Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A5944F7C38EA11EEA425496C4AD9E6FC.roa
File:                     A5944F7C38EA11EEA425496C4AD9E6FC.roa (raw, json)
Hash identifier:          AwBC/sTP7tsaLcruj3EBArml5ys0HKzwZ9RT7Dtiisk=
Subject key identifier:   7D:D9:31:A9:8E:44:C1:DE:FD:92:3D:AE:96:F2:2D:10:D5:73:44:1C
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1133
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A5944F7C38EA11EEA425496C4AD9E6FC.roa
Signing time:             Sat 12 Aug 2023 08:31:35 +0000
ROA not before:           Sat 12 Aug 2023 08:31:31 +0000
ROA not after:            Wed 14 Aug 2024 08:31:31 +0000
asID:                     14670
IP address blocks:        154.16.118.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4403 (0x1133)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 12 08:31:31 2023 GMT
            Not After : Aug 14 08:31:31 2024 GMT
        Subject: CN=64d74367-48ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e0:dc:ae:09:73:6a:15:22:52:a8:b6:c4:7b:
                    75:27:3d:c5:34:1a:ba:6e:47:3d:f7:34:24:1a:f3:
                    15:6b:42:25:64:fa:9d:bb:63:c5:23:43:dd:bd:88:
                    5d:f9:43:61:0f:4b:d1:56:5e:f6:b2:4b:6d:e0:72:
                    fd:9c:88:63:f7:6a:66:bb:3c:49:37:a7:19:4c:eb:
                    49:f9:6d:d0:ba:3f:fb:8e:df:d0:1c:7f:8a:f6:bf:
                    9f:b3:0f:27:d2:39:66:d5:83:39:94:f4:a6:c8:c8:
                    b1:7a:f7:ee:47:a9:a0:39:37:46:10:3f:e6:82:ae:
                    f2:ff:e5:60:e9:3c:5e:4c:d8:db:7f:aa:73:5c:9f:
                    8b:9e:6d:d2:7a:c1:f5:13:9c:53:0a:20:61:2e:64:
                    4d:23:33:68:8d:df:6c:87:37:8c:1b:e6:37:87:3a:
                    7e:f0:bb:b7:98:ab:cf:22:99:5e:c9:61:39:10:e6:
                    6f:f5:34:31:11:74:63:1a:d2:10:d6:40:55:89:c4:
                    12:4c:0d:a0:7b:a5:39:f3:76:37:50:24:3b:99:65:
                    39:b0:73:85:76:8c:fd:91:a7:c4:b2:45:a9:c6:93:
                    50:42:a0:6e:d0:1c:fd:3b:08:66:05:33:68:a8:3c:
                    34:2c:df:6e:45:f2:28:db:22:e5:f1:0b:62:01:74:
                    49:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:D9:31:A9:8E:44:C1:DE:FD:92:3D:AE:96:F2:2D:10:D5:73:44:1C
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A5944F7C38EA11EEA425496C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:a4:34:f2:3c:ed:36:09:44:5d:ab:bd:5f:ca:9b:65:a7:5d:
         42:56:5e:84:27:80:47:66:cb:44:ae:73:9b:75:14:58:a6:c2:
         a1:52:c6:dd:5e:91:34:7b:2b:be:81:59:dc:96:49:35:d3:ee:
         f6:17:66:c9:ef:4e:46:b5:40:63:6c:2d:ab:70:c4:a6:fe:7a:
         f3:e1:40:e9:92:af:ad:2c:99:4c:b0:72:e1:bf:a6:8b:0a:ea:
         d3:0c:0b:05:4e:61:27:f6:fc:b5:9e:cf:7e:23:15:ab:da:04:
         60:59:e1:ea:81:67:60:17:b7:08:b8:9f:aa:4b:03:73:64:51:
         82:9e:c3:58:09:9f:a5:45:a0:bf:02:74:cc:09:db:c7:9b:13:
         66:18:a8:cc:90:d5:bb:d3:86:c2:be:33:59:e9:8b:e4:0a:6e:
         e6:81:56:77:1a:0d:a7:6f:39:ac:5f:48:38:b8:88:05:76:39:
         7b:fb:1a:80:af:d9:73:a8:8e:e4:0e:a2:10:cd:bc:af:2d:5b:
         c0:06:b3:e8:b5:03:ff:05:ec:ba:c2:54:d6:ad:1d:48:8c:b8:
         aa:84:d8:20:3d:98:a2:6c:83:68:0d:c2:95:7c:8c:6e:ac:4e:
         de:18:ee:15:a2:d7:da:22:e5:72:23:c6:b1:14:06:bd:fe:f6:
         1a:68:42:3f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICETMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MTIwODMxMzFaFw0yNDA4MTQwODMxMzFaMBgxFjAU
BgNVBAMTDTY0ZDc0MzY3LTQ4YWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJ4NyuCXNqFSJSqLbEe3UnPcU0GrpuRz33NCQa8xVrQiVk+p27Y8UjQ929
iF35Q2EPS9FWXvayS23gcv2ciGP3ama7PEk3pxlM60n5bdC6P/uO39Acf4r2v5+z
DyfSOWbVgzmU9KbIyLF69+5HqaA5N0YQP+aCrvL/5WDpPF5M2Nt/qnNcn4uebdJ6
wfUTnFMKIGEuZE0jM2iN32yHN4wb5jeHOn7wu7eYq88imV7JYTkQ5m/1NDERdGMa
0hDWQFWJxBJMDaB7pTnzdjdQJDuZZTmwc4V2jP2Rp8SyRanGk1BCoG7QHP07CGYF
M2ioPDQs325F8ijbIuXxC2IBdEnJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfdkx
qY5Ewd79kj2ulvItENVzRBwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0E1OTQ0RjdDMzhFQTExRUVBNDI1NDk2QzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHYwDQYJKoZIhvcNAQEL
BQADggEBALKkNPI87TYJRF2rvV/Km2WnXUJWXoQngEdmy0Suc5t1FFimwqFSxt1e
kTR7K76BWdyWSTXT7vYXZsnvTka1QGNsLatwxKb+evPhQOmSr60smUywcuG/posK
6tMMCwVOYSf2/LWez34jFavaBGBZ4eqBZ2AXtwi4n6pLA3NkUYKew1gJn6VFoL8C
dMwJ28ebE2YYqMyQ1bvThsK+M1npi+QKbuaBVncaDadvOaxfSDi4iAV2OXv7GoCv
2XOojuQOohDNvK8tW8AGs+i1A/8F7LrCVNatHUiMuKqE2CA9mKJsg2gNwpV8jG6s
Tt4Y7hWi19oi5XIjxrEUBr3+9hpoQj8=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:05 2024 by rpki-client on console-fra.rpki-client.org