Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C6D047CA893C11EEAABF6E454AD9E6FC.roa
File:                     C6D047CA893C11EEAABF6E454AD9E6FC.roa (raw, json)
Hash identifier:          du7yk/23dFFNsgCZ2alZAPzC0fX1hPmqRIHjQFM6qbA=
Subject key identifier:   FE:22:EE:02:F7:F1:A7:FE:4D:97:B4:0F:19:22:9A:96:A1:C8:2D:BA
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1331
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C6D047CA893C11EEAABF6E454AD9E6FC.roa
Signing time:             Wed 22 Nov 2023 13:41:02 +0000
ROA not before:           Wed 22 Nov 2023 13:40:59 +0000
ROA not after:            Sat 22 Nov 2025 13:40:59 +0000
asID:                     211440
IP address blocks:        154.16.51.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4913 (0x1331)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 22 13:40:59 2023 GMT
            Not After : Nov 22 13:40:59 2025 GMT
        Subject: CN=655e04ee-c48b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f2:1d:69:d8:38:12:06:3d:ed:16:ce:34:46:
                    80:41:68:7e:89:60:52:f2:4c:c0:1d:bb:5d:77:c6:
                    18:20:30:2f:5e:c1:17:ea:b5:d3:1e:63:88:2a:3d:
                    49:a7:a7:9d:ed:3e:1e:07:7a:43:b8:76:f4:ff:fa:
                    cd:d3:ba:55:f6:ac:1c:2d:f5:d3:e2:10:93:01:3d:
                    3b:18:f0:97:36:c4:9d:56:21:2f:1a:18:03:b6:dd:
                    9e:37:24:d5:f9:d0:a7:da:4d:c8:e6:57:61:7f:1f:
                    85:3e:f8:f4:ec:7e:c6:51:d4:c8:df:a2:21:e7:36:
                    f9:c5:eb:5f:c0:92:ef:3b:50:87:41:f6:90:e3:ea:
                    07:7b:02:c8:5e:e2:8f:f9:9e:df:24:d7:74:87:e6:
                    4b:02:21:89:f6:d2:99:0b:77:51:e2:7b:c9:66:7f:
                    3f:ec:e3:86:c9:99:bc:c4:d5:63:ce:bf:91:57:7b:
                    6e:7f:8b:25:f3:af:5e:d5:0a:40:15:fd:9c:c6:36:
                    30:49:d0:ce:a6:6b:d4:7f:15:01:8a:6b:27:d9:3f:
                    a8:31:f8:22:43:46:55:02:17:06:f9:f1:2c:fc:59:
                    71:69:5a:3c:34:3b:ed:5c:97:6a:80:92:91:18:dd:
                    87:ac:28:25:ed:81:b1:cf:47:77:4b:f6:dc:b2:c6:
                    e9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:22:EE:02:F7:F1:A7:FE:4D:97:B4:0F:19:22:9A:96:A1:C8:2D:BA
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C6D047CA893C11EEAABF6E454AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:4d:68:3c:a9:d2:c9:4a:c0:7d:f7:c7:4e:6b:a6:ca:7b:f8:
         2f:4c:8d:77:af:2f:f1:63:ce:d5:2d:c2:6c:23:79:40:9e:e1:
         d7:8c:84:45:57:e4:bb:1b:48:b8:7e:7a:2d:5b:3e:7f:53:9b:
         1a:f0:89:25:c7:cd:ad:cb:25:2e:04:97:8d:36:d8:6a:9d:4a:
         83:cb:78:c0:e0:38:71:f3:d6:0a:91:09:3e:39:15:80:c5:f8:
         c4:15:01:75:70:ef:6f:6d:c3:12:93:68:76:27:7f:16:15:89:
         fc:28:c6:a7:b8:c3:99:34:2e:f6:6d:69:40:c6:68:3e:ea:23:
         dd:17:92:a2:d5:d4:3f:fb:60:90:ce:02:6f:b5:d7:41:ce:54:
         ab:63:21:b8:8c:f3:9f:c2:ba:bf:7f:e4:2a:ed:51:5b:8e:c1:
         06:bd:8d:7e:d7:d2:e9:c2:65:40:d6:36:fa:d4:ff:f7:3b:76:
         f1:37:25:26:68:88:de:6c:d0:21:e1:2a:4c:41:76:98:fb:9b:
         1a:52:f0:62:96:4c:74:19:cb:8c:e8:20:d3:27:6a:7c:93:95:
         ce:4d:77:ef:dd:8a:e9:fb:77:ce:55:33:21:ed:cb:d0:c4:84:
         69:1f:81:31:b8:0c:eb:46:56:16:df:41:ce:f1:c0:d7:f9:d5:
         86:75:c5:1d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEzEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjIxMzQwNTlaFw0yNTExMjIxMzQwNTlaMBgxFjAU
BgNVBAMTDTY1NWUwNGVlLWM0OGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC28h1p2DgSBj3tFs40RoBBaH6JYFLyTMAdu113xhggMC9ewRfqtdMeY4gq
PUmnp53tPh4HekO4dvT/+s3TulX2rBwt9dPiEJMBPTsY8Jc2xJ1WIS8aGAO23Z43
JNX50KfaTcjmV2F/H4U++PTsfsZR1MjfoiHnNvnF61/Aku87UIdB9pDj6gd7Ashe
4o/5nt8k13SH5ksCIYn20pkLd1Hie8lmfz/s44bJmbzE1WPOv5FXe25/iyXzr17V
CkAV/ZzGNjBJ0M6ma9R/FQGKayfZP6gx+CJDRlUCFwb58Sz8WXFpWjw0O+1cl2qA
kpEY3YesKCXtgbHPR3dL9tyyxumhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU/iLu
Avfxp/5Nl7QPGSKalqHILbowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0M2RDA0N0NBODkzQzExRUVBQUJGNkU0NTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDMwDQYJKoZIhvcNAQEL
BQADggEBALVNaDyp0slKwH33x05rpsp7+C9MjXevL/FjztUtwmwjeUCe4deMhEVX
5LsbSLh+ei1bPn9TmxrwiSXHza3LJS4El4022GqdSoPLeMDgOHHz1gqRCT45FYDF
+MQVAXVw729twxKTaHYnfxYVifwoxqe4w5k0LvZtaUDGaD7qI90XkqLV1D/7YJDO
Am+110HOVKtjIbiM85/Cur9/5CrtUVuOwQa9jX7X0unCZUDWNvrU//c7dvE3JSZo
iN5s0CHhKkxBdpj7mxpS8GKWTHQZy4zoINMnanyTlc5Nd+/diun7d85VMyHty9DE
hGkfgTG4DOtGVhbfQc7xwNf51YZ1xR0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:56 2024 by rpki-client on console-fra.rpki-client.org