Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F7721A208B8511EEA10DC0194AD9E6FC.roa
File:                     F7721A208B8511EEA10DC0194AD9E6FC.roa (raw, json)
Hash identifier:          aZbip0POAu1Bitpm1wMC0+6EHp++h20ngwpcKJCzv8s=
Subject key identifier:   39:21:87:BB:29:71:3C:12:09:63:CE:02:78:C7:CB:08:A6:2D:02:34
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1367
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F7721A208B8511EEA10DC0194AD9E6FC.roa
Signing time:             Sat 25 Nov 2023 11:29:59 +0000
ROA not before:           Sat 25 Nov 2023 11:29:56 +0000
ROA not after:            Tue 25 Nov 2025 11:29:56 +0000
asID:                     212238
IP address blocks:        154.16.47.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4967 (0x1367)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 25 11:29:56 2023 GMT
            Not After : Nov 25 11:29:56 2025 GMT
        Subject: CN=6561dab7-c1ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d6:d8:4a:33:8a:a2:8a:5f:f2:7c:14:92:a6:
                    23:0a:77:66:2e:53:13:e8:ef:af:a9:42:81:00:7f:
                    0d:53:7f:b8:81:33:51:fe:8b:9f:66:f2:d9:66:f4:
                    f3:fe:15:e5:40:3a:08:3e:29:8b:79:e6:a6:c6:0f:
                    3a:1a:e8:a6:68:e6:6c:d4:9a:dd:3b:3a:90:d7:ad:
                    97:27:1f:97:45:dc:95:7c:cb:ff:e2:7d:e4:05:bd:
                    be:e7:b0:45:4b:11:03:68:5b:ce:c9:47:a5:fe:ab:
                    12:66:88:2d:24:2d:fe:05:d4:60:50:20:3f:12:1c:
                    ec:ba:a2:90:b2:6d:2d:d1:34:a7:94:38:98:0e:39:
                    04:ba:46:54:0c:88:61:80:db:da:57:82:f1:25:51:
                    6d:41:e6:12:0e:65:0c:e8:53:96:0c:96:b2:ed:03:
                    0c:03:14:cf:67:23:9c:cc:cb:24:48:9d:b8:38:82:
                    b4:4e:ff:b5:8f:10:1f:15:d4:c0:72:ac:02:1a:44:
                    93:e9:6e:00:55:47:0c:0f:d6:bc:d0:b5:0c:21:1d:
                    1f:9d:85:47:70:7e:b8:41:99:5d:ba:f3:d9:4c:2d:
                    35:f1:fc:77:53:c8:ae:33:a3:f7:9a:e1:0e:b6:fc:
                    ea:83:c7:20:c4:09:a4:15:d8:f1:8d:35:da:13:87:
                    19:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:21:87:BB:29:71:3C:12:09:63:CE:02:78:C7:CB:08:A6:2D:02:34
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F7721A208B8511EEA10DC0194AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:0d:94:d6:d9:20:fd:eb:6f:04:cf:c0:53:9d:94:e7:43:5a:
         40:97:15:79:fb:03:3d:fb:e8:66:b8:a2:72:21:01:29:c5:99:
         2d:25:10:2e:53:58:33:2b:0d:08:c8:3a:d6:fc:67:02:9f:f8:
         ac:a2:7c:54:f9:bb:08:5c:63:b6:74:78:c8:fe:45:2f:f4:ad:
         43:f0:86:c0:74:d3:9c:04:77:d1:3b:fa:b5:77:87:5a:70:fd:
         4c:ca:04:af:2a:ef:a4:af:15:41:3f:03:db:6b:12:e5:1c:f0:
         3f:be:03:08:b6:b9:e2:2f:7a:eb:76:b9:cb:5f:b6:ab:c6:2a:
         99:57:dd:55:95:4f:c4:6a:44:e9:73:81:78:b7:1e:c3:9e:16:
         1a:86:94:23:36:a0:7e:b3:93:75:42:df:b7:a9:74:d3:d7:95:
         f7:fe:a0:97:89:3b:d3:3b:21:56:59:f6:72:d9:ea:7d:25:d0:
         3f:89:9a:f0:0d:0b:dd:37:e8:86:9b:84:82:fd:7d:aa:b4:12:
         0b:4e:73:96:bc:2e:f1:6c:4d:88:5a:6c:79:5a:a7:48:b3:ff:
         df:6b:cf:6c:94:42:d7:9c:08:6b:cd:14:f5:d5:96:cd:85:dc:
         fb:08:1c:15:b0:88:74:23:49:45:58:10:59:30:92:f5:e8:c0:
         32:64:8a:92
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE2cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTI5NTZaFw0yNTExMjUxMTI5NTZaMBgxFjAU
BgNVBAMTDTY1NjFkYWI3LWMxZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDH1thKM4qiil/yfBSSpiMKd2YuUxPo76+pQoEAfw1Tf7iBM1H+i59m8tlm
9PP+FeVAOgg+KYt55qbGDzoa6KZo5mzUmt07OpDXrZcnH5dF3JV8y//ifeQFvb7n
sEVLEQNoW87JR6X+qxJmiC0kLf4F1GBQID8SHOy6opCybS3RNKeUOJgOOQS6RlQM
iGGA29pXgvElUW1B5hIOZQzoU5YMlrLtAwwDFM9nI5zMyyRInbg4grRO/7WPEB8V
1MByrAIaRJPpbgBVRwwP1rzQtQwhHR+dhUdwfrhBmV2689lMLTXx/HdTyK4zo/ea
4Q62/OqDxyDECaQV2PGNNdoThxmvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUOSGH
uylxPBIJY84CeMfLCKYtAjQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Y3NzIxQTIwOEI4NTExRUVBMTBEQzAxOTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEC8wDQYJKoZIhvcNAQEL
BQADggEBAAMNlNbZIP3rbwTPwFOdlOdDWkCXFXn7Az376Ga4onIhASnFmS0lEC5T
WDMrDQjIOtb8ZwKf+KyifFT5uwhcY7Z0eMj+RS/0rUPwhsB005wEd9E7+rV3h1pw
/UzKBK8q76SvFUE/A9trEuUc8D++Awi2ueIveut2uctftqvGKplX3VWVT8RqROlz
gXi3HsOeFhqGlCM2oH6zk3VC37epdNPXlff+oJeJO9M7IVZZ9nLZ6n0l0D+JmvAN
C9036IabhIL9faq0EgtOc5a8LvFsTYhabHlap0iz/99rz2yUQtecCGvNFPXVls2F
3PsIHBWwiHQjSUVYEFkwkvXowDJkipI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:57 2024 by rpki-client on console-fra.rpki-client.org