Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A7DF848E092B11EE922C44474AD9E6FC.roa
File:                     A7DF848E092B11EE922C44474AD9E6FC.roa (raw, json)
Hash identifier:          HHlEaJ6kNqkyYr4k8Kd28GzyQJ+4JM13yKTClWkipAc=
Subject key identifier:   5D:B6:0E:DF:38:DA:CB:40:E8:C3:5F:12:8A:3E:57:CC:13:BF:44:6C
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0F38
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A7DF848E092B11EE922C44474AD9E6FC.roa
Signing time:             Mon 12 Jun 2023 14:16:00 +0000
ROA not before:           Mon 12 Jun 2023 14:15:56 +0000
ROA not after:            Wed 11 Jun 2025 14:15:56 +0000
asID:                     43350
IP address blocks:        154.16.12.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3896 (0xf38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun 12 14:15:56 2023 GMT
            Not After : Jun 11 14:15:56 2025 GMT
        Subject: CN=648728a0-79f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:dd:dd:77:1b:d8:c5:44:f9:97:25:18:6d:49:
                    a9:63:17:28:e5:04:1f:51:5d:fc:b9:8b:7a:cd:f0:
                    4f:a3:51:7a:6c:9d:83:07:c3:0d:d6:a8:14:d8:ef:
                    9c:3d:6a:08:c1:42:92:c1:19:4d:73:c2:30:99:78:
                    2a:88:48:47:bc:f9:a5:10:d9:b6:9e:d1:2e:75:26:
                    a7:71:91:45:b8:27:12:56:bb:6e:65:75:c2:ab:3e:
                    76:49:8a:c0:60:dc:43:a4:b3:9b:5f:fd:11:92:ee:
                    c4:02:23:96:a1:ef:dc:5e:56:ac:71:75:62:c3:26:
                    dd:a9:28:61:24:37:fa:44:88:3b:f9:14:a2:54:08:
                    88:7f:6c:97:98:a5:88:a6:8f:78:8f:40:22:69:50:
                    60:63:df:0d:37:44:04:ed:d9:33:9f:b3:b9:f9:25:
                    d6:19:1c:a2:48:ae:4f:3e:e6:b6:7a:76:f1:59:4e:
                    f6:be:6b:10:df:a3:28:5d:7f:61:75:df:26:28:77:
                    cb:1f:f7:41:9d:d5:2a:34:4d:d3:2a:e6:96:82:75:
                    ea:f6:12:c6:68:39:3c:9e:0c:42:65:ce:00:34:48:
                    09:77:a6:13:e2:0e:ce:30:66:7b:19:0b:e8:98:de:
                    05:c0:eb:03:cc:6f:cb:6b:cb:88:f4:d4:e5:2a:90:
                    91:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:B6:0E:DF:38:DA:CB:40:E8:C3:5F:12:8A:3E:57:CC:13:BF:44:6C
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A7DF848E092B11EE922C44474AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:35:5e:34:96:e0:53:02:ad:17:2d:8c:7a:e3:bd:2f:66:2f:
         47:d5:e6:1f:cf:9e:a4:33:e9:71:bd:06:41:fb:00:1c:61:6f:
         bd:8f:56:a7:b2:83:ad:94:e6:93:c3:e6:bb:8d:6e:50:ac:f9:
         c7:38:9c:74:74:27:5b:21:75:4a:0f:4f:8f:76:8a:48:8f:e6:
         3d:47:15:4b:56:e1:ba:99:c2:e2:48:f3:9f:80:d9:30:71:00:
         ca:6d:2d:d8:5a:f1:4c:da:11:5b:9b:84:20:1a:13:48:6c:a1:
         6f:ab:f7:3e:4f:1a:9d:2c:e8:5d:4c:07:da:23:53:b9:07:3d:
         3c:4e:c3:da:a4:0f:4d:5a:f3:c0:db:21:46:e6:c4:60:a5:b0:
         a1:e8:d3:bc:88:58:6a:e2:c7:cb:db:00:69:5f:1d:31:7d:c4:
         16:de:26:71:ed:3c:75:8d:16:44:b7:22:6f:d6:43:7a:de:b2:
         3f:65:03:5d:08:b1:fd:6c:44:fd:1a:d5:a7:49:da:ae:b5:51:
         37:83:96:24:fb:0c:5f:15:bf:28:47:ae:51:9e:49:7e:b2:51:
         9b:06:bd:df:ff:20:ff:34:49:ee:d9:88:c7:92:7e:9f:21:cc:
         49:c4:5c:39:0c:31:fc:74:0c:19:ac:d7:b3:57:cc:cc:59:00:
         83:50:7e:06
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDzgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MTIxNDE1NTZaFw0yNTA2MTExNDE1NTZaMBgxFjAU
BgNVBAMTDTY0ODcyOGEwLTc5ZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDW3d13G9jFRPmXJRhtSaljFyjlBB9RXfy5i3rN8E+jUXpsnYMHww3WqBTY
75w9agjBQpLBGU1zwjCZeCqISEe8+aUQ2bae0S51JqdxkUW4JxJWu25ldcKrPnZJ
isBg3EOks5tf/RGS7sQCI5ah79xeVqxxdWLDJt2pKGEkN/pEiDv5FKJUCIh/bJeY
pYimj3iPQCJpUGBj3w03RATt2TOfs7n5JdYZHKJIrk8+5rZ6dvFZTva+axDfoyhd
f2F13yYod8sf90Gd1So0TdMq5paCder2EsZoOTyeDEJlzgA0SAl3phPiDs4wZnsZ
C+iY3gXA6wPMb8try4j01OUqkJEFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUXbYO
3zjay0Dow18Sij5XzBO/RGwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0E3REY4NDhFMDkyQjExRUU5MjJDNDQ0NzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAwwDQYJKoZIhvcNAQEL
BQADggEBAH41XjSW4FMCrRctjHrjvS9mL0fV5h/PnqQz6XG9BkH7ABxhb72PVqey
g62U5pPD5ruNblCs+cc4nHR0J1shdUoPT492ikiP5j1HFUtW4bqZwuJI85+A2TBx
AMptLdha8UzaEVubhCAaE0hsoW+r9z5PGp0s6F1MB9ojU7kHPTxOw9qkD01a88Db
IUbmxGClsKHo07yIWGrix8vbAGlfHTF9xBbeJnHtPHWNFkS3Im/WQ3resj9lA10I
sf1sRP0a1adJ2q61UTeDliT7DF8VvyhHrlGeSX6yUZsGvd//IP80Se7ZiMeSfp8h
zEnEXDkMMfx0DBms17NXzMxZAINQfgY=
-----END CERTIFICATE-----
Generated at Sun Nov 24 03:18:00 2024 by rpki-client on console-ams.rpki-client.org