Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B8EA3E728B8511EE9D08E4184AD9E6FC.roa
File:                     B8EA3E728B8511EE9D08E4184AD9E6FC.roa (raw, json)
Hash identifier:          0Dn6U3fivPduUlvZT2tyO870GAgEipC4dsc7DscPPU8=
Subject key identifier:   43:8F:E1:00:93:15:CD:F8:9D:86:ED:F2:1A:34:A2:43:6E:F0:65:C8
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1365
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B8EA3E728B8511EE9D08E4184AD9E6FC.roa
Signing time:             Sat 25 Nov 2023 11:28:14 +0000
ROA not before:           Sat 25 Nov 2023 11:28:11 +0000
ROA not after:            Tue 25 Nov 2025 11:28:11 +0000
asID:                     212238
IP address blocks:        154.16.45.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4965 (0x1365)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 25 11:28:11 2023 GMT
            Not After : Nov 25 11:28:11 2025 GMT
        Subject: CN=6561da4e-9951
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a8:38:10:c0:65:f9:d8:00:b0:91:61:77:6b:
                    82:2f:4e:73:d0:65:c9:85:c9:df:e3:11:82:78:9d:
                    4a:bb:d4:98:d9:8c:97:88:39:47:53:37:0a:87:e5:
                    57:34:9e:7c:38:f9:9d:14:55:d7:e5:5d:0c:6c:47:
                    96:10:cb:01:c9:82:50:db:8a:4d:99:8c:d2:63:d4:
                    d5:b5:81:cb:29:ea:c0:33:10:bb:a8:3c:14:89:3c:
                    26:d4:df:49:a9:df:22:f5:24:ce:25:e5:2a:51:43:
                    a1:1f:15:a4:29:30:2a:d7:52:a7:d1:7e:28:af:95:
                    a4:32:d7:6a:83:df:47:6c:dd:b2:4d:fa:20:64:45:
                    b4:bc:5d:68:7a:ee:6b:45:3b:b0:30:9b:46:0f:3e:
                    0c:5b:e3:eb:b4:52:d9:65:4f:7c:10:84:5b:2b:3a:
                    a7:9f:52:97:58:e1:4a:ce:5c:75:0f:9e:2b:85:49:
                    45:ba:25:89:79:09:f1:24:8d:7f:f2:a3:76:09:dd:
                    c4:80:bf:e2:ed:57:b9:6c:ed:ef:8d:70:7c:c7:5f:
                    ee:3c:bd:3c:ee:f1:c0:89:3c:79:27:c8:b5:59:85:
                    64:02:7c:aa:7f:81:b1:d4:2c:17:19:09:f4:df:81:
                    1e:07:dd:57:9d:42:2c:0e:5c:03:6c:6a:77:3c:b6:
                    99:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:8F:E1:00:93:15:CD:F8:9D:86:ED:F2:1A:34:A2:43:6E:F0:65:C8
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B8EA3E728B8511EE9D08E4184AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c9:57:09:61:bf:90:50:e6:1a:79:c2:e7:a5:c3:24:05:70:93:
         81:b1:4b:9e:bb:c0:d9:c4:bf:3b:d3:3c:f7:c5:a1:4d:ad:17:
         c0:5d:73:cc:9f:55:db:44:5a:34:4b:f4:d7:84:2f:f2:c1:7e:
         55:f2:10:9a:ef:2f:bd:10:b1:bb:82:70:1b:52:66:2f:63:52:
         6c:99:a4:8d:d7:97:b4:d6:67:4a:93:c9:0d:db:bf:b1:f4:81:
         b6:36:04:8d:2a:c8:3b:90:a6:c1:50:08:eb:87:a2:92:1f:a4:
         8e:43:3e:cd:bd:5b:35:7c:19:e7:87:fc:c8:d1:41:08:94:17:
         99:28:71:63:f4:40:a7:ab:23:44:b9:a7:84:4e:4b:f8:36:ea:
         63:d5:86:a0:84:fb:e3:de:43:85:7c:73:8a:2c:78:ba:36:ea:
         19:fd:7a:72:e5:3e:25:bb:db:7b:e9:ea:54:de:d9:1a:dd:d5:
         7f:0c:4c:18:a9:0c:50:1c:c2:9a:83:6a:87:74:55:c8:25:1d:
         35:ae:4a:18:d9:9c:36:6e:f4:a0:ee:0d:ac:45:b8:2b:4b:67:
         76:91:c4:2b:b8:4f:08:22:b5:b9:6a:c5:d7:95:8f:93:31:f3:
         8d:e4:c3:36:a7:5d:76:f7:52:17:ff:5b:34:3b:e9:d6:6c:3d:
         c3:c2:c2:61
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE2UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTI4MTFaFw0yNTExMjUxMTI4MTFaMBgxFjAU
BgNVBAMTDTY1NjFkYTRlLTk5NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLqDgQwGX52ACwkWF3a4IvTnPQZcmFyd/jEYJ4nUq71JjZjJeIOUdTNwqH
5Vc0nnw4+Z0UVdflXQxsR5YQywHJglDbik2ZjNJj1NW1gcsp6sAzELuoPBSJPCbU
30mp3yL1JM4l5SpRQ6EfFaQpMCrXUqfRfiivlaQy12qD30ds3bJN+iBkRbS8XWh6
7mtFO7Awm0YPPgxb4+u0UtllT3wQhFsrOqefUpdY4UrOXHUPniuFSUW6JYl5CfEk
jX/yo3YJ3cSAv+LtV7ls7e+NcHzHX+48vTzu8cCJPHknyLVZhWQCfKp/gbHULBcZ
CfTfgR4H3VedQiwOXANsanc8tpmRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQ4/h
AJMVzfidhu3yGjSiQ27wZcgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0I4RUEzRTcyOEI4NTExRUU5RDA4RTQxODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEC0wDQYJKoZIhvcNAQEL
BQADggEBAMlXCWG/kFDmGnnC56XDJAVwk4GxS567wNnEvzvTPPfFoU2tF8Bdc8yf
VdtEWjRL9NeEL/LBflXyEJrvL70QsbuCcBtSZi9jUmyZpI3Xl7TWZ0qTyQ3bv7H0
gbY2BI0qyDuQpsFQCOuHopIfpI5DPs29WzV8GeeH/MjRQQiUF5kocWP0QKerI0S5
p4ROS/g26mPVhqCE++PeQ4V8c4oseLo26hn9enLlPiW723vp6lTe2Rrd1X8MTBip
DFAcwpqDaod0VcglHTWuShjZnDZu9KDuDaxFuCtLZ3aRxCu4TwgitblqxdeVj5Mx
843kwzanXXb3Uhf/WzQ76dZsPcPCwmE=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org