Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2ED859B6552211ED9254D189F1222468.roa
File:                     2ED859B6552211ED9254D189F1222468.roa (raw, json)
Hash identifier:          AjmZPt1/3n9pXAQjNn9f6BrsKlBjPYbcV0+ZX0h9uIM=
Subject key identifier:   10:E0:DF:FD:71:44:91:B6:70:E9:E9:8A:B2:44:DC:EA:9A:36:7B:5E
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A6E
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2ED859B6552211ED9254D189F1222468.roa
Signing time:             Wed 26 Oct 2022 11:34:42 +0000
ROA not before:           Wed 26 Oct 2022 11:34:39 +0000
ROA not after:            Sun 27 Oct 2024 11:34:39 +0000
asID:                     36352
IP address blocks:        154.16.115.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 18 Jul 2024 07:24:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2670 (0xa6e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 26 11:34:39 2022 GMT
            Not After : Oct 27 11:34:39 2024 GMT
        Subject: CN=63591b52-43ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:6a:ae:81:15:89:1c:38:0c:e6:23:1b:39:d0:
                    9e:3b:da:84:8c:05:c5:e3:d5:da:95:c8:df:5f:08:
                    aa:7c:a8:46:63:56:ac:81:75:a7:2d:4a:03:e1:b0:
                    58:6e:fe:1b:e8:c4:38:f3:94:82:b7:63:e8:13:f8:
                    9e:69:b9:85:5b:2f:7e:d4:22:b6:f0:34:62:11:d7:
                    5a:b3:c8:f8:30:69:c7:4e:26:97:dc:d8:be:fc:2a:
                    03:5e:81:c7:47:81:fe:21:5b:a1:cb:fe:f3:3a:95:
                    d2:1d:55:54:29:d9:56:b0:f2:b2:00:d5:d1:a7:06:
                    1f:b1:d0:dd:d1:77:d3:19:08:29:c5:00:67:eb:4e:
                    e0:85:5f:6b:a1:43:f7:4f:83:19:2c:12:3f:85:0a:
                    81:34:16:a8:0f:44:83:50:a4:ce:15:d8:7e:10:e1:
                    21:3b:df:32:67:f9:62:9e:9e:1d:f8:fb:53:52:d4:
                    88:c4:87:77:02:f8:9b:ea:62:ac:bc:98:07:42:2c:
                    74:ca:ee:c1:91:12:2f:02:c0:58:90:17:f3:b5:ba:
                    f5:56:c2:e6:69:1d:ef:f7:6f:a9:18:df:cf:93:ff:
                    68:68:63:ed:90:c6:cb:55:14:46:c7:cd:91:fc:9b:
                    f0:ad:2a:2c:e2:90:64:4a:b6:a0:d5:96:0c:d3:45:
                    d1:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:E0:DF:FD:71:44:91:B6:70:E9:E9:8A:B2:44:DC:EA:9A:36:7B:5E
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2ED859B6552211ED9254D189F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:92:b4:48:46:b8:76:1b:a8:da:ca:80:cb:05:57:2c:c1:cd:
         33:6d:37:26:c8:44:43:a0:0a:b4:b7:c6:a5:14:d5:a0:79:81:
         07:c5:2b:1d:27:d7:c7:52:54:65:80:a0:77:0d:cc:88:03:d2:
         50:58:4a:3f:10:01:aa:b9:7e:53:4f:aa:fa:8a:2f:57:82:4c:
         87:ff:28:de:47:7f:34:51:4f:c8:5f:2e:f3:0b:d8:64:5a:2e:
         e0:47:d9:67:ca:30:33:6f:82:89:79:df:b0:ac:23:47:b7:32:
         a0:ca:80:7c:eb:86:79:73:d4:f9:b0:31:3d:46:19:0c:d0:4e:
         a4:56:70:5b:6a:aa:d9:10:98:e0:d4:72:58:ba:33:67:87:db:
         b0:37:38:57:89:78:46:c1:14:77:5c:a1:92:ef:71:ca:00:ce:
         d3:f0:4a:69:af:b8:b7:51:a2:62:db:45:e1:6e:9f:79:58:f1:
         2c:67:24:04:16:e6:91:f1:bf:9a:9b:3e:37:75:bd:cb:8a:09:
         21:42:1d:e5:86:22:f9:cb:b8:72:71:2b:be:0d:5d:d9:43:b5:
         32:f0:ca:17:1d:cf:4a:7c:7f:be:52:cb:25:17:71:6e:95:5f:
         bf:f3:f5:45:d7:80:10:d1:8c:f8:0c:d9:40:cf:d5:74:9c:fe:
         70:70:de:f5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCm4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMjYxMTM0MzlaFw0yNDEwMjcxMTM0MzlaMBgxFjAU
BgNVBAMMDTYzNTkxYjUyLTQzZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDxaq6BFYkcOAzmIxs50J472oSMBcXj1dqVyN9fCKp8qEZjVqyBdactSgPh
sFhu/hvoxDjzlIK3Y+gT+J5puYVbL37UIrbwNGIR11qzyPgwacdOJpfc2L78KgNe
gcdHgf4hW6HL/vM6ldIdVVQp2Vaw8rIA1dGnBh+x0N3Rd9MZCCnFAGfrTuCFX2uh
Q/dPgxksEj+FCoE0FqgPRINQpM4V2H4Q4SE73zJn+WKenh34+1NS1IjEh3cC+Jvq
Yqy8mAdCLHTK7sGREi8CwFiQF/O1uvVWwuZpHe/3b6kY38+T/2hoY+2QxstVFEbH
zZH8m/CtKizikGRKtqDVlgzTRdFZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUEODf
/XFEkbZw6emKskTc6po2e14wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzJFRDg1OUI2NTUyMjExRUQ5MjU0RDE4OUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHMwDQYJKoZIhvcNAQEL
BQADggEBACWStEhGuHYbqNrKgMsFVyzBzTNtNybIREOgCrS3xqUU1aB5gQfFKx0n
18dSVGWAoHcNzIgD0lBYSj8QAaq5flNPqvqKL1eCTIf/KN5HfzRRT8hfLvML2GRa
LuBH2WfKMDNvgol537CsI0e3MqDKgHzrhnlz1PmwMT1GGQzQTqRWcFtqqtkQmODU
cli6M2eH27A3OFeJeEbBFHdcoZLvccoAztPwSmmvuLdRomLbReFun3lY8SxnJAQW
5pHxv5qbPjd1vcuKCSFCHeWGIvnLuHJxK74NXdlDtTLwyhcdz0p8f75SyyUXcW6V
X7/z9UXXgBDRjPgM2UDP1XSc/nBw3vU=
-----END CERTIFICATE-----
Generated at Tue Jul 16 11:33:45 2024 by rpki-client on console-ams.rpki-client.org