Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2F987A329D6811ED9F91DABBF1222468.roa
File:                     2F987A329D6811ED9F91DABBF1222468.roa (raw, json)
Hash identifier:          ZZJNN/4jqVu0J5lufVgENYO/RUD6j86usfnCq6FEhBw=
Subject key identifier:   66:8D:40:BA:75:73:BB:D7:A5:06:E6:02:17:BC:0B:44:E5:1C:00:B0
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0B94
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2F987A329D6811ED9F91DABBF1222468.roa
Signing time:             Thu 26 Jan 2023 10:57:12 +0000
ROA not before:           Thu 26 Jan 2023 10:57:08 +0000
ROA not after:            Sun 26 Jan 2025 10:57:08 +0000
asID:                     46562
IP address blocks:        154.16.162.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2964 (0xb94)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jan 26 10:57:08 2023 GMT
            Not After : Jan 26 10:57:08 2025 GMT
        Subject: CN=63d25c88-74ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1f:b1:d5:17:94:04:ce:4b:2f:84:45:ad:d0:
                    fb:b8:d0:33:30:77:dd:5b:3d:85:12:87:99:61:1b:
                    24:cb:7d:ae:f4:28:91:25:ad:5e:b9:80:a0:8e:80:
                    a9:60:f1:d4:00:0c:4b:59:03:38:0a:66:1e:34:69:
                    6d:0e:52:35:c8:cf:15:66:05:ee:ff:60:36:e3:69:
                    b7:31:0f:23:4b:35:9e:74:ca:9d:e8:d9:25:9d:32:
                    4c:1e:2e:52:bc:9e:6e:cc:e8:5a:2c:59:26:85:3f:
                    cb:cf:f2:c9:2a:b1:f9:f1:fe:44:b4:77:70:f4:ac:
                    e3:fc:57:9b:4c:62:33:cd:27:ca:57:bf:97:b5:13:
                    fb:4d:1a:d0:db:4a:24:2e:c8:98:f9:35:a3:a4:e3:
                    b7:90:0c:78:75:d3:fb:be:45:9e:af:b7:d2:a9:35:
                    c0:dd:e9:74:b5:d3:35:ae:a0:90:54:a0:36:b3:d5:
                    0a:45:7e:c6:69:40:db:c3:95:5f:39:d0:c7:88:fd:
                    ee:a4:92:54:64:4d:c9:c3:18:b0:26:36:b2:85:67:
                    38:05:c3:52:83:da:8c:fe:a9:44:ca:a5:99:a9:bd:
                    c7:04:48:78:12:a8:d1:1c:70:db:4c:4f:c2:f0:04:
                    ac:50:8e:ec:b3:49:3a:d4:df:6b:34:3a:77:07:3d:
                    40:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:8D:40:BA:75:73:BB:D7:A5:06:E6:02:17:BC:0B:44:E5:1C:00:B0
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2F987A329D6811ED9F91DABBF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:84:a5:92:8c:ee:23:63:b3:11:b3:e7:ec:74:3b:53:db:82:
         cf:04:c3:09:40:25:07:80:a2:97:e4:cb:01:6b:9c:4c:73:23:
         a8:b1:25:a6:9b:a4:91:fb:10:fe:a6:b9:de:73:1e:4d:bc:f3:
         00:b8:d3:14:86:03:e0:e5:90:d6:18:9b:8b:1d:3a:ab:f4:a1:
         dc:95:48:f0:52:f9:b5:75:f7:15:fa:25:26:7e:94:e8:b5:b0:
         a7:6b:a0:ca:64:a4:ce:e2:b9:41:e2:f4:70:ec:0c:b8:c4:7c:
         18:7a:73:4f:51:ec:44:a0:aa:28:e6:5e:0a:88:bd:26:82:b1:
         2c:c7:a4:18:1e:c7:53:5a:d8:7a:45:f7:9d:22:6b:9f:90:a9:
         1b:89:10:a4:96:54:be:8e:29:57:bb:21:20:ce:ad:a9:7e:b1:
         38:b9:ff:5a:ef:4d:e5:90:55:3e:d3:10:ec:1f:3b:ca:d2:1a:
         ad:3f:be:e8:d8:35:61:7b:9f:58:81:5d:43:f4:8d:45:ef:2a:
         5f:7d:6e:0c:84:92:fc:93:34:43:fa:26:d4:aa:7d:99:62:84:
         2f:36:39:71:a6:94:ae:ef:3c:f2:84:de:ba:c2:ef:06:04:8e:
         13:6d:1b:18:24:b4:3a:f6:3b:66:0f:13:48:20:ba:0e:2a:6f:
         b1:59:16:a1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC5QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAxMjYxMDU3MDhaFw0yNTAxMjYxMDU3MDhaMBgxFjAU
BgNVBAMMDTYzZDI1Yzg4LTc0Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8H7HVF5QEzksvhEWt0Pu40DMwd91bPYUSh5lhGyTLfa70KJElrV65gKCO
gKlg8dQADEtZAzgKZh40aW0OUjXIzxVmBe7/YDbjabcxDyNLNZ50yp3o2SWdMkwe
LlK8nm7M6FosWSaFP8vP8skqsfnx/kS0d3D0rOP8V5tMYjPNJ8pXv5e1E/tNGtDb
SiQuyJj5NaOk47eQDHh10/u+RZ6vt9KpNcDd6XS10zWuoJBUoDaz1QpFfsZpQNvD
lV850MeI/e6kklRkTcnDGLAmNrKFZzgFw1KD2oz+qUTKpZmpvccESHgSqNEccNtM
T8LwBKxQjuyzSTrU32s0OncHPUDpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZo1A
unVzu9elBuYCF7wLROUcALAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzJGOTg3QTMyOUQ2ODExRUQ5RjkxREFCQkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEKIwDQYJKoZIhvcNAQEL
BQADggEBAGmEpZKM7iNjsxGz5+x0O1Pbgs8EwwlAJQeAopfkywFrnExzI6ixJaab
pJH7EP6mud5zHk288wC40xSGA+DlkNYYm4sdOqv0odyVSPBS+bV19xX6JSZ+lOi1
sKdroMpkpM7iuUHi9HDsDLjEfBh6c09R7ESgqijmXgqIvSaCsSzHpBgex1Na2HpF
950ia5+QqRuJEKSWVL6OKVe7ISDOral+sTi5/1rvTeWQVT7TEOwfO8rSGq0/vujY
NWF7n1iBXUP0jUXvKl99bgyEkvyTNEP6JtSqfZlihC82OXGmlK7vPPKE3rrC7wYE
jhNtGxgktDr2O2YPE0ggug4qb7FZFqE=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:17:40 2024 by rpki-client on console-ams.rpki-client.org