Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BA575DCE134A11EF8E5FE124017001B1.roa
File:                     BA575DCE134A11EF8E5FE124017001B1.roa (raw, json)
Hash identifier:          pk3tqRvsoCOMXg/vG8bgnYZZSkUH0I59ChqHqoyVEXc=
Subject key identifier:   DC:2C:7D:8F:94:40:AC:6D:AF:A7:94:95:62:C0:23:73:BA:0F:88:E8
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1663
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BA575DCE134A11EF8E5FE124017001B1.roa
Signing time:             Thu 16 May 2024 06:08:35 +0000
ROA not before:           Thu 16 May 2024 06:08:30 +0000
ROA not after:            Sat 16 May 2026 06:08:30 +0000
asID:                     834
IP address blocks:        154.16.72.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5731 (0x1663)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 16 06:08:30 2024 GMT
            Not After : May 16 06:08:30 2026 GMT
        Subject: CN=6645a2e3-e27a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:fe:df:7c:7f:e3:c9:5f:14:25:19:59:57:9e:
                    91:2a:43:66:16:d4:29:94:1c:9e:16:ba:25:89:1d:
                    64:d7:52:02:6c:45:81:e4:70:d5:47:d9:89:7c:60:
                    c8:64:dc:6e:30:d7:3f:55:78:7c:0a:b9:7d:0d:2a:
                    bf:5e:f3:63:e5:9e:e7:1d:a4:73:49:c8:25:28:2f:
                    57:4f:08:97:99:9e:04:a6:11:1c:d1:c7:19:0d:35:
                    09:60:9c:61:29:fb:17:90:eb:39:8a:95:8c:f8:fd:
                    65:b1:61:60:34:c9:71:e3:7a:68:a0:82:c9:39:68:
                    ea:e7:3b:88:5d:a7:86:e5:21:c5:39:f8:ee:f3:cb:
                    c4:cb:90:e3:27:fc:27:ad:77:e8:f9:3c:6b:e4:70:
                    76:4c:35:a1:e7:d4:ca:32:84:e7:e3:cd:0a:f2:8f:
                    69:e8:7c:08:6e:6c:ef:58:ff:6f:66:0e:59:67:8f:
                    1d:65:0c:b6:99:38:6f:85:a1:8c:a3:be:ef:4c:df:
                    01:9c:d4:f9:a7:a7:29:70:84:0b:63:ea:31:03:f7:
                    01:6e:01:1b:dd:4a:e8:c7:f5:49:70:0e:8f:13:be:
                    4a:9b:c3:3e:55:e2:56:eb:d9:49:8f:e2:9c:04:30:
                    b4:1d:a4:4d:a8:6f:a4:ac:be:4a:42:ca:03:4b:35:
                    cb:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:2C:7D:8F:94:40:AC:6D:AF:A7:94:95:62:C0:23:73:BA:0F:88:E8
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BA575DCE134A11EF8E5FE124017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:10:0d:10:67:76:29:de:98:7a:bd:f6:29:3b:db:fc:3e:62:
         fa:04:a0:80:f4:82:44:10:a4:03:6b:c1:6f:a9:e5:3d:66:5a:
         73:f7:56:21:9f:a3:f4:66:cc:b9:c3:96:6a:0a:b1:e9:e7:39:
         b2:b5:c7:f9:39:a3:ff:bb:b6:bc:fa:cc:bd:a3:f8:14:01:07:
         3b:24:2a:64:95:97:6b:3f:ee:a3:3b:84:0d:5f:f8:96:50:91:
         71:3e:b4:59:74:7e:eb:ff:4e:48:88:3d:b8:d0:62:86:73:26:
         b8:62:5f:ba:93:6f:d6:87:e1:ff:a6:8c:a8:7f:d8:34:ec:ee:
         92:38:ce:85:cc:19:e7:1c:74:ca:cb:e0:c6:e2:84:f6:10:ad:
         4b:26:f1:5c:f4:aa:18:d9:42:1c:e5:df:0d:ab:ea:c1:31:d2:
         ca:40:85:e3:e1:89:ff:e3:6a:99:ad:43:fd:8b:3d:2a:0b:df:
         89:3f:b7:9f:86:1e:28:f0:d4:d1:a8:9f:c8:45:2c:e2:a4:28:
         29:e4:d0:23:bc:dd:3e:7c:d0:e2:78:a9:58:da:d6:ee:b1:50:
         74:2a:3b:88:77:31:e2:3a:61:07:66:a8:a9:87:e7:97:0e:2d:
         6d:5c:47:de:74:2c:4b:2f:ea:72:f8:5f:00:7d:f9:27:72:e4:
         ab:6f:2a:ce
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFmMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MTYwNjA4MzBaFw0yNjA1MTYwNjA4MzBaMBgxFjAU
BgNVBAMTDTY2NDVhMmUzLWUyN2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8/t98f+PJXxQlGVlXnpEqQ2YW1CmUHJ4WuiWJHWTXUgJsRYHkcNVH2Yl8
YMhk3G4w1z9VeHwKuX0NKr9e82PlnucdpHNJyCUoL1dPCJeZngSmERzRxxkNNQlg
nGEp+xeQ6zmKlYz4/WWxYWA0yXHjemiggsk5aOrnO4hdp4blIcU5+O7zy8TLkOMn
/Cetd+j5PGvkcHZMNaHn1MoyhOfjzQryj2nofAhubO9Y/29mDllnjx1lDLaZOG+F
oYyjvu9M3wGc1PmnpylwhAtj6jED9wFuARvdSujH9UlwDo8Tvkqbwz5V4lbr2UmP
4pwEMLQdpE2ob6SsvkpCygNLNct/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU3Cx9
j5RArG2vp5SVYsAjc7oPiOgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0JBNTc1RENFMTM0QTExRUY4RTVGRTEyNDAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEgwDQYJKoZIhvcNAQEL
BQADggEBAI0QDRBndinemHq99ik72/w+YvoEoID0gkQQpANrwW+p5T1mWnP3ViGf
o/RmzLnDlmoKsennObK1x/k5o/+7trz6zL2j+BQBBzskKmSVl2s/7qM7hA1f+JZQ
kXE+tFl0fuv/TkiIPbjQYoZzJrhiX7qTb9aH4f+mjKh/2DTs7pI4zoXMGeccdMrL
4MbihPYQrUsm8Vz0qhjZQhzl3w2r6sEx0spAhePhif/japmtQ/2LPSoL34k/t5+G
Hijw1NGon8hFLOKkKCnk0CO83T580OJ4qVja1u6xUHQqO4h3MeI6YQdmqKmH55cO
LW1cR950LEsv6nL4XwB9+Sdy5KtvKs4=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org