Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2BE2849CB74D11ED845622ECF1222468.roa
File:                     2BE2849CB74D11ED845622ECF1222468.roa (raw, json)
Hash identifier:          Faziu+dXhyqMtL4MAt4I27acGFtrKUK1NLpdPsk1Th4=
Subject key identifier:   3E:40:60:FB:47:D5:1F:6A:89:FC:CD:24:7D:48:0F:85:79:B2:6C:79
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0C86
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2BE2849CB74D11ED845622ECF1222468.roa
Signing time:             Tue 28 Feb 2023 09:49:20 +0000
ROA not before:           Tue 28 Feb 2023 09:49:16 +0000
ROA not after:            Fri 28 Feb 2025 09:49:16 +0000
asID:                     61317
IP address blocks:        154.16.193.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3206 (0xc86)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 28 09:49:16 2023 GMT
            Not After : Feb 28 09:49:16 2025 GMT
        Subject: CN=63fdce1f-b4bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:9a:41:e1:7f:77:3a:49:42:b5:f6:6a:2f:e4:
                    57:58:3e:db:bc:f3:4c:72:a5:1e:ea:10:ba:8c:d3:
                    c8:bd:f9:0b:d0:81:16:6b:e6:a5:3b:f0:47:6c:ee:
                    42:6a:2c:87:f3:cf:cb:29:e4:df:aa:c6:8e:eb:37:
                    f7:a4:d7:ba:eb:b0:83:bc:fc:68:50:50:83:bc:bb:
                    68:2c:82:21:36:7b:26:8a:11:26:60:c2:fb:43:75:
                    4c:8f:0c:67:fe:5e:cb:8d:11:ef:26:f3:bf:bb:dd:
                    96:b1:0d:0f:6f:c2:ae:50:2f:46:3e:a6:47:34:06:
                    53:ca:bf:a1:65:f4:c2:f8:70:dc:5b:29:a2:87:ef:
                    fa:65:4d:41:d4:55:53:5e:ae:97:b4:11:3e:bd:b5:
                    96:55:f5:f1:ca:e9:9b:bd:b9:eb:15:49:48:8f:3b:
                    01:5d:b7:19:cf:51:f9:2e:a3:54:87:ea:a5:ad:84:
                    bd:e2:80:41:82:6f:b1:4a:9a:e9:05:a1:d8:72:b3:
                    84:4d:9f:7f:48:a2:67:c1:de:4e:47:fe:07:b7:b1:
                    0c:69:0b:80:87:b2:5d:94:43:28:7e:83:20:68:a1:
                    a0:28:b6:bb:2b:72:64:b3:86:ae:66:91:b0:14:4c:
                    0d:f7:92:dc:c4:87:d8:57:cf:b7:e4:05:3d:b0:c6:
                    f9:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:40:60:FB:47:D5:1F:6A:89:FC:CD:24:7D:48:0F:85:79:B2:6C:79
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2BE2849CB74D11ED845622ECF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:b2:10:c4:50:3c:ae:8d:25:f5:35:70:13:0b:8c:c5:cf:07:
         0c:33:c3:aa:2b:01:44:47:3d:e9:0a:15:a9:3a:6f:81:02:e2:
         28:c7:8f:a5:aa:da:08:80:b3:01:ce:e7:4d:47:27:1a:93:59:
         69:d0:06:5b:8c:e6:a2:74:69:6a:dd:d6:fc:44:c9:66:41:97:
         58:fe:df:47:85:bc:32:c9:4e:cb:94:3c:29:79:db:5c:0b:95:
         93:d9:ad:c9:80:d5:4a:cb:d2:5c:79:52:53:3d:cc:20:c8:94:
         91:32:ba:80:6e:b7:ec:e0:15:ff:32:6c:c5:e1:40:79:93:1f:
         79:7c:fc:3b:1a:cd:d3:f6:17:e4:52:10:cc:d5:59:fe:6d:67:
         8c:3e:f7:67:49:5c:fe:84:60:2b:8a:1e:a4:af:29:b8:0e:66:
         25:21:07:51:dc:3c:d6:a4:af:3f:92:05:a5:ab:b2:3d:e4:d2:
         89:48:e5:a5:4d:2b:20:d7:bd:f7:f1:dc:d5:f2:69:09:f3:cb:
         02:11:f5:c0:c8:7a:96:f0:08:93:28:b3:b1:67:38:51:72:3b:
         03:64:15:67:a1:37:56:92:4e:c8:54:e2:2a:15:89:23:33:dc:
         ff:36:7f:f0:aa:b7:2d:3e:ce:be:80:d4:4e:52:c2:8b:d8:b4:
         2d:7c:14:a4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDIYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjgwOTQ5MTZaFw0yNTAyMjgwOTQ5MTZaMBgxFjAU
BgNVBAMMDTYzZmRjZTFmLWI0YmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDnmkHhf3c6SUK19mov5FdYPtu880xypR7qELqM08i9+QvQgRZr5qU78Eds
7kJqLIfzz8sp5N+qxo7rN/ek17rrsIO8/GhQUIO8u2gsgiE2eyaKESZgwvtDdUyP
DGf+XsuNEe8m87+73ZaxDQ9vwq5QL0Y+pkc0BlPKv6Fl9ML4cNxbKaKH7/plTUHU
VVNerpe0ET69tZZV9fHK6Zu9uesVSUiPOwFdtxnPUfkuo1SH6qWthL3igEGCb7FK
mukFodhys4RNn39IomfB3k5H/ge3sQxpC4CHsl2UQyh+gyBooaAotrsrcmSzhq5m
kbAUTA33ktzEh9hXz7fkBT2wxvn1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPkBg
+0fVH2qJ/M0kfUgPhXmybHkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzJCRTI4NDlDQjc0RDExRUQ4NDU2MjJFQ0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMEwDQYJKoZIhvcNAQEL
BQADggEBAJOyEMRQPK6NJfU1cBMLjMXPBwwzw6orAURHPekKFak6b4EC4ijHj6Wq
2giAswHO501HJxqTWWnQBluM5qJ0aWrd1vxEyWZBl1j+30eFvDLJTsuUPCl521wL
lZPZrcmA1UrL0lx5UlM9zCDIlJEyuoBut+zgFf8ybMXhQHmTH3l8/DsazdP2F+RS
EMzVWf5tZ4w+92dJXP6EYCuKHqSvKbgOZiUhB1HcPNakrz+SBaWrsj3k0olI5aVN
KyDXvffx3NXyaQnzywIR9cDIepbwCJMos7FnOFFyOwNkFWehN1aSTshU4ioViSMz
3P82f/Cqty0+zr6A1E5SwovYtC18FKQ=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:04 2024 by rpki-client on console-ams.rpki-client.org