Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A902F794F70811EEAB1006A4775412E6.roa
File:                     A902F794F70811EEAB1006A4775412E6.roa (raw, json)
Hash identifier:          8KgObOq6xgB1v1gi1S4A8t8TBAOz/S9/4WdW4ZaZwPk=
Subject key identifier:   88:B2:03:EB:22:7F:BE:63:60:3E:34:17:38:93:78:F6:1B:4A:23:38
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       159E
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A902F794F70811EEAB1006A4775412E6.roa
Signing time:             Wed 10 Apr 2024 07:05:06 +0000
ROA not before:           Wed 10 Apr 2024 07:05:03 +0000
ROA not after:            Sat 11 Apr 2026 07:05:03 +0000
asID:                     32159
IP address blocks:        154.16.41.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5534 (0x159e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 10 07:05:03 2024 GMT
            Not After : Apr 11 07:05:03 2026 GMT
        Subject: CN=66163a22-1d3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:f3:71:33:cd:b9:9d:a4:47:37:af:be:5b:e6:
                    98:79:0e:dd:68:1c:95:66:21:a5:da:df:09:3b:4b:
                    37:3c:24:db:2d:13:d4:6c:ba:36:66:c7:c7:c4:66:
                    4f:ba:81:9a:74:30:ab:ae:2d:2c:6e:fa:f3:0d:57:
                    36:9f:e1:b6:11:21:ee:03:8b:34:26:66:db:ee:79:
                    2f:c3:0e:13:dd:6a:81:56:16:3d:7f:f7:8c:ed:f9:
                    25:46:91:c9:06:22:fa:1d:76:4f:ea:bf:3a:b6:52:
                    ac:d6:f0:7f:06:04:70:c1:ae:df:fc:88:53:68:46:
                    13:07:79:5a:20:bd:bf:3c:b1:b4:04:36:73:c9:1e:
                    31:9d:4e:50:c4:0f:72:51:8c:0b:9d:60:2a:b1:4c:
                    11:71:2e:6b:4d:6c:60:b3:68:20:5a:4d:4f:e3:fb:
                    95:22:a0:44:da:ef:27:d5:60:6e:32:68:a4:a0:46:
                    e0:27:c4:8a:a1:80:15:d2:50:a4:72:8d:0d:7a:12:
                    de:02:d2:3e:07:4e:ab:3a:83:94:dc:11:1e:13:ef:
                    83:c5:ea:2a:b3:5a:a3:0c:98:c3:bf:ea:e9:cd:27:
                    a4:2b:64:e8:3c:54:05:e3:d1:1e:e7:e1:99:47:61:
                    61:d5:cc:e2:2b:e2:25:16:08:33:bf:c5:26:5d:94:
                    1f:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:B2:03:EB:22:7F:BE:63:60:3E:34:17:38:93:78:F6:1B:4A:23:38
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A902F794F70811EEAB1006A4775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:3a:8c:3b:4e:57:36:a9:11:0c:90:70:8c:0a:2d:4c:3e:d8:
         06:54:7a:44:4a:22:f1:7b:3b:2a:db:e6:bd:0d:85:72:7f:53:
         4b:71:a7:87:2d:72:24:44:c6:cb:74:0b:ce:53:81:3e:22:45:
         f9:6d:68:85:f1:3b:93:4a:76:39:aa:5a:ef:70:1d:a2:c1:40:
         5f:18:b4:0b:15:e2:10:23:14:3d:bf:64:3e:94:d4:90:95:a8:
         12:15:b1:4c:1c:5b:bf:e8:cc:24:ad:7e:f6:71:93:bd:44:7d:
         b1:a5:ac:49:bf:67:d4:22:2f:3a:37:98:55:28:71:55:41:49:
         b9:76:65:ac:2f:02:48:88:57:f2:26:66:76:ea:dd:30:48:e7:
         b8:65:48:28:ed:78:84:03:1a:92:ed:3d:4b:90:ee:64:46:2b:
         13:45:89:3b:12:7a:77:bd:fc:5b:9e:17:cf:15:88:25:49:22:
         e5:7f:33:67:c0:5a:38:48:78:2c:e1:e5:f1:ea:b8:52:f9:f6:
         eb:c9:5a:28:4f:4c:25:92:1a:3c:43:79:bd:0b:c4:5f:1f:5a:
         ed:63:88:71:0a:b4:e2:48:99:f6:a5:fb:a7:44:51:cd:17:bd:
         83:3a:3a:bb:7a:8f:42:f4:df:21:88:4c:60:18:b0:ff:9c:e8:
         54:ef:a4:d0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFZ4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MTAwNzA1MDNaFw0yNjA0MTEwNzA1MDNaMBgxFjAU
BgNVBAMTDTY2MTYzYTIyLTFkM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC883EzzbmdpEc3r75b5ph5Dt1oHJVmIaXa3wk7Szc8JNstE9RsujZmx8fE
Zk+6gZp0MKuuLSxu+vMNVzaf4bYRIe4DizQmZtvueS/DDhPdaoFWFj1/94zt+SVG
kckGIvoddk/qvzq2UqzW8H8GBHDBrt/8iFNoRhMHeVogvb88sbQENnPJHjGdTlDE
D3JRjAudYCqxTBFxLmtNbGCzaCBaTU/j+5UioETa7yfVYG4yaKSgRuAnxIqhgBXS
UKRyjQ16Et4C0j4HTqs6g5TcER4T74PF6iqzWqMMmMO/6unNJ6QrZOg8VAXj0R7n
4ZlHYWHVzOIr4iUWCDO/xSZdlB/vAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUiLID
6yJ/vmNgPjQXOJN49htKIzgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0E5MDJGNzk0RjcwODExRUVBQjEwMDZBNDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECkwDQYJKoZIhvcNAQEL
BQADggEBAAw6jDtOVzapEQyQcIwKLUw+2AZUekRKIvF7Oyrb5r0NhXJ/U0txp4ct
ciRExst0C85TgT4iRfltaIXxO5NKdjmqWu9wHaLBQF8YtAsV4hAjFD2/ZD6U1JCV
qBIVsUwcW7/ozCStfvZxk71EfbGlrEm/Z9QiLzo3mFUocVVBSbl2ZawvAkiIV/Im
Znbq3TBI57hlSCjteIQDGpLtPUuQ7mRGKxNFiTsSene9/FueF88ViCVJIuV/M2fA
WjhIeCzh5fHquFL59uvJWihPTCWSGjxDeb0LxF8fWu1jiHEKtOJImfal+6dEUc0X
vYM6Ort6j0L03yGITGAYsP+c6FTvpNA=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org