Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A7CF7FE843F111EE9F7D71694AD9E6FC.roa
File:                     A7CF7FE843F111EE9F7D71694AD9E6FC.roa (raw, json)
Hash identifier:          4ApRqWWPiWmVDfGDUiWdsT5aMFhDIIUBwDm69XJ5tpE=
Subject key identifier:   22:88:16:B2:2B:E6:D5:E1:60:76:88:5A:04:A8:81:CE:01:2D:C3:F9
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       11B4
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A7CF7FE843F111EE9F7D71694AD9E6FC.roa
Signing time:             Sat 26 Aug 2023 09:19:28 +0000
ROA not before:           Sat 26 Aug 2023 09:19:24 +0000
ROA not after:            Sat 30 Aug 2025 09:19:24 +0000
asID:                     212238
IP address blocks:        154.16.2.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4532 (0x11b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 26 09:19:24 2023 GMT
            Not After : Aug 30 09:19:24 2025 GMT
        Subject: CN=64e9c3a0-0c3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:bf:89:32:92:20:03:36:0e:6d:cc:f8:3b:86:
                    c6:9c:af:2c:7b:7c:7f:6d:ed:3c:50:e0:b8:43:17:
                    57:5b:4e:97:5a:58:e3:00:53:ab:7a:84:81:ec:cf:
                    5c:5e:c1:88:8c:e1:30:56:de:70:e8:fd:90:b9:bd:
                    20:08:44:6c:0e:a6:ba:02:90:7c:f9:69:78:1d:d3:
                    5e:6d:7f:4b:2b:75:8b:86:0f:a1:ec:75:cd:f2:f1:
                    38:63:dd:79:1b:d9:3d:26:f3:2f:62:50:b0:4d:ca:
                    73:28:be:04:a3:52:6b:78:1c:98:63:c8:16:b3:1c:
                    b6:c8:11:26:53:c0:04:86:01:cc:6f:00:d9:af:36:
                    04:24:ad:97:3b:2a:e5:f6:c1:e2:16:ea:7a:3e:b6:
                    a0:82:a4:89:36:6d:5d:e1:99:1d:f5:89:6c:eb:5e:
                    52:2c:9b:e7:42:0a:44:fb:0c:c6:d5:39:7d:4d:a5:
                    f1:67:0d:e3:24:ca:19:80:e7:6d:af:f3:1c:22:a4:
                    9a:99:87:67:d3:d5:36:05:cb:9f:53:e4:43:bb:5c:
                    40:47:02:4e:5b:2a:33:32:97:8f:cd:97:51:d1:9b:
                    2b:8a:46:ac:10:4b:ed:3e:22:ba:0a:7d:c2:df:a3:
                    b0:ff:91:30:7f:ad:5d:76:fa:05:c9:08:4a:1b:dd:
                    c0:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:88:16:B2:2B:E6:D5:E1:60:76:88:5A:04:A8:81:CE:01:2D:C3:F9
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A7CF7FE843F111EE9F7D71694AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:72:7a:cc:4a:48:29:73:80:d9:96:20:f7:4b:b8:84:7f:e6:
         5d:83:4a:a7:64:3a:f1:64:1d:d8:19:37:25:0f:c5:52:3a:5a:
         06:53:28:2f:ec:bb:b9:75:d1:26:b0:82:ca:35:69:b4:61:9e:
         64:6a:e2:37:2d:f3:08:cf:2c:cc:92:22:ec:75:28:6a:b8:a0:
         3a:ea:c9:3d:1c:02:c4:27:3f:4c:76:58:80:71:d3:92:57:78:
         62:bc:ce:85:51:f1:1c:47:de:3c:35:1f:34:dd:3f:ce:d6:3c:
         7a:58:c0:53:de:77:e0:31:11:90:51:f8:82:77:86:c3:27:8d:
         19:ce:39:22:a8:c8:02:53:4d:e3:6a:ba:9b:77:94:d2:31:14:
         e2:52:52:6e:4e:cb:dd:e7:27:0c:b8:48:3b:86:1b:03:54:af:
         c6:1c:a9:f0:cf:86:4f:cd:87:9a:b9:f8:ee:2e:f5:e7:30:59:
         08:08:59:07:50:60:1f:c3:ca:cb:54:41:20:b9:d1:ea:a4:2b:
         23:58:aa:7c:ee:9e:55:27:4a:2f:ec:33:6e:f1:f7:4f:96:de:
         13:b4:df:97:ec:be:c5:b1:17:a4:fe:4f:54:8b:03:93:26:2b:
         2b:36:20:4e:cc:3c:f2:e3:c3:85:ea:53:35:fd:a1:b1:9c:e3:
         43:c0:f6:08
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEbQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MjYwOTE5MjRaFw0yNTA4MzAwOTE5MjRaMBgxFjAU
BgNVBAMTDTY0ZTljM2EwLTBjM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDsv4kykiADNg5tzPg7hsacryx7fH9t7TxQ4LhDF1dbTpdaWOMAU6t6hIHs
z1xewYiM4TBW3nDo/ZC5vSAIRGwOproCkHz5aXgd015tf0srdYuGD6Hsdc3y8Thj
3Xkb2T0m8y9iULBNynMovgSjUmt4HJhjyBazHLbIESZTwASGAcxvANmvNgQkrZc7
KuX2weIW6no+tqCCpIk2bV3hmR31iWzrXlIsm+dCCkT7DMbVOX1NpfFnDeMkyhmA
522v8xwipJqZh2fT1TYFy59T5EO7XEBHAk5bKjMyl4/Nl1HRmyuKRqwQS+0+IroK
fcLfo7D/kTB/rV12+gXJCEob3cCtAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUIogW
sivm1eFgdohaBKiBzgEtw/kwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0E3Q0Y3RkU4NDNGMTExRUU5RjdENzE2OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAIwDQYJKoZIhvcNAQEL
BQADggEBAL5yesxKSClzgNmWIPdLuIR/5l2DSqdkOvFkHdgZNyUPxVI6WgZTKC/s
u7l10Sawgso1abRhnmRq4jct8wjPLMySIux1KGq4oDrqyT0cAsQnP0x2WIBx05JX
eGK8zoVR8RxH3jw1HzTdP87WPHpYwFPed+AxEZBR+IJ3hsMnjRnOOSKoyAJTTeNq
upt3lNIxFOJSUm5Oy93nJwy4SDuGGwNUr8YcqfDPhk/Nh5q5+O4u9ecwWQgIWQdQ
YB/DystUQSC50eqkKyNYqnzunlUnSi/sM27x90+W3hO035fsvsWxF6T+T1SLA5Mm
Kys2IE7MPPLjw4XqUzX9obGc40PA9gg=
-----END CERTIFICATE-----
Generated at Sun Jul 14 02:50:29 2024 by rpki-client on console-ams.rpki-client.org