Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D7E83030628C11EEA79AD17F4AD9E6FC.roa
File:                     D7E83030628C11EEA79AD17F4AD9E6FC.roa (raw, json)
Hash identifier:          cQ6VV/eSsXeaOSH87XhFEjlgguu3yZVC8ODFg9xVVGo=
Subject key identifier:   74:26:F2:AC:B4:BF:8F:3D:37:44:3E:AB:9B:9F:A1:7A:55:06:34:3D
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       12A6
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D7E83030628C11EEA79AD17F4AD9E6FC.roa
Signing time:             Wed 04 Oct 2023 08:05:55 +0000
ROA not before:           Wed 04 Oct 2023 08:05:52 +0000
ROA not after:            Sat 04 Oct 2025 08:05:52 +0000
asID:                     834
IP address blocks:        154.16.100.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4774 (0x12a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct  4 08:05:52 2023 GMT
            Not After : Oct  4 08:05:52 2025 GMT
        Subject: CN=651d1ce3-488d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:06:f5:da:3e:9d:59:ef:45:d8:c4:32:6f:86:
                    b3:fe:8e:7c:d8:e5:9e:66:09:e5:cc:08:f0:fa:51:
                    07:f7:ee:35:df:6a:b3:0d:67:c6:ac:25:6e:88:d1:
                    10:b7:09:77:b8:f0:79:a8:92:87:3e:1e:44:da:0e:
                    2f:f2:4f:d9:10:73:47:80:11:4b:75:25:cf:00:95:
                    04:18:8c:40:70:09:cf:a3:7f:4d:10:bd:f1:11:59:
                    a5:da:c3:a7:ba:34:6f:eb:0e:12:f4:4d:e4:93:8b:
                    34:ba:26:9a:89:24:8b:91:b5:1d:2b:84:41:48:2a:
                    b2:51:10:7b:cc:9a:e9:f9:6b:df:ac:34:30:0d:30:
                    ef:1b:4e:35:92:f0:47:a8:23:5e:4c:fd:80:9b:00:
                    49:0b:27:91:a6:22:ce:ce:63:b1:bb:12:03:96:c5:
                    14:5e:70:aa:df:d8:89:3c:4f:76:b3:e3:a8:a2:6b:
                    e4:23:5b:7d:dc:30:30:e1:b5:99:b3:fd:df:9c:89:
                    52:d0:6c:41:15:17:c8:09:55:90:0d:a7:4c:0e:30:
                    21:28:de:d1:62:23:7c:72:d7:37:8c:74:01:44:31:
                    ce:b6:e3:56:bf:e9:30:54:e8:82:a2:28:b7:d2:16:
                    bb:22:87:cb:76:4c:71:7e:2f:d4:80:24:77:28:87:
                    3b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:26:F2:AC:B4:BF:8F:3D:37:44:3E:AB:9B:9F:A1:7A:55:06:34:3D
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D7E83030628C11EEA79AD17F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:17:5f:5a:71:0b:06:a5:43:68:e6:29:28:59:69:bb:a2:21:
         bd:5a:10:25:a6:77:3c:3f:08:35:c1:a6:c4:45:fe:12:a4:f1:
         66:00:7d:f5:8a:c2:20:99:4f:c2:4e:c7:eb:25:d1:47:40:71:
         76:15:6d:d8:78:f4:f6:4e:2b:67:aa:bb:72:f3:69:03:9c:8b:
         d1:22:21:14:88:e2:23:87:df:23:77:94:29:db:88:68:d3:13:
         2d:7b:15:f5:36:09:9a:24:32:95:04:9d:d1:63:21:b5:dc:fa:
         aa:2b:46:6f:6e:46:95:e2:94:43:8c:5d:e1:76:2f:78:c7:ff:
         7f:c2:17:5e:99:50:d0:70:93:4a:3a:93:59:70:a4:c3:e1:bc:
         9f:da:bc:e2:42:10:d7:af:67:0a:0d:51:33:3b:52:e9:cb:27:
         9c:b8:cc:cc:3e:58:3c:01:4c:2e:02:ed:ca:06:a8:c3:3a:ad:
         d6:32:a6:3f:6e:53:91:9f:05:98:b7:29:26:87:70:6c:a4:7f:
         52:4e:77:90:be:01:bb:0a:f4:cf:53:eb:96:88:8b:d0:04:7c:
         95:6d:5f:81:9d:c9:51:a7:b9:e5:70:91:7b:b0:27:49:63:76:
         d8:d8:ce:56:b2:21:07:e9:a0:a6:9a:71:a0:21:ae:4f:29:41:
         b3:a9:01:b6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEqYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEwMDQwODA1NTJaFw0yNTEwMDQwODA1NTJaMBgxFjAU
BgNVBAMTDTY1MWQxY2UzLTQ4OGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDBvXaPp1Z70XYxDJvhrP+jnzY5Z5mCeXMCPD6UQf37jXfarMNZ8asJW6I
0RC3CXe48Hmokoc+HkTaDi/yT9kQc0eAEUt1Jc8AlQQYjEBwCc+jf00QvfERWaXa
w6e6NG/rDhL0TeSTizS6JpqJJIuRtR0rhEFIKrJREHvMmun5a9+sNDANMO8bTjWS
8EeoI15M/YCbAEkLJ5GmIs7OY7G7EgOWxRRecKrf2Ik8T3az46iia+QjW33cMDDh
tZmz/d+ciVLQbEEVF8gJVZANp0wOMCEo3tFiI3xy1zeMdAFEMc6241a/6TBU6IKi
KLfSFrsih8t2THF+L9SAJHcohzvXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdCby
rLS/jz03RD6rm5+helUGND0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q3RTgzMDMwNjI4QzExRUVBNzlBRDE3RjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEGQwDQYJKoZIhvcNAQEL
BQADggEBAKkXX1pxCwalQ2jmKShZabuiIb1aECWmdzw/CDXBpsRF/hKk8WYAffWK
wiCZT8JOx+sl0UdAcXYVbdh49PZOK2equ3LzaQOci9EiIRSI4iOH3yN3lCnbiGjT
Ey17FfU2CZokMpUEndFjIbXc+qorRm9uRpXilEOMXeF2L3jH/3/CF16ZUNBwk0o6
k1lwpMPhvJ/avOJCENevZwoNUTM7UunLJ5y4zMw+WDwBTC4C7coGqMM6rdYypj9u
U5GfBZi3KSaHcGykf1JOd5C+AbsK9M9T65aIi9AEfJVtX4GdyVGnueVwkXuwJ0lj
dtjYzlayIQfpoKaacaAhrk8pQbOpAbY=
-----END CERTIFICATE-----
Generated at Sun Jul 14 02:50:29 2024 by rpki-client on console-ams.rpki-client.org