Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FD173316140211EEBE33DD344AD9E6FC.roa
File:                     FD173316140211EEBE33DD344AD9E6FC.roa (raw, json)
Hash identifier:          kC73a40jD9vdDo5AuF7XlikTpk3iH+uNqJFYkyhnhQk=
Subject key identifier:   E9:C6:3A:11:D3:D6:DB:13:F6:13:B5:EB:33:F7:09:FA:A1:D5:56:F3
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1002
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FD173316140211EEBE33DD344AD9E6FC.roa
Signing time:             Mon 26 Jun 2023 09:22:36 +0000
ROA not before:           Mon 26 Jun 2023 09:22:31 +0000
ROA not after:            Sat 28 Jun 2025 09:22:31 +0000
asID:                     200131
IP address blocks:        154.16.48.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4098 (0x1002)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun 26 09:22:31 2023 GMT
            Not After : Jun 28 09:22:31 2025 GMT
        Subject: CN=649958dc-4c7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:88:14:54:19:09:99:d0:64:b1:fe:3b:96:93:
                    67:3a:c2:5b:2e:4d:7e:7f:e7:98:d3:0d:4d:40:c7:
                    44:1f:70:b8:3b:e6:1d:8b:a0:9d:69:04:67:3e:14:
                    3d:70:74:d0:75:82:f1:60:af:f4:1a:33:e5:0b:3e:
                    0e:20:f9:44:37:39:a1:cc:b4:aa:37:55:7e:17:75:
                    d3:e0:47:e3:47:f2:72:1a:c3:ee:af:81:d1:4a:70:
                    19:2a:7b:3c:87:85:57:9e:f4:d5:9d:ab:21:e0:ef:
                    e5:ac:d8:93:b9:4a:3e:dd:6f:a5:41:06:2c:43:e6:
                    77:9e:90:ea:3f:6a:24:f9:37:e1:ba:8c:59:fe:d2:
                    e1:04:64:97:3e:0a:41:e8:18:ff:7e:3a:21:a2:e5:
                    ee:2e:76:e0:7c:82:2e:86:42:42:2a:a9:6e:33:a8:
                    30:90:0f:a4:97:2f:92:21:2c:1e:0e:50:e7:f4:43:
                    21:cf:dc:2f:25:3f:e6:2a:84:54:5a:ed:35:d5:a6:
                    ae:95:69:de:49:e2:11:00:81:c8:35:f6:e3:61:51:
                    e3:64:8d:27:c5:09:29:3d:21:de:8f:41:64:de:07:
                    35:0a:1f:12:cb:23:a5:f5:95:42:32:8a:2c:9f:69:
                    93:6d:b6:7c:9d:47:5f:76:bf:93:ee:ab:db:c2:65:
                    f3:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:C6:3A:11:D3:D6:DB:13:F6:13:B5:EB:33:F7:09:FA:A1:D5:56:F3
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FD173316140211EEBE33DD344AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:c6:40:80:53:48:92:b7:16:bf:76:8b:89:f0:8a:52:9f:86:
         e8:a2:e3:9b:7c:80:83:aa:ce:20:e9:f4:1b:8c:f4:8d:e3:f0:
         bf:9b:5b:50:37:3c:4a:97:87:fe:dc:ae:7f:11:03:e5:66:73:
         c1:c1:a4:0b:d3:db:a3:67:dc:24:a8:3f:cf:62:53:f3:8f:d0:
         5d:cf:d3:a6:96:63:27:44:2b:6c:77:ff:5a:88:ac:a9:14:5a:
         fa:63:b5:e8:df:7b:95:e5:af:4a:8f:33:da:a8:01:bc:bc:1f:
         aa:c3:16:4f:4d:77:a7:1e:19:9d:f9:41:a3:14:7c:09:5b:05:
         54:2a:60:c1:9a:a8:cb:e0:1e:f1:0f:38:e0:50:51:f1:1d:73:
         d2:df:87:19:76:e8:36:08:f3:c9:26:1e:93:7b:d7:c5:a4:da:
         57:dd:d0:a0:3d:f4:9a:ff:a4:20:dc:2e:92:cb:66:d5:5c:8f:
         4d:39:4c:6f:57:bf:26:0c:2b:08:55:19:29:9b:95:1e:c0:1e:
         30:3d:0b:07:9a:ef:9b:8e:fe:fe:76:9b:7c:0a:ee:79:1b:a4:
         c9:83:5a:1a:1f:e4:35:e2:e9:fb:d2:78:23:99:cd:15:39:a2:
         9f:e8:c8:24:6a:35:53:cf:df:c8:4d:54:42:5c:b2:07:28:e1:
         52:72:b7:aa
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MjYwOTIyMzFaFw0yNTA2MjgwOTIyMzFaMBgxFjAU
BgNVBAMTDTY0OTk1OGRjLTRjN2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5iBRUGQmZ0GSx/juWk2c6wlsuTX5/55jTDU1Ax0QfcLg75h2LoJ1pBGc+
FD1wdNB1gvFgr/QaM+ULPg4g+UQ3OaHMtKo3VX4XddPgR+NH8nIaw+6vgdFKcBkq
ezyHhVee9NWdqyHg7+Ws2JO5Sj7db6VBBixD5neekOo/aiT5N+G6jFn+0uEEZJc+
CkHoGP9+OiGi5e4uduB8gi6GQkIqqW4zqDCQD6SXL5IhLB4OUOf0QyHP3C8lP+Yq
hFRa7TXVpq6Vad5J4hEAgcg19uNhUeNkjSfFCSk9Id6PQWTeBzUKHxLLI6X1lUIy
iiyfaZNttnydR192v5Puq9vCZfP5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6cY6
EdPW2xP2E7XrM/cJ+qHVVvMwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0ZEMTczMzE2MTQwMjExRUVCRTMzREQzNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDAwDQYJKoZIhvcNAQEL
BQADggEBAKvGQIBTSJK3Fr92i4nwilKfhuii45t8gIOqziDp9BuM9I3j8L+bW1A3
PEqXh/7crn8RA+Vmc8HBpAvT26Nn3CSoP89iU/OP0F3P06aWYydEK2x3/1qIrKkU
Wvpjtejfe5Xlr0qPM9qoAby8H6rDFk9Nd6ceGZ35QaMUfAlbBVQqYMGaqMvgHvEP
OOBQUfEdc9Lfhxl26DYI88kmHpN718Wk2lfd0KA99Jr/pCDcLpLLZtVcj005TG9X
vyYMKwhVGSmblR7AHjA9Cwea75uO/v52m3wK7nkbpMmDWhof5DXi6fvSeCOZzRU5
op/oyCRqNVPP38hNVEJcsgco4VJyt6o=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:04 2024 by rpki-client on console-ams.rpki-client.org