Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E35A2AB28B8711EE95EAD71F4AD9E6FC.roa
File:                     E35A2AB28B8711EE95EAD71F4AD9E6FC.roa (raw, json)
Hash identifier:          FIdkTR4TDt7Zqno0secV6fkhlMSkNfCFTCXg9GlvObw=
Subject key identifier:   9B:1F:18:20:F8:59:73:96:26:9C:9F:AF:17:C2:B0:09:41:61:DA:88
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       137D
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E35A2AB28B8711EE95EAD71F4AD9E6FC.roa
Signing time:             Sat 25 Nov 2023 11:43:45 +0000
ROA not before:           Sat 25 Nov 2023 11:43:41 +0000
ROA not after:            Tue 25 Nov 2025 11:43:41 +0000
asID:                     212238
IP address blocks:        154.16.102.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4989 (0x137d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 25 11:43:41 2023 GMT
            Not After : Nov 25 11:43:41 2025 GMT
        Subject: CN=6561ddf0-7993
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e9:cb:22:ae:52:86:d3:21:04:3a:4b:79:4a:
                    ee:75:7f:d4:8c:ad:ab:22:b2:de:82:84:61:4e:e3:
                    9c:5f:ef:ec:80:56:f9:c0:b1:1c:cc:37:b3:51:f6:
                    6e:a9:b2:77:b0:42:f4:f8:8f:d1:bf:35:35:79:67:
                    cc:40:b9:a3:ec:b8:ad:c7:43:d9:ae:78:a1:2f:77:
                    55:9d:59:ba:dd:2d:de:d9:f7:0d:64:66:1e:5d:d5:
                    e3:b5:a0:63:dd:0b:a3:a9:e4:2c:37:97:27:54:25:
                    64:49:21:6c:58:c2:e7:59:01:be:5e:15:1a:db:eb:
                    f5:e5:6f:27:8a:7c:0e:b5:9d:96:9f:e5:35:b7:9a:
                    bd:e3:44:ee:86:54:1b:92:d9:f3:28:2f:7c:d2:7d:
                    4d:c5:85:1d:53:a6:75:1c:82:02:4b:29:c1:25:99:
                    60:24:29:fe:e2:12:78:ae:0a:9d:34:9b:54:40:25:
                    4f:7a:61:9b:db:d6:1b:e8:8b:db:19:c6:61:c6:fe:
                    96:1c:ad:8d:94:c6:86:2b:08:4f:e5:f5:2a:b7:ab:
                    f0:fa:c2:bf:29:ee:51:80:2f:fd:bd:4b:42:42:ba:
                    3d:57:02:a2:1d:65:88:1f:eb:da:1a:0a:6c:62:bd:
                    63:5f:1a:39:1e:5d:15:83:c7:81:ea:a2:f8:7b:7d:
                    33:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:1F:18:20:F8:59:73:96:26:9C:9F:AF:17:C2:B0:09:41:61:DA:88
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E35A2AB28B8711EE95EAD71F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cc:61:db:34:07:e7:03:0b:8e:86:08:b7:a0:5c:24:bf:f9:3b:
         93:56:df:35:e1:33:bc:01:74:09:44:68:46:70:68:09:ab:67:
         3e:b5:37:46:00:fd:e2:65:d0:af:0d:dc:08:af:c9:6e:99:05:
         8b:d0:f7:e4:b8:8d:92:53:43:c0:ed:8d:8f:17:3e:42:08:01:
         e6:3a:68:6d:a6:dc:1e:11:0b:8e:32:81:4f:40:20:1d:b8:76:
         f6:9b:06:0c:bd:08:bf:1f:56:81:7c:9b:74:e9:cd:c5:66:67:
         c0:54:6b:2a:ed:ad:d3:0e:c5:f0:75:d1:c4:a0:3a:90:e2:46:
         ce:9e:d5:98:88:b9:7b:17:69:e5:97:05:ef:f2:97:66:a2:81:
         df:54:31:ef:77:36:82:f0:52:54:f0:a4:05:d6:bd:28:21:f0:
         24:21:7b:a2:93:4b:bc:39:f2:4b:ab:29:90:03:82:fa:14:7e:
         c6:46:00:94:8e:9c:03:74:ad:4c:75:89:56:b0:0c:52:e7:dd:
         dd:20:98:9d:7e:70:d3:73:a0:61:c6:44:5a:88:22:93:5b:3f:
         ef:c0:f5:49:ae:d8:3c:19:fb:b6:82:2c:9b:ff:aa:f9:a1:ca:
         f9:e8:47:a9:74:19:86:fb:45:f1:96:51:e2:41:09:68:0c:2a:
         2d:0f:71:37
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE30wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTQzNDFaFw0yNTExMjUxMTQzNDFaMBgxFjAU
BgNVBAMTDTY1NjFkZGYwLTc5OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCe6csirlKG0yEEOkt5Su51f9SMrasist6ChGFO45xf7+yAVvnAsRzMN7NR
9m6psnewQvT4j9G/NTV5Z8xAuaPsuK3HQ9mueKEvd1WdWbrdLd7Z9w1kZh5d1eO1
oGPdC6Op5Cw3lydUJWRJIWxYwudZAb5eFRrb6/XlbyeKfA61nZaf5TW3mr3jRO6G
VBuS2fMoL3zSfU3FhR1TpnUcggJLKcElmWAkKf7iEniuCp00m1RAJU96YZvb1hvo
i9sZxmHG/pYcrY2UxoYrCE/l9Sq3q/D6wr8p7lGAL/29S0JCuj1XAqIdZYgf69oa
CmxivWNfGjkeXRWDx4Hqovh7fTPjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUmx8Y
IPhZc5YmnJ+vF8KwCUFh2ogwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0UzNUEyQUIyOEI4NzExRUU5NUVBRDcxRjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGYwDQYJKoZIhvcNAQEL
BQADggEBAMxh2zQH5wMLjoYIt6BcJL/5O5NW3zXhM7wBdAlEaEZwaAmrZz61N0YA
/eJl0K8N3AivyW6ZBYvQ9+S4jZJTQ8DtjY8XPkIIAeY6aG2m3B4RC44ygU9AIB24
dvabBgy9CL8fVoF8m3TpzcVmZ8BUayrtrdMOxfB10cSgOpDiRs6e1ZiIuXsXaeWX
Be/yl2aigd9UMe93NoLwUlTwpAXWvSgh8CQhe6KTS7w58kurKZADgvoUfsZGAJSO
nAN0rUx1iVawDFLn3d0gmJ1+cNNzoGHGRFqIIpNbP+/A9Umu2DwZ+7aCLJv/qvmh
yvnoR6l0GYb7RfGWUeJBCWgMKi0PcTc=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org