Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F51745C6F7FE11EEAC452123017001B1.roa
File:                     F51745C6F7FE11EEAC452123017001B1.roa (raw, json)
Hash identifier:          BHRBGyPdJBZ9Sd4UXLWuEkT/uCZ+ia5X5+FktJ+oxag=
Subject key identifier:   2F:CF:DC:E5:9E:0E:71:BA:17:1B:8D:AB:E5:63:B7:EE:0A:4E:B1:1E
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       15A1
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F51745C6F7FE11EEAC452123017001B1.roa
Signing time:             Thu 11 Apr 2024 12:28:10 +0000
ROA not before:           Thu 11 Apr 2024 12:28:07 +0000
ROA not after:            Sat 11 Apr 2026 12:28:07 +0000
asID:                     53356
IP address blocks:        154.16.0.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5537 (0x15a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Apr 11 12:28:07 2024 GMT
            Not After : Apr 11 12:28:07 2026 GMT
        Subject: CN=6617d75a-0acd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:cf:9f:90:6d:dc:61:b4:65:2a:bc:c1:66:f1:
                    76:cd:0f:80:f5:91:51:73:c7:b8:ad:e2:99:c6:bf:
                    0d:d5:3d:c1:cd:a1:53:04:8f:f0:21:ea:b4:30:a7:
                    96:67:a9:41:8a:fd:9b:16:45:a0:26:ee:b1:35:49:
                    a3:94:ef:d2:4e:6a:2e:be:84:b7:99:f7:08:b0:a3:
                    4e:7f:a6:35:1d:7a:50:2d:74:b1:bb:c0:80:d1:04:
                    be:60:5e:37:af:cd:43:88:74:99:84:f1:f5:ad:00:
                    21:ba:eb:63:f1:da:6b:24:15:5e:b9:ae:43:81:87:
                    37:c3:6b:cf:9b:66:06:2d:18:84:2d:4f:a2:92:d9:
                    d6:e3:ea:2c:58:c6:d7:55:c4:1c:30:6f:46:6a:44:
                    dc:18:f0:30:60:f7:f2:fa:fb:b6:74:3e:3d:4d:ec:
                    70:7b:a0:d5:c5:e7:44:94:a2:ec:09:b7:53:a5:14:
                    5e:f9:39:00:14:8c:f1:a1:ef:47:d0:19:da:fe:a4:
                    5c:97:ba:b8:df:32:1c:d4:bd:8f:e2:84:d7:3e:e5:
                    73:87:01:bf:7e:46:bf:21:40:94:f5:a6:e6:d1:2a:
                    36:20:ab:66:02:64:7f:0c:38:05:23:a9:34:45:58:
                    48:b1:fc:0e:39:93:52:7d:06:02:18:8f:68:67:9e:
                    69:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:CF:DC:E5:9E:0E:71:BA:17:1B:8D:AB:E5:63:B7:EE:0A:4E:B1:1E
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F51745C6F7FE11EEAC452123017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:27:0a:3e:18:2d:ff:4b:a9:d6:5b:dd:c5:a7:33:af:8f:34:
         77:d9:38:33:d4:80:0b:23:33:e7:7d:14:d4:fa:c7:f5:e3:e5:
         e5:96:94:6b:6c:b6:6e:d3:ad:f5:2d:19:fe:97:f1:74:0a:75:
         2a:63:0e:96:fd:da:0e:91:4c:e7:93:73:17:65:d6:be:d9:61:
         b1:27:27:08:82:ec:c1:29:8d:0c:5b:9c:e4:d6:9f:70:29:b9:
         30:d4:4b:fd:5b:e8:fa:e8:11:00:51:21:d5:d5:7c:71:78:34:
         03:74:2c:3a:ca:a5:4f:b6:60:f4:7f:86:0c:79:bf:a0:e3:2a:
         f9:89:e8:37:5f:bf:40:9f:81:b8:f8:41:ba:e8:9c:2f:be:50:
         64:f4:57:90:d3:d5:6e:19:97:ae:6a:36:7e:69:9e:60:2d:5e:
         f0:b8:e1:27:cf:d7:3e:dd:e8:dc:a4:10:5c:fc:18:e0:38:bf:
         68:5e:96:f1:a2:b9:f4:bc:d8:33:25:ea:b4:10:9c:b8:fa:16:
         4b:f7:1e:17:35:43:49:46:6c:60:ed:4f:d4:51:4f:21:2e:41:
         37:7c:d9:09:01:62:b0:87:4d:b8:0e:07:9d:49:a2:ac:36:6b:
         8e:93:17:fc:b5:51:f1:15:5c:07:21:31:37:7e:0b:e9:3f:d4:
         b9:2c:71:35
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFaEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA0MTExMjI4MDdaFw0yNjA0MTExMjI4MDdaMBgxFjAU
BgNVBAMTDTY2MTdkNzVhLTBhY2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCrz5+QbdxhtGUqvMFm8XbND4D1kVFzx7it4pnGvw3VPcHNoVMEj/Ah6rQw
p5ZnqUGK/ZsWRaAm7rE1SaOU79JOai6+hLeZ9wiwo05/pjUdelAtdLG7wIDRBL5g
XjevzUOIdJmE8fWtACG662Px2mskFV65rkOBhzfDa8+bZgYtGIQtT6KS2dbj6ixY
xtdVxBwwb0ZqRNwY8DBg9/L6+7Z0Pj1N7HB7oNXF50SUouwJt1OlFF75OQAUjPGh
70fQGdr+pFyXurjfMhzUvY/ihNc+5XOHAb9+Rr8hQJT1pubRKjYgq2YCZH8MOAUj
qTRFWEix/A45k1J9BgIYj2hnnmnLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUL8/c
5Z4OcboXG42r5WO37gpOsR4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Y1MTc0NUM2RjdGRTExRUVBQzQ1MjEyMzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAAwDQYJKoZIhvcNAQEL
BQADggEBADknCj4YLf9LqdZb3cWnM6+PNHfZODPUgAsjM+d9FNT6x/Xj5eWWlGts
tm7TrfUtGf6X8XQKdSpjDpb92g6RTOeTcxdl1r7ZYbEnJwiC7MEpjQxbnOTWn3Ap
uTDUS/1b6ProEQBRIdXVfHF4NAN0LDrKpU+2YPR/hgx5v6DjKvmJ6Ddfv0Cfgbj4
QbronC++UGT0V5DT1W4Zl65qNn5pnmAtXvC44SfP1z7d6NykEFz8GOA4v2helvGi
ufS82DMl6rQQnLj6Fkv3Hhc1Q0lGbGDtT9RRTyEuQTd82QkBYrCHTbgOB51Joqw2
a46TF/y1UfEVXAchMTd+C+k/1LkscTU=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:45 2024 by rpki-client on console-fra.rpki-client.org