Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A267D7F0D54411EEA6D5FD86775412E6.roa
File:                     A267D7F0D54411EEA6D5FD86775412E6.roa (raw, json)
Hash identifier:          MJCiRxn71Ns3TYxIT2GXcrfQZPzbnqTBgikk4ajl7/8=
Subject key identifier:   AC:91:FF:9D:A1:9B:F8:D5:EA:28:E3:88:56:D0:E1:18:85:98:39:66
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       14DA
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A267D7F0D54411EEA6D5FD86775412E6.roa
Signing time:             Tue 27 Feb 2024 07:48:45 +0000
ROA not before:           Tue 27 Feb 2024 07:48:42 +0000
ROA not after:            Fri 27 Feb 2026 07:48:42 +0000
asID:                     201341
IP address blocks:        154.16.3.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5338 (0x14da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 07:48:42 2024 GMT
            Not After : Feb 27 07:48:42 2026 GMT
        Subject: CN=65dd93dd-1546
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:8f:82:0d:52:0a:04:00:37:aa:d2:5c:61:a8:
                    8d:87:0c:7e:f7:41:15:d8:0a:26:ae:ab:3e:25:73:
                    f7:fe:ef:1c:27:a4:01:2b:16:21:da:69:09:f3:fb:
                    ad:21:9e:33:03:8b:92:97:30:a6:99:bf:3f:7a:c0:
                    40:17:62:fb:df:b5:26:65:35:df:37:39:0e:9a:9a:
                    20:7b:18:a3:f4:d1:a0:dc:fe:08:a7:fa:30:80:bc:
                    1f:d2:6e:b5:3f:d7:ef:93:16:44:f8:f4:ea:65:09:
                    1c:48:b8:1c:f8:db:1b:77:df:c8:6a:ed:4f:6a:cb:
                    18:f1:31:95:b2:ef:26:c2:f2:96:72:74:37:b1:e1:
                    eb:86:b6:f0:84:07:09:4e:de:b8:03:c2:9c:11:67:
                    92:ba:e9:64:33:b2:51:58:d9:23:c4:96:a7:86:c9:
                    b2:99:9c:b9:b8:af:1c:c0:ae:40:ca:82:eb:2a:9e:
                    07:3d:48:3d:19:b4:2d:9f:5c:55:62:ca:0c:d4:7f:
                    3a:2f:a3:79:d3:10:a6:09:d1:c4:9e:76:1c:88:06:
                    8f:ed:d5:64:1f:4d:a8:3c:fd:b4:19:00:d8:af:f5:
                    fe:f4:a3:ee:0a:2a:58:77:7b:71:90:54:00:20:4d:
                    56:36:9e:5d:63:49:1f:c2:bb:a7:ba:b3:59:f8:e9:
                    5b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:91:FF:9D:A1:9B:F8:D5:EA:28:E3:88:56:D0:E1:18:85:98:39:66
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A267D7F0D54411EEA6D5FD86775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:aa:a1:eb:e8:7f:f8:26:2c:58:94:55:7b:65:ab:c0:7d:47:
         38:98:5f:e2:15:7f:5f:b4:ab:51:ec:bb:d1:ff:bb:ec:14:47:
         f3:4e:fc:19:f5:4a:02:14:ee:7a:05:d2:06:9b:a8:11:18:31:
         0b:d0:2f:58:e5:b7:96:65:5e:be:3a:a4:f8:73:a4:88:9b:cb:
         d5:93:dc:18:13:c8:41:af:ea:22:60:ef:05:fc:df:9f:2d:ac:
         53:9c:47:54:59:8f:76:4a:da:2a:00:19:5c:94:af:bd:aa:58:
         7e:9f:a9:65:8b:f0:10:0b:f5:8a:ef:a0:8e:4e:2d:c9:b5:58:
         0c:20:7b:25:cb:b7:a1:f7:7a:80:a3:83:7b:8d:8a:ed:7a:63:
         19:78:3c:42:ab:88:48:a6:47:36:7b:72:72:d5:65:e0:6d:ff:
         24:b1:ab:dc:76:57:2a:24:14:8a:01:72:44:77:bc:a1:3f:88:
         1d:1b:ea:e8:d7:6c:b4:c6:1e:d1:a3:a0:98:af:38:cc:0d:06:
         cb:46:57:c1:0d:79:22:3f:7a:de:6c:e1:5a:1f:22:d1:37:a2:
         5c:7a:1e:6b:c7:6a:a3:ff:5e:7f:b4:c5:81:07:7e:16:e8:b6:
         f8:d9:8d:e1:6e:69:d4:bb:1d:99:cd:a7:3d:e0:1b:be:1a:e5:
         ca:ac:7a:b5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFNowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwNzQ4NDJaFw0yNjAyMjcwNzQ4NDJaMBgxFjAU
BgNVBAMTDTY1ZGQ5M2RkLTE1NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUj4INUgoEADeq0lxhqI2HDH73QRXYCiauqz4lc/f+7xwnpAErFiHaaQnz
+60hnjMDi5KXMKaZvz96wEAXYvvftSZlNd83OQ6amiB7GKP00aDc/gin+jCAvB/S
brU/1++TFkT49OplCRxIuBz42xt338hq7U9qyxjxMZWy7ybC8pZydDex4euGtvCE
BwlO3rgDwpwRZ5K66WQzslFY2SPElqeGybKZnLm4rxzArkDKgusqngc9SD0ZtC2f
XFViygzUfzovo3nTEKYJ0cSedhyIBo/t1WQfTag8/bQZANiv9f70o+4KKlh3e3GQ
VAAgTVY2nl1jSR/Cu6e6s1n46VuzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUrJH/
naGb+NXqKOOIVtDhGIWYOWYwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0EyNjdEN0YwRDU0NDExRUVBNkQ1RkQ4Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAMwDQYJKoZIhvcNAQEL
BQADggEBAKqqoevof/gmLFiUVXtlq8B9RziYX+IVf1+0q1Hsu9H/u+wUR/NO/Bn1
SgIU7noF0gabqBEYMQvQL1jlt5ZlXr46pPhzpIiby9WT3BgTyEGv6iJg7wX8358t
rFOcR1RZj3ZK2ioAGVyUr72qWH6fqWWL8BAL9YrvoI5OLcm1WAwgeyXLt6H3eoCj
g3uNiu16Yxl4PEKriEimRzZ7cnLVZeBt/ySxq9x2VyokFIoBckR3vKE/iB0b6ujX
bLTGHtGjoJivOMwNBstGV8ENeSI/et5s4VofItE3olx6HmvHaqP/Xn+0xYEHfhbo
tvjZjeFuadS7HZnNpz3gG74a5cqserU=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:05 2024 by rpki-client on console-fra.rpki-client.org