Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DC50218ED54911EEA6CD1F8F775412E6.roa
File:                     DC50218ED54911EEA6CD1F8F775412E6.roa (raw, json)
Hash identifier:          bou+4ZVzDBu4nJIJFod3/swChG5jLMAm30tyRITTBoo=
Subject key identifier:   84:FF:94:F5:8B:CD:DD:E2:4F:BF:47:1B:4A:EA:D9:99:CD:82:49:3B
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       14F4
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DC50218ED54911EEA6CD1F8F775412E6.roa
Signing time:             Tue 27 Feb 2024 08:26:10 +0000
ROA not before:           Tue 27 Feb 2024 08:26:07 +0000
ROA not after:            Fri 27 Feb 2026 08:26:07 +0000
asID:                     201341
IP address blocks:        154.16.84.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5364 (0x14f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 08:26:07 2024 GMT
            Not After : Feb 27 08:26:07 2026 GMT
        Subject: CN=65dd9ca2-5aa8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:2d:76:89:32:5c:3a:01:8b:de:36:98:b2:53:
                    f8:fb:c0:9e:b6:f0:d2:a8:f9:d9:af:d3:64:17:b7:
                    7d:0f:73:24:98:11:05:f6:82:9b:f3:1b:a1:69:be:
                    37:50:ee:28:27:f9:5f:61:48:11:a6:84:52:f9:74:
                    23:19:04:19:43:82:73:ab:91:9a:fd:2d:f6:db:ea:
                    8e:fa:af:a3:99:62:fc:94:70:36:9a:1d:c3:d9:79:
                    c7:63:83:ef:da:51:ed:73:eb:02:15:79:63:7b:f2:
                    ac:0c:5a:32:b9:26:67:21:a1:48:96:36:7f:51:41:
                    f5:b3:1d:d7:74:9d:c1:e6:b6:2b:18:ea:b0:65:fa:
                    09:1f:3a:6e:5b:c3:7d:21:a8:4a:7f:d2:4d:97:3a:
                    88:90:6f:ae:26:b9:b2:ef:00:49:22:cd:3d:66:ef:
                    57:e5:b9:6a:48:ef:b4:a6:07:5b:74:89:9e:60:72:
                    64:37:c1:05:49:3e:5e:de:16:83:ff:cd:52:87:18:
                    6c:e5:a0:c2:24:3d:2e:55:63:57:42:33:b9:14:ab:
                    a4:16:dd:7a:00:37:bd:41:3c:e7:cd:64:0c:e9:96:
                    6e:5f:5b:b6:0d:d9:a0:0e:0b:fb:08:ce:d4:59:69:
                    da:cb:0d:84:ca:dd:fd:82:7c:35:5d:39:08:9f:30:
                    3d:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:FF:94:F5:8B:CD:DD:E2:4F:BF:47:1B:4A:EA:D9:99:CD:82:49:3B
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DC50218ED54911EEA6CD1F8F775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:5d:5f:d4:e2:f5:d1:be:17:6d:6c:77:b2:1e:f4:4f:8b:f8:
         78:05:8f:6e:8e:af:c4:bb:68:72:aa:96:aa:e7:c4:a9:dc:0a:
         a2:73:66:b1:a2:35:95:c0:3a:42:8d:b7:a3:dd:3d:be:e9:76:
         7d:6a:c3:fc:c5:e5:dc:c7:dd:07:e3:56:de:aa:e3:f8:b6:37:
         bc:3e:99:5b:3f:65:dd:11:f5:8f:9f:5b:c6:e5:fb:c4:ed:37:
         c4:85:dc:e9:12:29:01:40:14:46:6b:5b:29:c0:35:e6:2c:ad:
         b8:a4:59:47:24:f5:33:14:fc:33:91:bf:99:f9:08:bd:f1:dc:
         f7:25:55:f3:9e:b0:10:c1:04:05:f8:b8:07:ea:eb:60:29:ea:
         29:2b:6e:e2:e9:6d:21:ff:16:07:2a:a6:44:d4:0e:42:5c:b5:
         0d:f9:d4:69:24:7f:d7:f7:cd:a6:2b:0c:01:7c:67:f5:e4:bc:
         85:77:dd:64:8b:d0:e4:ca:7a:3b:71:5b:45:bf:33:9e:cb:b3:
         d8:1e:7c:51:28:86:59:4f:dd:bc:74:71:81:46:63:f4:f9:1c:
         fc:37:df:c0:ef:7a:9e:58:7f:8a:ed:c8:fd:e7:92:fc:ef:94:
         1e:ed:f5:bb:e9:e5:12:b0:f3:1e:35:a7:8a:19:4a:6f:d9:c0:
         5c:e5:a1:16
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFPQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMjcwODI2MDdaFw0yNjAyMjcwODI2MDdaMBgxFjAU
BgNVBAMTDTY1ZGQ5Y2EyLTVhYTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDiLXaJMlw6AYveNpiyU/j7wJ628NKo+dmv02QXt30PcySYEQX2gpvzG6Fp
vjdQ7ign+V9hSBGmhFL5dCMZBBlDgnOrkZr9Lfbb6o76r6OZYvyUcDaaHcPZecdj
g+/aUe1z6wIVeWN78qwMWjK5JmchoUiWNn9RQfWzHdd0ncHmtisY6rBl+gkfOm5b
w30hqEp/0k2XOoiQb64mubLvAEkizT1m71fluWpI77SmB1t0iZ5gcmQ3wQVJPl7e
FoP/zVKHGGzloMIkPS5VY1dCM7kUq6QW3XoAN71BPOfNZAzplm5fW7YN2aAOC/sI
ztRZadrLDYTK3f2CfDVdOQifMD3vAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhP+U
9YvN3eJPv0cbSurZmc2CSTswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RDNTAyMThFRDU0OTExRUVBNkNEMUY4Rjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFQwDQYJKoZIhvcNAQEL
BQADggEBAF1dX9Ti9dG+F21sd7Ie9E+L+HgFj26Or8S7aHKqlqrnxKncCqJzZrGi
NZXAOkKNt6PdPb7pdn1qw/zF5dzH3QfjVt6q4/i2N7w+mVs/Zd0R9Y+fW8bl+8Tt
N8SF3OkSKQFAFEZrWynANeYsrbikWUck9TMU/DORv5n5CL3x3PclVfOesBDBBAX4
uAfq62Ap6ikrbuLpbSH/FgcqpkTUDkJctQ351Gkkf9f3zaYrDAF8Z/XkvIV33WSL
0OTKejtxW0W/M57Ls9gefFEohllP3bx0cYFGY/T5HPw338Dvep5Yf4rtyP3nkvzv
lB7t9bvp5RKw8x41p4oZSm/ZwFzloRY=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:05 2024 by rpki-client on console-fra.rpki-client.org