Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FF4BEC5EB07311EEAC455559775412E6.roa
File:                     FF4BEC5EB07311EEAC455559775412E6.roa (raw, json)
Hash identifier:          KDrjlRDlvIgtsUc6yJeR9RN5RSeNGdEJUqq/nlk1EUA=
Subject key identifier:   80:9E:CA:B8:5C:E5:38:92:4C:87:78:A4:76:38:6A:2B:D0:D0:33:1B
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1445
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FF4BEC5EB07311EEAC455559775412E6.roa
Signing time:             Thu 11 Jan 2024 11:24:35 +0000
ROA not before:           Thu 11 Jan 2024 11:24:31 +0000
ROA not after:            Sun 11 Jan 2026 11:24:31 +0000
asID:                     198100
IP address blocks:        154.16.183.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5189 (0x1445)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jan 11 11:24:31 2024 GMT
            Not After : Jan 11 11:24:31 2026 GMT
        Subject: CN=659fcff2-5aac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:2e:35:94:02:0c:64:68:8d:29:44:ea:e9:8a:
                    df:7d:df:18:7f:7f:0a:a4:4b:99:1e:ff:b9:b8:7f:
                    f1:6a:81:bc:42:a0:98:d6:1d:47:f8:73:15:0a:f7:
                    2d:f1:cb:da:8a:c9:09:64:3e:e7:79:10:a4:22:9a:
                    4c:71:5b:7a:ea:03:97:79:64:ca:5b:15:39:9f:93:
                    e7:84:bc:41:95:5a:80:15:3f:10:cb:f4:b0:f0:0c:
                    3c:b4:3d:16:c9:97:c8:f4:a8:4e:f9:e9:f3:ea:6f:
                    8b:31:9f:bc:12:8a:e1:2e:48:f5:72:e1:0d:ac:48:
                    45:19:91:07:60:75:90:d2:cb:a1:6a:e1:a3:52:c6:
                    8a:a7:e8:4f:9c:6a:59:87:18:36:e5:df:6a:a8:a6:
                    a8:5c:63:8a:f2:b4:40:58:f5:39:d6:4b:c7:6d:16:
                    87:24:8b:dc:c4:64:2f:41:33:ca:96:1a:77:8b:31:
                    64:34:f1:e6:c8:88:35:dc:94:f1:38:62:de:d2:58:
                    97:6a:d6:58:a6:4e:ba:72:fd:0f:52:be:32:79:98:
                    b8:4f:f1:11:54:1d:1f:18:86:7c:03:6d:a6:6f:f1:
                    c6:33:a7:12:14:85:89:36:28:6e:76:92:73:c2:43:
                    f1:0c:7a:9e:26:35:ba:8e:65:b7:e2:58:fb:ff:53:
                    df:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:9E:CA:B8:5C:E5:38:92:4C:87:78:A4:76:38:6A:2B:D0:D0:33:1B
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FF4BEC5EB07311EEAC455559775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:f0:1c:32:c2:f6:90:a4:55:0a:a6:f7:92:03:24:f9:f9:91:
         e6:82:f8:0e:e9:09:97:7e:59:bf:d0:3d:ad:e3:4a:1b:91:a6:
         0b:43:ef:e1:af:ba:3b:37:43:5b:4d:88:b9:15:d6:e1:18:d8:
         bd:52:a5:dd:75:cb:fb:66:5f:65:c6:9e:43:af:35:59:92:b3:
         f8:84:78:bd:95:fe:bd:1a:f3:12:9b:a2:d1:52:df:53:23:01:
         e2:bb:7b:25:6f:4b:de:2d:3e:2c:a6:2e:23:6a:e7:89:e4:44:
         e1:a1:db:0f:2e:fb:e3:ee:03:9c:be:dd:fc:7b:1c:d9:5a:a3:
         19:75:44:94:a0:e3:2c:3c:81:43:9e:9d:56:2e:3a:b8:ca:eb:
         ea:40:5b:0d:70:c0:5a:94:47:0f:7b:63:a1:f2:11:5b:bc:90:
         dd:a8:6d:a4:18:69:1a:7b:4d:1f:c7:8b:ea:2c:fc:3e:c7:d8:
         6e:87:e1:26:ea:c4:47:9f:ed:c4:82:53:b3:79:59:32:1e:ed:
         8d:c3:61:38:95:76:74:d1:a0:1d:d1:db:56:0d:b8:06:c3:76:
         1c:d5:19:80:ec:f8:fa:b8:7b:13:98:33:8f:70:41:48:d4:ee:
         cf:27:0c:13:c5:1a:e6:67:fb:5e:70:75:99:df:c6:55:99:88:
         ec:4c:e5:40
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFEUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAxMTExMTI0MzFaFw0yNjAxMTExMTI0MzFaMBgxFjAU
BgNVBAMTDTY1OWZjZmYyLTVhYWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDULjWUAgxkaI0pROrpit993xh/fwqkS5ke/7m4f/FqgbxCoJjWHUf4cxUK
9y3xy9qKyQlkPud5EKQimkxxW3rqA5d5ZMpbFTmfk+eEvEGVWoAVPxDL9LDwDDy0
PRbJl8j0qE756fPqb4sxn7wSiuEuSPVy4Q2sSEUZkQdgdZDSy6Fq4aNSxoqn6E+c
almHGDbl32qopqhcY4rytEBY9TnWS8dtFocki9zEZC9BM8qWGneLMWQ08ebIiDXc
lPE4Yt7SWJdq1limTrpy/Q9SvjJ5mLhP8RFUHR8YhnwDbaZv8cYzpxIUhYk2KG52
knPCQ/EMep4mNbqOZbfiWPv/U9+TAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUgJ7K
uFzlOJJMh3ikdjhqK9DQMxswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0ZGNEJFQzVFQjA3MzExRUVBQzQ1NTU1OTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaELcwDQYJKoZIhvcNAQEL
BQADggEBAHbwHDLC9pCkVQqm95IDJPn5keaC+A7pCZd+Wb/QPa3jShuRpgtD7+Gv
ujs3Q1tNiLkV1uEY2L1Spd11y/tmX2XGnkOvNVmSs/iEeL2V/r0a8xKbotFS31Mj
AeK7eyVvS94tPiymLiNq54nkROGh2w8u++PuA5y+3fx7HNlaoxl1RJSg4yw8gUOe
nVYuOrjK6+pAWw1wwFqURw97Y6HyEVu8kN2obaQYaRp7TR/Hi+os/D7H2G6H4Sbq
xEef7cSCU7N5WTIe7Y3DYTiVdnTRoB3R21YNuAbDdhzVGYDs+Pq4exOYM49wQUjU
7s8nDBPFGuZn+15wdZnfxlWZiOxM5UA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 15:28:48 2024 by rpki-client on console-fra.rpki-client.org