Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/22FDA874060911EE8F77866F4AD9E6FC.roa
File:                     22FDA874060911EE8F77866F4AD9E6FC.roa (raw, json)
Hash identifier:          0l4Xw+d3QEQkdi74tn04FUOUJO2yHPKasvOaVYCytt4=
Subject key identifier:   35:59:C4:96:9C:10:38:70:61:26:9B:5D:7B:D2:1E:C8:3A:80:49:17
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0F0C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/22FDA874060911EE8F77866F4AD9E6FC.roa
Signing time:             Thu 08 Jun 2023 14:31:21 +0000
ROA not before:           Thu 08 Jun 2023 14:31:16 +0000
ROA not after:            Sat 07 Jun 2025 14:31:16 +0000
asID:                     48314
IP address blocks:        154.16.6.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3852 (0xf0c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun  8 14:31:16 2023 GMT
            Not After : Jun  7 14:31:16 2025 GMT
        Subject: CN=6481e639-59c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:13:67:a5:fe:e9:fa:ba:bb:dc:a0:6c:2c:42:
                    56:64:ba:ba:98:77:8e:1d:27:39:1f:35:11:67:fb:
                    c7:df:e8:cc:86:fc:5c:01:57:91:99:f4:73:eb:89:
                    f4:b6:38:54:ad:0c:3d:4a:5d:9b:c8:ed:10:3d:2e:
                    c7:1a:ae:b0:21:7f:73:3c:3a:e7:7c:e1:03:48:3b:
                    3f:cb:30:f8:a5:9e:d9:7b:6a:38:7c:ea:44:4a:5c:
                    28:dd:92:c0:c0:84:b3:46:6c:42:c6:92:ed:4a:9d:
                    73:7a:30:ce:85:5c:21:07:85:1a:40:e5:75:35:03:
                    d2:95:fb:64:da:63:6f:69:50:81:0e:a7:a7:11:dd:
                    fe:26:6c:bb:2f:0e:c0:84:9d:c4:78:8d:44:86:6f:
                    f3:3f:89:0a:ca:49:e7:d6:36:ca:90:b5:02:d4:4e:
                    77:d0:b5:88:0f:d9:d9:52:0f:d3:8c:31:9a:ad:74:
                    97:02:17:d4:30:f0:42:31:cd:4b:12:e1:b7:cf:0a:
                    59:8a:cf:1c:8e:ea:bc:31:9f:7d:2f:95:e1:41:62:
                    03:46:02:b1:9d:94:c5:0b:a7:8c:10:af:39:02:18:
                    cd:09:42:c2:05:db:72:cd:21:02:e3:af:4e:c1:bb:
                    ad:45:7c:ad:9a:20:cb:dc:6e:c6:9e:3c:df:61:7e:
                    ab:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:59:C4:96:9C:10:38:70:61:26:9B:5D:7B:D2:1E:C8:3A:80:49:17
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/22FDA874060911EE8F77866F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:5c:d6:fd:fc:23:19:03:e7:88:c7:33:18:81:1d:e8:13:4d:
         9c:d0:ec:39:4f:74:6c:04:a5:f2:04:cf:d3:c8:77:d9:fb:ad:
         96:a3:64:ef:58:5f:21:cf:64:6a:7a:dc:e5:3c:b6:f6:ed:f5:
         c2:46:94:7a:b9:43:e6:8e:21:a2:7b:39:2a:c2:72:e4:45:54:
         fc:3c:f9:04:df:7d:84:f0:fe:de:ab:ad:ef:d4:b8:cf:40:dc:
         21:fb:96:8b:98:04:5d:22:68:b3:66:94:8d:80:7f:a1:19:2f:
         f0:20:5f:46:e6:99:c9:4a:12:55:4a:cf:43:42:fe:87:71:02:
         89:00:f5:be:78:42:cf:87:ef:ba:20:bc:b9:93:b7:e9:8e:60:
         b7:11:f4:67:97:59:27:ad:62:c1:75:c2:6c:57:a9:59:40:ce:
         3f:f9:5f:e8:e9:03:76:8c:fd:76:d8:7e:fc:ca:f2:b3:b0:fb:
         d6:de:f3:4c:73:8f:25:9f:3a:df:de:80:1f:44:4b:7c:97:c2:
         54:97:b7:89:9b:2b:9e:49:13:05:34:6f:ac:87:3a:45:52:46:
         d6:78:5f:7a:a4:e5:98:90:39:e9:c5:1f:bf:34:4c:bc:d2:fd:
         2f:c2:3a:ad:30:31:37:47:82:a6:3c:09:4c:62:17:50:6c:98:
         c7:9b:68:3b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDwwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MDgxNDMxMTZaFw0yNTA2MDcxNDMxMTZaMBgxFjAU
BgNVBAMTDTY0ODFlNjM5LTU5YzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCXE2el/un6urvcoGwsQlZkurqYd44dJzkfNRFn+8ff6MyG/FwBV5GZ9HPr
ifS2OFStDD1KXZvI7RA9LscarrAhf3M8Oud84QNIOz/LMPilntl7ajh86kRKXCjd
ksDAhLNGbELGku1KnXN6MM6FXCEHhRpA5XU1A9KV+2TaY29pUIEOp6cR3f4mbLsv
DsCEncR4jUSGb/M/iQrKSefWNsqQtQLUTnfQtYgP2dlSD9OMMZqtdJcCF9Qw8EIx
zUsS4bfPClmKzxyO6rwxn30vleFBYgNGArGdlMULp4wQrzkCGM0JQsIF23LNIQLj
r07Bu61FfK2aIMvcbsaePN9hfqtdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNVnE
lpwQOHBhJptde9IeyDqASRcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzIyRkRBODc0MDYwOTExRUU4Rjc3ODY2RjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAYwDQYJKoZIhvcNAQEL
BQADggEBACZc1v38IxkD54jHMxiBHegTTZzQ7DlPdGwEpfIEz9PId9n7rZajZO9Y
XyHPZGp63OU8tvbt9cJGlHq5Q+aOIaJ7OSrCcuRFVPw8+QTffYTw/t6rre/UuM9A
3CH7louYBF0iaLNmlI2Af6EZL/AgX0bmmclKElVKz0NC/odxAokA9b54Qs+H77og
vLmTt+mOYLcR9GeXWSetYsF1wmxXqVlAzj/5X+jpA3aM/XbYfvzK8rOw+9be80xz
jyWfOt/egB9ES3yXwlSXt4mbK55JEwU0b6yHOkVSRtZ4X3qk5ZiQOenFH780TLzS
/S/COq0wMTdHgqY8CUxiF1BsmMebaDs=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:54 2024 by rpki-client on console-fra.rpki-client.org