Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD608AC6D47011EEB0D0CDA9775412E6.roa
File:                     CD608AC6D47011EEB0D0CDA9775412E6.roa (raw, json)
Hash identifier:          Wg+brnGegzDeDNGBdFKM3F5GyBeo2t82sognrTQfiYE=
Subject key identifier:   69:E1:76:C3:03:30:05:66:20:3F:01:10:42:FA:6E:B3:51:F8:65:1F
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       14D4
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD608AC6D47011EEB0D0CDA9775412E6.roa
Signing time:             Mon 26 Feb 2024 06:32:24 +0000
ROA not before:           Mon 26 Feb 2024 06:32:21 +0000
ROA not after:            Thu 26 Feb 2026 06:32:21 +0000
asID:                     834
IP address blocks:        154.16.41.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5332 (0x14d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 26 06:32:21 2024 GMT
            Not After : Feb 26 06:32:21 2026 GMT
        Subject: CN=65dc3078-233b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:01:b0:53:06:64:ba:c0:3d:49:51:c8:4b:d6:
                    12:d3:40:4f:cd:df:67:35:c3:5f:f8:74:59:da:e5:
                    23:b0:a9:15:29:a1:d8:62:fd:62:39:48:25:09:29:
                    38:b5:15:74:a5:72:a4:f6:2b:88:6b:37:75:da:65:
                    3d:93:dd:f7:03:9a:c6:20:2e:5d:aa:ca:c6:72:7c:
                    ef:06:a2:52:1b:ac:58:d1:97:28:23:48:74:fc:6f:
                    76:7b:bd:5b:85:12:8d:38:a8:2a:a3:6c:cf:dd:ab:
                    86:69:06:83:4a:1f:16:13:e5:bd:e1:62:d2:55:dc:
                    ba:dd:62:99:a3:60:4b:83:00:ad:97:b7:63:5a:9d:
                    44:27:a5:6a:91:ad:97:e4:cb:4b:21:7d:69:6c:cc:
                    4a:e9:d3:ce:b3:ec:1b:f5:2f:a5:21:ca:e6:84:70:
                    2a:db:1e:15:78:ac:6f:c0:9a:22:6e:e2:42:7b:db:
                    a9:a5:c9:70:3f:38:1c:74:cc:50:00:00:81:69:a8:
                    8d:b1:20:33:b8:1c:66:0f:77:db:dd:06:0e:74:0e:
                    4e:dc:f6:43:3d:bb:ec:ee:c5:c3:d6:c3:62:0a:d6:
                    8c:b5:57:a4:84:2c:72:ad:a0:7f:bd:98:20:ee:b7:
                    70:df:64:fd:9c:83:ea:12:78:82:db:a1:95:7d:a0:
                    cb:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:E1:76:C3:03:30:05:66:20:3F:01:10:42:FA:6E:B3:51:F8:65:1F
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD608AC6D47011EEB0D0CDA9775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:5b:c8:6a:7f:dd:22:e5:5b:46:25:cd:ae:72:0e:91:bb:e9:
         d3:57:7d:91:a2:e4:54:d9:49:18:bf:fc:ab:1b:8b:70:89:d9:
         76:fe:48:00:5e:e9:c5:03:0d:cf:1d:b5:a7:a0:63:5d:09:ca:
         e9:09:16:f7:50:46:d7:61:be:3f:66:51:05:6b:22:19:79:ee:
         01:ff:96:a0:98:a3:e3:76:88:31:b2:8c:9d:73:82:45:92:d3:
         8b:5b:15:d1:47:c5:7f:20:33:71:85:b3:2b:16:bf:f2:17:9c:
         99:a7:2b:8c:fc:ff:7d:b7:b7:7a:fe:c2:56:35:25:a9:09:02:
         d4:ed:fc:96:44:81:a5:77:06:fd:99:a4:e3:1c:70:97:77:0b:
         6c:1c:9a:22:cb:de:31:39:c3:40:15:a2:18:ca:2f:5a:50:1c:
         e8:75:11:c6:2c:86:15:48:dc:83:f8:87:67:8d:cf:19:b8:0d:
         ca:67:d1:96:fe:9e:0a:35:a5:56:f8:d5:d2:c9:08:a8:f9:97:
         d9:7b:77:f0:08:d2:0d:28:c0:66:6d:ef:7a:69:88:90:d2:a5:
         98:7a:24:dc:05:68:c4:67:59:b9:ec:f5:9f:b3:21:4e:ea:92:
         03:e5:7f:da:ee:13:21:d0:36:0a:84:e0:2e:d8:ab:11:2f:01:
         6d:04:f3:bf
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFNQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjYwNjMyMjFaFw0yNjAyMjYwNjMyMjFaMBgxFjAU
BgNVBAMTDTY1ZGMzMDc4LTIzM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGAbBTBmS6wD1JUchL1hLTQE/N32c1w1/4dFna5SOwqRUpodhi/WI5SCUJ
KTi1FXSlcqT2K4hrN3XaZT2T3fcDmsYgLl2qysZyfO8GolIbrFjRlygjSHT8b3Z7
vVuFEo04qCqjbM/dq4ZpBoNKHxYT5b3hYtJV3LrdYpmjYEuDAK2Xt2NanUQnpWqR
rZfky0shfWlszErp086z7Bv1L6UhyuaEcCrbHhV4rG/AmiJu4kJ726mlyXA/OBx0
zFAAAIFpqI2xIDO4HGYPd9vdBg50Dk7c9kM9u+zuxcPWw2IK1oy1V6SELHKtoH+9
mCDut3DfZP2cg+oSeILboZV9oMuHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUaeF2
wwMwBWYgPwEQQvpus1H4ZR8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0NENjA4QUM2RDQ3MDExRUVCMEQwQ0RBOTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECkwDQYJKoZIhvcNAQEL
BQADggEBADxbyGp/3SLlW0Ylza5yDpG76dNXfZGi5FTZSRi//Ksbi3CJ2Xb+SABe
6cUDDc8dtaegY10JyukJFvdQRtdhvj9mUQVrIhl57gH/lqCYo+N2iDGyjJ1zgkWS
04tbFdFHxX8gM3GFsysWv/IXnJmnK4z8/323t3r+wlY1JakJAtTt/JZEgaV3Bv2Z
pOMccJd3C2wcmiLL3jE5w0AVohjKL1pQHOh1EcYshhVI3IP4h2eNzxm4Dcpn0Zb+
ngo1pVb41dLJCKj5l9l7d/AI0g0owGZt73ppiJDSpZh6JNwFaMRnWbns9Z+zIU7q
kgPlf9ruEyHQNgqE4C7YqxEvAW0E878=
-----END CERTIFICATE-----
Generated at Sun Jul 14 02:50:29 2024 by rpki-client on console-ams.rpki-client.org