Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EFE4E6F4B43811EDB5201A9DF1222468.roa
File:                     EFE4E6F4B43811EDB5201A9DF1222468.roa (raw, json)
Hash identifier:          A4aXRYHyZEPvSyp/cgGaWt+5aLQpw3yf+bHOPriaJ/8=
Subject key identifier:   EB:A7:3F:17:74:8A:B2:62:09:07:3A:93:EF:AB:9A:47:17:56:2E:AE
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0BE7
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EFE4E6F4B43811EDB5201A9DF1222468.roa
Signing time:             Fri 24 Feb 2023 11:46:55 +0000
ROA not before:           Fri 24 Feb 2023 11:46:52 +0000
ROA not after:            Sat 22 Feb 2025 11:46:52 +0000
asID:                     61317
IP address blocks:        154.16.11.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3047 (0xbe7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 24 11:46:52 2023 GMT
            Not After : Feb 22 11:46:52 2025 GMT
        Subject: CN=63f8a3af-bd8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:64:3f:83:16:66:86:cb:0b:7f:0e:2a:73:bc:
                    65:98:2a:52:0d:9f:ae:af:3d:91:31:38:0c:b3:97:
                    d4:c3:61:20:53:35:67:d9:a3:bb:1f:ce:bc:21:ee:
                    36:f9:27:05:23:32:2f:0c:31:c5:3d:75:7e:b5:4e:
                    cf:71:a9:be:88:24:6e:15:31:05:dd:98:84:36:ea:
                    46:fe:ec:9b:83:f9:da:18:56:50:16:1a:1a:5a:96:
                    c2:ff:16:f2:9f:14:05:be:36:77:f4:b3:09:32:19:
                    a4:ca:47:d5:23:85:55:b0:39:da:54:d2:ba:0c:19:
                    5d:84:8e:18:17:c2:85:ce:52:e3:bb:91:0a:13:1f:
                    f3:c7:ce:43:44:01:77:ef:d4:79:cf:a6:20:f5:fa:
                    9d:33:17:e2:b7:3c:01:be:c8:ca:58:54:8d:35:2a:
                    bf:15:04:c9:b4:98:c0:cc:ba:a8:71:25:7c:74:2f:
                    aa:05:f8:9c:11:57:ee:37:15:1b:19:5d:41:bc:c2:
                    4a:78:41:94:af:e9:fc:c5:8f:ef:64:ae:ea:26:0b:
                    66:02:5f:50:e0:63:0c:ef:dc:2b:79:30:68:3a:38:
                    e1:c2:5a:ae:dd:59:a4:98:e1:b4:19:2e:f0:73:8c:
                    da:68:fb:22:b7:ea:ee:ae:ba:13:f0:c6:4e:11:62:
                    f7:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:A7:3F:17:74:8A:B2:62:09:07:3A:93:EF:AB:9A:47:17:56:2E:AE
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EFE4E6F4B43811EDB5201A9DF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:a7:51:c9:84:c2:0c:04:83:ef:46:c7:7b:06:4d:43:d9:88:
         d1:9b:37:1c:73:b3:90:84:d8:1e:6a:24:b4:9e:48:8c:91:5e:
         24:14:f4:29:5a:2b:d3:2e:b7:cb:28:e3:55:f2:80:cb:49:b9:
         e0:76:06:e3:57:f7:71:f0:95:7e:62:ae:cd:5d:f1:67:c2:10:
         d8:53:45:bd:fb:17:88:0e:d9:4d:6a:a2:0f:71:f4:36:c6:cc:
         39:98:c1:37:7e:a2:f4:c9:eb:38:55:58:3a:47:0e:c1:fd:b3:
         66:17:2d:05:67:0b:4d:e6:7f:18:84:b9:a8:0b:a0:48:9c:b2:
         5d:53:d3:15:fc:97:ec:15:f6:da:02:46:d5:ca:00:b3:c9:b6:
         a4:f4:18:0f:9b:78:99:2b:f1:2f:ad:6c:18:cc:c5:cc:5c:80:
         5d:ae:ca:68:96:43:f9:c4:40:36:10:98:83:76:11:e3:ed:91:
         82:01:67:11:9e:f5:46:9d:fe:51:55:09:1d:e9:b9:5c:ef:a0:
         79:27:90:92:50:69:56:29:39:2f:ce:50:85:d2:9e:75:1c:eb:
         11:02:10:ba:83:86:21:c0:4e:d1:0f:bd:41:28:80:24:d7:c5:
         b7:8c:11:5b:13:1a:8d:e7:36:d2:9a:b3:09:25:1a:c8:c1:8e:
         30:5f:6e:58
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC+cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjQxMTQ2NTJaFw0yNTAyMjIxMTQ2NTJaMBgxFjAU
BgNVBAMMDTYzZjhhM2FmLWJkOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdZD+DFmaGywt/DipzvGWYKlINn66vPZExOAyzl9TDYSBTNWfZo7sfzrwh
7jb5JwUjMi8MMcU9dX61Ts9xqb6IJG4VMQXdmIQ26kb+7JuD+doYVlAWGhpalsL/
FvKfFAW+Nnf0swkyGaTKR9UjhVWwOdpU0roMGV2EjhgXwoXOUuO7kQoTH/PHzkNE
AXfv1HnPpiD1+p0zF+K3PAG+yMpYVI01Kr8VBMm0mMDMuqhxJXx0L6oF+JwRV+43
FRsZXUG8wkp4QZSv6fzFj+9kruomC2YCX1DgYwzv3Ct5MGg6OOHCWq7dWaSY4bQZ
LvBzjNpo+yK36u6uuhPwxk4RYvenAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU66c/
F3SKsmIJBzqT76uaRxdWLq4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0VGRTRFNkY0QjQzODExRURCNTIwMUE5REYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAswDQYJKoZIhvcNAQEL
BQADggEBAFmnUcmEwgwEg+9Gx3sGTUPZiNGbNxxzs5CE2B5qJLSeSIyRXiQU9Cla
K9Mut8so41XygMtJueB2BuNX93HwlX5irs1d8WfCENhTRb37F4gO2U1qog9x9DbG
zDmYwTd+ovTJ6zhVWDpHDsH9s2YXLQVnC03mfxiEuagLoEicsl1T0xX8l+wV9toC
RtXKALPJtqT0GA+beJkr8S+tbBjMxcxcgF2uymiWQ/nEQDYQmIN2EePtkYIBZxGe
9Uad/lFVCR3puVzvoHknkJJQaVYpOS/OUIXSnnUc6xECELqDhiHATtEPvUEogCTX
xbeMEVsTGo3nNtKaswklGsjBjjBfblg=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:17:41 2024 by rpki-client on console-ams.rpki-client.org