Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD741528D54711EE8F83E08B775412E6.roa
File:                     CD741528D54711EE8F83E08B775412E6.roa (raw, json)
Hash identifier:          gwup1QZ0Huh8DGhhyDmth80NFPWE+mRteVjql4iMeJE=
Subject key identifier:   A5:A3:54:38:A7:4F:EE:F5:7E:60:A3:C7:A6:69:92:83:0D:77:43:24
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       14E6
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD741528D54711EE8F83E08B775412E6.roa
Signing time:             Tue 27 Feb 2024 08:11:26 +0000
ROA not before:           Tue 27 Feb 2024 08:11:23 +0000
ROA not after:            Fri 27 Feb 2026 08:11:23 +0000
asID:                     201341
IP address blocks:        154.16.34.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5350 (0x14e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 08:11:23 2024 GMT
            Not After : Feb 27 08:11:23 2026 GMT
        Subject: CN=65dd992e-7438
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:94:0b:25:3f:ef:54:46:00:b7:0d:61:ff:8c:
                    97:9c:69:d7:1a:e8:01:f0:98:9b:20:bf:9f:55:5f:
                    53:5d:de:90:93:2d:85:d3:c9:ed:c2:22:7b:9b:a9:
                    47:1a:87:51:1f:3d:1e:a0:76:36:24:2b:c0:24:be:
                    e4:94:0f:4b:41:bb:98:60:02:d0:9d:51:82:b0:38:
                    05:47:49:0f:03:dd:b5:08:a2:1b:b4:9a:fb:e5:c8:
                    85:81:74:46:d6:51:3f:ee:20:ab:89:38:4c:fa:cf:
                    67:af:30:a4:2d:ba:64:36:78:3e:3b:0f:09:c8:ca:
                    49:da:e4:4b:f7:cf:32:86:1b:f6:92:8d:78:76:ad:
                    52:00:3f:7f:26:cb:2f:17:bd:d8:7f:f7:ee:e4:f0:
                    81:7a:9c:89:ba:55:62:d5:e7:aa:e9:3d:cc:84:f9:
                    81:89:79:23:7a:16:7a:88:e1:69:70:49:2a:62:db:
                    e6:c3:fa:ae:99:85:5a:6b:1b:45:e5:38:05:ab:06:
                    a8:87:7c:77:e3:63:9c:30:c0:0b:ee:79:77:55:9b:
                    b6:4e:5d:2d:0b:85:77:3e:cc:2a:9b:27:4b:d3:d2:
                    3d:b4:d4:f5:fd:c2:49:fa:17:f2:ff:f4:39:f2:72:
                    0a:2c:f7:d8:04:f6:be:c2:e3:38:81:28:e4:96:40:
                    84:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:A3:54:38:A7:4F:EE:F5:7E:60:A3:C7:A6:69:92:83:0D:77:43:24
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD741528D54711EE8F83E08B775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:3c:40:4d:ff:67:83:88:1b:cd:42:54:69:ca:f2:d6:12:ce:
         0f:b2:1f:97:f5:b9:3a:c4:6f:c5:bd:77:b4:ef:f3:bc:38:fc:
         a1:17:56:c0:7c:e8:26:e2:be:6f:57:5f:1d:3b:5f:60:51:87:
         36:2b:ec:4b:29:79:53:c4:4e:04:01:f5:d4:f4:a9:d7:5f:2a:
         7e:df:f5:ae:fc:15:75:e0:23:6b:93:c6:99:6e:76:c2:48:85:
         88:7c:8b:13:90:35:21:50:43:9f:be:b2:c9:ab:5f:3d:91:96:
         9d:26:40:dc:5b:46:2e:6d:6c:22:33:ed:9c:94:5c:fe:0b:b8:
         27:e2:bf:2d:e5:44:31:74:bb:ab:4e:3b:a3:39:82:88:84:62:
         18:cf:3c:8a:3e:99:9a:b2:4a:39:c3:84:c6:13:a3:b4:2c:04:
         0e:d6:9c:1c:00:4d:a8:cf:8c:2f:53:9d:18:e5:31:2e:34:7e:
         02:9a:65:c6:3d:4f:cf:3e:69:8d:19:73:09:72:56:65:b5:8d:
         72:82:91:e0:fd:7b:3f:35:d7:f9:37:e9:6d:e1:f9:dc:34:a7:
         c5:29:85:0e:28:a9:a0:96:a0:5a:23:dc:e7:8e:25:d9:94:e4:
         53:5f:87:43:83:dc:de:94:51:6b:93:9f:55:e7:d5:9a:6b:94:
         a0:5b:22:1f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFOYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwODExMjNaFw0yNjAyMjcwODExMjNaMBgxFjAU
BgNVBAMTDTY1ZGQ5OTJlLTc0MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzlAslP+9URgC3DWH/jJecadca6AHwmJsgv59VX1Nd3pCTLYXTye3CInub
qUcah1EfPR6gdjYkK8AkvuSUD0tBu5hgAtCdUYKwOAVHSQ8D3bUIohu0mvvlyIWB
dEbWUT/uIKuJOEz6z2evMKQtumQ2eD47DwnIykna5Ev3zzKGG/aSjXh2rVIAP38m
yy8Xvdh/9+7k8IF6nIm6VWLV56rpPcyE+YGJeSN6FnqI4WlwSSpi2+bD+q6ZhVpr
G0XlOAWrBqiHfHfjY5wwwAvueXdVm7ZOXS0LhXc+zCqbJ0vT0j201PX9wkn6F/L/
9Dnycgos99gE9r7C4ziBKOSWQIRpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpaNU
OKdP7vV+YKPHpmmSgw13QyQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0NENzQxNTI4RDU0NzExRUU4RjgzRTA4Qjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECIwDQYJKoZIhvcNAQEL
BQADggEBAEY8QE3/Z4OIG81CVGnK8tYSzg+yH5f1uTrEb8W9d7Tv87w4/KEXVsB8
6Cbivm9XXx07X2BRhzYr7EspeVPETgQB9dT0qddfKn7f9a78FXXgI2uTxpludsJI
hYh8ixOQNSFQQ5++ssmrXz2Rlp0mQNxbRi5tbCIz7ZyUXP4LuCfivy3lRDF0u6tO
O6M5goiEYhjPPIo+mZqySjnDhMYTo7QsBA7WnBwATajPjC9TnRjlMS40fgKaZcY9
T88+aY0ZcwlyVmW1jXKCkeD9ez811/k36W3h+dw0p8UphQ4oqaCWoFoj3OeOJdmU
5FNfh0OD3N6UUWuTn1Xn1ZprlKBbIh8=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:33 2024 by rpki-client on console-fra.rpki-client.org