Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CF8DAAD8467F11EEBF74A6854AD9E6FC.roa
File:                     CF8DAAD8467F11EEBF74A6854AD9E6FC.roa (raw, json)
Hash identifier:          ivMQVsNHyYGannks9ngC6lsLppBNCZkOEAqe98LY++k=
Subject key identifier:   FE:BE:AC:F3:71:8F:4C:03:CE:45:B0:44:AB:4C:AE:E0:FD:8B:94:1E
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       11C9
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CF8DAAD8467F11EEBF74A6854AD9E6FC.roa
Signing time:             Tue 29 Aug 2023 15:22:05 +0000
ROA not before:           Tue 29 Aug 2023 15:22:02 +0000
ROA not after:            Thu 29 Aug 2024 15:22:02 +0000
asID:                     5065
IP address blocks:        154.16.50.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4553 (0x11c9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 29 15:22:02 2023 GMT
            Not After : Aug 29 15:22:02 2024 GMT
        Subject: CN=64ee0d1d-39e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:00:a8:b8:51:2f:15:eb:0b:a8:a5:95:b8:4a:
                    64:42:5b:e0:19:f3:34:45:9d:6e:86:f7:10:02:f3:
                    c9:74:f6:ab:b7:c8:a5:ea:d1:11:e7:46:23:c3:d4:
                    46:10:da:49:07:50:fb:f8:a3:c5:58:c0:3a:18:d4:
                    8f:4d:ff:d9:eb:e8:e7:ff:69:f6:be:d7:a9:76:50:
                    d3:d5:05:37:00:dd:ce:30:e0:67:32:4f:26:a6:85:
                    f7:76:df:4f:98:91:f5:50:9b:e9:97:a6:5f:3a:4d:
                    37:ad:29:75:da:b3:95:b7:99:71:c7:50:4d:ea:9f:
                    f8:42:2f:da:01:48:3c:2c:83:f4:c4:64:f8:31:27:
                    bb:6c:00:a1:57:2e:04:93:cf:27:ce:68:03:5e:be:
                    29:a9:fd:c5:f6:e1:ce:c8:95:25:be:8c:e1:aa:96:
                    71:bf:ef:c9:61:32:1f:90:54:de:57:93:80:a7:ab:
                    fd:43:ae:6c:04:4f:80:25:1e:7f:22:83:89:1c:c5:
                    f7:a8:32:84:96:54:ff:e7:91:1a:3c:6b:39:4a:13:
                    61:98:1f:21:db:00:11:5f:86:c6:11:d0:8f:e3:50:
                    37:bd:5e:ea:bf:1e:ce:7d:1e:fe:b7:34:a8:4c:94:
                    93:34:b3:e4:40:b9:26:52:46:29:3e:4f:92:d7:42:
                    35:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:BE:AC:F3:71:8F:4C:03:CE:45:B0:44:AB:4C:AE:E0:FD:8B:94:1E
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CF8DAAD8467F11EEBF74A6854AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:a4:6b:0d:90:62:44:81:bd:fc:1e:25:91:ab:99:3f:69:61:
         44:ec:de:3f:21:99:23:7e:0b:b9:21:08:e4:3e:7a:da:40:0d:
         db:c5:74:f5:a3:42:75:04:e2:0b:2f:91:9f:e0:0c:ea:9f:1e:
         70:73:65:e1:8d:a2:70:e9:2e:0c:59:ea:1d:0f:14:d5:7f:fd:
         da:82:0c:57:3a:dd:58:fd:85:ff:9c:90:5e:8d:7c:52:14:d6:
         b8:4b:fd:49:e1:70:b8:4d:ba:49:3d:b5:ae:9c:95:d4:c2:cd:
         eb:74:4d:dc:5d:8b:fb:b8:14:74:98:da:a2:44:47:e0:f8:dd:
         e4:6f:a9:83:8d:f0:ae:5d:e7:9e:ac:00:af:da:f3:c9:0f:30:
         38:c1:81:ae:b6:62:cb:78:62:c4:dc:88:2d:85:95:d5:8f:b7:
         b9:51:3b:e9:a7:c8:83:fe:29:27:4f:a7:24:86:eb:80:f4:3d:
         a0:81:61:83:dd:62:16:1a:df:5d:7f:fb:e3:44:83:2e:33:43:
         9e:ad:2b:5b:e4:ea:ca:83:e2:93:05:37:b9:2f:d7:7d:ab:bf:
         82:cf:0b:49:84:05:12:26:2a:ab:e3:83:bf:33:48:52:00:00:
         49:59:80:1c:ed:e3:91:96:1a:fe:00:1a:27:58:d3:07:d5:1a:
         a0:9d:77:c2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEckwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MjkxNTIyMDJaFw0yNDA4MjkxNTIyMDJaMBgxFjAU
BgNVBAMTDTY0ZWUwZDFkLTM5ZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDBAKi4US8V6wuopZW4SmRCW+AZ8zRFnW6G9xAC88l09qu3yKXq0RHnRiPD
1EYQ2kkHUPv4o8VYwDoY1I9N/9nr6Of/afa+16l2UNPVBTcA3c4w4GcyTyamhfd2
30+YkfVQm+mXpl86TTetKXXas5W3mXHHUE3qn/hCL9oBSDwsg/TEZPgxJ7tsAKFX
LgSTzyfOaANevimp/cX24c7IlSW+jOGqlnG/78lhMh+QVN5Xk4Cnq/1DrmwET4Al
Hn8ig4kcxfeoMoSWVP/nkRo8azlKE2GYHyHbABFfhsYR0I/jUDe9Xuq/Hs59Hv63
NKhMlJM0s+RAuSZSRik+T5LXQjUDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU/r6s
83GPTAPORbBEq0yu4P2LlB4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0NGOERBQUQ4NDY3RjExRUVCRjc0QTY4NTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDIwDQYJKoZIhvcNAQEL
BQADggEBAAakaw2QYkSBvfweJZGrmT9pYUTs3j8hmSN+C7khCOQ+etpADdvFdPWj
QnUE4gsvkZ/gDOqfHnBzZeGNonDpLgxZ6h0PFNV//dqCDFc63Vj9hf+ckF6NfFIU
1rhL/UnhcLhNukk9ta6cldTCzet0Tdxdi/u4FHSY2qJER+D43eRvqYON8K5d556s
AK/a88kPMDjBga62Yst4YsTciC2FldWPt7lRO+mnyIP+KSdPpySG64D0PaCBYYPd
YhYa311/++NEgy4zQ56tK1vk6sqD4pMFN7kv132rv4LPC0mEBRImKqvjg78zSFIA
AElZgBzt45GWGv4AGidY0wfVGqCdd8I=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:05 2024 by rpki-client on console-fra.rpki-client.org