Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AF4A7962D54B11EE9F224992775412E6.roa
File:                     AF4A7962D54B11EE9F224992775412E6.roa (raw, json)
Hash identifier:          S9GTq0Rn2mC1X7aa4NimSWF3Hsuu+lAMCaQm12W/lyc=
Subject key identifier:   69:D6:09:3B:E5:30:63:21:12:0F:C5:9D:13:EF:8E:4D:B7:1B:18:5F
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1504
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AF4A7962D54B11EE9F224992775412E6.roa
Signing time:             Tue 27 Feb 2024 08:39:13 +0000
ROA not before:           Tue 27 Feb 2024 08:39:10 +0000
ROA not after:            Fri 27 Feb 2026 08:39:10 +0000
asID:                     201341
IP address blocks:        154.16.103.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5380 (0x1504)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 08:39:10 2024 GMT
            Not After : Feb 27 08:39:10 2026 GMT
        Subject: CN=65dd9fb1-105b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:8b:92:b7:04:fd:e5:79:2a:c6:71:0f:26:46:
                    3c:fe:13:ac:eb:34:9a:39:f9:fc:bd:b3:1e:84:36:
                    27:b2:47:9b:db:2d:1a:4e:58:67:01:64:af:cb:3f:
                    4b:06:2e:ab:19:11:60:cb:72:33:56:bb:86:5d:6c:
                    58:26:4a:1e:9c:e6:f3:24:3b:77:20:80:27:3b:42:
                    ec:0e:23:89:2f:36:1f:26:38:22:56:ca:f1:ef:b0:
                    d3:37:f7:4c:ae:b2:f6:75:ce:17:b1:20:fb:a4:cb:
                    64:9b:09:64:05:3a:4e:0b:d4:dd:a6:09:be:27:cb:
                    1c:06:38:f4:c7:ac:82:64:2f:cf:41:83:51:a4:76:
                    64:ed:90:38:ca:c1:25:86:c7:0c:ce:c2:2e:e0:d9:
                    1a:30:b3:15:66:03:89:84:5a:40:b0:22:e5:cc:a1:
                    fc:ca:54:93:d8:52:82:af:df:e4:29:78:13:03:2f:
                    56:7e:97:33:1c:54:c6:b3:c4:cc:9a:63:bc:57:d1:
                    88:8c:b9:a9:68:60:d2:46:6f:2c:36:98:f2:2b:a5:
                    60:10:d4:4e:92:5e:b2:de:74:e3:57:7a:99:78:52:
                    be:41:52:1e:74:8c:d1:74:37:d1:6e:b3:ca:4c:3b:
                    1d:dd:09:30:3a:d2:74:84:72:ca:0b:d8:a9:8f:88:
                    94:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:D6:09:3B:E5:30:63:21:12:0F:C5:9D:13:EF:8E:4D:B7:1B:18:5F
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AF4A7962D54B11EE9F224992775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:0e:cf:5a:8b:40:bb:30:7e:20:71:0e:fc:54:94:c7:8c:10:
         c6:7e:bd:12:6e:1c:3a:b4:03:c0:b6:b6:19:b7:5a:c8:65:a8:
         58:10:4b:4a:13:eb:a8:fe:dd:52:1c:f7:07:84:4e:cb:4d:6c:
         29:e1:3f:e3:06:ee:82:4e:26:b8:2f:f4:04:83:7d:4a:5f:78:
         9c:3b:32:a1:ef:bc:49:da:87:95:33:87:1d:1f:d0:4b:30:ec:
         b5:08:5f:aa:71:f1:1c:6d:d3:e5:88:51:8b:ca:a9:d2:19:53:
         fc:4a:9b:bf:b0:32:f6:4a:46:a4:46:07:56:06:bf:b2:93:06:
         cc:d1:5e:8c:17:ed:e4:13:21:f5:7c:16:4e:92:c4:e7:14:ba:
         19:06:aa:e9:bf:42:00:f3:a8:77:e2:31:53:87:29:a1:b7:6c:
         e8:66:9c:39:94:86:6f:88:0d:d9:e2:9d:43:a6:6c:2c:81:6d:
         60:9e:a1:85:a5:99:cf:00:91:49:b7:12:ad:7f:4b:cb:78:63:
         29:58:5d:3b:b8:cc:be:c0:75:20:45:16:47:04:94:b5:10:97:
         ad:bb:fd:1b:f6:c7:68:3a:02:71:9f:2d:75:83:55:b6:34:05:
         5c:4b:37:13:e2:74:5e:53:01:e6:12:28:6a:80:13:bf:15:21:
         b1:83:8a:b1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFQQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwODM5MTBaFw0yNjAyMjcwODM5MTBaMBgxFjAU
BgNVBAMTDTY1ZGQ5ZmIxLTEwNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQChi5K3BP3leSrGcQ8mRjz+E6zrNJo5+fy9sx6ENieyR5vbLRpOWGcBZK/L
P0sGLqsZEWDLcjNWu4ZdbFgmSh6c5vMkO3cggCc7QuwOI4kvNh8mOCJWyvHvsNM3
90yusvZ1zhexIPuky2SbCWQFOk4L1N2mCb4nyxwGOPTHrIJkL89Bg1GkdmTtkDjK
wSWGxwzOwi7g2RowsxVmA4mEWkCwIuXMofzKVJPYUoKv3+QpeBMDL1Z+lzMcVMaz
xMyaY7xX0YiMualoYNJGbyw2mPIrpWAQ1E6SXrLedONXepl4Ur5BUh50jNF0N9Fu
s8pMOx3dCTA60nSEcsoL2KmPiJQFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUadYJ
O+UwYyESD8WdE++OTbcbGF8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0FGNEE3OTYyRDU0QjExRUU5RjIyNDk5Mjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGcwDQYJKoZIhvcNAQEL
BQADggEBAC0Oz1qLQLswfiBxDvxUlMeMEMZ+vRJuHDq0A8C2thm3WshlqFgQS0oT
66j+3VIc9weETstNbCnhP+MG7oJOJrgv9ASDfUpfeJw7MqHvvEnah5Uzhx0f0Esw
7LUIX6px8Rxt0+WIUYvKqdIZU/xKm7+wMvZKRqRGB1YGv7KTBszRXowX7eQTIfV8
Fk6SxOcUuhkGqum/QgDzqHfiMVOHKaG3bOhmnDmUhm+IDdninUOmbCyBbWCeoYWl
mc8AkUm3Eq1/S8t4YylYXTu4zL7AdSBFFkcElLUQl627/Rv2x2g6AnGfLXWDVbY0
BVxLNxPidF5TAeYSKGqAE78VIbGDirE=
-----END CERTIFICATE-----
Generated at Sun Jul 14 02:50:29 2024 by rpki-client on console-ams.rpki-client.org