Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E38AEC5C023211EF8AE3704F017001B1.roa
File:                     E38AEC5C023211EF8AE3704F017001B1.roa (raw, json)
Hash identifier:          +jf0h6e9lJXAZOQB+bdcdpNUoEhWlVTeYVejwk9JWgE=
Subject key identifier:   5F:30:EC:9D:5F:DE:75:85:B5:33:42:C4:02:86:A4:09:96:77:FF:B9
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       15FD
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E38AEC5C023211EF8AE3704F017001B1.roa
Signing time:             Wed 24 Apr 2024 12:05:06 +0000
ROA not before:           Wed 24 Apr 2024 12:05:02 +0000
ROA not after:            Fri 24 Apr 2026 12:05:02 +0000
asID:                     14445
IP address blocks:        154.16.233.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5629 (0x15fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 24 12:05:02 2024 GMT
            Not After : Apr 24 12:05:02 2026 GMT
        Subject: CN=6628f572-5abb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:84:75:61:1e:c0:7c:59:57:04:2e:3e:8c:9b:
                    56:b3:c6:23:f3:d3:cf:39:24:39:05:f2:67:25:9c:
                    30:0e:09:12:37:e8:c2:46:7a:ba:1e:46:aa:32:04:
                    4d:05:09:fe:31:02:77:55:57:4a:c0:73:4f:de:19:
                    42:24:2f:82:8e:3e:67:4a:12:19:65:61:fa:d3:57:
                    b6:b8:ae:69:21:a9:b8:3d:07:13:20:7e:b3:b3:86:
                    95:77:d8:65:0f:ec:64:92:56:19:2d:f5:a8:cd:e0:
                    c4:72:42:fb:48:2d:74:a6:f9:f8:80:80:0c:4e:b1:
                    f5:c4:54:e1:16:47:d8:5a:bd:fd:d7:3d:4d:f0:02:
                    7d:f9:27:13:4c:40:3e:99:f2:4a:0d:06:d9:93:a5:
                    ae:78:88:14:64:bf:f2:74:16:04:80:50:8b:24:79:
                    83:48:47:4b:15:a3:26:38:34:74:30:a2:69:76:19:
                    f5:cc:78:b3:09:e0:98:11:cd:9a:cf:bc:c7:ad:bf:
                    44:bd:78:27:df:75:06:55:12:96:3e:f4:bd:e6:97:
                    a3:54:6c:36:ab:5c:6f:3f:db:94:54:71:ba:be:72:
                    39:cd:7d:01:73:cf:f0:cf:ae:26:bb:6a:96:c1:f5:
                    ef:d9:ac:05:5f:ea:fa:30:10:c1:f2:cf:63:53:aa:
                    d9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:30:EC:9D:5F:DE:75:85:B5:33:42:C4:02:86:A4:09:96:77:FF:B9
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E38AEC5C023211EF8AE3704F017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:cf:9f:f9:87:50:82:15:cf:5c:e0:30:72:11:8d:e6:d0:51:
         ef:6c:41:a3:d0:88:b7:dd:58:c5:2c:9d:07:7a:3c:a8:ff:10:
         e8:28:be:79:83:f9:7d:72:70:11:3c:46:ee:35:c3:c4:6f:5f:
         0e:33:75:d7:cf:e4:82:f5:20:b0:1c:ee:cd:d3:44:89:ff:ed:
         7c:bf:6a:a0:f7:98:54:c6:a0:8f:e6:23:ba:88:26:d1:2e:ee:
         37:29:60:8d:29:de:97:76:a2:2b:0d:f6:44:21:d9:0c:89:9e:
         02:14:bf:78:14:66:0a:2a:9e:65:c9:82:d0:6a:07:22:b6:98:
         48:c2:fe:c5:ed:d9:89:fd:0c:cd:92:20:7a:bf:85:6c:f0:c3:
         0e:ed:c7:07:6c:49:25:79:7f:f8:7a:85:9c:28:84:c5:47:24:
         33:92:74:08:40:f1:ca:11:06:c1:73:28:b0:8e:ce:a0:54:66:
         5e:cd:f3:e1:8c:c8:7a:96:a6:da:69:b9:8a:13:29:71:b3:53:
         d2:1b:34:14:5c:95:83:65:07:11:57:21:1b:a6:6d:66:2d:78:
         87:81:56:5b:f6:aa:28:78:10:ed:ae:f7:43:b4:91:37:79:6f:
         05:73:be:39:65:74:55:5b:95:bf:94:5f:66:b5:63:bb:ca:9c:
         99:e9:98:d5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFf0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MjQxMjA1MDJaFw0yNjA0MjQxMjA1MDJaMBgxFjAU
BgNVBAMTDTY2MjhmNTcyLTVhYmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5hHVhHsB8WVcELj6Mm1azxiPz0885JDkF8mclnDAOCRI36MJGeroeRqoy
BE0FCf4xAndVV0rAc0/eGUIkL4KOPmdKEhllYfrTV7a4rmkhqbg9BxMgfrOzhpV3
2GUP7GSSVhkt9ajN4MRyQvtILXSm+fiAgAxOsfXEVOEWR9havf3XPU3wAn35JxNM
QD6Z8koNBtmTpa54iBRkv/J0FgSAUIskeYNIR0sVoyY4NHQwoml2GfXMeLMJ4JgR
zZrPvMetv0S9eCffdQZVEpY+9L3ml6NUbDarXG8/25RUcbq+cjnNfQFzz/DPria7
apbB9e/ZrAVf6vowEMHyz2NTqtkNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUXzDs
nV/edYW1M0LEAoakCZZ3/7kwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0UzOEFFQzVDMDIzMjExRUY4QUUzNzA0RjAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOkwDQYJKoZIhvcNAQEL
BQADggEBAATPn/mHUIIVz1zgMHIRjebQUe9sQaPQiLfdWMUsnQd6PKj/EOgovnmD
+X1ycBE8Ru41w8RvXw4zddfP5IL1ILAc7s3TRIn/7Xy/aqD3mFTGoI/mI7qIJtEu
7jcpYI0p3pd2oisN9kQh2QyJngIUv3gUZgoqnmXJgtBqByK2mEjC/sXt2Yn9DM2S
IHq/hWzwww7txwdsSSV5f/h6hZwohMVHJDOSdAhA8coRBsFzKLCOzqBUZl7N8+GM
yHqWptppuYoTKXGzU9IbNBRclYNlBxFXIRumbWYteIeBVlv2qih4EO2u90O0kTd5
bwVzvjlldFVblb+UX2a1Y7vKnJnpmNU=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:45 2024 by rpki-client on console-fra.rpki-client.org