Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CF7E8DCC59B911ED83B9AF9AF1222468.roa
File:                     CF7E8DCC59B911ED83B9AF9AF1222468.roa (raw, json)
Hash identifier:          R8+4EzR2GAjADG4uKTB31o1DRYp7MQSo69ru1p39N00=
Subject key identifier:   E9:5E:3B:B6:32:31:30:89:FA:9A:19:67:AD:BE:25:64:96:29:88:A4
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A8B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CF7E8DCC59B911ED83B9AF9AF1222468.roa
Signing time:             Tue 01 Nov 2022 07:50:10 +0000
ROA not before:           Tue 01 Nov 2022 07:50:06 +0000
ROA not after:            Fri 01 Nov 2024 07:50:06 +0000
asID:                     397373
IP address blocks:        154.127.55.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2699 (0xa8b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov  1 07:50:06 2022 GMT
            Not After : Nov  1 07:50:06 2024 GMT
        Subject: CN=6360cfb2-daf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:77:b5:7a:47:f2:e7:2c:35:e7:0f:0b:cd:9c:
                    c4:73:98:56:35:3b:f5:34:53:63:d1:37:c7:6b:bf:
                    0d:28:73:0e:24:64:e5:88:b6:07:4b:a9:ce:11:6b:
                    18:1a:bb:20:90:58:f3:1d:4a:22:07:db:3b:d2:4f:
                    05:29:d0:55:3f:d9:e8:59:97:ae:36:64:ca:5a:51:
                    e7:79:16:42:fc:a8:ed:1a:5f:81:24:02:7d:28:da:
                    1e:ba:86:eb:e5:45:ed:e3:e7:da:06:12:3e:f7:0d:
                    cd:fb:5f:3c:7d:0a:53:76:41:8d:28:39:06:55:6b:
                    83:ea:89:cc:84:08:fd:2d:cb:08:74:b8:95:f5:9e:
                    d9:be:04:4f:02:77:07:25:d8:88:22:20:f1:ea:f1:
                    07:f7:9c:37:0c:bc:b1:10:15:44:3a:76:9f:7d:ac:
                    0b:a5:44:88:f7:29:04:5a:1d:a5:f0:d9:ad:64:12:
                    ee:76:b7:e7:54:c8:a1:4e:9a:7e:2d:29:7a:ec:c2:
                    91:bd:0d:13:e5:41:c5:4a:1c:b2:2d:90:8b:69:19:
                    59:5f:9e:43:58:ee:4f:e8:86:8d:a8:a9:ed:d1:d1:
                    4d:73:a0:c2:5b:4b:78:fc:ff:82:fd:e8:22:eb:dc:
                    9c:5d:16:0d:a9:8e:17:86:43:ad:ea:eb:cf:2a:df:
                    e4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:5E:3B:B6:32:31:30:89:FA:9A:19:67:AD:BE:25:64:96:29:88:A4
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CF7E8DCC59B911ED83B9AF9AF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.127.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:de:97:85:dd:ce:8a:4b:88:5d:15:7a:78:81:1f:7c:01:b1:
         01:1a:41:dd:40:22:cc:4f:7b:4b:88:fa:8d:c7:c5:23:ab:8c:
         96:50:32:ff:b2:7f:fa:be:a0:ed:ea:9a:c0:7f:cb:c0:e2:d5:
         84:f3:1a:cc:0e:a0:6a:29:1e:2e:4c:da:53:cc:de:9d:e3:ea:
         fe:06:f8:df:c4:39:8e:1a:d3:20:1a:61:b0:c6:2c:6a:09:43:
         ae:7e:8b:6d:4f:2b:51:f8:91:b8:02:d0:e9:bd:8e:7e:af:3f:
         30:ac:cd:2c:59:c4:dc:1d:42:f6:17:9c:30:64:8e:92:dd:2e:
         a4:01:41:14:ca:01:71:92:4d:af:ba:3d:45:f0:07:a8:f1:36:
         31:87:e7:f2:4d:60:78:90:2f:0a:ee:e1:08:a9:b5:96:7e:1b:
         f1:a2:1d:1f:4a:09:ee:17:b6:1d:9e:c4:50:3a:0e:b5:cb:4c:
         6b:8b:92:b9:e3:68:ab:f5:61:38:ba:40:72:8a:1c:09:ea:f7:
         f6:63:b4:43:7e:5f:86:f5:bf:5a:dc:db:69:56:84:6b:be:40:
         27:50:88:4c:13:d0:e3:17:b1:3f:af:36:3e:07:e1:3e:88:dc:
         87:95:81:b5:89:c6:21:9b:e1:34:6b:01:80:42:3e:3b:82:d8:
         96:e9:6d:93
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCoswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjExMDEwNzUwMDZaFw0yNDExMDEwNzUwMDZaMBgxFjAU
BgNVBAMMDTYzNjBjZmIyLWRhZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7d7V6R/LnLDXnDwvNnMRzmFY1O/U0U2PRN8drvw0ocw4kZOWItgdLqc4R
axgauyCQWPMdSiIH2zvSTwUp0FU/2ehZl642ZMpaUed5FkL8qO0aX4EkAn0o2h66
huvlRe3j59oGEj73Dc37Xzx9ClN2QY0oOQZVa4PqicyECP0tywh0uJX1ntm+BE8C
dwcl2IgiIPHq8Qf3nDcMvLEQFUQ6dp99rAulRIj3KQRaHaXw2a1kEu52t+dUyKFO
mn4tKXrswpG9DRPlQcVKHLItkItpGVlfnkNY7k/oho2oqe3R0U1zoMJbS3j8/4L9
6CLr3JxdFg2pjheGQ63q688q3+QbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6V47
tjIxMIn6mhlnrb4lZJYpiKQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0NGN0U4RENDNTlCOTExRUQ4M0I5QUY5QUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACafzcwDQYJKoZIhvcNAQEL
BQADggEBADvel4XdzopLiF0VeniBH3wBsQEaQd1AIsxPe0uI+o3HxSOrjJZQMv+y
f/q+oO3qmsB/y8Di1YTzGswOoGopHi5M2lPM3p3j6v4G+N/EOY4a0yAaYbDGLGoJ
Q65+i21PK1H4kbgC0Om9jn6vPzCszSxZxNwdQvYXnDBkjpLdLqQBQRTKAXGSTa+6
PUXwB6jxNjGH5/JNYHiQLwru4QiptZZ+G/GiHR9KCe4Xth2exFA6DrXLTGuLkrnj
aKv1YTi6QHKKHAnq9/ZjtEN+X4b1v1rc22lWhGu+QCdQiEwT0OMXsT+vNj4H4T6I
3IeVgbWJxiGb4TRrAYBCPjuC2JbpbZM=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:32:55 2024 by rpki-client on console-fra.rpki-client.org