Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E1E3179218F011EFA127B928017001B1.roa
File:                     E1E3179218F011EFA127B928017001B1.roa (raw, json)
Hash identifier:          O1WG+fx/XB4DuhFV0pe+M/PoDN3frcDfzGiqNEMDiP0=
Subject key identifier:   14:D3:4A:C7:CD:B6:5A:8A:EE:CD:F0:86:08:EE:6D:2A:E8:D8:76:3C
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       167A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E1E3179218F011EFA127B928017001B1.roa
Signing time:             Thu 23 May 2024 10:40:33 +0000
ROA not before:           Thu 23 May 2024 10:40:30 +0000
ROA not after:            Sat 23 May 2026 10:40:30 +0000
asID:                     9009
IP address blocks:        154.16.252.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5754 (0x167a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 23 10:40:30 2024 GMT
            Not After : May 23 10:40:30 2026 GMT
        Subject: CN=664f1d21-5eee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:c7:28:f7:f2:03:17:a0:a9:99:d4:ed:9e:bb:
                    63:9a:e2:0a:5d:38:e1:af:6c:3b:48:a1:86:d4:7c:
                    cf:dc:a0:27:f6:77:ee:7d:7b:8a:23:fc:89:a9:cf:
                    ac:a2:0a:25:3d:af:54:46:ca:8d:8b:34:af:a5:2d:
                    f0:31:1c:09:9b:e2:38:0e:d4:26:5d:f6:3a:32:62:
                    2a:e2:d1:8b:8e:bc:43:c5:ea:c1:9d:30:60:b7:83:
                    52:5a:00:ea:8f:60:0e:80:80:5e:88:16:a5:e4:f6:
                    f7:96:fe:a1:34:68:d4:3b:21:ea:14:ea:cb:2e:9c:
                    ec:62:38:7d:b5:81:dc:11:11:a7:6f:64:49:c8:f9:
                    41:a7:f3:b4:57:28:9c:df:ee:d1:d5:65:5e:21:90:
                    31:08:70:07:ac:4d:70:a3:f2:9d:19:00:2f:86:2c:
                    d0:b9:39:2d:1e:84:15:c4:ba:14:aa:b9:2d:47:78:
                    93:50:ce:3c:73:0b:dd:1b:9a:23:c9:5d:f2:85:bc:
                    ac:6d:db:7b:20:cf:62:bd:9c:1b:f5:47:79:d8:23:
                    3a:57:39:05:b7:96:dc:50:22:26:e3:f5:21:d9:49:
                    90:36:65:07:0c:85:a3:4a:5b:56:30:e3:c7:94:96:
                    25:e2:d2:87:bc:dc:46:fa:c7:a0:ac:db:15:27:02:
                    d7:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:D3:4A:C7:CD:B6:5A:8A:EE:CD:F0:86:08:EE:6D:2A:E8:D8:76:3C
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E1E3179218F011EFA127B928017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:b3:eb:c5:3f:47:6f:14:eb:36:69:aa:f0:27:1d:e5:1f:98:
         e8:11:51:68:14:e3:57:9a:6f:97:6b:d1:0b:ae:76:84:a7:28:
         16:70:b6:c2:9c:3f:a5:b9:85:61:69:f9:01:f5:fb:1d:6d:ca:
         74:e7:e2:30:ab:42:68:2c:d6:fc:7a:3d:c1:2f:5e:74:01:ac:
         ad:4e:05:15:26:86:24:54:cc:31:7f:a6:71:6f:0e:25:fe:16:
         96:e8:47:8e:22:5c:c7:f1:ed:1c:a3:50:ff:86:5e:9b:66:15:
         97:0e:c1:7b:25:4d:0d:56:60:22:ad:9e:fc:42:c6:bb:87:81:
         d8:dd:9b:a1:01:23:02:8f:65:2e:af:61:44:de:6e:88:92:22:
         20:c2:30:50:18:f2:15:61:e2:cb:c0:f9:18:1d:6c:30:c6:65:
         df:21:d7:57:1a:e5:70:a8:43:e7:93:4a:be:e9:dc:cf:22:3f:
         c2:29:00:dc:5a:62:59:98:42:af:2e:f0:b5:ca:18:19:03:db:
         32:4c:65:11:3e:76:a4:fd:b9:b4:42:68:ef:fd:6c:1c:7f:0c:
         5c:6c:dc:29:39:05:6b:f1:0f:d6:18:6a:53:fc:97:12:6e:3a:
         29:27:08:3c:6d:85:9a:f2:82:7c:94:47:50:17:71:f3:7a:7c:
         07:0c:1d:f9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFnowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MjMxMDQwMzBaFw0yNjA1MjMxMDQwMzBaMBgxFjAU
BgNVBAMTDTY2NGYxZDIxLTVlZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDXxyj38gMXoKmZ1O2eu2Oa4gpdOOGvbDtIoYbUfM/coCf2d+59e4oj/Imp
z6yiCiU9r1RGyo2LNK+lLfAxHAmb4jgO1CZd9joyYiri0YuOvEPF6sGdMGC3g1Ja
AOqPYA6AgF6IFqXk9veW/qE0aNQ7IeoU6ssunOxiOH21gdwREadvZEnI+UGn87RX
KJzf7tHVZV4hkDEIcAesTXCj8p0ZAC+GLNC5OS0ehBXEuhSquS1HeJNQzjxzC90b
miPJXfKFvKxt23sgz2K9nBv1R3nYIzpXOQW3ltxQIibj9SHZSZA2ZQcMhaNKW1Yw
48eUliXi0oe83Eb6x6Cs2xUnAtenAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUFNNK
x822WoruzfCGCO5tKujYdjwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0UxRTMxNzkyMThGMDExRUZBMTI3QjkyODAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPwwDQYJKoZIhvcNAQEL
BQADggEBALGz68U/R28U6zZpqvAnHeUfmOgRUWgU41eab5dr0QuudoSnKBZwtsKc
P6W5hWFp+QH1+x1tynTn4jCrQmgs1vx6PcEvXnQBrK1OBRUmhiRUzDF/pnFvDiX+
FpboR44iXMfx7RyjUP+GXptmFZcOwXslTQ1WYCKtnvxCxruHgdjdm6EBIwKPZS6v
YUTeboiSIiDCMFAY8hVh4svA+RgdbDDGZd8h11ca5XCoQ+eTSr7p3M8iP8IpANxa
YlmYQq8u8LXKGBkD2zJMZRE+dqT9ubRCaO/9bBx/DFxs3Ck5BWvxD9YYalP8lxJu
OiknCDxthZrygnyUR1AXcfN6fAcMHfk=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org