Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/030303720C8211EFA50DB147017001B1.roa
File:                     030303720C8211EFA50DB147017001B1.roa (raw, json)
Hash identifier:          T7Tr2a5skufz++wo5KA+s5Kz2+xnrJuzXU+0yOT62FE=
Subject key identifier:   7D:B2:60:20:09:D4:2B:C8:AC:2F:52:F7:D1:BC:64:E1:BC:20:54:32
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       162A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/030303720C8211EFA50DB147017001B1.roa
Signing time:             Tue 07 May 2024 14:56:41 +0000
ROA not before:           Tue 07 May 2024 14:56:36 +0000
ROA not after:            Sat 09 May 2026 14:56:36 +0000
asID:                     212238
IP address blocks:        154.16.73.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 20 Oct 2024 00:05:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5674 (0x162a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May  7 14:56:36 2024 GMT
            Not After : May  9 14:56:36 2026 GMT
        Subject: CN=663a4129-fc8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:62:61:9c:d4:bc:cd:3c:41:34:3b:a8:7d:0c:
                    3c:d0:8d:f8:ab:d4:b1:3b:14:16:d7:7c:8e:b1:99:
                    be:ad:8b:96:11:c3:46:b1:42:9d:ed:73:74:aa:f5:
                    91:cf:a3:f6:73:72:5e:da:60:14:d3:98:22:05:34:
                    e0:2a:eb:1e:fe:6f:f0:43:e9:ef:f4:ab:59:27:4e:
                    21:0f:ae:af:f9:c8:13:ee:be:a0:cf:f3:5f:6b:6f:
                    0d:8b:00:56:ec:c6:91:cc:30:1e:eb:33:0f:7b:91:
                    2e:f3:61:f6:41:e8:92:af:92:4a:22:56:ca:4a:ea:
                    48:03:cd:77:de:14:cf:8a:36:69:a4:f8:4d:13:29:
                    85:4b:91:7c:85:13:58:a2:87:7b:38:d9:0b:70:e7:
                    95:cf:ef:4a:0b:97:1f:4c:1b:06:8d:ba:9d:93:df:
                    0a:70:47:bb:eb:f4:a5:0b:97:2e:35:6c:19:75:60:
                    c4:2e:62:47:b0:f5:05:f8:d1:b9:48:7d:23:77:e8:
                    5e:66:8e:66:65:b5:0e:5b:d8:c2:e8:c8:86:1d:2a:
                    d8:53:0d:da:72:dc:13:66:5d:7f:55:e1:91:c6:e8:
                    ee:90:61:9f:bb:16:7a:c7:ca:5a:70:0d:0e:d1:11:
                    af:88:fd:59:73:34:48:44:2f:58:4b:32:c6:15:2e:
                    26:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:B2:60:20:09:D4:2B:C8:AC:2F:52:F7:D1:BC:64:E1:BC:20:54:32
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/030303720C8211EFA50DB147017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:29:35:86:aa:c0:98:a2:31:a7:20:c9:dc:1d:7e:cb:06:4b:
         5e:f9:b6:67:13:c7:b8:e3:86:ff:47:8d:9c:79:35:ce:3f:c5:
         94:97:30:2a:b3:cb:29:ec:b6:3b:db:c4:7f:eb:17:a7:93:d1:
         a2:77:9c:80:87:2e:13:9b:d2:b3:14:38:90:a3:fb:53:dc:fc:
         66:cb:79:6f:7d:8d:79:c2:55:59:df:9f:02:59:c9:3c:a2:1b:
         85:18:23:98:ce:c4:d9:e4:85:a9:44:05:ba:11:33:d1:b3:ed:
         85:65:c5:df:eb:59:7d:c9:78:2e:80:7b:f5:3a:66:af:ce:82:
         76:e4:8c:31:46:c3:f4:c5:c1:ef:4d:c2:0e:22:ae:9e:7a:a4:
         ba:59:d3:7e:ae:71:e1:c2:d7:07:60:d0:c2:a6:4f:9c:9a:df:
         73:75:d5:4d:e5:d2:d5:c6:80:ab:93:e6:05:7f:8d:7e:67:06:
         71:6a:2a:37:56:e1:1e:1a:cb:de:3d:fd:23:cc:cf:79:7f:5d:
         18:97:8f:23:77:c0:81:5e:2a:f5:6f:f9:6e:5c:b7:1a:23:8f:
         60:b9:78:14:c2:c6:fb:6a:cc:8c:2c:36:fb:f4:18:23:02:ec:
         34:71:16:0e:26:c1:ec:b7:ef:49:72:8f:6d:61:d0:f3:5a:92:
         d5:03:ea:b4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFiowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA1MDcxNDU2MzZaFw0yNjA1MDkxNDU2MzZaMBgxFjAU
BgNVBAMTDTY2M2E0MTI5LWZjOGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDaYmGc1LzNPEE0O6h9DDzQjfir1LE7FBbXfI6xmb6ti5YRw0axQp3tc3Sq
9ZHPo/Zzcl7aYBTTmCIFNOAq6x7+b/BD6e/0q1knTiEPrq/5yBPuvqDP819rbw2L
AFbsxpHMMB7rMw97kS7zYfZB6JKvkkoiVspK6kgDzXfeFM+KNmmk+E0TKYVLkXyF
E1iih3s42Qtw55XP70oLlx9MGwaNup2T3wpwR7vr9KULly41bBl1YMQuYkew9QX4
0blIfSN36F5mjmZltQ5b2MLoyIYdKthTDdpy3BNmXX9V4ZHG6O6QYZ+7FnrHylpw
DQ7REa+I/VlzNEhEL1hLMsYVLibXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfbJg
IAnUK8isL1L30bxk4bwgVDIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzAzMDMwMzcyMEM4MjExRUZBNTBEQjE0NzAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEkwDQYJKoZIhvcNAQEL
BQADggEBACgpNYaqwJiiMacgydwdfssGS175tmcTx7jjhv9HjZx5Nc4/xZSXMCqz
yynstjvbxH/rF6eT0aJ3nICHLhOb0rMUOJCj+1Pc/GbLeW99jXnCVVnfnwJZyTyi
G4UYI5jOxNnkhalEBboRM9Gz7YVlxd/rWX3JeC6Ae/U6Zq/OgnbkjDFGw/TFwe9N
wg4irp56pLpZ036uceHC1wdg0MKmT5ya33N11U3l0tXGgKuT5gV/jX5nBnFqKjdW
4R4ay949/SPMz3l/XRiXjyN3wIFeKvVv+W5ctxojj2C5eBTCxvtqzIwsNvv0GCMC
7DRxFg4mwey370lyj21h0PNaktUD6rQ=
-----END CERTIFICATE-----
Generated at Fri Oct 18 01:39:25 2024 by rpki-client on console-fra.rpki-client.org