Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9D821DD2F7C211ED8F2BEB8A4AD9E6FC.roa
File:                     9D821DD2F7C211ED8F2BEB8A4AD9E6FC.roa (raw, json)
Hash identifier:          7ojieRaxBO9vvQg3ApCxeerGO8BqJi8o7p+/ovhgsLE=
Subject key identifier:   3E:B2:7D:15:1E:5E:DF:78:8E:06:4B:62:99:AC:43:F5:F9:C9:1A:41
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0DC9
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9D821DD2F7C211ED8F2BEB8A4AD9E6FC.roa
Signing time:             Sun 21 May 2023 10:31:16 +0000
ROA not before:           Sun 21 May 2023 10:31:11 +0000
ROA not after:            Sat 24 May 2025 10:31:11 +0000
asID:                     147176
IP address blocks:        154.16.66.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 21 10:31:11 2023 GMT
            Not After : May 24 10:31:11 2025 GMT
        Subject: CN=6469f2f4-dc3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:80:b2:c6:b8:e1:cc:04:fe:ed:fc:1b:37:d2:
                    78:d7:21:21:8f:8a:44:b7:62:13:7b:50:03:67:81:
                    02:27:b5:d7:80:51:5e:30:81:3f:4a:bb:04:9d:34:
                    43:e0:a4:90:25:d7:88:b2:10:c5:81:bb:41:57:79:
                    68:b4:50:87:d9:60:3d:c8:d3:8e:a1:0f:4f:d5:02:
                    6e:46:86:1a:d9:e5:e7:7d:89:93:18:0a:06:d6:0c:
                    ab:fa:28:92:3e:19:5d:d9:94:6c:8f:6d:0e:c5:3d:
                    ac:74:36:70:11:99:9a:ae:d8:d7:0a:5f:0e:e6:87:
                    ec:29:e9:7e:c8:aa:c3:70:81:e7:84:15:85:96:93:
                    50:83:d8:d6:6b:30:59:6d:e8:05:21:31:4f:75:67:
                    b9:bf:aa:aa:4d:83:1b:de:f1:9e:7a:02:d2:71:2c:
                    e0:03:2b:8b:c8:0e:4d:5f:a8:b4:83:af:48:88:50:
                    29:be:a6:51:1a:8f:c2:67:3e:26:56:a8:a6:1b:8f:
                    db:d5:5e:7c:e8:81:2a:e5:b7:63:48:d3:38:89:53:
                    7e:f0:10:71:4b:e2:97:fc:40:61:ca:23:8d:bb:30:
                    62:e1:18:a8:f8:39:27:7b:2a:15:24:16:b6:01:b2:
                    56:91:50:8f:14:f2:aa:50:f9:8c:ad:ed:68:a0:ff:
                    e3:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:B2:7D:15:1E:5E:DF:78:8E:06:4B:62:99:AC:43:F5:F9:C9:1A:41
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9D821DD2F7C211ED8F2BEB8A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:15:a3:43:61:92:cc:4d:2b:c0:9d:4b:c7:42:3d:8a:a4:93:
         e4:3b:bc:64:25:54:a0:86:e1:a0:82:a1:d1:ee:21:f9:f0:8f:
         f5:dc:e7:60:dc:e2:42:ba:88:df:0f:98:a7:f3:82:e9:2f:2c:
         77:18:8a:8f:ca:9a:96:65:fc:fd:c1:3d:46:7d:39:1c:d5:8e:
         3b:ae:40:3d:df:17:96:2b:8a:01:8c:2b:d6:72:f5:aa:a6:87:
         62:9e:40:6d:68:65:80:7a:cc:c5:8c:a0:36:39:7a:17:17:74:
         4a:ba:a2:38:f5:5f:ab:39:19:08:8d:ff:45:64:0f:0b:44:62:
         e7:88:4a:26:74:f5:22:36:aa:18:82:4a:79:90:dd:e4:a3:f6:
         07:3a:d9:b3:55:4b:c3:61:ce:1c:05:11:55:53:bf:30:e2:d7:
         40:06:e3:f5:5e:3c:59:ed:8d:d4:05:66:bc:41:3d:96:10:42:
         f7:19:80:bb:71:8f:6d:cc:ad:02:9f:47:a8:be:24:a5:af:ab:
         d9:49:b6:69:31:90:e2:b3:77:e5:05:68:ce:58:3f:49:75:ba:
         3d:3e:d9:e6:c3:8a:f0:30:ee:7f:15:a7:3a:f5:11:ab:30:87:
         42:a8:5f:8d:25:52:58:d7:42:f3:7a:e8:7d:e9:1c:51:6b:4c:
         b0:13:4a:2d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDckwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA1MjExMDMxMTFaFw0yNTA1MjQxMDMxMTFaMBgxFjAU
BgNVBAMTDTY0NjlmMmY0LWRjM2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAgLLGuOHMBP7t/Bs30njXISGPikS3YhN7UANngQIntdeAUV4wgT9KuwSd
NEPgpJAl14iyEMWBu0FXeWi0UIfZYD3I046hD0/VAm5GhhrZ5ed9iZMYCgbWDKv6
KJI+GV3ZlGyPbQ7FPax0NnARmZqu2NcKXw7mh+wp6X7IqsNwgeeEFYWWk1CD2NZr
MFlt6AUhMU91Z7m/qqpNgxve8Z56AtJxLOADK4vIDk1fqLSDr0iIUCm+plEaj8Jn
PiZWqKYbj9vVXnzogSrlt2NI0ziJU37wEHFL4pf8QGHKI427MGLhGKj4OSd7KhUk
FrYBslaRUI8U8qpQ+Yyt7Wig/+ORAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPrJ9
FR5e33iOBktimaxD9fnJGkEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzlEODIxREQyRjdDMjExRUQ4RjJCRUI4QTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEIwDQYJKoZIhvcNAQEL
BQADggEBAIUVo0NhksxNK8CdS8dCPYqkk+Q7vGQlVKCG4aCCodHuIfnwj/Xc52Dc
4kK6iN8PmKfzgukvLHcYio/KmpZl/P3BPUZ9ORzVjjuuQD3fF5YrigGMK9Zy9aqm
h2KeQG1oZYB6zMWMoDY5ehcXdEq6ojj1X6s5GQiN/0VkDwtEYueISiZ09SI2qhiC
SnmQ3eSj9gc62bNVS8NhzhwFEVVTvzDi10AG4/VePFntjdQFZrxBPZYQQvcZgLtx
j23MrQKfR6i+JKWvq9lJtmkxkOKzd+UFaM5YP0l1uj0+2ebDivAw7n8Vpzr1Easw
h0KoX40lUljXQvN66H3pHFFrTLATSi0=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org