Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A178FDBC3AA011EFA91DFC7D762E951A.roa
File:                     A178FDBC3AA011EFA91DFC7D762E951A.roa (raw, json)
Hash identifier:          lBKrmkCs5xYBQeByaskRE4pF2yTEO7c34JHoDaotw6g=
Subject key identifier:   52:C9:22:BC:6F:07:EC:17:6D:E5:6B:D0:FF:E8:D1:12:F9:B3:3B:9D
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1717
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A178FDBC3AA011EFA91DFC7D762E951A.roa
Signing time:             Fri 05 Jul 2024 07:31:45 +0000
ROA not before:           Fri 05 Jul 2024 07:31:42 +0000
ROA not after:            Sun 05 Jul 2026 07:31:42 +0000
asID:                     212335
IP address blocks:        154.16.46.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5911 (0x1717)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jul  5 07:31:42 2024 GMT
            Not After : Jul  5 07:31:42 2026 GMT
        Subject: CN=6687a161-bcd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:0d:37:9e:f2:e8:1f:41:c0:8a:17:2c:d6:22:
                    04:b8:ef:4b:d4:2c:63:a3:0d:02:e3:35:53:24:7b:
                    5a:d8:86:5e:5a:54:12:01:34:72:eb:56:ef:7e:81:
                    af:b0:af:17:55:7a:ba:8f:c2:a4:fe:39:87:0a:6c:
                    07:7a:a9:1e:ee:78:c4:55:32:39:e4:78:9a:d8:c9:
                    17:b0:28:40:11:16:a8:bf:ed:86:08:12:98:e1:2b:
                    da:ae:7f:4e:14:66:5e:5c:b3:36:9a:36:d9:23:1c:
                    cc:c5:31:0a:33:48:1b:b9:6c:53:29:dc:54:c8:00:
                    3a:13:dc:63:30:cc:85:d1:48:54:86:0e:4e:05:e0:
                    21:9e:34:c2:c6:29:5b:3c:24:27:66:94:89:c9:f3:
                    fb:03:ec:40:d7:2b:51:04:06:bf:dd:12:19:09:d6:
                    5e:5b:32:d4:19:e3:59:9d:bf:80:62:20:38:b1:2e:
                    db:78:f0:1a:21:3d:c6:99:73:c5:f8:39:5c:0d:de:
                    29:bb:60:76:7c:58:77:78:b2:b5:db:86:e0:47:80:
                    00:5a:12:87:20:a3:cb:cc:71:78:2c:d9:c0:eb:0d:
                    ee:9e:08:ad:0b:9f:a3:d2:30:a1:e2:b7:2f:52:c6:
                    96:28:95:dd:cc:09:4d:36:2f:40:72:16:d0:11:b2:
                    aa:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:C9:22:BC:6F:07:EC:17:6D:E5:6B:D0:FF:E8:D1:12:F9:B3:3B:9D
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A178FDBC3AA011EFA91DFC7D762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:87:17:13:08:6b:57:92:c7:9f:33:49:80:b9:3d:99:bd:a6:
         92:c2:68:5e:61:bc:17:23:85:1f:df:1b:b2:02:da:f5:c3:91:
         1e:6b:b4:6c:b1:d9:3c:01:b3:28:c2:af:5b:8e:c7:cb:a5:84:
         3f:c6:a1:0c:47:59:c3:1e:0c:3a:02:92:53:0f:d6:8d:50:7c:
         cf:06:99:5f:7f:99:63:6f:c7:d9:c4:4f:1b:8d:7d:74:1e:5b:
         25:3f:d2:e9:a0:30:d4:2c:72:14:fb:21:29:3b:66:cf:50:aa:
         8b:2d:99:0a:c6:2b:37:ab:9e:88:67:98:10:20:ea:8e:db:c4:
         0f:a2:1f:7d:f1:77:c8:b6:77:38:f1:3a:2b:f1:82:dc:46:5f:
         a0:65:81:db:04:de:68:80:37:c6:07:97:e9:04:14:55:26:f6:
         e9:cf:4b:eb:14:a4:b5:18:7f:a5:e3:c3:17:5f:93:ac:29:cf:
         a6:57:eb:b6:c0:bc:da:72:cb:20:21:2c:cd:a9:2e:25:17:8b:
         37:60:55:bb:25:d4:df:5e:ee:c4:0f:da:ed:8a:e2:22:0f:4b:
         f2:76:b2:d5:97:43:2a:e3:75:97:21:8c:5a:c3:7e:5c:dd:4d:
         d4:71:db:66:72:5a:58:10:1a:3d:00:c1:fc:43:d8:23:af:77:
         08:9d:17:29
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFxcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA3MDUwNzMxNDJaFw0yNjA3MDUwNzMxNDJaMBgxFjAU
BgNVBAMTDTY2ODdhMTYxLWJjZDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUDTee8ugfQcCKFyzWIgS470vULGOjDQLjNVMke1rYhl5aVBIBNHLrVu9+
ga+wrxdVerqPwqT+OYcKbAd6qR7ueMRVMjnkeJrYyRewKEARFqi/7YYIEpjhK9qu
f04UZl5cszaaNtkjHMzFMQozSBu5bFMp3FTIADoT3GMwzIXRSFSGDk4F4CGeNMLG
KVs8JCdmlInJ8/sD7EDXK1EEBr/dEhkJ1l5bMtQZ41mdv4BiIDixLtt48BohPcaZ
c8X4OVwN3im7YHZ8WHd4srXbhuBHgABaEocgo8vMcXgs2cDrDe6eCK0Ln6PSMKHi
ty9SxpYold3MCU02L0ByFtARsqrFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUUski
vG8H7Bdt5WvQ/+jREvmzO50wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0ExNzhGREJDM0FBMDExRUZBOTFERkM3RDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEC4wDQYJKoZIhvcNAQEL
BQADggEBAKaHFxMIa1eSx58zSYC5PZm9ppLCaF5hvBcjhR/fG7IC2vXDkR5rtGyx
2TwBsyjCr1uOx8ulhD/GoQxHWcMeDDoCklMP1o1QfM8GmV9/mWNvx9nETxuNfXQe
WyU/0umgMNQschT7ISk7Zs9QqostmQrGKzernohnmBAg6o7bxA+iH33xd8i2dzjx
OivxgtxGX6BlgdsE3miAN8YHl+kEFFUm9unPS+sUpLUYf6Xjwxdfk6wpz6ZX67bA
vNpyyyAhLM2pLiUXizdgVbsl1N9e7sQP2u2K4iIPS/J2stWXQyrjdZchjFrDflzd
TdRx22ZyWlgQGj0AwfxD2COvdwidFyk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:56 2024 by rpki-client on console-fra.rpki-client.org