Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F7249D86B43511EDA8538C94F1222468.roa
File:                     F7249D86B43511EDA8538C94F1222468.roa (raw, json)
Hash identifier:          /g4rGiYOWgkz1SK4wI5r1gVbKn8SAVC3oXZe5W7z5R8=
Subject key identifier:   32:ED:5D:46:81:D1:05:1F:14:02:9E:91:FB:26:94:32:0F:08:99:36
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0BD5
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F7249D86B43511EDA8538C94F1222468.roa
Signing time:             Fri 24 Feb 2023 11:25:39 +0000
ROA not before:           Fri 24 Feb 2023 11:25:35 +0000
ROA not after:            Sat 22 Feb 2025 11:25:35 +0000
asID:                     61317
IP address blocks:        154.16.134.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3029 (0xbd5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 24 11:25:35 2023 GMT
            Not After : Feb 22 11:25:35 2025 GMT
        Subject: CN=63f89eb3-2d44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:67:de:69:a2:24:05:de:52:96:90:70:05:48:
                    43:34:e7:d3:f2:fa:40:c7:9b:94:8a:fb:0f:60:cf:
                    78:94:d3:97:45:b4:22:63:c5:ba:43:42:c4:cb:12:
                    ea:5e:f9:47:06:60:14:71:58:6b:57:61:f5:24:a9:
                    74:7a:2e:1d:43:21:8d:76:d8:7b:58:f8:6c:60:e2:
                    a7:d3:5b:be:f4:dc:f2:78:5b:cc:41:43:0c:da:e5:
                    34:65:69:e4:e3:44:0e:22:72:78:cb:07:eb:19:24:
                    49:e9:87:12:49:83:86:0b:f6:7c:be:12:94:ca:b9:
                    9e:c8:35:c1:96:54:8a:9c:ef:b3:7d:a7:5d:00:d5:
                    2f:e5:c9:e4:af:56:00:33:38:6f:35:e8:7d:4c:5a:
                    85:c8:8a:e4:b4:15:df:30:fd:33:56:b1:6f:81:1c:
                    f3:8a:f0:a9:a0:2b:9e:3e:00:b1:1e:32:05:f4:93:
                    7f:a8:8f:af:b8:8b:3b:7b:8e:76:05:ef:d9:94:e7:
                    2a:09:02:7b:e2:5d:1a:8a:67:e7:95:f0:51:18:f7:
                    b5:d2:db:58:05:9c:b5:97:d2:a9:7d:a4:cf:50:1e:
                    fd:c6:94:3a:64:2d:44:47:45:2f:be:75:6b:6b:0d:
                    cc:13:51:58:e2:e3:6e:44:08:cc:98:11:eb:8b:f5:
                    c3:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:ED:5D:46:81:D1:05:1F:14:02:9E:91:FB:26:94:32:0F:08:99:36
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F7249D86B43511EDA8538C94F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.134.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2f:8d:0b:f0:7f:36:c0:73:6e:30:63:3d:c4:73:9a:01:d9:ee:
         6d:42:02:3b:69:9a:4d:11:40:25:fe:ca:bf:af:92:4b:a9:2c:
         dd:09:be:b6:a9:7d:62:95:aa:24:4e:88:3d:90:90:14:df:93:
         9b:f9:d3:2c:a0:f0:dc:aa:24:c0:13:9b:d6:8a:39:97:39:aa:
         17:e9:74:81:23:09:f9:90:97:6c:7b:e9:38:55:21:34:04:bc:
         cb:c1:be:f6:dc:11:c3:21:ff:0f:4d:5d:1c:1f:71:f9:cf:56:
         bc:54:c8:d7:dd:41:df:93:03:46:80:13:cc:b1:53:3c:60:6b:
         2d:be:90:8c:65:ab:a8:b6:93:80:e8:4d:16:67:b3:a5:41:49:
         a5:41:aa:e9:b9:cd:3c:fc:99:8d:8e:7f:0d:6a:97:99:63:aa:
         b6:f8:f9:69:07:9e:ba:b7:2a:dc:0e:9d:c9:56:62:43:38:d3:
         b2:b3:77:58:ba:0f:85:e9:9b:b6:a7:ea:9f:af:d1:5d:71:c3:
         45:2d:96:6c:66:de:0b:b1:2f:d4:35:7b:bb:75:35:58:c2:09:
         2b:c2:76:e5:f3:62:a1:14:38:71:dc:4e:ff:46:78:6a:9d:29:
         77:b7:6b:7f:25:6e:01:5c:89:64:05:1b:56:86:38:39:f5:08:
         8a:be:1e:6b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC9UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjQxMTI1MzVaFw0yNTAyMjIxMTI1MzVaMBgxFjAU
BgNVBAMMDTYzZjg5ZWIzLTJkNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDOZ95poiQF3lKWkHAFSEM059Py+kDHm5SK+w9gz3iU05dFtCJjxbpDQsTL
Eupe+UcGYBRxWGtXYfUkqXR6Lh1DIY122HtY+Gxg4qfTW7703PJ4W8xBQwza5TRl
aeTjRA4icnjLB+sZJEnphxJJg4YL9ny+EpTKuZ7INcGWVIqc77N9p10A1S/lyeSv
VgAzOG816H1MWoXIiuS0Fd8w/TNWsW+BHPOK8KmgK54+ALEeMgX0k3+oj6+4izt7
jnYF79mU5yoJAnviXRqKZ+eV8FEY97XS21gFnLWX0ql9pM9QHv3GlDpkLURHRS++
dWtrDcwTUVji425ECMyYEeuL9cO7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUMu1d
RoHRBR8UAp6R+yaUMg8ImTYwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Y3MjQ5RDg2QjQzNTExRURBODUzOEM5NEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEIYwDQYJKoZIhvcNAQEL
BQADggEBAC+NC/B/NsBzbjBjPcRzmgHZ7m1CAjtpmk0RQCX+yr+vkkupLN0Jvrap
fWKVqiROiD2QkBTfk5v50yyg8NyqJMATm9aKOZc5qhfpdIEjCfmQl2x76ThVITQE
vMvBvvbcEcMh/w9NXRwfcfnPVrxUyNfdQd+TA0aAE8yxUzxgay2+kIxlq6i2k4Do
TRZns6VBSaVBqum5zTz8mY2Ofw1ql5ljqrb4+WkHnrq3KtwOnclWYkM407Kzd1i6
D4Xpm7an6p+v0V1xw0Utlmxm3guxL9Q1e7t1NVjCCSvCduXzYqEUOHHcTv9GeGqd
KXe3a38lbgFciWQFG1aGODn1CIq+Hms=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:32:55 2024 by rpki-client on console-fra.rpki-client.org