aDb+147sX4yjkkAX1LX9sDW2GMYzdPe1o74bDDbSQOjgaaOvy
6HF3w2Xm6dbriMO6YV5HyZFm/RfPp2RviUgIBp2R7UOzKt0m9uEHQdZp9Ck0lZj6
+L/q3UlgYGqKL89Q7Hpq2mwfzradBN/MY+fnMtePxXmUFIyoDJTVfFki5Mi18vL4
/VRlapgA2mWn3OgfyprG7ouWKeplAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQULYGm
o6KmqXi2LdTQWCGMBxsuNc4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzlEMzM0MTA2QjhGOTExRUQ4NDhCRDJGOEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEO4wDQYJKoZIhvcNAQEL
BQADggEBAML0JqZ7SalbFW3tquN5Nkn3iYI3j8CGxHYyBO1BEiZdGeVIpqF76oAK
bymK6vQie//e8ez9Yd1a8FiF8kOkTHMIMiq+7awb1nbnCY6Ub/Gk4wmS2AqXQvu7
I1yIIX/tdY4/O9xUHj2ZUdxGuJi9L9Bef3QYH9Yi6LHAACSqVTfeuuKggqtnH8FH
gg93TfHGRxEsSR/5MCc4XUFpKI7S+JrCu1CHW3hMa8pij266HVGcZxDBBP7Fz11S
DxVclfTZo6XzuTYYqBS0JPvrOf5A8CGXNsQpgHbLeBDlpseEbm16gOhVn1sYFnpc
CyF5Cj80v+2+kpGOwnbRoTlMsUsWmi8=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:52:04 2024 by rpki-client on console-fra.rpki-client.org