Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F308E820B43411ED9A8A7791F1222468.roa
File:                     F308E820B43411ED9A8A7791F1222468.roa (raw, json)
Hash identifier:          fzyihBiZyv40Flhe/u/Sov7vIGN4LGk21UiEdFoRbLo=
Subject key identifier:   AB:1D:39:9A:66:1D:9F:14:2F:D7:9F:04:0D:2D:47:D2:6A:C5:CE:40
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0BD3
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F308E820B43411ED9A8A7791F1222468.roa
Signing time:             Fri 24 Feb 2023 11:18:23 +0000
ROA not before:           Fri 24 Feb 2023 11:18:18 +0000
ROA not after:            Sat 22 Feb 2025 11:18:18 +0000
asID:                     61317
IP address blocks:        154.16.126.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3027 (0xbd3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 24 11:18:18 2023 GMT
            Not After : Feb 22 11:18:18 2025 GMT
        Subject: CN=63f89cff-01a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:0d:a4:f2:fa:fa:6f:ab:8c:10:88:4b:8b:3b:
                    0c:87:f0:fe:f8:8a:8b:96:41:a1:d9:c5:4d:f9:a4:
                    e3:5d:3d:f2:bf:dd:6d:4d:3b:54:4f:22:35:89:98:
                    9d:75:8b:70:60:19:ab:5a:5a:46:36:d6:fa:89:43:
                    ec:c3:a7:28:b9:3f:86:f7:49:b1:10:ff:e3:b2:e5:
                    2b:35:ec:c4:a8:5e:4b:57:3c:08:81:c7:59:fa:e6:
                    be:29:07:5d:e2:6a:d8:30:10:d1:e4:c9:23:57:70:
                    2e:d7:fd:c7:ca:06:dc:c1:78:48:60:ae:1e:26:20:
                    ab:98:e6:3b:76:cd:46:a4:9b:e4:4b:ad:51:0e:f8:
                    b9:f1:c3:fa:dc:6a:bd:ea:93:7b:50:91:10:a9:e0:
                    ca:46:fe:b5:ae:0f:e5:b0:81:b2:d6:99:82:ee:14:
                    61:b2:76:64:68:1c:86:c0:80:86:15:55:47:c4:75:
                    b9:86:bc:ad:44:64:5c:1a:83:a3:f7:6e:8c:1e:0b:
                    12:4f:ed:64:67:70:c7:88:4a:f8:f3:7f:4c:a5:c8:
                    1e:2e:7b:00:9c:00:31:5c:11:a9:43:9c:57:3c:a7:
                    52:b4:36:53:81:f8:4e:08:48:5a:0a:e1:23:de:d5:
                    07:4f:c1:f0:35:52:45:ec:5e:39:bf:e0:7b:91:51:
                    8e:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:1D:39:9A:66:1D:9F:14:2F:D7:9F:04:0D:2D:47:D2:6A:C5:CE:40
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F308E820B43411ED9A8A7791F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c8:92:fe:8d:0c:e5:2c:69:13:e6:75:c6:ca:b9:28:03:87:b3:
         33:c7:07:65:38:38:71:f7:45:4a:7f:38:91:a4:b2:91:94:ba:
         d4:2f:c2:d4:cb:36:6c:c3:24:b9:fc:44:bf:f1:54:0c:8a:06:
         06:82:9c:0c:4b:3d:22:d7:f3:c2:3e:ca:5d:e3:4f:c6:46:6e:
         5b:b4:47:4e:a7:97:c5:71:f0:88:f2:8f:e2:13:27:73:c4:a9:
         a9:fa:e5:34:43:c9:7b:11:96:bb:d7:2d:7b:31:90:61:5f:9d:
         71:88:9b:e5:62:ff:65:cf:c4:03:33:f7:22:46:a3:34:0f:07:
         e7:b2:62:8f:d9:20:8b:0d:00:24:62:50:11:2e:bc:58:6d:f2:
         f9:f0:b4:85:84:c1:66:1a:b5:18:7e:8f:c5:86:69:94:9d:bf:
         17:7d:db:a5:bb:a9:3f:8f:cd:af:77:c6:cf:3b:83:ca:37:6f:
         4c:fd:33:e3:05:6d:65:71:04:5f:5e:59:7f:8d:b7:e0:e9:e5:
         9e:85:50:e5:a9:80:ac:bb:42:e5:00:85:65:66:ed:e3:e8:60:
         6b:a3:b6:83:1c:98:30:2c:7b:eb:a7:ae:1f:21:8e:ec:36:19:
         e6:a3:35:40:8d:32:70:d1:3b:87:67:d0:8f:e5:75:38:dc:74:
         33:2f:33:c6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC9MwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjQxMTE4MThaFw0yNTAyMjIxMTE4MThaMBgxFjAU
BgNVBAMMDTYzZjg5Y2ZmLTAxYTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6DaTy+vpvq4wQiEuLOwyH8P74iouWQaHZxU35pONdPfK/3W1NO1RPIjWJ
mJ11i3BgGataWkY21vqJQ+zDpyi5P4b3SbEQ/+Oy5Ss17MSoXktXPAiBx1n65r4p
B13iatgwENHkySNXcC7X/cfKBtzBeEhgrh4mIKuY5jt2zUakm+RLrVEO+Lnxw/rc
ar3qk3tQkRCp4MpG/rWuD+WwgbLWmYLuFGGydmRoHIbAgIYVVUfEdbmGvK1EZFwa
g6P3boweCxJP7WRncMeISvjzf0ylyB4uewCcADFcEalDnFc8p1K0NlOB+E4ISFoK
4SPe1QdPwfA1UkXsXjm/4HuRUY7LAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUqx05
mmYdnxQv158EDS1H0mrFzkAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0YzMDhFODIwQjQzNDExRUQ5QThBNzc5MUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEH4wDQYJKoZIhvcNAQEL
BQADggEBAMiS/o0M5SxpE+Z1xsq5KAOHszPHB2U4OHH3RUp/OJGkspGUutQvwtTL
NmzDJLn8RL/xVAyKBgaCnAxLPSLX88I+yl3jT8ZGblu0R06nl8Vx8Ijyj+ITJ3PE
qan65TRDyXsRlrvXLXsxkGFfnXGIm+Vi/2XPxAMz9yJGozQPB+eyYo/ZIIsNACRi
UBEuvFht8vnwtIWEwWYatRh+j8WGaZSdvxd926W7qT+Pza93xs87g8o3b0z9M+MF
bWVxBF9eWX+Nt+Dp5Z6FUOWpgKy7QuUAhWVm7ePoYGujtoMcmDAse+unrh8hjuw2
GeajNUCNMnDRO4dn0I/ldTjcdDMvM8Y=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:17:41 2024 by rpki-client on console-ams.rpki-client.org