Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BEC92D6418F011EFBF3E5428017001B1.roa
File:                     BEC92D6418F011EFBF3E5428017001B1.roa (raw, json)
Hash identifier:          Th3F1G41rA3o0XOcUSPqZU8wg2gRgS0DhmStRgUf0Kk=
Subject key identifier:   A4:EF:72:24:35:B8:FA:B6:ED:42:A0:57:A9:E5:ED:22:CB:62:61:36
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1678
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BEC92D6418F011EFBF3E5428017001B1.roa
Signing time:             Thu 23 May 2024 10:39:34 +0000
ROA not before:           Thu 23 May 2024 10:39:31 +0000
ROA not after:            Sat 23 May 2026 10:39:31 +0000
asID:                     9009
IP address blocks:        154.16.124.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5752 (0x1678)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 23 10:39:31 2024 GMT
            Not After : May 23 10:39:31 2026 GMT
        Subject: CN=664f1ce6-618a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:3d:02:b9:1e:e0:de:9c:cb:ba:0c:2c:12:53:
                    f0:3c:5e:a6:1f:c7:76:95:c9:01:c7:16:c2:06:ce:
                    72:97:e8:8c:81:fa:14:64:5e:78:53:0d:43:8c:28:
                    70:2f:7a:4f:53:2a:0c:87:2a:dd:55:14:e1:76:b4:
                    da:a1:56:47:2f:aa:9a:cc:8e:2c:5d:ab:93:08:a9:
                    a2:dc:ce:4f:28:fb:36:bf:8e:cc:bf:6f:23:9e:e7:
                    4f:8d:e6:19:45:51:5c:16:d8:d4:5e:46:18:23:1d:
                    9a:76:15:e8:6e:db:4a:fe:da:1a:f3:0d:fc:21:24:
                    0b:4b:6a:c1:50:bd:6b:e1:1a:ff:5d:77:4b:80:3b:
                    d9:cf:13:ab:c6:b0:63:88:bd:52:ea:da:a9:3e:36:
                    a3:26:29:02:69:ad:86:db:c8:80:d6:0d:a5:88:cb:
                    7c:6b:22:d9:dc:eb:38:62:1b:93:e3:58:75:bd:06:
                    4e:7f:8a:f7:6a:b4:4c:f6:0f:8c:f6:4f:ba:d1:4a:
                    cf:62:17:c3:4e:c6:ed:41:57:fa:76:f7:9c:df:ec:
                    a5:5e:64:78:4b:93:17:98:7d:9c:80:ea:c8:cc:95:
                    2b:4c:11:02:47:5f:0d:12:73:3e:b4:aa:22:25:1f:
                    50:8e:2c:88:f3:1a:31:0e:cd:42:62:df:c0:e5:06:
                    8e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:EF:72:24:35:B8:FA:B6:ED:42:A0:57:A9:E5:ED:22:CB:62:61:36
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BEC92D6418F011EFBF3E5428017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:38:c7:15:1c:3f:90:06:2d:2b:89:8f:ff:02:8a:d8:33:76:
         53:c8:05:d3:6e:fb:06:f9:c2:e9:12:00:e2:7c:3b:f0:68:e2:
         7a:de:79:9b:af:58:7f:a3:50:61:dc:f6:f6:f1:64:b7:4c:c0:
         fd:b4:62:cf:80:ae:2b:db:cf:05:08:16:2d:0f:c7:75:8b:b2:
         f3:7c:c0:79:3b:01:c5:57:71:bb:57:c9:68:d1:af:1c:9a:90:
         96:c3:e4:a2:89:22:83:f8:ed:f9:6b:3f:b8:ca:97:cf:fc:3f:
         1d:bc:c9:bc:82:47:aa:4f:27:a8:ee:6b:62:4f:73:5b:bf:6f:
         6f:1a:70:2e:40:42:10:dc:0b:9b:c0:00:26:87:cc:a0:3c:76:
         66:38:ec:c4:1e:5c:4c:7d:c3:cd:1a:38:98:e6:d6:03:12:fa:
         1a:75:57:75:fe:8d:04:2e:4a:d1:04:cf:dd:4a:ff:02:41:97:
         7e:43:0b:21:7e:50:62:19:fa:4f:b3:87:49:3f:d8:86:11:c0:
         53:0b:86:82:eb:01:d9:50:c1:d3:c4:44:02:37:23:4f:c1:4b:
         a9:91:95:78:b4:c2:94:c3:ed:37:05:4b:53:69:43:b1:e6:c2:
         94:32:9a:f3:e7:3d:8f:65:f3:a8:63:d0:05:09:98:a5:b1:29:
         df:bb:18:cd
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFngwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MjMxMDM5MzFaFw0yNjA1MjMxMDM5MzFaMBgxFjAU
BgNVBAMTDTY2NGYxY2U2LTYxOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkPQK5HuDenMu6DCwSU/A8XqYfx3aVyQHHFsIGznKX6IyB+hRkXnhTDUOM
KHAvek9TKgyHKt1VFOF2tNqhVkcvqprMjixdq5MIqaLczk8o+za/jsy/byOe50+N
5hlFUVwW2NReRhgjHZp2Fehu20r+2hrzDfwhJAtLasFQvWvhGv9dd0uAO9nPE6vG
sGOIvVLq2qk+NqMmKQJprYbbyIDWDaWIy3xrItnc6zhiG5PjWHW9Bk5/ivdqtEz2
D4z2T7rRSs9iF8NOxu1BV/p295zf7KVeZHhLkxeYfZyA6sjMlStMEQJHXw0Scz60
qiIlH1COLIjzGjEOzUJi38DlBo6tAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpO9y
JDW4+rbtQqBXqeXtIstiYTYwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0JFQzkyRDY0MThGMDExRUZCRjNFNTQyODAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHwwDQYJKoZIhvcNAQEL
BQADggEBAH04xxUcP5AGLSuJj/8CitgzdlPIBdNu+wb5wukSAOJ8O/Bo4nreeZuv
WH+jUGHc9vbxZLdMwP20Ys+ArivbzwUIFi0Px3WLsvN8wHk7AcVXcbtXyWjRrxya
kJbD5KKJIoP47flrP7jKl8/8Px28ybyCR6pPJ6jua2JPc1u/b28acC5AQhDcC5vA
ACaHzKA8dmY47MQeXEx9w80aOJjm1gMS+hp1V3X+jQQuStEEz91K/wJBl35DCyF+
UGIZ+k+zh0k/2IYRwFMLhoLrAdlQwdPERAI3I0/BS6mRlXi0wpTD7TcFS1NpQ7Hm
wpQymvPnPY9l86hj0AUJmKWxKd+7GM0=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:05 2024 by rpki-client on console-fra.rpki-client.org