Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D40FAD8CC0FE11EE9314D186775412E6.roa
File:                     D40FAD8CC0FE11EE9314D186775412E6.roa (raw, json)
Hash identifier:          RJJF33k9OKCNQjr/Pkzws3N5VGqSYPxZ4TpiIgdoQp4=
Subject key identifier:   49:EC:77:7D:25:88:E8:13:29:96:4F:51:5D:1B:C2:0E:FE:58:01:D7
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       148B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D40FAD8CC0FE11EE9314D186775412E6.roa
Signing time:             Thu 01 Feb 2024 12:38:41 +0000
ROA not before:           Thu 01 Feb 2024 12:38:37 +0000
ROA not after:            Sat 07 Feb 2026 12:38:37 +0000
asID:                     273162
IP address blocks:        154.16.91.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5259 (0x148b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb  1 12:38:37 2024 GMT
            Not After : Feb  7 12:38:37 2026 GMT
        Subject: CN=65bb90d1-d8ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:8b:a0:49:7b:93:8d:db:43:29:32:7c:09:2b:
                    e7:a3:75:8a:88:60:99:f0:3a:20:9f:23:aa:ae:46:
                    c4:de:1e:b9:07:c2:35:e7:ca:af:75:44:35:bc:ad:
                    c3:6a:90:24:92:91:2a:d8:f4:03:81:2c:f8:29:14:
                    5e:b2:1a:7a:c1:53:35:82:0e:d3:e6:14:7b:b3:f6:
                    81:1c:81:83:cc:c1:f2:10:a5:f1:b1:26:cf:d7:03:
                    3b:6c:4b:bf:f3:ec:f6:d5:bb:05:d8:94:1c:cb:2f:
                    de:0d:4a:bd:69:ba:e9:c6:d3:c6:ad:0d:19:34:86:
                    6e:d2:24:8b:ec:af:7b:62:4d:bf:9d:59:04:87:59:
                    77:f5:c7:d4:13:8a:37:49:1a:f2:12:7d:16:f4:22:
                    23:b7:d7:5b:50:c7:b9:e2:5f:36:aa:1d:8f:12:ef:
                    0a:d9:c3:1e:83:37:20:c9:ad:13:fa:be:9a:27:a0:
                    18:5c:1d:f7:36:f6:25:6b:8b:16:b6:91:e9:7f:09:
                    b3:5b:18:1a:f5:e4:34:14:88:27:5e:50:95:fc:80:
                    a5:5c:6a:eb:bf:0d:e5:fa:0f:fa:5b:f2:26:f8:49:
                    0b:a6:38:de:86:ca:79:c5:60:ac:99:bd:9b:01:3a:
                    6f:6d:6b:a2:dc:b0:d4:c2:a5:7b:f7:d6:8b:0f:30:
                    b9:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:EC:77:7D:25:88:E8:13:29:96:4F:51:5D:1B:C2:0E:FE:58:01:D7
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D40FAD8CC0FE11EE9314D186775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:7a:e1:cc:fa:82:50:48:be:e4:ad:05:67:99:bb:c7:f5:a8:
         2b:0f:c0:a8:1e:f4:9c:03:dc:60:1d:b9:b6:8b:0b:86:53:bc:
         9f:70:9d:57:e8:ff:35:e3:d8:4a:03:d9:8d:c8:99:e2:d8:e1:
         03:20:ce:41:1d:60:f2:1f:75:c7:80:7d:d1:fd:50:ed:39:2b:
         52:b4:11:1b:e7:f8:72:0d:82:6e:89:60:ed:68:7d:d5:14:38:
         55:9d:92:97:46:7f:a7:05:ea:29:fc:5a:f3:4b:78:62:60:77:
         3e:79:1a:a8:16:88:5e:e1:40:f2:29:37:4a:9d:57:a9:7d:07:
         df:e7:bc:d5:59:da:d0:ba:e7:53:9d:30:1b:b2:0a:3b:8d:32:
         84:b1:52:42:62:0c:b1:be:6e:be:20:59:23:a1:89:0a:4d:ae:
         7c:6b:fa:18:b9:28:99:e7:8a:20:b9:7a:62:7a:07:13:50:56:
         1a:43:8f:6c:22:1d:ad:05:64:34:6c:15:59:d9:c2:de:83:9d:
         a7:6d:5e:c9:a0:46:09:47:5f:0e:13:33:b7:aa:af:8a:79:93:
         50:75:fc:f4:65:fc:23:12:0c:3e:05:53:14:b9:3c:f2:93:41:
         a8:e1:7e:55:bc:e5:9f:cc:bd:f2:24:2f:af:e1:ae:72:89:b1:
         6f:ba:2b:3b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFIswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMDExMjM4MzdaFw0yNjAyMDcxMjM4MzdaMBgxFjAU
BgNVBAMTDTY1YmI5MGQxLWQ4YWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCoi6BJe5ON20MpMnwJK+ejdYqIYJnwOiCfI6quRsTeHrkHwjXnyq91RDW8
rcNqkCSSkSrY9AOBLPgpFF6yGnrBUzWCDtPmFHuz9oEcgYPMwfIQpfGxJs/XAzts
S7/z7PbVuwXYlBzLL94NSr1puunG08atDRk0hm7SJIvsr3tiTb+dWQSHWXf1x9QT
ijdJGvISfRb0IiO311tQx7niXzaqHY8S7wrZwx6DNyDJrRP6vponoBhcHfc29iVr
ixa2kel/CbNbGBr15DQUiCdeUJX8gKVcauu/DeX6D/pb8ib4SQumON6GynnFYKyZ
vZsBOm9ta6LcsNTCpXv31osPMLlzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUSex3
fSWI6BMplk9RXRvCDv5YAdcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q0MEZBRDhDQzBGRTExRUU5MzE0RDE4Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFswDQYJKoZIhvcNAQEL
BQADggEBAIB64cz6glBIvuStBWeZu8f1qCsPwKge9JwD3GAdubaLC4ZTvJ9wnVfo
/zXj2EoD2Y3ImeLY4QMgzkEdYPIfdceAfdH9UO05K1K0ERvn+HINgm6JYO1ofdUU
OFWdkpdGf6cF6in8WvNLeGJgdz55GqgWiF7hQPIpN0qdV6l9B9/nvNVZ2tC651Od
MBuyCjuNMoSxUkJiDLG+br4gWSOhiQpNrnxr+hi5KJnniiC5emJ6BxNQVhpDj2wi
Ha0FZDRsFVnZwt6DnadtXsmgRglHXw4TM7eqr4p5k1B1/PRl/CMSDD4FUxS5PPKT
QajhflW85Z/MvfIkL6/hrnKJsW+6Kzs=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org