Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EE29515402CC11EF9A8FDF3C017001B1.roa
File:                     EE29515402CC11EF9A8FDF3C017001B1.roa (raw, json)
Hash identifier:          2kPk45n3L6j+f+r9IH+LtR9cEb367k0ZghNKBqRz1+M=
Subject key identifier:   B2:E1:98:16:D5:B7:A4:3B:93:A9:55:23:C6:80:08:00:C6:80:A8:8A
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1600
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EE29515402CC11EF9A8FDF3C017001B1.roa
Signing time:             Thu 25 Apr 2024 06:27:46 +0000
ROA not before:           Thu 25 Apr 2024 06:27:43 +0000
ROA not after:            Sat 25 Apr 2026 06:27:43 +0000
asID:                     400866
IP address blocks:        154.16.222.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5632 (0x1600)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 25 06:27:43 2024 GMT
            Not After : Apr 25 06:27:43 2026 GMT
        Subject: CN=6629f7e2-67a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:83:1f:c4:f9:54:2a:a0:83:9b:ae:c7:b2:17:
                    6b:06:18:cf:a9:fa:1d:70:4e:2f:e1:56:dd:b2:e3:
                    bf:2c:49:22:84:d6:6b:94:49:9c:cd:d8:9a:1a:4f:
                    08:af:79:75:4e:38:60:3a:6f:97:0a:b2:a2:66:e6:
                    cf:eb:0a:76:9a:b4:bd:92:07:28:a9:58:9b:b1:d0:
                    47:dd:19:52:89:00:d3:73:d4:76:3f:04:53:03:4d:
                    ef:af:03:e6:da:fc:0e:29:ce:67:7c:a8:35:81:76:
                    e9:6f:96:4e:33:57:5e:06:af:59:c9:da:7f:d9:8b:
                    25:e7:d8:24:8c:26:be:b5:3a:4f:94:79:e5:be:67:
                    f5:10:d5:11:b5:ee:b4:6c:25:9d:01:82:47:19:66:
                    3b:20:d4:c4:b9:e4:2d:5a:19:59:be:80:e0:d0:ea:
                    a0:fd:66:a2:4d:b7:64:93:51:6d:8a:4f:69:7b:41:
                    5b:82:a3:84:93:e3:27:ec:e7:f7:89:69:a9:d1:3a:
                    28:0e:7e:b4:c9:f2:4d:3b:f9:a4:e2:1f:96:5f:f4:
                    29:44:9e:fd:fb:cb:f1:2d:6d:7e:ec:c4:5d:bd:93:
                    0d:d2:4b:c7:f3:20:14:df:5f:13:d2:96:1c:8c:43:
                    72:26:9a:1b:18:75:e9:17:5a:3d:ce:90:0f:e4:60:
                    74:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:E1:98:16:D5:B7:A4:3B:93:A9:55:23:C6:80:08:00:C6:80:A8:8A
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EE29515402CC11EF9A8FDF3C017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:8d:0c:50:bc:25:28:fa:6e:bf:72:fd:20:a5:1f:ea:16:2b:
         aa:93:e4:03:3e:3e:dd:78:c0:5b:a2:d6:9f:25:20:c6:87:e8:
         85:36:31:ce:5c:67:bf:16:ab:60:79:f9:7c:ac:e4:23:c1:c5:
         16:94:96:7e:58:22:6c:ce:85:7e:13:bd:4f:29:37:31:27:c0:
         08:e5:b0:cb:bb:de:41:eb:cc:9e:07:4a:88:e0:13:bb:3a:23:
         f0:73:07:35:7c:14:e8:4a:22:27:86:f0:6b:28:6a:ce:df:cc:
         77:09:24:be:08:18:96:03:fb:3f:c3:61:c1:3c:67:8d:50:9d:
         b0:96:58:c5:df:66:32:86:0f:0b:8c:43:ac:a3:15:43:00:79:
         10:c9:9b:20:cb:eb:95:f8:8b:19:23:c7:0e:ed:ee:1b:3d:3a:
         e9:cf:fa:70:f4:44:42:c8:73:84:cb:c9:8c:d4:c1:8c:94:18:
         d3:2d:61:f6:73:09:ee:d6:07:7b:17:3c:33:48:61:e0:d7:84:
         e6:d7:cb:55:b2:86:fd:b1:ce:5f:0b:3f:b3:69:b1:44:24:56:
         ed:ae:fe:00:af:93:56:6a:16:86:c3:d9:a3:15:de:b9:dc:f4:
         29:8d:c0:b6:d6:b6:5f:97:e1:ab:65:9f:da:c9:97:61:c6:47:
         ae:dc:85:a9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFgAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MjUwNjI3NDNaFw0yNjA0MjUwNjI3NDNaMBgxFjAU
BgNVBAMTDTY2MjlmN2UyLTY3YTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDngx/E+VQqoIObrseyF2sGGM+p+h1wTi/hVt2y478sSSKE1muUSZzN2Joa
TwiveXVOOGA6b5cKsqJm5s/rCnaatL2SByipWJux0EfdGVKJANNz1HY/BFMDTe+v
A+ba/A4pzmd8qDWBdulvlk4zV14Gr1nJ2n/ZiyXn2CSMJr61Ok+UeeW+Z/UQ1RG1
7rRsJZ0BgkcZZjsg1MS55C1aGVm+gODQ6qD9ZqJNt2STUW2KT2l7QVuCo4ST4yfs
5/eJaanROigOfrTJ8k07+aTiH5Zf9ClEnv37y/EtbX7sxF29kw3SS8fzIBTfXxPS
lhyMQ3ImmhsYdekXWj3OkA/kYHSlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUsuGY
FtW3pDuTqVUjxoAIAMaAqIowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0VFMjk1MTU0MDJDQzExRUY5QThGREYzQzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEN4wDQYJKoZIhvcNAQEL
BQADggEBAAGNDFC8JSj6br9y/SClH+oWK6qT5AM+Pt14wFui1p8lIMaH6IU2Mc5c
Z78Wq2B5+Xys5CPBxRaUln5YImzOhX4TvU8pNzEnwAjlsMu73kHrzJ4HSojgE7s6
I/BzBzV8FOhKIieG8Gsoas7fzHcJJL4IGJYD+z/DYcE8Z41QnbCWWMXfZjKGDwuM
Q6yjFUMAeRDJmyDL65X4ixkjxw7t7hs9OunP+nD0RELIc4TLyYzUwYyUGNMtYfZz
Ce7WB3sXPDNIYeDXhObXy1Wyhv2xzl8LP7NpsUQkVu2u/gCvk1ZqFobD2aMV3rnc
9CmNwLbWtl+X4atln9rJl2HGR67chak=
-----END CERTIFICATE-----
Generated at Thu Jul 18 02:13:05 2024 by rpki-client on console-fra.rpki-client.org