Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BD8914CA8B8611EEA223261C4AD9E6FC.roa
File:                     BD8914CA8B8611EEA223261C4AD9E6FC.roa (raw, json)
Hash identifier:          bZT+V6l6RNXARpKNrm4Nk9jnec+Q98jf+riWOC+j7M0=
Subject key identifier:   A3:4B:7A:2B:52:8D:87:66:71:0D:B1:55:48:63:D0:F4:05:0A:77:A4
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       136F
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BD8914CA8B8611EEA223261C4AD9E6FC.roa
Signing time:             Sat 25 Nov 2023 11:35:32 +0000
ROA not before:           Sat 25 Nov 2023 11:35:28 +0000
ROA not after:            Tue 25 Nov 2025 11:35:28 +0000
asID:                     212238
IP address blocks:        154.16.84.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4975 (0x136f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 25 11:35:28 2023 GMT
            Not After : Nov 25 11:35:28 2025 GMT
        Subject: CN=6561dc04-c406
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:06:18:c5:47:2e:99:26:3f:bf:3c:a7:c6:ad:
                    cf:ef:c5:5d:0d:87:86:4d:bb:fb:83:33:48:ec:96:
                    ab:ac:47:17:c6:c9:0c:95:2f:1b:16:30:6e:19:1d:
                    45:b0:68:44:aa:f9:ae:b6:13:cc:49:33:43:53:49:
                    18:ae:2e:34:5f:b9:34:d9:f2:2c:21:42:46:47:9a:
                    2e:ce:f7:b7:c4:80:08:1b:bb:9e:a1:a6:4f:c5:09:
                    bc:28:9f:e7:35:5d:86:5d:85:1c:2d:28:81:19:6e:
                    66:01:70:bb:ac:be:18:30:39:02:be:cf:e0:2d:5b:
                    be:8e:a5:23:80:2e:24:b3:33:76:f4:f6:15:51:ab:
                    ce:4c:ff:37:fc:b4:07:71:73:38:53:9d:2f:de:d6:
                    2e:94:9f:06:5c:25:ad:4b:d1:76:76:98:ed:ca:d3:
                    b8:d8:9f:7c:04:81:5d:da:45:a2:34:29:92:e9:b0:
                    c6:c9:d0:e3:65:9f:fb:29:b9:5d:2d:08:16:d0:3d:
                    c6:2f:bf:6e:2b:bf:3c:b9:a6:46:3a:92:34:37:85:
                    3f:06:ab:32:ce:b6:0e:ec:91:ee:9c:66:c6:fd:f1:
                    34:f6:f8:dc:c6:5d:0a:8c:99:8c:2a:76:be:4c:c3:
                    ef:51:83:62:50:dc:d4:7d:ef:33:eb:ff:de:c0:2a:
                    a8:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:4B:7A:2B:52:8D:87:66:71:0D:B1:55:48:63:D0:F4:05:0A:77:A4
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BD8914CA8B8611EEA223261C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:59:e9:db:52:d3:05:c9:6e:ef:91:6a:e7:aa:60:4e:b1:69:
         a3:2d:d1:c6:52:2b:d2:5e:80:b1:8f:6a:2f:df:e6:95:c5:90:
         96:23:f9:e2:de:9c:9b:b6:cb:c0:0c:49:aa:13:de:7e:4e:4d:
         56:bb:b8:b1:b5:f9:af:41:ce:25:1c:30:9a:e9:73:70:37:f2:
         54:cf:5e:10:60:ce:86:57:69:a1:93:22:f0:cc:50:54:8b:99:
         65:6d:ff:17:2f:a8:af:8f:81:41:0a:d6:fc:44:33:c6:a2:12:
         0d:ba:9b:02:e7:b3:2a:e5:ea:0f:a5:ce:e8:3f:02:6e:2b:ac:
         65:b2:05:54:8c:82:c4:36:75:dd:0b:c3:65:ff:e6:75:bc:ec:
         99:32:7c:91:ad:bb:91:2d:9d:95:73:b7:c2:90:62:2a:ad:0e:
         17:aa:67:98:5f:42:73:48:f5:df:cf:f7:99:9d:e8:18:79:93:
         bb:d9:ca:86:8f:e8:a8:03:bb:25:7d:84:11:ac:76:42:f5:14:
         c0:9c:d9:54:2a:aa:f4:20:b3:fb:f1:60:79:0c:dd:73:29:ec:
         61:7a:ae:4b:ff:d0:1d:d6:ad:06:a1:50:45:85:bc:d9:bc:9b:
         7b:0d:b9:c8:2d:bb:90:91:bb:43:8d:b4:a6:c3:3b:40:23:4e:
         89:37:a5:50
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE28wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTM1MjhaFw0yNTExMjUxMTM1MjhaMBgxFjAU
BgNVBAMTDTY1NjFkYzA0LWM0MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7BhjFRy6ZJj+/PKfGrc/vxV0Nh4ZNu/uDM0jslqusRxfGyQyVLxsWMG4Z
HUWwaESq+a62E8xJM0NTSRiuLjRfuTTZ8iwhQkZHmi7O97fEgAgbu56hpk/FCbwo
n+c1XYZdhRwtKIEZbmYBcLusvhgwOQK+z+AtW76OpSOALiSzM3b09hVRq85M/zf8
tAdxczhTnS/e1i6UnwZcJa1L0XZ2mO3K07jYn3wEgV3aRaI0KZLpsMbJ0ONln/sp
uV0tCBbQPcYvv24rvzy5pkY6kjQ3hT8GqzLOtg7ske6cZsb98TT2+NzGXQqMmYwq
dr5Mw+9Rg2JQ3NR97zPr/97AKqgfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUo0t6
K1KNh2ZxDbFVSGPQ9AUKd6QwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0JEODkxNENBOEI4NjExRUVBMjIzMjYxQzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFQwDQYJKoZIhvcNAQEL
BQADggEBAF9Z6dtS0wXJbu+RaueqYE6xaaMt0cZSK9JegLGPai/f5pXFkJYj+eLe
nJu2y8AMSaoT3n5OTVa7uLG1+a9BziUcMJrpc3A38lTPXhBgzoZXaaGTIvDMUFSL
mWVt/xcvqK+PgUEK1vxEM8aiEg26mwLnsyrl6g+lzug/Am4rrGWyBVSMgsQ2dd0L
w2X/5nW87JkyfJGtu5EtnZVzt8KQYiqtDheqZ5hfQnNI9d/P95md6Bh5k7vZyoaP
6KgDuyV9hBGsdkL1FMCc2VQqqvQgs/vxYHkM3XMp7GF6rkv/0B3WrQahUEWFvNm8
m3sNucgtu5CRu0ONtKbDO0AjTok3pVA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:46 2024 by rpki-client on console-ams.rpki-client.org