Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9321AA64BD511EE882059884AD9E6FC.roa
File:                     C9321AA64BD511EE882059884AD9E6FC.roa (raw, json)
Hash identifier:          LJfSO877HISD3UFtnld3h1338LKfO14XLUnG2bBsG0A=
Subject key identifier:   E8:68:57:16:8D:E9:DE:03:10:9B:5C:17:AC:F0:F4:71:D2:A4:F6:2F
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       11F6
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9321AA64BD511EE882059884AD9E6FC.roa
Signing time:             Tue 05 Sep 2023 10:20:07 +0000
ROA not before:           Tue 05 Sep 2023 10:20:04 +0000
ROA not after:            Fri 05 Sep 2025 10:20:04 +0000
asID:                     141158
IP address blocks:        154.16.136.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4598 (0x11f6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Sep  5 10:20:04 2023 GMT
            Not After : Sep  5 10:20:04 2025 GMT
        Subject: CN=64f700d7-6df2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:61:d1:8a:f5:7d:db:73:8f:39:46:ea:e9:a0:
                    f6:f1:04:c7:19:f5:a0:bd:b2:4b:f8:7a:c2:60:6d:
                    6b:d1:6a:22:e2:c6:21:6f:7a:54:c7:a1:cb:84:a4:
                    13:31:7d:54:54:74:89:b4:8c:05:36:4a:6b:62:31:
                    13:6f:8d:97:96:0e:b4:e4:cf:53:02:6a:7e:dc:49:
                    b2:56:34:51:4b:50:3b:49:9b:be:3f:41:a4:b7:a2:
                    61:36:6c:17:e7:79:3d:aa:c2:b9:11:6b:3e:e5:b1:
                    e2:7e:4b:db:2d:29:99:03:87:1c:6c:dd:0a:49:d7:
                    6f:2d:ac:bc:20:65:ec:6d:b1:f5:13:da:6c:78:12:
                    ea:82:09:cf:5e:cb:f4:53:ed:85:11:75:f3:96:09:
                    31:6d:84:7e:19:3d:96:66:ed:6f:0a:b1:ee:ec:43:
                    87:e5:9c:51:91:04:1e:08:72:b3:37:a8:31:bc:c3:
                    53:19:71:75:1f:f5:17:8f:7b:ef:18:67:2d:d0:92:
                    76:aa:d1:f9:55:75:1f:b5:04:91:4d:ac:eb:8a:b4:
                    8c:bb:b3:b0:f9:d4:45:28:0f:01:c4:f4:dd:40:ef:
                    b8:bb:f1:3c:7d:47:ec:e8:b7:04:d7:10:8a:e7:64:
                    b6:43:be:77:fb:7c:19:18:52:14:b6:14:9f:08:63:
                    fa:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:68:57:16:8D:E9:DE:03:10:9B:5C:17:AC:F0:F4:71:D2:A4:F6:2F
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9321AA64BD511EE882059884AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:6c:e5:fa:73:bd:08:1e:82:ca:ee:c4:64:44:38:80:92:81:
         e6:3a:4b:28:7c:81:66:e0:bb:e0:41:5a:cc:c8:7f:92:35:61:
         01:49:38:57:e2:34:67:6d:c4:67:8d:6c:b5:ca:a7:d9:99:cb:
         7e:7f:61:03:78:4b:cc:99:99:b2:9f:a6:05:74:26:cc:84:33:
         26:74:8b:43:35:0e:4e:fa:cb:e0:69:3f:da:9f:50:1d:a7:fe:
         c4:c7:b3:f3:f8:ed:da:bd:8f:31:cd:6c:62:8f:f3:3e:7f:8a:
         d0:21:b9:56:6b:26:11:4e:f1:28:53:db:34:53:94:29:df:89:
         dc:49:73:64:0d:13:cf:3a:b5:75:c0:ef:b6:66:cd:09:e4:6c:
         49:f8:3c:6e:f4:fd:da:ed:38:a4:74:1c:71:25:36:d7:38:18:
         5f:4c:98:f8:a2:da:98:68:de:74:8a:41:e8:0b:54:78:1d:f1:
         ac:47:de:f0:ff:01:4f:f4:a7:90:8f:aa:3a:2c:e4:4d:06:0f:
         8f:92:c2:1f:09:a8:d5:a6:67:b4:94:04:dc:a5:88:5e:55:09:
         4e:dc:aa:60:48:8f:ce:86:f8:1f:27:73:e5:8c:4f:39:19:b2:
         31:42:75:ef:31:88:74:0c:9f:63:00:05:87:da:16:80:25:59:
         f0:4b:6f:4c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEfYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MDUxMDIwMDRaFw0yNTA5MDUxMDIwMDRaMBgxFjAU
BgNVBAMTDTY0ZjcwMGQ3LTZkZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFYdGK9X3bc485RurpoPbxBMcZ9aC9skv4esJgbWvRaiLixiFvelTHocuE
pBMxfVRUdIm0jAU2SmtiMRNvjZeWDrTkz1MCan7cSbJWNFFLUDtJm74/QaS3omE2
bBfneT2qwrkRaz7lseJ+S9stKZkDhxxs3QpJ128trLwgZextsfUT2mx4EuqCCc9e
y/RT7YURdfOWCTFthH4ZPZZm7W8Kse7sQ4flnFGRBB4IcrM3qDG8w1MZcXUf9ReP
e+8YZy3Qknaq0flVdR+1BJFNrOuKtIy7s7D51EUoDwHE9N1A77i78Tx9R+zotwTX
EIrnZLZDvnf7fBkYUhS2FJ8IY/plAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6GhX
Fo3p3gMQm1wXrPD0cdKk9i8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0M5MzIxQUE2NEJENTExRUU4ODIwNTk4ODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIgwDQYJKoZIhvcNAQEL
BQADggEBABRs5fpzvQgegsruxGREOICSgeY6Syh8gWbgu+BBWszIf5I1YQFJOFfi
NGdtxGeNbLXKp9mZy35/YQN4S8yZmbKfpgV0JsyEMyZ0i0M1Dk76y+BpP9qfUB2n
/sTHs/P47dq9jzHNbGKP8z5/itAhuVZrJhFO8ShT2zRTlCnfidxJc2QNE886tXXA
77ZmzQnkbEn4PG70/drtOKR0HHElNtc4GF9MmPii2pho3nSKQegLVHgd8axH3vD/
AU/0p5CPqjos5E0GD4+Swh8JqNWmZ7SUBNyliF5VCU7cqmBIj86G+B8nc+WMTzkZ
sjFCde8xiHQMn2MABYfaFoAlWfBLb0w=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:45 2024 by rpki-client on console-fra.rpki-client.org