Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D6F998E8EB4B11EDA832D3804AD9E6FC.roa
File:                     D6F998E8EB4B11EDA832D3804AD9E6FC.roa (raw, json)
Hash identifier:          1FxVvED2O1rp+8jwCD/cHtFTDpLvtjqUgoyC4jWPcZA=
Subject key identifier:   15:11:F3:65:62:8C:5D:2D:8D:30:80:3F:AA:8C:D5:B3:74:5E:6E:25
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0D97
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D6F998E8EB4B11EDA832D3804AD9E6FC.roa
Signing time:             Fri 05 May 2023 13:50:48 +0000
ROA not before:           Fri 05 May 2023 13:50:42 +0000
ROA not after:            Sun 04 May 2025 13:50:42 +0000
asID:                     46337
IP address blocks:        154.16.116.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 28 Nov 2024 00:05:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3479 (0xd97)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May  5 13:50:42 2023 GMT
            Not After : May  4 13:50:42 2025 GMT
        Subject: CN=645509b8-9e78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:3c:28:dc:05:43:04:da:64:0a:7f:88:54:c5:
                    5c:7a:66:12:aa:84:50:fe:0f:14:b5:22:33:9b:f9:
                    fd:3a:31:2e:cc:90:ef:0a:0e:0b:b2:29:9e:85:74:
                    38:0e:32:5a:a1:0e:9a:01:94:31:15:0b:03:22:12:
                    55:ee:20:a1:32:6b:9e:f5:bc:b0:50:a3:3f:55:d1:
                    3e:c2:5a:86:d8:15:56:27:36:db:87:85:c8:c2:cc:
                    8b:86:57:b6:86:70:f4:1b:5d:23:9c:88:ab:6b:4d:
                    c7:36:1c:41:0e:a6:c1:40:fc:36:8a:21:df:be:cc:
                    d0:cd:3d:01:92:9b:a6:e9:e6:9e:95:6b:7d:d9:4b:
                    04:eb:e2:89:37:8d:61:ec:38:f8:14:27:3d:f0:53:
                    3f:f8:ee:45:41:9a:fd:93:c5:da:9a:76:fa:d3:ff:
                    8e:1d:da:ed:1c:ed:dd:be:28:f9:33:9e:b0:d5:80:
                    fd:24:ac:53:4e:35:11:1a:ab:21:5e:9f:b4:64:14:
                    82:97:61:03:b0:82:cd:bd:c2:08:ea:9e:bd:58:dd:
                    fa:d8:b6:7e:a4:ca:e2:d2:e1:63:83:9c:9e:97:9a:
                    3d:b8:af:82:d9:c6:ea:61:7b:b0:ac:b9:90:87:49:
                    24:34:51:0a:55:b5:91:ff:59:0c:e4:2c:4d:15:fc:
                    a3:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:11:F3:65:62:8C:5D:2D:8D:30:80:3F:AA:8C:D5:B3:74:5E:6E:25
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D6F998E8EB4B11EDA832D3804AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:54:52:b1:68:78:fa:a6:29:50:42:f3:4f:1e:c6:36:f2:4c:
         b8:25:37:82:54:7a:b8:da:c9:28:db:ef:6f:a9:b4:c9:3e:0f:
         f2:29:ee:51:48:1b:d8:94:a1:47:6d:d0:07:c6:91:9e:f4:02:
         79:0e:73:21:11:76:f4:b2:f7:96:52:6c:72:43:3d:6c:46:49:
         13:a4:57:45:31:da:42:62:61:d1:3a:34:b8:77:56:eb:60:93:
         9d:81:80:ee:6a:ce:e6:93:17:62:15:b3:e9:07:4b:21:06:f4:
         e3:43:dd:5d:81:ce:f1:71:c3:6f:ec:ba:09:57:6d:2e:51:a2:
         30:67:24:b1:19:5c:c3:7c:a4:b6:6a:6d:ec:0d:95:fc:78:b7:
         95:3d:89:a4:ff:e9:c3:71:d1:b5:58:3a:cc:65:04:2f:45:f4:
         40:ea:54:17:91:f3:57:31:77:26:61:14:17:99:1c:bb:8e:dd:
         1a:8c:7c:9e:a1:bc:c8:d3:3e:c5:df:58:06:2c:92:11:46:db:
         2c:ed:01:a6:fd:80:d5:dd:7b:4c:74:f5:89:d4:6c:32:7b:a8:
         1a:09:be:57:dd:3a:ee:95:2b:64:6f:36:2e:f5:1a:45:c5:c5:
         90:a5:1d:91:95:08:73:fd:c4:1c:5d:7d:bb:08:cd:59:9c:7b:
         02:11:e3:17
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDZcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA1MDUxMzUwNDJaFw0yNTA1MDQxMzUwNDJaMBgxFjAU
BgNVBAMTDTY0NTUwOWI4LTllNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCrPCjcBUME2mQKf4hUxVx6ZhKqhFD+DxS1IjOb+f06MS7MkO8KDguyKZ6F
dDgOMlqhDpoBlDEVCwMiElXuIKEya571vLBQoz9V0T7CWobYFVYnNtuHhcjCzIuG
V7aGcPQbXSOciKtrTcc2HEEOpsFA/DaKId++zNDNPQGSm6bp5p6Va33ZSwTr4ok3
jWHsOPgUJz3wUz/47kVBmv2TxdqadvrT/44d2u0c7d2+KPkznrDVgP0krFNONREa
qyFen7RkFIKXYQOwgs29wgjqnr1Y3frYtn6kyuLS4WODnJ6Xmj24r4LZxuphe7Cs
uZCHSSQ0UQpVtZH/WQzkLE0V/KMDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUFRHz
ZWKMXS2NMIA/qozVs3RebiUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q2Rjk5OEU4RUI0QjExRURBODMyRDM4MDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHQwDQYJKoZIhvcNAQEL
BQADggEBAD9UUrFoePqmKVBC808exjbyTLglN4JUerjaySjb72+ptMk+D/Ip7lFI
G9iUoUdt0AfGkZ70AnkOcyERdvSy95ZSbHJDPWxGSROkV0Ux2kJiYdE6NLh3Vutg
k52BgO5qzuaTF2IVs+kHSyEG9OND3V2BzvFxw2/suglXbS5RojBnJLEZXMN8pLZq
bewNlfx4t5U9iaT/6cNx0bVYOsxlBC9F9EDqVBeR81cxdyZhFBeZHLuO3RqMfJ6h
vMjTPsXfWAYskhFG2yztAab9gNXde0x09YnUbDJ7qBoJvlfdOu6VK2RvNi71GkXF
xZClHZGVCHP9xBxdfbsIzVmcewIR4xc=
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:18:52 2024 by rpki-client on console-fra.rpki-client.org