Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E1E417B81C1B11EF86015CF37CDC24C2.roa
File:                     E1E417B81C1B11EF86015CF37CDC24C2.roa (raw, json)
Hash identifier:          cyDFNI8G4EEu2Yuy+rq3DxvzU1zRu1CZf/AphiyTp5Q=
Subject key identifier:   2F:A0:9E:7D:50:ED:62:F9:E5:CD:0F:98:DF:AF:0E:CD:E2:88:EE:BA
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       16A0
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E1E417B81C1B11EF86015CF37CDC24C2.roa
Signing time:             Mon 27 May 2024 11:25:55 +0000
ROA not before:           Mon 27 May 2024 11:25:52 +0000
ROA not after:            Wed 27 May 2026 11:25:52 +0000
asID:                     9009
IP address blocks:        154.16.229.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5792 (0x16a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 27 11:25:52 2024 GMT
            Not After : May 27 11:25:52 2026 GMT
        Subject: CN=66546dc3-b739
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ea:cd:75:27:98:11:44:67:83:9b:40:37:94:
                    1f:fd:4b:39:1d:85:67:56:57:66:1f:ec:38:52:cd:
                    31:06:e1:32:91:aa:bd:80:63:b2:68:21:03:4f:4d:
                    d8:85:e9:03:24:cb:97:35:d4:ce:63:21:78:fc:10:
                    de:02:d7:9a:1f:37:66:65:bc:b0:f7:74:08:95:77:
                    cf:fe:fc:4d:14:43:95:13:1a:fc:56:33:90:30:10:
                    11:54:08:ca:8d:b7:74:12:84:99:d3:ec:a6:60:20:
                    05:ff:af:c5:d1:e2:86:83:ec:3a:75:dd:2f:23:5a:
                    3a:ca:02:e2:53:13:c7:00:0f:3f:03:73:15:88:f4:
                    15:49:a3:3a:f9:13:63:67:d1:1f:75:1a:aa:cb:87:
                    2f:7e:9f:05:71:fc:0e:40:91:6b:af:4f:91:ca:2b:
                    79:bb:45:b4:5b:e1:79:40:b2:cc:8f:b7:a4:d6:a6:
                    b3:b3:5d:5d:18:1b:42:ac:ee:02:78:7e:fa:70:b8:
                    09:08:22:cc:d7:40:78:08:56:8b:bd:2a:2f:db:31:
                    9d:f9:df:3e:ba:7b:db:c4:80:4b:4d:3e:dc:ee:cc:
                    78:00:c5:aa:7b:11:9a:41:5f:1c:f0:43:b8:b8:42:
                    8d:a5:10:04:eb:c9:f3:e2:cd:b4:74:46:2b:7a:fc:
                    9e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:A0:9E:7D:50:ED:62:F9:E5:CD:0F:98:DF:AF:0E:CD:E2:88:EE:BA
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E1E417B81C1B11EF86015CF37CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:b2:8c:43:c7:a7:db:96:9e:5d:b5:38:4f:7a:25:42:61:0c:
         2e:0e:99:10:90:ca:e6:83:6a:a9:0d:4b:4f:e0:b2:9f:e8:4e:
         d0:a6:db:7d:e2:c9:13:48:a3:e9:96:2c:be:7f:6b:b9:91:22:
         f1:b6:c8:df:74:9d:04:83:69:fd:ab:c6:90:77:fc:44:8f:61:
         16:60:6b:d7:e8:f7:f8:98:bd:de:a8:65:ac:27:bf:80:d5:17:
         24:eb:21:02:90:21:12:a8:85:4e:1d:30:18:25:41:0c:97:b7:
         3c:87:6c:7f:6d:2f:54:b8:34:88:33:c2:da:70:2b:8c:a0:31:
         5c:a0:47:7f:bb:76:07:29:1c:dc:5d:7a:65:0c:a8:50:85:71:
         ba:d2:38:16:55:17:5f:cf:9a:8d:84:95:3d:21:41:30:a8:8f:
         3b:db:34:08:de:80:fb:a9:c6:e6:e1:00:91:07:f1:3c:d1:d9:
         4e:54:fe:7b:fb:53:2a:a6:57:dd:6c:a1:d0:4c:e7:c7:28:31:
         12:07:c6:93:ea:90:ab:5e:88:bd:e4:17:86:6c:4d:18:dc:b8:
         2b:9a:96:28:a9:56:0d:cc:44:eb:d8:c4:55:57:60:7b:4c:a8:
         5f:c9:07:d3:43:35:0f:8a:4e:ba:9c:d1:ee:80:a8:f5:43:66:
         c3:1a:a0:83
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFqAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MjcxMTI1NTJaFw0yNjA1MjcxMTI1NTJaMBgxFjAU
BgNVBAMTDTY2NTQ2ZGMzLWI3MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDH6s11J5gRRGeDm0A3lB/9SzkdhWdWV2Yf7DhSzTEG4TKRqr2AY7JoIQNP
TdiF6QMky5c11M5jIXj8EN4C15ofN2ZlvLD3dAiVd8/+/E0UQ5UTGvxWM5AwEBFU
CMqNt3QShJnT7KZgIAX/r8XR4oaD7Dp13S8jWjrKAuJTE8cADz8DcxWI9BVJozr5
E2Nn0R91GqrLhy9+nwVx/A5AkWuvT5HKK3m7RbRb4XlAssyPt6TWprOzXV0YG0Ks
7gJ4fvpwuAkIIszXQHgIVou9Ki/bMZ353z66e9vEgEtNPtzuzHgAxap7EZpBXxzw
Q7i4Qo2lEATryfPizbR0Rit6/J7JAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUL6Ce
fVDtYvnlzQ+Y368OzeKI7rowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0UxRTQxN0I4MUMxQjExRUY4NjAxNUNGMzdDREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOUwDQYJKoZIhvcNAQEL
BQADggEBACeyjEPHp9uWnl21OE96JUJhDC4OmRCQyuaDaqkNS0/gsp/oTtCm233i
yRNIo+mWLL5/a7mRIvG2yN90nQSDaf2rxpB3/ESPYRZga9fo9/iYvd6oZawnv4DV
FyTrIQKQIRKohU4dMBglQQyXtzyHbH9tL1S4NIgzwtpwK4ygMVygR3+7dgcpHNxd
emUMqFCFcbrSOBZVF1/Pmo2ElT0hQTCojzvbNAjegPupxubhAJEH8TzR2U5U/nv7
UyqmV91sodBM58coMRIHxpPqkKteiL3kF4ZsTRjcuCualiipVg3MROvYxFVXYHtM
qF/JB9NDNQ+KTrqc0e6AqPVDZsMaoIM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:34 2024 by rpki-client on console-fra.rpki-client.org