Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F1C3CFAA468011EEAFCE68894AD9E6FC.roa
File:                     F1C3CFAA468011EEAFCE68894AD9E6FC.roa (raw, json)
Hash identifier:          yEs4SgeqO12uAU210fHdSppmuY/FdsWuYKZYW3mcjvg=
Subject key identifier:   B4:86:B3:F9:FE:1B:BB:9B:0B:40:84:80:DE:BB:CA:69:9E:7A:DE:A8
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       11D1
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F1C3CFAA468011EEAFCE68894AD9E6FC.roa
Signing time:             Tue 29 Aug 2023 15:30:12 +0000
ROA not before:           Tue 29 Aug 2023 15:30:08 +0000
ROA not after:            Fri 30 Aug 2024 15:30:08 +0000
asID:                     5065
IP address blocks:        154.16.61.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4561 (0x11d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 29 15:30:08 2023 GMT
            Not After : Aug 30 15:30:08 2024 GMT
        Subject: CN=64ee0f04-75e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:9a:80:a9:9d:2c:78:db:01:a1:d0:10:f0:24:
                    aa:c1:bb:7e:c7:e8:ad:a2:f6:d7:ce:65:b1:b0:73:
                    0b:30:de:22:dd:98:af:bb:63:b4:3b:aa:0f:70:5b:
                    41:6f:04:6a:3a:30:f9:d9:9d:c3:93:ff:06:86:2d:
                    d9:71:0b:70:1f:7e:43:1a:c9:67:2a:32:ef:bf:9e:
                    cc:f0:25:63:5c:5a:78:4b:be:75:bc:0d:3c:d4:f1:
                    d6:73:db:55:8f:6f:4f:1a:ba:e9:73:10:ca:0f:6c:
                    13:47:f8:68:1b:85:27:f8:ba:20:44:51:91:2b:c8:
                    ea:f3:23:dd:e8:96:b8:68:bc:2e:e7:78:2f:2b:51:
                    7c:56:ae:95:8b:02:62:27:61:65:29:d1:0c:ae:6a:
                    3f:a1:37:88:cc:03:6a:2c:fd:ff:80:98:e9:db:7e:
                    68:af:10:9f:f5:9b:a6:0e:05:b8:05:0c:db:ed:bd:
                    1e:c4:2b:1d:76:9c:7e:68:a4:54:55:c9:03:6f:b3:
                    58:6f:3a:f0:bb:5b:50:ad:9a:23:8d:21:ef:0f:54:
                    49:e7:bf:69:42:28:4a:99:ae:2d:6d:24:ba:5d:d4:
                    03:07:d2:6d:36:78:85:a4:18:2e:a0:47:9e:7d:79:
                    00:0c:48:61:8f:b5:31:52:02:1c:64:e3:59:6a:b5:
                    16:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:86:B3:F9:FE:1B:BB:9B:0B:40:84:80:DE:BB:CA:69:9E:7A:DE:A8
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F1C3CFAA468011EEAFCE68894AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:dd:f6:64:54:93:f9:c0:45:08:e6:cd:a0:4c:60:b9:64:dd:
         9c:91:6d:f1:03:0c:28:23:2c:fb:d7:c7:bc:87:03:99:c2:b1:
         05:c9:7c:1e:c2:61:65:80:fc:08:cd:22:be:89:de:65:00:b2:
         ac:31:6a:59:15:61:b8:64:f7:8b:f8:14:9a:51:33:50:aa:92:
         b0:3f:ad:15:9c:f1:e4:89:08:e8:fa:c6:fb:41:31:2d:32:0d:
         60:f0:e3:b2:2f:c1:cc:7c:52:d5:7f:c2:1b:30:97:30:81:b5:
         d6:fb:09:f4:d9:f7:42:6f:21:82:06:54:bc:1f:55:47:ae:b3:
         43:cc:cd:a6:36:2f:5b:3c:99:e2:50:bd:ab:8b:ae:be:44:9f:
         4a:02:bc:e1:04:b6:2e:b2:6e:53:63:6c:33:16:2c:8c:78:c7:
         ea:cf:16:53:05:37:24:fb:50:0d:ca:49:26:32:73:8d:27:c5:
         41:2a:20:92:2e:c2:75:cb:d7:9a:af:6a:ac:37:d9:6a:9f:86:
         24:c4:d2:c6:6e:65:3d:99:2d:2f:d6:6e:bc:c6:6e:df:f2:c4:
         77:9b:e1:80:41:c8:10:eb:e1:bf:68:88:c0:cc:a7:3a:b4:b3:
         05:7c:98:8f:82:64:b6:04:ab:6f:ea:4b:0e:4c:59:a3:9f:94:
         75:00:27:74
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEdEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MjkxNTMwMDhaFw0yNDA4MzAxNTMwMDhaMBgxFjAU
BgNVBAMTDTY0ZWUwZjA0LTc1ZTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCrmoCpnSx42wGh0BDwJKrBu37H6K2i9tfOZbGwcwsw3iLdmK+7Y7Q7qg9w
W0FvBGo6MPnZncOT/waGLdlxC3AffkMayWcqMu+/nszwJWNcWnhLvnW8DTzU8dZz
21WPb08auulzEMoPbBNH+GgbhSf4uiBEUZEryOrzI93olrhovC7neC8rUXxWrpWL
AmInYWUp0Qyuaj+hN4jMA2os/f+AmOnbfmivEJ/1m6YOBbgFDNvtvR7EKx12nH5o
pFRVyQNvs1hvOvC7W1CtmiONIe8PVEnnv2lCKEqZri1tJLpd1AMH0m02eIWkGC6g
R559eQAMSGGPtTFSAhxk41lqtRZVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUtIaz
+f4bu5sLQISA3rvKaZ563qgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0YxQzNDRkFBNDY4MDExRUVBRkNFNjg4OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaED0wDQYJKoZIhvcNAQEL
BQADggEBAKXd9mRUk/nARQjmzaBMYLlk3ZyRbfEDDCgjLPvXx7yHA5nCsQXJfB7C
YWWA/AjNIr6J3mUAsqwxalkVYbhk94v4FJpRM1CqkrA/rRWc8eSJCOj6xvtBMS0y
DWDw47Ivwcx8UtV/whswlzCBtdb7CfTZ90JvIYIGVLwfVUeus0PMzaY2L1s8meJQ
vauLrr5En0oCvOEEti6yblNjbDMWLIx4x+rPFlMFNyT7UA3KSSYyc40nxUEqIJIu
wnXL15qvaqw32WqfhiTE0sZuZT2ZLS/WbrzGbt/yxHeb4YBByBDr4b9oiMDMpzq0
swV8mI+CZLYEq2/qSw5MWaOflHUAJ3Q=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:04 2024 by rpki-client on console-ams.rpki-client.org