Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FB7745CCB8FA11EDBBE58D7EF1222468.roa
File:                     FB7745CCB8FA11EDBBE58D7EF1222468.roa (raw, json)
Hash identifier:          BQq74M33+AEkPAu0v0rZHjZmDCLecL4ngEe3U7IBdsk=
Subject key identifier:   F2:CF:05:13:80:C5:E9:0F:D9:3D:BE:73:64:25:9D:69:49:42:69:A5
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0CD3
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FB7745CCB8FA11EDBBE58D7EF1222468.roa
Signing time:             Thu 02 Mar 2023 13:06:02 +0000
ROA not before:           Thu 02 Mar 2023 13:05:58 +0000
ROA not after:            Sat 01 Mar 2025 13:05:58 +0000
asID:                     61317
IP address blocks:        154.127.49.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3283 (0xcd3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar  2 13:05:58 2023 GMT
            Not After : Mar  1 13:05:58 2025 GMT
        Subject: CN=64009f3a-c93d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:cc:d7:00:24:ef:cb:68:a8:8b:ff:93:11:ae:
                    70:67:e5:b3:40:c5:13:ed:95:96:04:36:05:e8:36:
                    03:34:d9:d3:d2:20:02:c0:76:fe:09:fe:90:ee:fe:
                    cb:7e:52:27:5a:bf:da:e9:8e:2c:3f:4b:90:f1:26:
                    da:a3:7d:a2:a5:a3:f9:0a:a8:f1:ea:85:74:65:54:
                    1f:fd:d5:33:5d:1a:b6:ec:7f:ce:8e:80:16:77:96:
                    ed:7d:63:9b:1a:87:0c:ad:23:2f:49:e1:89:e6:81:
                    74:67:31:8a:49:7f:e4:5e:54:a9:3e:63:50:77:91:
                    58:c2:fd:c2:31:c7:5a:b2:e8:0d:07:75:42:a6:eb:
                    da:c1:2d:52:43:97:e5:18:bc:0d:54:e8:61:4a:14:
                    ef:96:26:f5:bc:01:ca:8c:f7:94:a5:9b:80:0f:5b:
                    51:d6:cd:86:3c:ff:35:44:97:3a:bd:f3:88:72:61:
                    98:b3:51:3b:d2:f0:c1:de:62:90:82:a3:90:9c:eb:
                    b1:ab:a5:09:b4:d9:65:4b:36:1e:85:ac:2b:9e:4f:
                    44:96:08:3d:20:af:3c:f9:78:16:ef:85:50:99:c7:
                    5b:66:0c:52:cd:89:8e:22:18:02:ad:f4:46:8a:db:
                    d2:b9:32:2b:90:3f:bb:4a:cd:a3:3e:b1:61:46:3e:
                    d6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:CF:05:13:80:C5:E9:0F:D9:3D:BE:73:64:25:9D:69:49:42:69:A5
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FB7745CCB8FA11EDBBE58D7EF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.127.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:3f:f4:99:cb:d0:85:7e:a0:8b:f2:90:56:f1:3e:8e:e8:70:
         2c:79:0c:76:cc:dd:a8:1c:92:2c:dd:ca:31:6e:af:cf:e0:0a:
         8e:64:52:d2:fc:14:c4:83:b9:4d:80:7d:87:67:66:f2:08:07:
         c3:12:49:c8:e0:1b:cb:30:bb:df:db:7f:52:51:63:34:dd:35:
         3e:f6:4d:0d:15:9f:3b:0a:29:21:17:f3:e5:a6:da:74:3b:1b:
         53:55:f7:b8:98:bb:60:d8:c7:60:39:de:06:e8:a8:1a:e0:4d:
         28:d0:ea:62:9d:ee:c5:30:4f:f7:a9:79:04:4c:7c:8f:62:33:
         63:60:18:40:de:f2:92:3c:67:fa:7b:ae:53:19:34:1d:00:b4:
         83:e2:c3:c0:12:ff:ef:87:98:9f:ff:8d:61:2b:4e:44:81:2c:
         6c:67:2f:d1:ad:a6:ca:3a:c8:0b:d0:2d:9d:1f:8a:a3:e6:ee:
         cf:1d:79:78:86:66:2b:48:10:69:a6:3c:33:f0:03:0c:a0:15:
         c0:95:74:6f:9f:02:69:54:0d:e0:4e:d7:79:49:2b:6c:b7:a7:
         d0:e4:06:65:28:2c:88:85:02:43:62:ac:cf:dc:27:05:8a:db:
         a3:50:48:85:f8:1e:81:6f:9e:d7:81:0f:c5:f0:a1:88:4c:af:
         3d:55:92:ae
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDNMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAzMDIxMzA1NThaFw0yNTAzMDExMzA1NThaMBgxFjAU
BgNVBAMMDTY0MDA5ZjNhLWM5M2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCdzNcAJO/LaKiL/5MRrnBn5bNAxRPtlZYENgXoNgM02dPSIALAdv4J/pDu
/st+Uidav9rpjiw/S5DxJtqjfaKlo/kKqPHqhXRlVB/91TNdGrbsf86OgBZ3lu19
Y5sahwytIy9J4YnmgXRnMYpJf+ReVKk+Y1B3kVjC/cIxx1qy6A0HdUKm69rBLVJD
l+UYvA1U6GFKFO+WJvW8AcqM95Slm4APW1HWzYY8/zVElzq984hyYZizUTvS8MHe
YpCCo5Cc67GrpQm02WVLNh6FrCueT0SWCD0grzz5eBbvhVCZx1tmDFLNiY4iGAKt
9EaK29K5MiuQP7tKzaM+sWFGPtYxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8s8F
E4DF6Q/ZPb5zZCWdaUlCaaUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0ZCNzc0NUNDQjhGQTExRURCQkU1OEQ3RUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACafzEwDQYJKoZIhvcNAQEL
BQADggEBAGc/9JnL0IV+oIvykFbxPo7ocCx5DHbM3agckizdyjFur8/gCo5kUtL8
FMSDuU2AfYdnZvIIB8MSScjgG8swu9/bf1JRYzTdNT72TQ0VnzsKKSEX8+Wm2nQ7
G1NV97iYu2DYx2A53gboqBrgTSjQ6mKd7sUwT/epeQRMfI9iM2NgGEDe8pI8Z/p7
rlMZNB0AtIPiw8AS/++HmJ//jWErTkSBLGxnL9Gtpso6yAvQLZ0fiqPm7s8deXiG
ZitIEGmmPDPwAwygFcCVdG+fAmlUDeBO13lJK2y3p9DkBmUoLIiFAkNirM/cJwWK
26NQSIX4HoFvnteBD8XwoYhMrz1Vkq4=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:52:05 2024 by rpki-client on console-fra.rpki-client.org