Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BE2C9164019B11EFAB29F4FB007001B1.roa
File:                     BE2C9164019B11EFAB29F4FB007001B1.roa (raw, json)
Hash identifier:          doJyX9LS6cQNgYDGMjiAKe9ioWfUHa0M5RHynhmTHJc=
Subject key identifier:   C7:F3:95:AA:46:1E:21:19:91:B5:A8:29:3C:77:93:FE:D5:B6:05:C8
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       15F7
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BE2C9164019B11EFAB29F4FB007001B1.roa
Signing time:             Tue 23 Apr 2024 18:03:09 +0000
ROA not before:           Tue 23 Apr 2024 18:03:06 +0000
ROA not after:            Sat 25 Apr 2026 18:03:06 +0000
asID:                     212669
IP address blocks:        154.16.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5623 (0x15f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 23 18:03:06 2024 GMT
            Not After : Apr 25 18:03:06 2026 GMT
        Subject: CN=6627f7dd-0417
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d9:68:18:44:80:77:00:d1:2f:fb:26:cc:21:
                    b3:e7:29:68:b0:d3:b6:89:4a:92:fc:2a:e5:65:e3:
                    33:61:87:95:8e:26:c2:1e:d7:fa:d0:6b:87:04:61:
                    16:48:51:4f:98:c0:ae:98:f6:69:4e:ab:bd:14:a9:
                    1d:9f:95:cc:3a:72:0e:f9:4f:5f:f6:71:a4:de:f1:
                    96:2d:f3:cf:28:5c:4d:67:ee:89:47:55:84:25:c8:
                    8c:c5:97:67:33:3f:29:c8:b9:e0:46:45:23:eb:41:
                    87:5d:ca:6b:4f:16:04:67:67:34:2f:85:f7:6b:ed:
                    dd:be:85:03:6c:37:25:be:c9:d9:3b:b7:e6:bb:a5:
                    cc:79:c9:01:a5:cb:ef:24:7c:45:ca:85:67:57:aa:
                    9d:09:fd:3e:58:0b:a0:0e:cc:83:aa:43:55:e8:d1:
                    44:69:7f:79:8e:69:6c:7d:50:da:7c:12:44:dc:05:
                    3f:e4:67:87:b4:7a:79:ec:84:88:00:ad:73:d6:8a:
                    99:72:7f:ce:33:dc:e2:12:6b:b6:84:84:75:9d:c4:
                    27:d4:b3:ea:8a:8e:69:04:6d:b6:88:f0:b6:2f:1b:
                    8c:5d:57:38:75:4f:d7:a7:19:19:b4:04:1f:a0:04:
                    c3:7b:c6:43:02:84:75:d2:0a:3a:0f:aa:2b:6c:af:
                    7f:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:F3:95:AA:46:1E:21:19:91:B5:A8:29:3C:77:93:FE:D5:B6:05:C8
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BE2C9164019B11EFAB29F4FB007001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d1:d4:d6:33:01:05:1b:f0:48:69:28:24:55:12:ab:82:9d:fe:
         c9:b6:d7:59:c0:0d:ad:7a:48:35:da:17:21:ab:68:ae:70:45:
         07:53:bb:db:6e:dd:9b:37:45:bc:20:8b:02:05:ae:13:7f:d7:
         be:8f:bf:99:71:ed:36:d0:b8:e0:bf:18:e6:41:b9:df:a6:9e:
         51:e4:ca:c9:c6:95:56:c9:e7:8d:3a:3e:51:12:8f:83:fb:0d:
         93:3c:a8:d5:f9:84:4f:5f:ac:b5:e1:08:bf:ea:83:f8:eb:08:
         b9:20:b8:06:08:a0:59:b2:66:43:6b:ec:b3:03:7c:cb:af:69:
         cc:48:28:ca:cc:d2:3a:53:33:18:fd:d6:72:92:01:a3:40:08:
         67:7d:26:c7:21:6d:d8:f7:f0:61:71:37:84:9e:9e:1e:cc:7f:
         c1:49:9e:b6:5a:23:6f:8e:f3:3a:d6:d1:13:ce:11:24:2f:29:
         a2:31:83:c2:01:7b:e5:fd:24:14:9f:eb:08:92:37:02:b2:6f:
         08:3a:2c:fd:bd:b5:49:9f:4b:79:37:a2:ff:50:4c:b1:64:b8:
         6f:71:16:35:2b:4e:dd:9b:a6:cf:f7:8a:d0:7a:8d:cc:c5:c1:
         3c:34:62:a2:65:4a:5c:dd:8c:46:df:69:eb:52:b9:a5:e7:41:
         a1:2a:34:a6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFfcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MjMxODAzMDZaFw0yNjA0MjUxODAzMDZaMBgxFjAU
BgNVBAMTDTY2MjdmN2RkLTA0MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCy2WgYRIB3ANEv+ybMIbPnKWiw07aJSpL8KuVl4zNhh5WOJsIe1/rQa4cE
YRZIUU+YwK6Y9mlOq70UqR2flcw6cg75T1/2caTe8ZYt888oXE1n7olHVYQlyIzF
l2czPynIueBGRSPrQYddymtPFgRnZzQvhfdr7d2+hQNsNyW+ydk7t+a7pcx5yQGl
y+8kfEXKhWdXqp0J/T5YC6AOzIOqQ1Xo0URpf3mOaWx9UNp8EkTcBT/kZ4e0enns
hIgArXPWiplyf84z3OISa7aEhHWdxCfUs+qKjmkEbbaI8LYvG4xdVzh1T9enGRm0
BB+gBMN7xkMChHXSCjoPqitsr3/ZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUx/OV
qkYeIRmRtagpPHeT/tW2BcgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0JFMkM5MTY0MDE5QjExRUZBQjI5RjRGQjAwNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJowDQYJKoZIhvcNAQEL
BQADggEBANHU1jMBBRvwSGkoJFUSq4Kd/sm211nADa16SDXaFyGraK5wRQdTu9tu
3Zs3RbwgiwIFrhN/176Pv5lx7TbQuOC/GOZBud+mnlHkysnGlVbJ5406PlESj4P7
DZM8qNX5hE9frLXhCL/qg/jrCLkguAYIoFmyZkNr7LMDfMuvacxIKMrM0jpTMxj9
1nKSAaNACGd9Jschbdj38GFxN4Senh7Mf8FJnrZaI2+O8zrW0RPOESQvKaIxg8IB
e+X9JBSf6wiSNwKybwg6LP29tUmfS3k3ov9QTLFkuG9xFjUrTt2bps/3itB6jczF
wTw0YqJlSlzdjEbfaetSuaXnQaEqNKY=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org