Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD60E326B8F711EDB03850F3F1222468.roa
File:                     CD60E326B8F711EDB03850F3F1222468.roa (raw, json)
Hash identifier:          0YGNd+vp/+gcnEvYl8Ub071snlZ0yDNme++Z0AtNTp4=
Subject key identifier:   41:02:66:03:FA:02:F8:4A:F4:47:4D:C4:2D:6C:D9:59:8C:8F:FF:FB
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0CAE
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD60E326B8F711EDB03850F3F1222468.roa
Signing time:             Thu 02 Mar 2023 12:43:16 +0000
ROA not before:           Thu 02 Mar 2023 12:43:12 +0000
ROA not after:            Sat 01 Mar 2025 12:43:12 +0000
asID:                     61317
IP address blocks:        154.16.226.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3246 (0xcae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar  2 12:43:12 2023 GMT
            Not After : Mar  1 12:43:12 2025 GMT
        Subject: CN=640099e4-0bcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:04:b8:76:16:16:43:97:5a:01:34:69:69:ed:
                    52:06:cd:32:18:5c:36:52:66:5f:0e:ed:eb:86:61:
                    7c:ed:cc:a3:02:9f:e7:42:48:ea:48:1a:86:10:cc:
                    07:cf:97:cd:38:5e:b2:ba:ea:b7:dc:83:f7:88:5a:
                    89:18:a0:70:7f:d2:39:a6:90:b2:3c:d6:d0:cc:8d:
                    12:73:0c:f5:7e:e5:7f:6a:4a:c7:62:76:a5:63:3a:
                    04:0a:c3:5c:ab:1d:3b:23:07:cc:71:36:25:3d:f2:
                    13:62:a7:1c:fe:ba:94:9c:8d:6d:7d:9f:f1:a1:a8:
                    b2:a9:93:11:45:a3:ba:0b:28:00:2c:5f:cc:66:e1:
                    23:f8:a2:36:8f:a6:e5:44:59:cd:65:be:81:5c:1b:
                    82:c2:6f:77:e1:a0:97:44:56:1d:e3:72:46:c7:08:
                    77:8a:fb:49:83:9d:5e:0c:2f:7f:7f:56:df:8b:5a:
                    2d:6e:d5:19:6e:59:92:3c:ff:b2:81:e4:17:75:c9:
                    c9:1b:cf:ea:06:66:8f:45:00:3f:87:cc:97:b1:ad:
                    cb:4a:73:f5:7f:bd:1c:fe:cd:e3:f7:81:ec:6c:1b:
                    80:f5:e1:85:97:4f:86:4a:87:b6:42:f8:d6:01:65:
                    29:a5:f5:02:d0:9c:3f:a4:cb:dd:8e:66:12:f2:07:
                    11:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:02:66:03:FA:02:F8:4A:F4:47:4D:C4:2D:6C:D9:59:8C:8F:FF:FB
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD60E326B8F711EDB03850F3F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:3a:54:9b:11:15:14:2f:6f:51:6f:8f:2a:e3:c6:cd:46:9f:
         bd:11:c7:ba:b7:a0:cb:e9:eb:83:bb:cf:65:09:a9:3d:cb:26:
         5f:94:e3:cf:14:24:3e:3f:ab:23:b2:aa:3d:c0:91:ac:69:3c:
         76:74:12:71:2f:2f:98:89:00:6d:ae:f3:4a:ed:26:67:a2:e4:
         09:59:3a:b4:76:6a:05:af:7c:5b:b2:f8:69:50:2c:17:3b:0e:
         df:5e:c3:84:42:89:06:eb:75:79:92:94:fa:76:c3:12:d0:c4:
         6f:b7:c4:19:ba:65:e1:31:6c:d6:09:13:ea:96:80:bf:7f:fc:
         e2:3e:ae:66:ed:e0:16:ab:0d:32:4d:c3:a8:55:45:cd:56:36:
         1f:eb:2e:0f:67:5a:af:c7:32:6a:03:17:3f:53:7b:af:e8:37:
         ce:8e:11:a0:85:81:41:72:76:61:b6:b7:a7:f8:02:c3:9d:26:
         29:37:81:2f:9c:0d:5d:d5:15:ab:31:11:19:35:9b:47:6a:74:
         81:73:6b:01:9b:c5:08:98:f7:34:f4:d4:66:58:80:8c:bb:48:
         13:80:eb:3f:24:30:05:94:7d:b6:31:d0:e7:38:9d:f8:23:33:
         98:ee:23:f7:54:ce:75:ec:64:1b:da:20:b0:2f:e9:99:c6:2c:
         c8:8b:79:cc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDK4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAzMDIxMjQzMTJaFw0yNTAzMDExMjQzMTJaMBgxFjAU
BgNVBAMMDTY0MDA5OWU0LTBiY2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWBLh2FhZDl1oBNGlp7VIGzTIYXDZSZl8O7euGYXztzKMCn+dCSOpIGoYQ
zAfPl804XrK66rfcg/eIWokYoHB/0jmmkLI81tDMjRJzDPV+5X9qSsdidqVjOgQK
w1yrHTsjB8xxNiU98hNipxz+upScjW19n/GhqLKpkxFFo7oLKAAsX8xm4SP4ojaP
puVEWc1lvoFcG4LCb3fhoJdEVh3jckbHCHeK+0mDnV4ML39/Vt+LWi1u1RluWZI8
/7KB5Bd1yckbz+oGZo9FAD+HzJexrctKc/V/vRz+zeP3gexsG4D14YWXT4ZKh7ZC
+NYBZSml9QLQnD+ky92OZhLyBxEhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQQJm
A/oC+Er0R03ELWzZWYyP//swHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0NENjBFMzI2QjhGNzExRURCMDM4NTBGM0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOIwDQYJKoZIhvcNAQEL
BQADggEBADY6VJsRFRQvb1Fvjyrjxs1Gn70Rx7q3oMvp64O7z2UJqT3LJl+U488U
JD4/qyOyqj3AkaxpPHZ0EnEvL5iJAG2u80rtJmei5AlZOrR2agWvfFuy+GlQLBc7
Dt9ew4RCiQbrdXmSlPp2wxLQxG+3xBm6ZeExbNYJE+qWgL9//OI+rmbt4BarDTJN
w6hVRc1WNh/rLg9nWq/HMmoDFz9Te6/oN86OEaCFgUFydmG2t6f4AsOdJik3gS+c
DV3VFasxERk1m0dqdIFzawGbxQiY9zT01GZYgIy7SBOA6z8kMAWUfbYx0Oc4nfgj
M5juI/dUznXsZBvaILAv6ZnGLMiLecw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:27 2024 by rpki-client on console-ams.rpki-client.org