Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C2E2038811D611EF95DCF94A017001B1.roa
File:                     C2E2038811D611EF95DCF94A017001B1.roa (raw, json)
Hash identifier:          AcKi7qD3W9Zu7HGnsiE2wvGfc+CB3APqqiKtCQPEdHU=
Subject key identifier:   B1:4B:31:12:72:0E:FA:37:A0:B5:27:69:16:A6:11:76:90:7E:70:BF
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1656
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C2E2038811D611EF95DCF94A017001B1.roa
Signing time:             Tue 14 May 2024 09:45:56 +0000
ROA not before:           Tue 14 May 2024 09:45:53 +0000
ROA not after:            Sat 16 May 2026 09:45:53 +0000
asID:                     20278
IP address blocks:        154.16.205.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5718 (0x1656)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 14 09:45:53 2024 GMT
            Not After : May 16 09:45:53 2026 GMT
        Subject: CN=664332d4-f7be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:96:28:df:b3:29:5f:f6:b2:ab:12:52:3c:c5:
                    6a:c4:74:89:91:a2:04:4e:b7:42:6b:68:3c:04:5f:
                    51:22:74:96:16:21:52:7e:81:ad:86:a7:02:2d:98:
                    17:68:15:c9:6a:02:a4:ad:24:8e:93:22:2c:e1:48:
                    c7:9c:7a:b8:fb:39:11:2d:00:b1:eb:b5:85:bf:b8:
                    f3:af:1e:82:52:eb:9e:a7:08:1a:93:36:5d:af:7e:
                    ad:3e:20:00:26:a9:b1:29:ce:6f:e1:fd:7c:f8:d5:
                    c1:f3:37:d0:00:a0:9b:1d:33:64:a6:8f:ac:bc:b7:
                    6b:8a:61:53:43:91:a5:ea:28:fc:b8:f9:74:a2:c1:
                    d7:b3:dc:5a:2f:f9:22:cc:b7:16:df:f2:9b:19:26:
                    46:29:ab:4d:bb:c8:5b:ac:51:5f:30:fc:e9:e9:df:
                    2a:55:79:16:d5:d2:c7:b5:22:0c:20:3c:b6:ec:5f:
                    94:98:6c:28:be:a1:70:2b:af:73:78:ed:21:4c:78:
                    7c:9a:cc:c7:3a:0b:a7:f4:9e:e9:f5:aa:cb:12:17:
                    ec:60:45:df:e2:75:d5:03:6d:bd:10:cf:a8:2c:5c:
                    b4:21:bc:90:c7:9f:d7:bb:32:35:53:bb:50:6a:2b:
                    2a:16:a6:ea:18:eb:49:19:b6:41:7b:cf:d6:c3:e5:
                    00:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:4B:31:12:72:0E:FA:37:A0:B5:27:69:16:A6:11:76:90:7E:70:BF
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C2E2038811D611EF95DCF94A017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:9a:82:b9:cc:e6:4b:df:d5:bc:db:c6:45:d8:ed:b9:a4:6b:
         eb:b5:dd:ff:0f:df:1c:3d:7d:59:a2:b3:7e:f2:5e:13:01:ea:
         63:02:51:94:71:34:b2:19:51:b4:c7:ab:74:94:13:f3:2a:95:
         ad:18:ad:20:01:7f:0b:26:76:4f:e3:9f:3f:1b:46:37:5f:a5:
         7c:5a:86:f7:9c:d4:61:0c:4d:b4:b8:d7:26:6a:51:2f:54:08:
         76:d1:77:85:10:ae:c2:51:2c:41:f4:b0:0c:f8:7f:f4:b0:b9:
         47:3f:34:17:75:38:43:6b:df:0d:f3:90:bf:c9:0e:cf:ae:80:
         da:1c:2f:1a:74:9b:da:d4:eb:91:cb:b4:70:58:0d:74:90:7b:
         4f:f6:64:a2:76:78:ba:69:a5:10:6a:37:e5:e7:ca:fc:9d:ed:
         06:d6:c6:4f:9f:df:16:2a:b2:f5:9f:c8:72:53:0e:0d:87:03:
         1e:ce:d9:b5:ed:da:e6:d5:fc:58:3a:d3:a5:8b:b0:55:d6:43:
         58:88:30:39:2a:04:3a:12:bf:19:40:b5:8b:cc:7e:bd:78:ef:
         70:15:20:2b:59:5c:3e:c1:5e:f7:b6:75:85:e2:0a:43:90:e9:
         91:a2:4f:43:c7:aa:2a:db:c8:ed:3e:4e:41:a5:df:e1:43:66:
         4e:bf:31:f3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFlYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MTQwOTQ1NTNaFw0yNjA1MTYwOTQ1NTNaMBgxFjAU
BgNVBAMTDTY2NDMzMmQ0LWY3YmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDclijfsylf9rKrElI8xWrEdImRogROt0JraDwEX1EidJYWIVJ+ga2GpwIt
mBdoFclqAqStJI6TIizhSMecerj7OREtALHrtYW/uPOvHoJS656nCBqTNl2vfq0+
IAAmqbEpzm/h/Xz41cHzN9AAoJsdM2Smj6y8t2uKYVNDkaXqKPy4+XSiwdez3Fov
+SLMtxbf8psZJkYpq027yFusUV8w/Onp3ypVeRbV0se1IgwgPLbsX5SYbCi+oXAr
r3N47SFMeHyazMc6C6f0nun1qssSF+xgRd/iddUDbb0Qz6gsXLQhvJDHn9e7MjVT
u1BqKyoWpuoY60kZtkF7z9bD5QAvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUsUsx
EnIO+jegtSdpFqYRdpB+cL8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0MyRTIwMzg4MTFENjExRUY5NURDRjk0QTAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEM0wDQYJKoZIhvcNAQEL
BQADggEBADqagrnM5kvf1bzbxkXY7bmka+u13f8P3xw9fVmis37yXhMB6mMCUZRx
NLIZUbTHq3SUE/Mqla0YrSABfwsmdk/jnz8bRjdfpXxahvec1GEMTbS41yZqUS9U
CHbRd4UQrsJRLEH0sAz4f/SwuUc/NBd1OENr3w3zkL/JDs+ugNocLxp0m9rU65HL
tHBYDXSQe0/2ZKJ2eLpppRBqN+Xnyvyd7QbWxk+f3xYqsvWfyHJTDg2HAx7O2bXt
2ubV/Fg606WLsFXWQ1iIMDkqBDoSvxlAtYvMfr1473AVICtZXD7BXve2dYXiCkOQ
6ZGiT0PHqirbyO0+TkGl3+FDZk6/MfM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:56 2024 by rpki-client on console-fra.rpki-client.org