Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B4E06A52B8F611EDB60503F0F1222468.roa
File:                     B4E06A52B8F611EDB60503F0F1222468.roa (raw, json)
Hash identifier:          F/rRZ9BjxOF2PMFxhiMmfws9icg7s2Ht2VcdZ8PNjVg=
Subject key identifier:   7C:84:22:0B:6C:C9:92:EC:53:3B:88:AF:26:73:AB:50:4C:D8:9A:A3
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0C9D
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B4E06A52B8F611EDB60503F0F1222468.roa
Signing time:             Thu 02 Mar 2023 12:35:25 +0000
ROA not before:           Thu 02 Mar 2023 12:35:22 +0000
ROA not after:            Sat 01 Mar 2025 12:35:22 +0000
asID:                     61317
IP address blocks:        154.16.215.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3229 (0xc9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar  2 12:35:22 2023 GMT
            Not After : Mar  1 12:35:22 2025 GMT
        Subject: CN=6400980d-4e42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:32:fc:42:73:f9:39:a1:e8:f1:a3:36:1e:c1:
                    dd:3e:90:89:5e:b4:59:67:99:de:b6:58:85:08:53:
                    39:a2:f4:a3:bb:3b:c5:83:53:f3:5c:77:f8:08:cb:
                    11:8c:68:bf:f8:f9:27:15:19:17:ce:3a:8e:5f:24:
                    1a:f5:9a:b4:94:63:3c:8a:3a:4a:7e:78:f9:e1:57:
                    3a:4a:12:81:ec:bb:c4:b5:2f:fd:8d:d7:eb:cf:70:
                    a4:3b:c6:ae:52:7e:de:13:07:7d:bf:32:1d:2a:71:
                    17:d2:c7:95:7a:6c:85:eb:84:78:6b:cc:4e:96:f1:
                    70:12:12:41:0f:26:b8:07:8d:56:0c:83:0a:b0:10:
                    23:73:54:05:c5:ea:e3:9e:5d:af:55:db:65:6c:14:
                    92:af:f5:0a:75:0b:12:30:cf:ef:66:eb:ff:9f:d1:
                    39:95:22:c2:cf:f8:b8:43:01:b9:ef:cc:cd:f0:81:
                    f2:d2:20:1e:e2:9e:aa:b7:82:8c:7d:e1:3b:8a:39:
                    f9:ef:73:86:4a:a3:80:28:1b:1e:c6:8c:15:9a:71:
                    ff:d8:6e:95:db:04:ee:f7:13:06:6b:c6:21:35:03:
                    7d:4d:9f:7c:ee:8e:69:3a:40:1e:a9:72:4f:5b:02:
                    a6:ba:e6:42:3e:c5:54:d0:2a:5a:a9:27:0a:47:36:
                    e7:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:84:22:0B:6C:C9:92:EC:53:3B:88:AF:26:73:AB:50:4C:D8:9A:A3
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B4E06A52B8F611EDB60503F0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:ba:25:5b:70:7b:78:5e:3e:0a:47:c3:06:51:e2:a1:c1:15:
         99:4d:4b:ba:73:3e:a1:49:e2:ab:93:33:98:64:ea:b6:73:f8:
         f6:1d:3d:2c:1a:76:98:1b:34:68:31:11:cb:f2:0f:08:b4:77:
         bc:01:ca:e4:bb:37:6b:d5:55:48:61:0e:70:6f:f0:69:40:e0:
         cb:36:12:8e:56:44:a3:b8:ef:99:29:ea:f8:07:4d:60:40:39:
         9a:7a:0c:a0:3d:b4:11:68:e5:33:09:3d:10:c1:09:f5:3d:a2:
         af:58:dc:5c:bb:fe:ff:12:48:92:49:d2:ef:38:e6:9d:ad:ea:
         a3:0f:1f:13:36:47:3c:8d:6a:cc:5f:1f:db:c7:b1:40:45:b7:
         9f:8b:30:ef:9e:0b:ce:a3:47:e7:04:6f:ef:6f:ee:2f:cf:9b:
         09:d8:b3:85:c0:71:8a:08:c8:52:e3:32:91:22:02:43:9b:a9:
         af:95:8d:64:14:dc:58:fd:30:e9:c7:6e:fe:d5:b7:bd:ec:c8:
         e7:d1:d8:d7:02:a1:ab:9a:74:1e:78:e2:9f:9d:73:f8:24:14:
         8b:2b:ea:3f:df:53:12:dd:69:11:51:8c:94:46:be:1b:ac:d9:
         46:b5:bc:a9:f0:20:82:ca:cc:bd:0c:c6:c4:50:02:65:26:82:
         d9:1a:9d:b6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDJ0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAzMDIxMjM1MjJaFw0yNTAzMDExMjM1MjJaMBgxFjAU
BgNVBAMMDTY0MDA5ODBkLTRlNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDeMvxCc/k5oejxozYewd0+kIletFlnmd62WIUIUzmi9KO7O8WDU/Ncd/gI
yxGMaL/4+ScVGRfOOo5fJBr1mrSUYzyKOkp+ePnhVzpKEoHsu8S1L/2N1+vPcKQ7
xq5Sft4TB32/Mh0qcRfSx5V6bIXrhHhrzE6W8XASEkEPJrgHjVYMgwqwECNzVAXF
6uOeXa9V22VsFJKv9Qp1CxIwz+9m6/+f0TmVIsLP+LhDAbnvzM3wgfLSIB7inqq3
gox94TuKOfnvc4ZKo4AoGx7GjBWacf/YbpXbBO73EwZrxiE1A31Nn3zujmk6QB6p
ck9bAqa65kI+xVTQKlqpJwpHNudvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfIQi
C2zJkuxTO4ivJnOrUEzYmqMwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0I0RTA2QTUyQjhGNjExRURCNjA1MDNGMEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENcwDQYJKoZIhvcNAQEL
BQADggEBAEC6JVtwe3hePgpHwwZR4qHBFZlNS7pzPqFJ4quTM5hk6rZz+PYdPSwa
dpgbNGgxEcvyDwi0d7wByuS7N2vVVUhhDnBv8GlA4Ms2Eo5WRKO475kp6vgHTWBA
OZp6DKA9tBFo5TMJPRDBCfU9oq9Y3Fy7/v8SSJJJ0u845p2t6qMPHxM2RzyNasxf
H9vHsUBFt5+LMO+eC86jR+cEb+9v7i/PmwnYs4XAcYoIyFLjMpEiAkObqa+VjWQU
3Fj9MOnHbv7Vt73syOfR2NcCoauadB544p+dc/gkFIsr6j/fUxLdaRFRjJRGvhus
2Ua1vKnwIILKzL0MxsRQAmUmgtkanbY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:56 2024 by rpki-client on console-fra.rpki-client.org