Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BEC6264AB8F811EDB4B12AF6F1222468.roa
File:                     BEC6264AB8F811EDB4B12AF6F1222468.roa (raw, json)
Hash identifier:          ufwfBkcUpCyPkpxlERmhThJxxJJ121LzNcDV/RUZrdc=
Subject key identifier:   D6:00:D4:19:7C:BC:07:7D:0F:03:35:9B:20:2D:97:23:C4:2D:DD:83
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0CB2
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BEC6264AB8F811EDB4B12AF6F1222468.roa
Signing time:             Thu 02 Mar 2023 12:50:01 +0000
ROA not before:           Thu 02 Mar 2023 12:49:57 +0000
ROA not after:            Sat 01 Mar 2025 12:49:57 +0000
asID:                     61317
IP address blocks:        154.16.229.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3250 (0xcb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar  2 12:49:57 2023 GMT
            Not After : Mar  1 12:49:57 2025 GMT
        Subject: CN=64009b79-9a57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:91:46:83:e5:cb:b2:69:6a:45:a8:10:1c:ea:
                    04:e1:e3:e0:32:e5:9c:0a:5d:a1:36:a8:b6:0e:d1:
                    9b:28:95:42:dd:3c:fb:41:4c:ef:0c:dc:a4:d5:d1:
                    91:66:07:3f:b1:5d:f8:95:20:c2:3b:69:bf:fa:6d:
                    bd:c4:0c:cd:14:90:24:30:25:70:9b:e2:64:d7:d4:
                    b7:e2:5a:60:09:0b:ea:f4:0c:d1:53:be:aa:a6:01:
                    6b:ad:d4:9f:39:d7:cc:39:4d:8a:90:8d:27:d1:47:
                    d4:1d:7f:a9:58:8f:af:81:f5:89:f4:97:c6:06:f1:
                    46:6f:f6:73:a2:e9:bb:ab:66:4a:33:1c:a0:65:7c:
                    27:33:54:6b:21:f3:fb:b3:a6:19:91:47:83:89:99:
                    69:45:89:28:7e:ec:97:af:56:39:d0:7d:b4:2d:4a:
                    b0:c9:1b:be:1d:0b:21:07:d0:e5:db:2b:b7:60:ee:
                    57:da:d2:1a:01:e5:08:52:bb:b3:0f:13:3c:49:68:
                    63:6c:1c:6a:a4:48:4a:ca:21:dc:e5:62:7b:e9:24:
                    8a:85:3b:09:af:fa:eb:52:af:06:cb:9e:ac:3b:6a:
                    34:45:39:4d:a8:22:eb:b8:ba:e4:b5:fe:8c:6d:33:
                    10:61:14:53:51:72:5e:27:db:4a:ad:9a:3a:c2:f5:
                    cb:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:00:D4:19:7C:BC:07:7D:0F:03:35:9B:20:2D:97:23:C4:2D:DD:83
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BEC6264AB8F811EDB4B12AF6F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:ba:25:4e:f9:45:75:1f:91:5e:29:80:2b:69:21:3c:0b:24:
         54:e0:64:76:04:7e:64:5d:12:4b:7b:36:55:ec:36:22:fd:79:
         73:87:a3:b3:1f:2e:6e:32:7a:02:cf:ce:f0:51:6c:cb:67:17:
         86:66:ab:f1:52:39:b5:06:e6:88:84:cb:a9:2e:48:10:47:30:
         7e:ba:b8:a8:2a:f2:70:51:b1:65:27:a4:c5:d1:d0:4c:a2:85:
         60:af:51:7d:b6:72:c4:d3:08:7f:2a:f3:33:a7:6e:bb:f5:3d:
         7d:1b:70:8e:e2:45:88:e5:0a:f9:64:c8:ca:22:99:3f:36:c0:
         a9:19:70:b7:c1:c2:51:27:a2:1d:3a:be:1f:33:f3:2b:e1:17:
         9f:a0:02:95:68:40:ce:5e:28:06:d3:73:52:21:ec:2a:23:e4:
         76:b2:b5:42:87:26:c9:6c:2b:74:3f:2a:1c:52:aa:71:f4:47:
         15:21:58:f7:0c:c9:27:9c:be:74:d4:6f:04:0a:7e:d5:5d:44:
         89:d4:ed:5c:4e:36:c8:bf:04:4b:17:eb:79:af:5a:39:20:6b:
         e4:71:9e:69:62:d3:62:16:a9:05:f6:94:78:28:d3:28:f5:65:
         c4:34:06:b5:5f:c6:c0:8b:ba:98:10:e1:89:f0:0c:8d:81:0d:
         3c:d9:1b:4e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDLIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAzMDIxMjQ5NTdaFw0yNTAzMDExMjQ5NTdaMBgxFjAU
BgNVBAMMDTY0MDA5Yjc5LTlhNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJkUaD5cuyaWpFqBAc6gTh4+Ay5ZwKXaE2qLYO0ZsolULdPPtBTO8M3KTV
0ZFmBz+xXfiVIMI7ab/6bb3EDM0UkCQwJXCb4mTX1LfiWmAJC+r0DNFTvqqmAWut
1J8518w5TYqQjSfRR9Qdf6lYj6+B9Yn0l8YG8UZv9nOi6burZkozHKBlfCczVGsh
8/uzphmRR4OJmWlFiSh+7JevVjnQfbQtSrDJG74dCyEH0OXbK7dg7lfa0hoB5QhS
u7MPEzxJaGNsHGqkSErKIdzlYnvpJIqFOwmv+utSrwbLnqw7ajRFOU2oIuu4uuS1
/oxtMxBhFFNRcl4n20qtmjrC9cvbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU1gDU
GXy8B30PAzWbIC2XI8Qt3YMwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0JFQzYyNjRBQjhGODExRURCNEIxMkFGNkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOUwDQYJKoZIhvcNAQEL
BQADggEBAFi6JU75RXUfkV4pgCtpITwLJFTgZHYEfmRdEkt7NlXsNiL9eXOHo7Mf
Lm4yegLPzvBRbMtnF4Zmq/FSObUG5oiEy6kuSBBHMH66uKgq8nBRsWUnpMXR0Eyi
hWCvUX22csTTCH8q8zOnbrv1PX0bcI7iRYjlCvlkyMoimT82wKkZcLfBwlEnoh06
vh8z8yvhF5+gApVoQM5eKAbTc1Ih7Coj5HaytUKHJslsK3Q/KhxSqnH0RxUhWPcM
ySecvnTUbwQKftVdRInU7VxONsi/BEsX63mvWjkga+Rxnmli02IWqQX2lHgo0yj1
ZcQ0BrVfxsCLupgQ4YnwDI2BDTzZG04=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:52:04 2024 by rpki-client on console-fra.rpki-client.org