Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9EFAB6B8FB1511EE971CC04F017001B1.roa
File:                     9EFAB6B8FB1511EE971CC04F017001B1.roa (raw, json)
Hash identifier:          DQoavtCrdEhjuYI7TKsn0hmD6h3XjUnx11B6R/FZXWQ=
Subject key identifier:   68:CB:A9:DC:1F:B8:DE:41:87:D4:14:EE:54:D6:F3:F7:08:22:78:4A
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       15C3
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9EFAB6B8FB1511EE971CC04F017001B1.roa
Signing time:             Mon 15 Apr 2024 10:47:58 +0000
ROA not before:           Mon 15 Apr 2024 10:47:54 +0000
ROA not after:            Wed 15 Apr 2026 10:47:54 +0000
asID:                     48925
IP address blocks:        154.16.52.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5571 (0x15c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 15 10:47:54 2024 GMT
            Not After : Apr 15 10:47:54 2026 GMT
        Subject: CN=661d05dd-954f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:b8:79:e6:e0:e8:9a:d0:d0:fb:a5:3d:4a:45:
                    ca:7a:18:ca:cb:ee:4e:2a:e1:ef:45:6c:81:0e:83:
                    18:08:32:9b:88:b6:9f:b0:40:ac:ed:b9:c2:c1:4d:
                    d4:ed:20:3e:5f:6f:36:de:15:e7:59:54:c7:a3:c0:
                    be:f7:a2:43:0e:1b:fe:6c:49:24:a2:66:4a:94:06:
                    e3:68:f9:fc:3b:e9:40:08:6b:a3:cf:1e:08:3f:cf:
                    90:a3:3f:78:05:ea:29:9a:2b:b2:59:fd:cd:dc:34:
                    8b:13:fa:88:dc:e4:1c:57:3b:f9:a7:21:12:7f:1a:
                    bb:67:58:6e:89:bc:52:28:b2:ff:44:83:92:e7:e1:
                    1f:6c:00:47:0d:13:62:d3:f1:3f:b2:a9:a5:2b:2e:
                    1a:c9:11:f8:64:05:67:60:36:f9:25:d3:71:f6:2b:
                    a2:e8:91:55:42:d3:c0:61:e3:a9:27:42:6b:8f:bf:
                    63:23:f4:17:fa:2f:86:19:54:f4:05:04:d0:f2:0c:
                    ff:35:fb:6e:b3:05:e2:22:fa:d0:8e:f0:61:4a:bf:
                    c3:9c:f4:8d:a8:f8:d1:a8:cd:83:02:a9:a6:51:3f:
                    ad:5e:a8:c0:81:09:8f:63:8e:9e:80:10:c7:f1:d8:
                    dd:65:42:b4:66:8d:2e:a6:af:7f:30:da:dd:8e:9b:
                    d7:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:CB:A9:DC:1F:B8:DE:41:87:D4:14:EE:54:D6:F3:F7:08:22:78:4A
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9EFAB6B8FB1511EE971CC04F017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:93:39:17:a5:09:1a:31:20:b8:25:5a:b6:8e:5b:94:50:a0:
         5b:69:8c:22:ed:4a:27:ce:c3:2b:4d:59:d0:db:11:69:c2:82:
         f1:5e:8c:2a:e7:cb:af:cc:55:c8:80:02:4c:5f:c3:32:2c:bd:
         aa:94:0f:be:a5:0e:60:25:fb:99:15:87:c5:a4:4f:a1:c8:af:
         a1:4e:9e:d4:74:2f:dc:71:f5:72:4a:c4:53:fc:fc:98:78:8b:
         b0:1e:e4:50:f9:65:ec:c7:e2:75:99:72:0e:93:cf:d3:fc:1f:
         c6:54:b8:92:3a:b7:f0:7a:5b:0f:99:76:0c:50:56:3b:d4:5f:
         16:30:a5:36:2a:4c:5f:68:fb:0d:c2:bd:e2:28:43:16:a7:a9:
         47:3d:51:71:40:5d:cf:a9:ae:9d:1a:a6:3c:91:49:70:b8:08:
         3e:85:9d:b3:6d:e4:f8:11:83:3c:be:9a:03:7b:bd:74:19:3b:
         b5:45:98:7a:ac:81:3d:ca:45:fc:6e:aa:25:48:22:3b:51:ab:
         07:2c:71:88:78:89:ee:dc:cc:c7:02:96:2b:0c:e4:2b:c7:1f:
         dd:6c:a9:85:e5:3c:10:9e:6b:e4:05:d9:b7:72:07:52:52:3a:
         33:a3:7e:bc:22:fd:35:9f:a2:10:55:09:24:c3:c2:f0:86:ba:
         06:0f:64:f6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFcMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MTUxMDQ3NTRaFw0yNjA0MTUxMDQ3NTRaMBgxFjAU
BgNVBAMTDTY2MWQwNWRkLTk1NGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDguHnm4Oia0ND7pT1KRcp6GMrL7k4q4e9FbIEOgxgIMpuItp+wQKztucLB
TdTtID5fbzbeFedZVMejwL73okMOG/5sSSSiZkqUBuNo+fw76UAIa6PPHgg/z5Cj
P3gF6imaK7JZ/c3cNIsT+ojc5BxXO/mnIRJ/GrtnWG6JvFIosv9Eg5Ln4R9sAEcN
E2LT8T+yqaUrLhrJEfhkBWdgNvkl03H2K6LokVVC08Bh46knQmuPv2Mj9Bf6L4YZ
VPQFBNDyDP81+26zBeIi+tCO8GFKv8Oc9I2o+NGozYMCqaZRP61eqMCBCY9jjp6A
EMfx2N1lQrRmjS6mr38w2t2Om9dXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUaMup
3B+43kGH1BTuVNbz9wgieEowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzlFRkFCNkI4RkIxNTExRUU5NzFDQzA0RjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDQwDQYJKoZIhvcNAQEL
BQADggEBAFeTORelCRoxILglWraOW5RQoFtpjCLtSifOwytNWdDbEWnCgvFejCrn
y6/MVciAAkxfwzIsvaqUD76lDmAl+5kVh8WkT6HIr6FOntR0L9xx9XJKxFP8/Jh4
i7Ae5FD5ZezH4nWZcg6Tz9P8H8ZUuJI6t/B6Ww+ZdgxQVjvUXxYwpTYqTF9o+w3C
veIoQxanqUc9UXFAXc+prp0apjyRSXC4CD6FnbNt5PgRgzy+mgN7vXQZO7VFmHqs
gT3KRfxuqiVIIjtRqwcscYh4ie7czMcClisM5CvHH91sqYXlPBCea+QF2bdyB1JS
OjOjfrwi/TWfohBVCSTDwvCGugYPZPY=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org