Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FD0E209EB43711EDAE678E9AF1222468.roa
File:                     FD0E209EB43711EDAE678E9AF1222468.roa (raw, json)
Hash identifier:          smS17TKUPwhqmQsDSlO5bnwfyFdPpP4IwAKmBecaInE=
Subject key identifier:   24:6D:6B:BF:F9:68:56:EF:CB:27:A6:97:E9:F3:CA:FA:6B:11:5D:70
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0BDF
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FD0E209EB43711EDAE678E9AF1222468.roa
Signing time:             Fri 24 Feb 2023 11:40:08 +0000
ROA not before:           Fri 24 Feb 2023 11:40:04 +0000
ROA not after:            Sat 22 Feb 2025 11:40:04 +0000
asID:                     61317
IP address blocks:        154.16.5.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Jul 2023 00:03:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3039 (0xbdf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 24 11:40:04 2023 GMT
            Not After : Feb 22 11:40:04 2025 GMT
        Subject: CN=63f8a218-bb3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:22:a8:65:0d:32:4a:c2:08:f1:f4:ad:47:7b:
                    01:22:e8:90:74:a7:25:90:74:fe:cc:be:4d:ed:c8:
                    2a:2c:50:5a:54:c3:07:16:c4:c6:27:2c:bb:7e:2a:
                    e5:80:d3:fa:f6:f4:92:ea:79:bc:cb:b7:0d:75:24:
                    d4:d9:6d:65:63:11:da:ba:ac:a1:2d:7a:7d:2e:56:
                    ed:2f:69:8c:96:ed:c8:03:c9:16:4a:43:64:27:19:
                    13:b7:22:87:7b:3a:1d:35:7f:ed:45:13:03:66:15:
                    25:15:0e:95:2f:76:fd:84:47:74:d7:ce:d3:fc:f5:
                    c1:f3:27:45:c1:4a:5c:fe:a7:dd:fc:8d:f8:c4:87:
                    d5:34:d7:c2:3e:47:38:f0:e9:42:ba:e6:94:52:6d:
                    7e:2a:6e:47:6e:f3:43:21:8c:44:50:c7:b5:a4:69:
                    30:10:78:12:3e:54:89:51:8c:cf:4a:61:75:c3:6e:
                    fc:cd:09:23:b6:95:5e:ab:1d:3c:42:d7:9e:82:9d:
                    8a:5b:5a:ee:02:10:d0:61:dc:ff:90:3a:22:71:b2:
                    4f:58:72:c8:81:68:d0:56:72:36:29:c8:80:7e:a3:
                    e7:4e:fa:ac:11:32:9b:c9:16:32:31:eb:e9:33:ae:
                    0c:f8:32:10:11:f5:f7:73:75:97:ae:4d:c7:27:9d:
                    c6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:6D:6B:BF:F9:68:56:EF:CB:27:A6:97:E9:F3:CA:FA:6B:11:5D:70
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FD0E209EB43711EDAE678E9AF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:42:54:5d:cb:10:a5:40:85:6b:5a:ab:b7:7e:e6:1c:c9:e7:
         5d:f3:9d:18:e5:01:83:40:82:8c:93:da:33:a0:52:8a:1b:43:
         b6:b1:91:cd:a9:f3:ad:ac:f0:1e:99:b8:ab:c8:70:b3:78:50:
         08:1f:eb:f2:61:02:98:cd:5d:ea:7e:a4:2d:65:f3:8a:6f:a1:
         56:8d:fc:a4:82:05:69:61:fd:b1:50:31:a6:99:5d:9d:1d:3f:
         6b:41:36:9c:8c:6e:0d:e5:94:5a:1b:1f:2b:09:fc:5f:2d:44:
         cb:f6:79:6e:da:07:aa:c6:05:3b:00:f4:32:a3:c1:d7:de:04:
         2a:b4:0f:06:70:de:bd:4e:7a:5f:12:be:7c:c6:bb:5c:49:d1:
         fc:2f:fc:a5:c5:9a:e9:cb:54:ee:87:d0:12:83:f6:ad:e0:20:
         b5:c5:92:0b:c5:21:98:72:b6:0b:1a:8f:14:9a:95:5b:91:e0:
         eb:13:6d:6b:f3:3a:ad:72:3a:a3:f7:62:21:9e:a9:36:c1:40:
         ee:c8:c5:47:79:73:de:98:df:a2:b0:4d:59:7e:65:cf:34:2f:
         d0:1e:6b:58:6e:f0:23:e0:c1:c1:43:fe:7b:38:77:27:66:d8:
         56:c3:7d:31:72:53:c3:6e:d1:25:3a:ca:e7:a2:2d:67:76:46:
         4e:30:c1:03
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC98wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjQxMTQwMDRaFw0yNTAyMjIxMTQwMDRaMBgxFjAU
BgNVBAMMDTYzZjhhMjE4LWJiM2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDMIqhlDTJKwgjx9K1HewEi6JB0pyWQdP7Mvk3tyCosUFpUwwcWxMYnLLt+
KuWA0/r29JLqebzLtw11JNTZbWVjEdq6rKEten0uVu0vaYyW7cgDyRZKQ2QnGRO3
Iod7Oh01f+1FEwNmFSUVDpUvdv2ER3TXztP89cHzJ0XBSlz+p938jfjEh9U018I+
Rzjw6UK65pRSbX4qbkdu80MhjERQx7WkaTAQeBI+VIlRjM9KYXXDbvzNCSO2lV6r
HTxC156CnYpbWu4CENBh3P+QOiJxsk9YcsiBaNBWcjYpyIB+o+dO+qwRMpvJFjIx
6+kzrgz4MhAR9fdzdZeuTccnncYxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJG1r
v/loVu/LJ6aX6fPK+msRXXAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0ZEMEUyMDlFQjQzNzExRURBRTY3OEU5QUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAUwDQYJKoZIhvcNAQEL
BQADggEBAANCVF3LEKVAhWtaq7d+5hzJ513znRjlAYNAgoyT2jOgUoobQ7axkc2p
862s8B6ZuKvIcLN4UAgf6/JhApjNXep+pC1l84pvoVaN/KSCBWlh/bFQMaaZXZ0d
P2tBNpyMbg3llFobHysJ/F8tRMv2eW7aB6rGBTsA9DKjwdfeBCq0DwZw3r1Oel8S
vnzGu1xJ0fwv/KXFmunLVO6H0BKD9q3gILXFkgvFIZhytgsajxSalVuR4OsTbWvz
Oq1yOqP3YiGeqTbBQO7IxUd5c96Y36KwTVl+Zc80L9Aea1hu8CPgwcFD/ns4dydm
2FbDfTFyU8Nu0SU6yueiLWd2Rk4wwQM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:34:10 2023 by rpki-client on console-ams.rpki-client.org