Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AF02074CD54911EEA26BD08E775412E6.roa
File:                     AF02074CD54911EEA26BD08E775412E6.roa (raw, json)
Hash identifier:          ATW6KPM+5QrxBhx14eCHQyycIl/Zoa2u3jkvcuKGeQE=
Subject key identifier:   BD:C6:5D:56:64:CD:6B:48:68:1A:AA:87:67:BF:70:B0:FB:C5:E4:6D
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       14F2
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AF02074CD54911EEA26BD08E775412E6.roa
Signing time:             Tue 27 Feb 2024 08:24:54 +0000
ROA not before:           Tue 27 Feb 2024 08:24:51 +0000
ROA not after:            Fri 27 Feb 2026 08:24:51 +0000
asID:                     201341
IP address blocks:        154.16.75.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5362 (0x14f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 08:24:51 2024 GMT
            Not After : Feb 27 08:24:51 2026 GMT
        Subject: CN=65dd9c56-1402
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:95:ad:8f:d5:e7:0e:6c:c2:56:55:00:54:53:
                    4f:40:0a:8d:d4:80:d1:b7:2a:5b:ec:34:b6:4e:e7:
                    7a:1e:3e:fa:82:7f:6b:a0:67:11:b2:6e:ad:30:f8:
                    ff:c6:ef:72:8d:b3:e9:b1:b9:9e:35:fb:39:82:a6:
                    7b:6e:91:a8:26:6a:a4:db:f5:da:80:0d:ef:0d:a5:
                    b8:df:01:dd:9f:3d:eb:6d:ba:0e:9e:eb:98:3f:3c:
                    61:14:7f:44:b3:0f:5f:64:d3:ed:41:1d:d3:c3:f3:
                    63:73:b2:3f:75:30:b4:7e:0a:6d:e9:1c:47:09:d0:
                    2d:cc:69:8e:93:a4:84:95:22:29:53:25:60:d8:ad:
                    d4:94:bf:fc:36:df:58:77:b5:6e:70:a2:77:ab:3a:
                    51:d1:b9:0f:4e:cd:ef:fa:93:ef:a5:39:99:f2:ac:
                    99:06:47:22:39:a6:b9:e0:ae:65:c0:bd:31:ad:cf:
                    4d:f1:87:24:5d:72:e1:f0:ce:bf:5f:41:a1:f9:32:
                    99:0d:15:38:2c:5c:d8:80:b7:53:b4:c0:87:8f:c1:
                    bf:9b:00:e9:69:5a:7a:c0:c1:26:76:e1:36:90:7c:
                    db:7c:38:c9:01:56:0b:d6:d9:8e:ab:0f:f1:cb:6f:
                    bd:b3:81:a2:33:82:39:73:9b:cd:a3:a0:d7:b9:70:
                    35:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:C6:5D:56:64:CD:6B:48:68:1A:AA:87:67:BF:70:B0:FB:C5:E4:6D
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AF02074CD54911EEA26BD08E775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:eb:43:af:6a:3c:8d:e6:82:18:c9:af:2c:9a:e8:9d:06:05:
         10:4c:d9:61:83:20:46:06:ba:dd:c7:b4:d0:02:f2:10:c7:1d:
         ca:c1:46:6b:c1:b2:3c:6c:06:5a:8c:72:a6:b7:b8:a7:ab:3e:
         8d:01:b5:21:0b:8d:ec:b5:4a:86:b5:c3:f0:5d:22:d1:1f:65:
         00:57:39:88:3b:f9:0e:50:92:1e:76:b5:51:45:a0:60:4d:c1:
         2d:e6:0e:34:3f:6e:23:a8:ec:cf:74:58:d8:c9:28:7b:cb:d9:
         99:72:f6:ce:4c:03:94:52:8d:bd:cc:4c:fe:d0:13:2c:ec:ba:
         77:e0:5a:6d:32:0e:90:55:f0:e2:09:24:95:a0:14:5f:ce:6a:
         9e:49:14:ea:ad:dd:9e:39:7a:b7:29:b2:3e:63:70:2d:8d:3e:
         7a:32:1f:fd:0d:d0:b6:39:03:b2:9d:fa:48:9d:e0:95:34:df:
         76:91:6c:36:eb:1e:df:55:36:fe:ad:0f:ea:be:b5:1e:5e:af:
         06:a5:aa:eb:72:b5:73:bc:ac:88:74:96:e3:8c:55:43:87:3e:
         0a:ee:20:38:fd:83:39:d0:3b:e7:5a:c6:97:db:46:3b:2b:0d:
         9d:91:80:dc:4f:e5:e9:62:ce:fa:77:1b:96:79:3d:b7:5a:7c:
         cf:71:12:2a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFPIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwODI0NTFaFw0yNjAyMjcwODI0NTFaMBgxFjAU
BgNVBAMTDTY1ZGQ5YzU2LTE0MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCTla2P1ecObMJWVQBUU09ACo3UgNG3KlvsNLZO53oePvqCf2ugZxGybq0w
+P/G73KNs+mxuZ41+zmCpntukagmaqTb9dqADe8NpbjfAd2fPettug6e65g/PGEU
f0SzD19k0+1BHdPD82Nzsj91MLR+Cm3pHEcJ0C3MaY6TpISVIilTJWDYrdSUv/w2
31h3tW5wonerOlHRuQ9Oze/6k++lOZnyrJkGRyI5prngrmXAvTGtz03xhyRdcuHw
zr9fQaH5MpkNFTgsXNiAt1O0wIePwb+bAOlpWnrAwSZ24TaQfNt8OMkBVgvW2Y6r
D/HLb72zgaIzgjlzm82joNe5cDUnAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUvcZd
VmTNa0hoGqqHZ79wsPvF5G0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0FGMDIwNzRDRDU0OTExRUVBMjZCRDA4RTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEswDQYJKoZIhvcNAQEL
BQADggEBACvrQ69qPI3mghjJryya6J0GBRBM2WGDIEYGut3HtNAC8hDHHcrBRmvB
sjxsBlqMcqa3uKerPo0BtSELjey1Soa1w/BdItEfZQBXOYg7+Q5Qkh52tVFFoGBN
wS3mDjQ/biOo7M90WNjJKHvL2Zly9s5MA5RSjb3MTP7QEyzsunfgWm0yDpBV8OIJ
JJWgFF/Oap5JFOqt3Z45ercpsj5jcC2NPnoyH/0N0LY5A7Kd+kid4JU033aRbDbr
Ht9VNv6tD+q+tR5erwalqutytXO8rIh0luOMVUOHPgruIDj9gznQO+daxpfbRjsr
DZ2RgNxP5elizvp3G5Z5PbdafM9xEio=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:32 2024 by rpki-client on console-fra.rpki-client.org