Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DDE4B57A077F11EE9D155E594AD9E6FC.roa
File:                     DDE4B57A077F11EE9D155E594AD9E6FC.roa (raw, json)
Hash identifier:          J77E+rOdzKs0L55sbnVVMb6KR0Z5naONtnbrb5V/P8E=
Subject key identifier:   E0:B1:02:FA:4E:88:3F:33:61:75:15:BB:E7:8C:C7:29:0B:A8:55:4C
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0F24
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DDE4B57A077F11EE9D155E594AD9E6FC.roa
Signing time:             Sat 10 Jun 2023 11:13:46 +0000
ROA not before:           Sat 10 Jun 2023 11:13:41 +0000
ROA not after:            Tue 10 Jun 2025 11:13:41 +0000
asID:                     14445
IP address blocks:        154.16.14.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Jul 2023 00:03:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3876 (0xf24)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun 10 11:13:41 2023 GMT
            Not After : Jun 10 11:13:41 2025 GMT
        Subject: CN=64845aea-0998
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:d7:de:4d:45:fe:72:80:a6:58:41:05:a1:b2:
                    18:b5:f1:b2:f6:f0:2e:40:84:e3:ef:fc:35:38:dc:
                    32:cc:d0:90:1c:c5:40:b7:36:0f:aa:f1:38:0e:76:
                    b0:88:1b:2b:87:17:9d:b4:13:53:4b:55:d3:1b:7e:
                    b4:f1:57:63:55:ce:6b:bc:a6:5b:9f:ff:bd:99:d7:
                    13:74:94:65:c6:a0:0d:3c:8e:a9:e7:12:5b:69:27:
                    22:36:f4:d3:21:07:11:97:e1:3d:eb:6a:f1:1b:53:
                    81:cb:a4:d8:e3:4d:e3:5f:2d:a0:e1:47:9b:20:83:
                    0a:63:47:fc:db:9b:fe:3c:ae:1a:f9:d5:84:2a:b7:
                    ef:74:18:05:80:59:57:f8:26:82:d9:cd:74:39:e8:
                    bf:dd:c4:c4:25:a3:01:51:18:71:c8:b1:34:5f:30:
                    10:e4:51:59:db:fb:7f:f7:7d:39:c9:f7:89:a9:10:
                    ff:b9:55:b5:d9:51:f0:49:a2:9a:67:10:32:67:13:
                    5f:88:83:ab:b1:53:5a:db:55:48:ed:58:e5:9d:a7:
                    54:b6:52:c1:17:da:c8:60:ac:97:e4:57:4d:46:7c:
                    37:4d:0e:8d:4c:7d:ab:73:d4:f2:55:74:a7:57:5d:
                    f5:dc:ae:9f:43:e4:07:17:22:1d:de:43:02:a8:c1:
                    08:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:B1:02:FA:4E:88:3F:33:61:75:15:BB:E7:8C:C7:29:0B:A8:55:4C
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DDE4B57A077F11EE9D155E594AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:eb:24:2c:3a:be:6e:21:37:7b:56:3e:90:aa:12:a5:ce:14:
         9c:12:55:a1:43:7a:ab:76:fb:30:44:50:c0:c1:44:56:08:13:
         62:ed:0c:ae:b3:7f:57:5b:18:43:13:43:6a:df:3e:d8:d9:b0:
         ec:99:0b:e2:59:6d:d1:5d:2c:98:d2:0a:b1:a4:a6:e7:e9:98:
         a3:4b:2b:07:ea:5d:ef:31:5e:a4:87:0e:26:5a:dc:07:4c:08:
         2c:44:5d:ec:0c:b4:17:ab:ea:0d:0c:66:7c:1e:8e:ca:8d:79:
         0f:db:01:f9:ac:d1:c9:68:5a:de:e8:d8:b5:87:75:71:c8:09:
         85:9e:cd:e8:de:b7:fa:6b:c1:27:17:05:89:51:01:50:b3:c2:
         ec:e7:a7:8e:65:af:2d:5d:0d:ca:c6:f4:a1:2b:31:76:1c:d9:
         c5:54:11:76:3a:72:e0:cc:8a:ca:db:1c:58:84:cb:ed:5c:3c:
         31:43:5d:ab:0b:f3:50:ae:09:cf:c6:84:f9:93:c5:55:c3:86:
         e0:75:00:7a:8f:83:f7:2f:79:58:47:b7:dc:a4:85:c8:e0:bc:
         aa:9f:f1:68:9f:09:35:2c:db:49:7d:8c:1c:eb:68:eb:51:49:
         83:8c:d9:28:5f:3b:a0:0b:41:d4:f0:3e:8c:b1:01:9b:61:39:
         18:d2:f0:a4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDyQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MTAxMTEzNDFaFw0yNTA2MTAxMTEzNDFaMBgxFjAU
BgNVBAMTDTY0ODQ1YWVhLTA5OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDn195NRf5ygKZYQQWhshi18bL28C5AhOPv/DU43DLM0JAcxUC3Ng+q8TgO
drCIGyuHF520E1NLVdMbfrTxV2NVzmu8pluf/72Z1xN0lGXGoA08jqnnEltpJyI2
9NMhBxGX4T3ravEbU4HLpNjjTeNfLaDhR5sggwpjR/zbm/48rhr51YQqt+90GAWA
WVf4JoLZzXQ56L/dxMQlowFRGHHIsTRfMBDkUVnb+3/3fTnJ94mpEP+5VbXZUfBJ
oppnEDJnE1+Ig6uxU1rbVUjtWOWdp1S2UsEX2shgrJfkV01GfDdNDo1Mfatz1PJV
dKdXXfXcrp9D5AcXIh3eQwKowQirAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4LEC
+k6IPzNhdRW754zHKQuoVUwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RERTRCNTdBMDc3RjExRUU5RDE1NUU1OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEA4wDQYJKoZIhvcNAQEL
BQADggEBAJDrJCw6vm4hN3tWPpCqEqXOFJwSVaFDeqt2+zBEUMDBRFYIE2LtDK6z
f1dbGEMTQ2rfPtjZsOyZC+JZbdFdLJjSCrGkpufpmKNLKwfqXe8xXqSHDiZa3AdM
CCxEXewMtBer6g0MZnwejsqNeQ/bAfms0cloWt7o2LWHdXHICYWezejet/prwScX
BYlRAVCzwuznp45lry1dDcrG9KErMXYc2cVUEXY6cuDMisrbHFiEy+1cPDFDXasL
81CuCc/GhPmTxVXDhuB1AHqPg/cveVhHt9ykhcjgvKqf8WifCTUs20l9jBzraOtR
SYOM2ShfO6ALQdTwPoyxAZthORjS8KQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:32:51 2023 by rpki-client on console-fra.rpki-client.org