Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/19DAE916552211ED8D4CAB89F1222468.roa
File:                     19DAE916552211ED8D4CAB89F1222468.roa (raw, json)
Hash identifier:          Q+9H2qDzeYmJAe9gKY9jGzvqK8iZul5O/OiA8ESLK7M=
Subject key identifier:   C2:16:A7:0E:9D:86:66:F5:AD:2F:74:32:87:4E:42:C8:3C:E9:D8:C2
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A6A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/19DAE916552211ED8D4CAB89F1222468.roa
Signing time:             Wed 26 Oct 2022 11:34:07 +0000
ROA not before:           Wed 26 Oct 2022 11:34:03 +0000
ROA not after:            Sun 27 Oct 2024 11:34:03 +0000
asID:                     36352
IP address blocks:        154.16.112.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 18 Jul 2024 07:24:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2666 (0xa6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 26 11:34:03 2022 GMT
            Not After : Oct 27 11:34:03 2024 GMT
        Subject: CN=63591b2f-cb4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:cb:32:01:0e:8f:80:e4:5c:2c:51:07:9d:77:
                    c5:4c:4c:ec:14:88:c8:9f:7b:96:79:a1:2c:f9:ea:
                    a7:70:24:0c:27:3a:99:93:65:ef:8a:0d:5a:b1:0d:
                    16:3b:71:2c:10:8d:98:24:93:41:8a:81:38:fa:1e:
                    ee:fe:a7:d8:4f:0f:16:b8:e7:9d:85:ba:91:e0:5c:
                    d9:60:12:01:7a:d3:eb:2a:c8:f3:5d:f0:93:2a:71:
                    58:2c:ef:6f:d9:e8:bd:0c:96:16:60:d8:49:8c:a5:
                    96:c8:b0:80:43:0b:e5:da:0b:c3:5f:00:ae:78:a8:
                    c8:77:2d:3c:ff:fa:6f:34:14:e2:97:30:35:bb:9a:
                    04:ac:0c:10:08:96:bc:ff:ee:dc:39:85:75:04:03:
                    10:23:b4:93:a2:e5:e8:80:a8:e8:ee:20:2b:04:41:
                    6a:c2:48:ff:b9:82:a0:c0:24:cb:f0:ad:58:bc:c8:
                    70:b7:dd:c6:be:ce:be:79:4a:77:d4:e2:fa:e0:63:
                    1c:13:64:8c:0b:78:69:7b:2d:72:42:ff:ca:ec:7e:
                    d4:1b:ba:92:0a:db:dd:9f:bb:63:ba:7e:ed:3c:15:
                    e3:48:3e:bf:54:ea:db:6a:1b:19:1a:bf:3e:3d:b6:
                    c0:44:f7:99:c7:8c:70:ca:06:9c:5b:61:71:ae:1f:
                    3a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:16:A7:0E:9D:86:66:F5:AD:2F:74:32:87:4E:42:C8:3C:E9:D8:C2
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/19DAE916552211ED8D4CAB89F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:5f:6a:5f:bf:5d:60:23:d2:03:30:dc:d3:0b:59:6e:f5:19:
         0c:e8:dd:f3:84:5a:6b:c0:e1:71:54:b0:d0:bf:51:e4:bf:34:
         d9:25:01:c7:9c:4c:3f:d2:13:1f:75:a7:38:00:f6:2a:8d:de:
         67:c8:bf:80:36:51:91:c0:fa:eb:35:84:ad:8b:f2:56:23:08:
         80:a7:0b:8e:6f:e5:90:32:52:54:01:bd:e4:a6:45:c4:6c:73:
         45:17:7c:a5:c3:e2:be:d2:27:b8:80:3a:aa:99:0d:fe:4e:c5:
         9b:82:5b:60:0b:82:f2:03:bf:10:d6:6c:c4:22:63:6f:43:e3:
         b2:45:68:63:e8:d4:1b:a6:08:a6:90:aa:31:28:12:64:49:cb:
         6a:80:e8:0b:52:8a:fa:35:5b:21:7e:75:53:6e:44:c0:0a:78:
         02:89:d3:bb:72:26:ef:18:0d:79:60:c4:52:e2:37:ea:d1:05:
         e5:f3:54:d1:3d:bc:32:2c:48:60:2d:67:57:22:a0:7f:be:76:
         17:09:99:99:e3:ae:dc:be:b2:de:02:70:a8:2b:9a:c2:9b:67:
         43:fb:b2:48:72:1c:5e:10:0f:61:9e:f0:9e:06:e7:ca:8b:ec:
         d5:4c:04:fc:91:2f:75:7d:04:9f:10:c2:59:15:a7:c3:6b:0b:
         72:d3:fe:93
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCmowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMjYxMTM0MDNaFw0yNDEwMjcxMTM0MDNaMBgxFjAU
BgNVBAMMDTYzNTkxYjJmLWNiNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8yzIBDo+A5FwsUQedd8VMTOwUiMife5Z5oSz56qdwJAwnOpmTZe+KDVqx
DRY7cSwQjZgkk0GKgTj6Hu7+p9hPDxa4552FupHgXNlgEgF60+sqyPNd8JMqcVgs
72/Z6L0MlhZg2EmMpZbIsIBDC+XaC8NfAK54qMh3LTz/+m80FOKXMDW7mgSsDBAI
lrz/7tw5hXUEAxAjtJOi5eiAqOjuICsEQWrCSP+5gqDAJMvwrVi8yHC33ca+zr55
SnfU4vrgYxwTZIwLeGl7LXJC/8rsftQbupIK292fu2O6fu08FeNIPr9U6ttqGxka
vz49tsBE95nHjHDKBpxbYXGuHzr3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUwhan
Dp2GZvWtL3Qyh05CyDzp2MIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzE5REFFOTE2NTUyMjExRUQ4RDRDQUI4OUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHAwDQYJKoZIhvcNAQEL
BQADggEBAIdfal+/XWAj0gMw3NMLWW71GQzo3fOEWmvA4XFUsNC/UeS/NNklAcec
TD/SEx91pzgA9iqN3mfIv4A2UZHA+us1hK2L8lYjCICnC45v5ZAyUlQBveSmRcRs
c0UXfKXD4r7SJ7iAOqqZDf5OxZuCW2ALgvIDvxDWbMQiY29D47JFaGPo1BumCKaQ
qjEoEmRJy2qA6AtSivo1WyF+dVNuRMAKeAKJ07tyJu8YDXlgxFLiN+rRBeXzVNE9
vDIsSGAtZ1cioH++dhcJmZnjrty+st4CcKgrmsKbZ0P7skhyHF4QD2Ge8J4G58qL
7NVMBPyRL3V9BJ8QwlkVp8NrC3LT/pM=
-----END CERTIFICATE-----
Generated at Tue Jul 16 10:30:34 2024 by rpki-client on console-fra.rpki-client.org