Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FB848928E86811EEB8B632A0775412E6.roa
File:                     FB848928E86811EEB8B632A0775412E6.roa (raw, json)
Hash identifier:          fZuH1sIn9knc5Ad1xdHg5g8IiNPYzkYukfYRnu6P6DA=
Subject key identifier:   1F:CA:4E:4B:6E:DD:50:B6:09:A5:8F:01:67:E7:9B:54:61:F4:13:31
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       156F
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FB848928E86811EEB8B632A0775412E6.roa
Signing time:             Fri 22 Mar 2024 16:26:49 +0000
ROA not before:           Fri 22 Mar 2024 16:26:45 +0000
ROA not after:            Sun 22 Mar 2026 16:26:45 +0000
asID:                     29802
IP address blocks:        154.16.202.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5487 (0x156f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar 22 16:26:45 2024 GMT
            Not After : Mar 22 16:26:45 2026 GMT
        Subject: CN=65fdb149-805d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c7:17:49:90:97:ba:1d:11:5a:68:76:9a:ff:
                    94:43:1a:58:22:c7:24:21:20:7d:63:55:bb:19:c3:
                    90:99:b5:1a:c1:02:72:26:e3:a6:85:fd:4a:db:79:
                    bc:d1:81:7e:6c:5f:c4:d2:28:66:61:12:ed:e0:f0:
                    2c:af:0f:a2:03:80:b0:51:6c:90:c4:64:da:df:ef:
                    ed:53:96:40:4d:75:e1:6d:7a:c7:0d:fc:4c:77:d3:
                    12:58:7e:a4:b6:1d:cd:24:13:d0:ae:2e:6d:da:75:
                    08:ce:55:fa:f3:b0:0a:3e:1d:e1:fe:7c:2d:4d:64:
                    50:70:fe:79:f8:02:0d:be:07:e2:08:28:f3:6f:d8:
                    95:4f:dd:8c:5c:c0:e3:0b:c7:31:5f:61:ea:b4:24:
                    b0:c8:9b:da:0d:ec:0b:49:ec:c3:92:46:59:69:da:
                    53:cd:d0:53:96:76:12:bd:0f:68:20:11:fa:a5:54:
                    d1:67:db:c1:fa:d5:fc:e3:95:86:53:af:fa:5e:6a:
                    95:4d:93:5f:33:e2:4c:f9:3f:f6:f6:3e:89:49:c7:
                    de:50:c8:01:63:a9:a1:4e:6f:47:b6:43:58:05:f7:
                    00:fe:a0:c3:37:73:89:b3:2d:76:f8:03:72:cb:e7:
                    bb:49:3a:ab:89:0a:64:0a:c9:06:72:9b:e6:e3:dc:
                    6a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:CA:4E:4B:6E:DD:50:B6:09:A5:8F:01:67:E7:9B:54:61:F4:13:31
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FB848928E86811EEB8B632A0775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:39:c2:f7:b5:9c:89:c2:30:a5:a8:13:ab:ad:4e:32:ed:df:
         d4:f3:83:a2:ea:74:ab:69:e5:b3:4b:28:72:ca:4e:91:f2:74:
         b0:5d:ac:02:87:c1:db:ae:14:76:51:02:16:9f:ee:97:09:fa:
         2f:0f:d8:34:5a:e7:a8:39:7a:11:3d:8d:87:70:ca:17:d1:5f:
         0f:2c:07:37:4d:80:fa:62:fa:69:40:cf:10:42:d7:d7:12:5d:
         7e:68:e0:d3:28:2d:30:df:13:df:2a:d9:3f:51:39:bc:d5:1d:
         a1:32:df:8f:37:b7:fc:5e:99:3e:6f:50:c7:21:3e:44:e5:80:
         61:88:b1:6c:6e:90:8e:da:94:5d:5f:99:e6:29:ef:30:42:07:
         11:5d:12:68:45:39:be:93:04:b2:c9:7a:4e:b8:de:fd:c4:b7:
         34:5a:4a:fc:82:af:0b:49:90:22:c8:00:c5:dd:64:6e:3b:c1:
         95:b5:61:72:93:a5:92:91:a6:73:19:77:d8:0a:e0:6c:98:f9:
         15:10:53:e2:2b:77:b8:17:3d:39:1d:c2:64:37:ed:a4:3e:86:
         07:f5:6d:7a:88:4b:3a:f8:e3:29:25:db:1d:70:73:d9:8e:3b:
         17:53:06:ab:66:e3:7a:95:b6:b5:95:81:f7:6c:44:e3:2a:3a:
         15:1e:84:f0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFW8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMjIxNjI2NDVaFw0yNjAzMjIxNjI2NDVaMBgxFjAU
BgNVBAMTDTY1ZmRiMTQ5LTgwNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDIxxdJkJe6HRFaaHaa/5RDGlgixyQhIH1jVbsZw5CZtRrBAnIm46aF/Urb
ebzRgX5sX8TSKGZhEu3g8CyvD6IDgLBRbJDEZNrf7+1TlkBNdeFtescN/Ex30xJY
fqS2Hc0kE9CuLm3adQjOVfrzsAo+HeH+fC1NZFBw/nn4Ag2+B+IIKPNv2JVP3Yxc
wOMLxzFfYeq0JLDIm9oN7AtJ7MOSRllp2lPN0FOWdhK9D2ggEfqlVNFn28H61fzj
lYZTr/peapVNk18z4kz5P/b2PolJx95QyAFjqaFOb0e2Q1gF9wD+oMM3c4mzLXb4
A3LL57tJOquJCmQKyQZym+bj3GpPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUH8pO
S27dULYJpY8BZ+ebVGH0EzEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0ZCODQ4OTI4RTg2ODExRUVCOEI2MzJBMDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMowDQYJKoZIhvcNAQEL
BQADggEBAJw5wve1nInCMKWoE6utTjLt39Tzg6LqdKtp5bNLKHLKTpHydLBdrAKH
wduuFHZRAhaf7pcJ+i8P2DRa56g5ehE9jYdwyhfRXw8sBzdNgPpi+mlAzxBC19cS
XX5o4NMoLTDfE98q2T9RObzVHaEy3483t/xemT5vUMchPkTlgGGIsWxukI7alF1f
meYp7zBCBxFdEmhFOb6TBLLJek643v3EtzRaSvyCrwtJkCLIAMXdZG47wZW1YXKT
pZKRpnMZd9gK4GyY+RUQU+Ird7gXPTkdwmQ37aQ+hgf1bXqISzr44ykl2x1wc9mO
OxdTBqtm43qVtrWVgfdsROMqOhUehPA=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:45 2024 by rpki-client on console-fra.rpki-client.org