Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C3852C0EFB1311EEA610D63F017001B1.roa
File:                     C3852C0EFB1311EEA610D63F017001B1.roa (raw, json)
Hash identifier:          UI8V/Pr2FbNbSwdxbGgCv8aqgEXy9EEoxTtWQzZFJ4U=
Subject key identifier:   57:C2:30:6A:2B:73:DD:0E:54:63:96:99:D4:57:0A:C2:89:DC:61:C1
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       15BD
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C3852C0EFB1311EEA610D63F017001B1.roa
Signing time:             Mon 15 Apr 2024 10:34:40 +0000
ROA not before:           Mon 15 Apr 2024 10:34:36 +0000
ROA not after:            Wed 15 Apr 2026 10:34:36 +0000
asID:                     834
IP address blocks:        154.16.250.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5565 (0x15bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 15 10:34:36 2024 GMT
            Not After : Apr 15 10:34:36 2026 GMT
        Subject: CN=661d02c0-09f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:8d:7e:25:f7:dc:86:59:2c:a0:56:f7:0a:90:
                    ac:1b:0c:73:5e:13:31:de:c0:57:0e:c8:84:05:c2:
                    1d:6f:5a:c9:df:09:17:27:a7:55:8b:77:5a:27:67:
                    23:90:d2:1d:75:e0:46:9a:35:8a:58:6f:ab:c5:35:
                    fc:b7:4f:b3:bf:72:00:16:61:84:97:a0:f4:cf:fd:
                    1d:dd:ef:0e:5f:26:fe:65:35:9e:01:54:b4:ff:62:
                    3f:df:33:4a:dd:a8:85:43:e8:7f:95:e2:63:1c:65:
                    96:af:d4:a1:c8:6f:dd:e9:09:2a:25:49:89:64:e2:
                    e4:aa:78:d4:24:b1:7d:e7:f4:31:32:96:3d:44:ee:
                    7d:04:af:6b:b5:98:3e:33:cc:36:fe:fd:38:50:74:
                    1b:da:74:26:56:d4:0c:03:af:5a:2f:85:3c:24:bc:
                    74:b5:fb:a6:8c:1f:62:45:0c:a5:81:e5:65:97:80:
                    63:78:5c:41:d6:d0:82:bf:ab:9b:94:d2:c3:c9:bc:
                    54:06:e2:c3:28:bf:b6:41:c1:10:74:18:ea:b6:50:
                    52:36:ed:d0:5c:a6:90:2b:98:26:57:ab:c0:f5:09:
                    0d:ef:61:36:03:7d:b7:ea:b3:76:9b:93:58:03:55:
                    4a:b5:e2:bc:e8:cd:3e:30:7b:d2:57:c8:94:a2:4d:
                    f0:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:C2:30:6A:2B:73:DD:0E:54:63:96:99:D4:57:0A:C2:89:DC:61:C1
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C3852C0EFB1311EEA610D63F017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:be:72:68:ce:b8:16:55:8b:cd:4d:8f:80:7a:ed:32:c5:19:
         10:e1:0c:44:e3:80:fc:f7:36:fa:82:fd:3c:a2:99:ea:5e:54:
         0f:09:f9:e5:03:8f:3e:c2:ab:62:d5:95:db:85:07:6d:5b:6e:
         04:86:84:d7:3b:0e:19:5b:f9:b9:c7:d1:2d:54:d5:b8:06:5a:
         25:10:68:d1:87:bf:00:6b:35:c9:eb:a7:39:1a:60:60:24:e6:
         6c:23:2b:cb:5d:a2:98:d9:76:61:1f:cb:9a:fc:c5:10:40:c1:
         a8:30:20:dd:6f:41:af:e6:6f:fb:05:b3:d7:18:74:76:dd:64:
         b9:20:49:9c:33:a7:36:91:12:95:f6:59:cc:d6:51:07:32:05:
         36:f4:a0:ea:69:07:da:dd:b2:1f:69:16:eb:b0:9d:cb:0e:dd:
         29:71:c1:fe:91:4f:55:30:ac:09:c4:c0:a3:53:9a:d8:7e:0a:
         a1:3b:f5:72:2e:96:79:78:eb:a5:59:d4:a8:60:8c:56:25:f1:
         fc:0c:f3:71:07:d4:95:97:56:2a:f3:26:16:f1:39:c5:27:af:
         38:2c:fb:83:31:6b:76:89:ab:f7:a8:75:d9:1a:5d:30:37:89:
         d7:9a:57:ea:b7:eb:f9:fd:28:d4:57:be:34:74:87:f3:74:2c:
         6e:23:a0:48
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFb0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MTUxMDM0MzZaFw0yNjA0MTUxMDM0MzZaMBgxFjAU
BgNVBAMTDTY2MWQwMmMwLTA5ZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEjX4l99yGWSygVvcKkKwbDHNeEzHewFcOyIQFwh1vWsnfCRcnp1WLd1on
ZyOQ0h114EaaNYpYb6vFNfy3T7O/cgAWYYSXoPTP/R3d7w5fJv5lNZ4BVLT/Yj/f
M0rdqIVD6H+V4mMcZZav1KHIb93pCSolSYlk4uSqeNQksX3n9DEylj1E7n0Er2u1
mD4zzDb+/ThQdBvadCZW1AwDr1ovhTwkvHS1+6aMH2JFDKWB5WWXgGN4XEHW0IK/
q5uU0sPJvFQG4sMov7ZBwRB0GOq2UFI27dBcppArmCZXq8D1CQ3vYTYDfbfqs3ab
k1gDVUq14rzozT4we9JXyJSiTfDTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUV8Iw
aitz3Q5UY5aZ1FcKwoncYcEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0MzODUyQzBFRkIxMzExRUVBNjEwRDYzRjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPowDQYJKoZIhvcNAQEL
BQADggEBAAi+cmjOuBZVi81Nj4B67TLFGRDhDETjgPz3NvqC/TyimepeVA8J+eUD
jz7Cq2LVlduFB21bbgSGhNc7Dhlb+bnH0S1U1bgGWiUQaNGHvwBrNcnrpzkaYGAk
5mwjK8tdopjZdmEfy5r8xRBAwagwIN1vQa/mb/sFs9cYdHbdZLkgSZwzpzaREpX2
WczWUQcyBTb0oOppB9rdsh9pFuuwncsO3Slxwf6RT1UwrAnEwKNTmth+CqE79XIu
lnl466VZ1KhgjFYl8fwM83EH1JWXVirzJhbxOcUnrzgs+4Mxa3aJq/eoddkaXTA3
ideaV+q36/n9KNRXvjR0h/N0LG4joEg=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:05 2024 by rpki-client on console-fra.rpki-client.org