Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D3980AFC457F11EEAE0C455C4AD9E6FC.roa
File:                     D3980AFC457F11EEAE0C455C4AD9E6FC.roa (raw, json)
Hash identifier:          hUsjq+RRxHb9Ry6E7NzrYe1kQr53Q1QJZQ4yRlSwqW0=
Subject key identifier:   6A:62:FA:9A:1A:FF:D8:D6:C8:C9:C7:18:01:0D:41:E2:EF:71:57:4B
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       11C5
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D3980AFC457F11EEAE0C455C4AD9E6FC.roa
Signing time:             Mon 28 Aug 2023 08:49:41 +0000
ROA not before:           Mon 28 Aug 2023 08:49:38 +0000
ROA not after:            Thu 28 Aug 2025 08:49:38 +0000
asID:                     212238
IP address blocks:        154.16.182.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4549 (0x11c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 28 08:49:38 2023 GMT
            Not After : Aug 28 08:49:38 2025 GMT
        Subject: CN=64ec5fa5-867c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e7:6c:a3:10:d9:3b:9a:19:03:fe:18:7d:e8:
                    a4:d3:70:17:c6:30:eb:be:da:67:25:1a:ef:cd:82:
                    75:c8:d7:6c:b0:6c:c7:3a:eb:ae:47:a2:b4:f5:07:
                    64:b2:0e:c8:55:af:26:8e:b4:1b:6c:03:40:ed:e8:
                    89:ce:b6:b2:33:b1:36:b1:47:00:92:e9:e4:78:65:
                    5f:df:79:43:a1:94:63:70:17:3f:25:c7:d6:af:df:
                    72:d4:a4:22:cc:c8:7b:09:52:54:da:6c:18:5d:b7:
                    6d:6e:03:0e:32:24:e7:26:ac:71:a7:e6:6a:c2:a3:
                    0e:22:82:03:68:0a:5f:8a:a9:ea:72:a9:83:42:0f:
                    75:63:41:8a:25:c4:31:e8:4a:16:c2:af:5e:98:53:
                    b9:3e:07:af:30:86:47:85:9d:93:7a:08:7b:a9:c0:
                    e6:59:b0:8a:e0:27:00:16:e3:22:fb:90:1c:b0:95:
                    51:34:94:10:7f:98:94:60:d9:7f:a6:56:9e:a1:ce:
                    73:f5:f4:8a:36:37:48:10:bb:86:2d:d6:ba:13:7a:
                    23:1d:e3:e6:6f:43:bc:56:71:74:4c:92:69:d5:7b:
                    a7:65:fe:2e:c3:14:eb:0c:92:8f:0a:e4:48:9e:a1:
                    d6:3a:dc:b6:cf:c9:10:7b:38:90:09:c2:66:34:07:
                    15:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:62:FA:9A:1A:FF:D8:D6:C8:C9:C7:18:01:0D:41:E2:EF:71:57:4B
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D3980AFC457F11EEAE0C455C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:37:8d:c8:f6:e2:71:d5:9c:df:58:ef:06:a7:bf:dc:27:4e:
         e1:49:04:a3:11:52:f6:5c:7c:20:22:f8:dc:9c:79:7d:8c:e0:
         57:4b:e1:9e:9d:34:ab:12:f8:7e:c2:bc:a2:9c:e9:10:20:b4:
         b1:86:32:9d:0b:5f:52:5d:0c:2f:42:41:04:14:a3:8b:3d:9e:
         0f:42:f8:a2:2f:63:cf:88:d5:e6:6b:cf:77:8e:dc:bd:d5:a5:
         8a:eb:c8:14:a0:8c:e1:12:51:5e:28:07:b5:07:bc:6e:71:a3:
         20:d6:0b:08:fd:8c:6c:59:fb:9b:69:43:63:a7:60:d6:4e:ef:
         8f:f8:4b:91:36:9e:03:5f:2c:d8:cf:32:6c:56:eb:c5:cc:41:
         67:95:12:e9:05:7f:00:e4:fd:02:0b:30:4f:21:41:aa:cc:ab:
         f5:9e:d8:1f:87:67:8b:40:29:5d:cc:5a:64:4a:9c:c0:b6:87:
         29:7b:7f:91:de:37:b3:9e:c2:14:6f:d8:14:f5:81:bb:26:ab:
         1a:ff:01:10:5a:60:65:83:ea:7b:d0:a4:02:62:d5:84:0d:09:
         a9:ee:6d:47:db:0f:e8:d0:75:c6:2a:01:23:59:02:e7:a6:31:
         8a:15:f4:b3:f5:69:19:2f:cc:d8:75:b1:7f:00:3f:31:d8:c6:
         5e:00:b9:10
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEcUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MjgwODQ5MzhaFw0yNTA4MjgwODQ5MzhaMBgxFjAU
BgNVBAMTDTY0ZWM1ZmE1LTg2N2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCl52yjENk7mhkD/hh96KTTcBfGMOu+2mclGu/NgnXI12ywbMc6665HorT1
B2SyDshVryaOtBtsA0Dt6InOtrIzsTaxRwCS6eR4ZV/feUOhlGNwFz8lx9av33LU
pCLMyHsJUlTabBhdt21uAw4yJOcmrHGn5mrCow4iggNoCl+KqepyqYNCD3VjQYol
xDHoShbCr16YU7k+B68whkeFnZN6CHupwOZZsIrgJwAW4yL7kBywlVE0lBB/mJRg
2X+mVp6hznP19Io2N0gQu4Yt1roTeiMd4+ZvQ7xWcXRMkmnVe6dl/i7DFOsMko8K
5EieodY63LbPyRB7OJAJwmY0BxXpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUamL6
mhr/2NbIyccYAQ1B4u9xV0swHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0QzOTgwQUZDNDU3RjExRUVBRTBDNDU1QzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaELYwDQYJKoZIhvcNAQEL
BQADggEBAHo3jcj24nHVnN9Y7wanv9wnTuFJBKMRUvZcfCAi+NyceX2M4FdL4Z6d
NKsS+H7CvKKc6RAgtLGGMp0LX1JdDC9CQQQUo4s9ng9C+KIvY8+I1eZrz3eO3L3V
pYrryBSgjOESUV4oB7UHvG5xoyDWCwj9jGxZ+5tpQ2OnYNZO74/4S5E2ngNfLNjP
MmxW68XMQWeVEukFfwDk/QILME8hQarMq/We2B+HZ4tAKV3MWmRKnMC2hyl7f5He
N7OewhRv2BT1gbsmqxr/ARBaYGWD6nvQpAJi1YQNCanubUfbD+jQdcYqASNZAuem
MYoV9LP1aRkvzNh1sX8APzHYxl4AuRA=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:05 2024 by rpki-client on console-fra.rpki-client.org