Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B21C67B8110F11EFAE4958F5007001B1.roa
File:                     B21C67B8110F11EFAE4958F5007001B1.roa (raw, json)
Hash identifier:          nVIFm5sWxYK7cTj3FcDqM10E8tJB3fpJ9UkpkPSxGVY=
Subject key identifier:   74:91:8B:31:BE:EA:B6:67:2F:2F:DC:1C:4F:F2:5B:70:0E:D1:13:77
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       164F
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B21C67B8110F11EFAE4958F5007001B1.roa
Signing time:             Mon 13 May 2024 10:00:58 +0000
ROA not before:           Mon 13 May 2024 10:00:55 +0000
ROA not after:            Wed 13 May 2026 10:00:55 +0000
asID:                     3320
IP address blocks:        154.16.218.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5711 (0x164f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 13 10:00:55 2024 GMT
            Not After : May 13 10:00:55 2026 GMT
        Subject: CN=6641e4da-4ca7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1e:c4:16:0b:7d:b2:d1:13:83:fa:27:64:f4:
                    fe:6e:d9:94:bb:af:17:40:ed:da:ac:dd:05:34:cf:
                    65:67:ff:3f:1e:41:bd:7d:16:59:0b:5f:a7:08:8f:
                    91:c0:29:e3:f3:dd:a9:c8:70:be:02:ca:5d:aa:5b:
                    5f:0d:e7:1d:c7:56:8b:29:ee:7a:2d:4d:75:7a:bf:
                    ce:7e:c9:a0:ad:7d:2d:60:a1:5d:a1:52:76:cb:70:
                    e8:3c:67:01:cc:d5:e8:e6:3d:ac:55:cd:0d:26:6d:
                    90:f5:2c:fd:ea:21:48:4d:1b:8e:57:67:8a:99:b1:
                    96:d2:b8:2f:b4:37:55:c3:da:a3:21:6d:29:b0:1e:
                    05:b4:0f:85:ee:9f:78:53:92:70:ed:8f:e5:0a:96:
                    4b:b5:32:c7:34:b3:5e:e4:e5:ba:9e:a4:1b:f7:e9:
                    61:0b:8a:d6:8b:e1:4a:2c:cb:c7:af:19:ca:63:bc:
                    75:58:64:bf:9c:7e:0d:dd:10:33:85:c3:2a:35:f3:
                    14:84:c6:64:04:0b:d8:77:c0:87:5c:47:e5:aa:49:
                    bf:62:14:5a:a1:2c:30:69:a0:be:4c:76:6f:3b:7d:
                    6b:85:46:25:ab:d0:97:9c:a8:61:9c:8f:b4:93:e8:
                    35:db:65:27:57:55:d3:8a:dd:1a:9b:9d:20:d3:4d:
                    70:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:91:8B:31:BE:EA:B6:67:2F:2F:DC:1C:4F:F2:5B:70:0E:D1:13:77
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B21C67B8110F11EFAE4958F5007001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cf:14:70:31:c9:58:27:df:ba:9a:7b:19:29:f0:fe:5a:10:ba:
         fa:86:54:39:42:44:60:81:10:7d:2a:fc:c0:20:21:fe:b5:b7:
         31:ba:cb:c3:35:be:a8:45:9c:b2:b0:b9:a4:2e:06:01:21:a0:
         40:13:4d:28:1a:bd:8d:99:67:ba:54:92:35:d7:34:90:11:f3:
         0c:c7:95:e3:0e:41:f8:19:23:af:95:ca:68:6a:62:ba:9f:83:
         21:ea:43:9f:11:ed:aa:aa:25:04:1c:68:d0:b6:69:25:dc:cf:
         48:44:36:3b:de:74:67:8c:d5:63:83:43:4f:b6:4c:c2:77:61:
         c9:7d:2f:b0:a4:aa:f3:60:8f:68:4c:3d:4d:5c:7f:40:04:41:
         98:44:8d:7d:a7:b4:21:2a:0f:fe:92:ca:56:c2:bc:c9:7f:4f:
         0e:9f:85:1c:c3:c1:fe:90:75:f3:3d:13:b1:4c:17:47:86:d7:
         cc:23:fc:8e:ac:00:77:3b:ed:79:a1:6a:ec:16:43:2e:57:bf:
         5f:3d:bf:d8:4b:ed:78:f5:cc:3d:f5:99:37:c6:bc:4b:f1:3d:
         9f:e6:53:99:f0:11:4b:8c:16:60:56:bc:b2:75:63:32:8e:f8:
         bf:36:51:a5:c4:fa:ed:b1:f0:f4:2a:03:a3:83:0b:ab:91:0f:
         da:64:23:06
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFk8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MTMxMDAwNTVaFw0yNjA1MTMxMDAwNTVaMBgxFjAU
BgNVBAMTDTY2NDFlNGRhLTRjYTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4HsQWC32y0ROD+idk9P5u2ZS7rxdA7dqs3QU0z2Vn/z8eQb19FlkLX6cI
j5HAKePz3anIcL4Cyl2qW18N5x3HVosp7notTXV6v85+yaCtfS1goV2hUnbLcOg8
ZwHM1ejmPaxVzQ0mbZD1LP3qIUhNG45XZ4qZsZbSuC+0N1XD2qMhbSmwHgW0D4Xu
n3hTknDtj+UKlku1Msc0s17k5bqepBv36WELitaL4Uosy8evGcpjvHVYZL+cfg3d
EDOFwyo18xSExmQEC9h3wIdcR+WqSb9iFFqhLDBpoL5Mdm87fWuFRiWr0JecqGGc
j7ST6DXbZSdXVdOK3RqbnSDTTXCDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdJGL
Mb7qtmcvL9wcT/JbcA7RE3cwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0IyMUM2N0I4MTEwRjExRUZBRTQ5NThGNTAwNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENowDQYJKoZIhvcNAQEL
BQADggEBAM8UcDHJWCffupp7GSnw/loQuvqGVDlCRGCBEH0q/MAgIf61tzG6y8M1
vqhFnLKwuaQuBgEhoEATTSgavY2ZZ7pUkjXXNJAR8wzHleMOQfgZI6+VymhqYrqf
gyHqQ58R7aqqJQQcaNC2aSXcz0hENjvedGeM1WODQ0+2TMJ3Ycl9L7CkqvNgj2hM
PU1cf0AEQZhEjX2ntCEqD/6SylbCvMl/Tw6fhRzDwf6QdfM9E7FMF0eG18wj/I6s
AHc77XmhauwWQy5Xv189v9hL7Xj1zD31mTfGvEvxPZ/mU5nwEUuMFmBWvLJ1YzKO
+L82UaXE+u2x8PQqA6ODC6uRD9pkIwY=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:45 2024 by rpki-client on console-fra.rpki-client.org