Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FB6EFE36B69211EDBD52FFB9F1222468.roa
File:                     FB6EFE36B69211EDBD52FFB9F1222468.roa (raw, json)
Hash identifier:          qbxLj4ugCNUO4MmtT34gyAr7l6ThjkEzy6mpT1CYMbU=
Subject key identifier:   A6:5F:61:52:59:E3:D3:91:46:43:3C:30:3C:73:27:95:20:A8:94:DF
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0C54
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FB6EFE36B69211EDBD52FFB9F1222468.roa
Signing time:             Mon 27 Feb 2023 11:36:32 +0000
ROA not before:           Mon 27 Feb 2023 11:36:28 +0000
ROA not after:            Thu 27 Feb 2025 11:36:28 +0000
asID:                     61317
IP address blocks:        154.16.95.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3156 (0xc54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 27 11:36:28 2023 GMT
            Not After : Feb 27 11:36:28 2025 GMT
        Subject: CN=63fc95c0-b1d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:a1:9a:cf:ae:0c:10:a3:b0:9a:f6:88:89:8c:
                    cb:92:63:82:69:75:cb:ac:13:cb:df:8f:92:55:d5:
                    80:ae:db:25:f1:36:68:ef:1a:f7:fc:e0:19:a9:49:
                    ee:2a:e5:41:e8:a8:4e:fa:e8:58:bd:13:51:b7:95:
                    1d:94:36:d8:9e:7b:b2:51:b8:73:85:01:49:3f:44:
                    b5:ec:5a:e3:1e:94:2d:f3:da:ae:26:8f:ed:28:46:
                    a2:e1:b3:9a:8b:ea:d0:2e:76:cd:84:5d:af:a4:e7:
                    70:71:16:7a:2f:5f:ed:99:18:3d:8f:4d:b7:58:78:
                    53:ea:df:f3:63:35:f2:2e:59:a1:07:76:5a:ad:5f:
                    6b:06:d0:3d:a9:19:f9:4a:85:23:18:e2:ed:22:82:
                    02:95:a3:7f:61:4e:be:cb:90:2f:f1:c4:8b:0d:14:
                    a9:54:e1:8a:04:15:20:35:17:81:c7:a8:d9:51:2a:
                    e8:5e:8b:bf:ad:f9:ae:b3:00:d8:87:1d:72:11:c4:
                    6e:48:d0:d5:0d:ac:4a:db:e7:0b:4d:47:2a:77:ee:
                    f3:14:31:51:f5:5b:58:8e:fc:ae:0a:9f:f4:a9:e3:
                    09:84:e3:f3:3b:6f:b5:56:9d:78:db:44:61:73:46:
                    0a:42:3b:38:8b:b7:12:41:d7:d5:a1:f3:63:19:b8:
                    ab:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:5F:61:52:59:E3:D3:91:46:43:3C:30:3C:73:27:95:20:A8:94:DF
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FB6EFE36B69211EDBD52FFB9F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:c7:64:13:94:ac:23:5b:6b:32:c7:ed:42:c7:f1:bd:e2:33:
         3c:71:2e:11:8a:08:f5:89:cc:60:53:c0:86:25:93:3e:95:cb:
         a2:b1:30:48:26:f3:7b:48:2f:96:47:52:0b:6c:e4:8f:ee:b9:
         4b:54:14:d8:3a:d3:a0:03:4d:65:1e:7d:12:ac:c2:fd:57:59:
         01:b1:e9:31:50:d2:b1:c5:1f:f7:23:a6:71:87:86:5d:ed:48:
         07:9f:19:92:dc:42:f7:68:ed:e6:1b:4c:41:46:08:d0:ba:81:
         17:9d:62:3b:89:0c:cd:ac:c9:3f:52:f0:24:b8:9c:b0:05:5b:
         63:4b:90:91:c9:bb:df:ed:9e:b3:24:04:51:0d:22:e9:74:4b:
         33:13:59:7b:00:5c:18:28:9a:d4:f3:52:69:91:4d:1b:33:43:
         27:7b:d9:26:5d:b1:60:9e:46:e4:7f:30:a5:48:19:1b:5f:4e:
         c4:a7:b6:43:ee:92:c1:1b:4a:c3:fb:11:c4:d0:16:d8:0c:de:
         04:50:fd:80:dc:f2:28:fa:ea:36:b1:21:d4:0c:ab:d4:e9:bf:
         6c:d3:db:7f:98:8d:d9:de:e7:34:0a:22:13:ec:a2:0a:74:20:
         39:5b:c2:1e:00:db:88:e5:09:1a:c7:37:38:dc:8f:90:3d:78:
         66:af:8a:70
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDFQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjcxMTM2MjhaFw0yNTAyMjcxMTM2MjhaMBgxFjAU
BgNVBAMMDTYzZmM5NWMwLWIxZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUoZrPrgwQo7Ca9oiJjMuSY4JpdcusE8vfj5JV1YCu2yXxNmjvGvf84Bmp
Se4q5UHoqE766Fi9E1G3lR2UNtiee7JRuHOFAUk/RLXsWuMelC3z2q4mj+0oRqLh
s5qL6tAuds2EXa+k53BxFnovX+2ZGD2PTbdYeFPq3/NjNfIuWaEHdlqtX2sG0D2p
GflKhSMY4u0iggKVo39hTr7LkC/xxIsNFKlU4YoEFSA1F4HHqNlRKuhei7+t+a6z
ANiHHXIRxG5I0NUNrErb5wtNRyp37vMUMVH1W1iO/K4Kn/Sp4wmE4/M7b7VWnXjb
RGFzRgpCOziLtxJB19Wh82MZuKtVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpl9h
Ulnj05FGQzwwPHMnlSColN8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0ZCNkVGRTM2QjY5MjExRURCRDUyRkZCOUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEF8wDQYJKoZIhvcNAQEL
BQADggEBADbHZBOUrCNbazLH7ULH8b3iMzxxLhGKCPWJzGBTwIYlkz6Vy6KxMEgm
83tIL5ZHUgts5I/uuUtUFNg606ADTWUefRKswv1XWQGx6TFQ0rHFH/cjpnGHhl3t
SAefGZLcQvdo7eYbTEFGCNC6gRedYjuJDM2syT9S8CS4nLAFW2NLkJHJu9/tnrMk
BFENIul0SzMTWXsAXBgomtTzUmmRTRszQyd72SZdsWCeRuR/MKVIGRtfTsSntkPu
ksEbSsP7EcTQFtgM3gRQ/YDc8ij66jaxIdQMq9Tpv2zT23+Yjdne5zQKIhPsogp0
IDlbwh4A24jlCRrHNzjcj5A9eGavinA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:57 2024 by rpki-client on console-fra.rpki-client.org