Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4C328B82124A11ED9EEB1BC7F1222468.roa
File:                     4C328B82124A11ED9EEB1BC7F1222468.roa (raw, json)
Hash identifier:          JJSUMsaiqmgV6zvGlQZzxvLHQSLbIqwkAAosZsEsZjU=
Subject key identifier:   74:9D:C9:7A:38:FE:8D:C5:B4:AF:5C:41:6A:34:2E:D9:82:52:D8:88
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0919
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4C328B82124A11ED9EEB1BC7F1222468.roa
Signing time:             Tue 02 Aug 2022 10:03:03 +0000
ROA not before:           Tue 02 Aug 2022 10:03:00 +0000
ROA not after:            Fri 02 Aug 2024 10:03:00 +0000
asID:                     32181
IP address blocks:        154.16.59.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Jul 2023 00:03:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2329 (0x919)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug  2 10:03:00 2022 GMT
            Not After : Aug  2 10:03:00 2024 GMT
        Subject: CN=62e8f657-61fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:39:cb:81:e5:a3:ea:da:7d:38:ad:c5:0f:a3:
                    49:4e:ae:eb:42:60:fa:c9:88:99:97:fc:f2:39:db:
                    79:ef:ea:21:7c:38:19:4c:0e:54:29:0c:10:8e:ab:
                    e6:12:05:3a:16:cf:64:4b:da:89:de:22:ae:fc:e9:
                    5c:df:da:a2:ed:2c:e9:27:95:9c:c4:aa:bc:82:34:
                    98:b7:96:b0:78:d0:11:cd:6c:72:3f:ff:18:59:32:
                    0a:48:45:e6:e4:69:ca:82:00:04:9b:2a:39:07:95:
                    f5:f5:79:ba:9c:af:d3:a0:35:0c:5c:ea:ee:1b:20:
                    67:61:82:1b:cf:7b:bf:c5:dc:40:28:38:98:62:3d:
                    4f:83:4c:a6:6b:46:16:ac:39:1c:4a:16:7f:7d:c2:
                    5c:6b:f3:b0:1a:63:e6:2f:9a:75:b7:ac:b1:53:0a:
                    db:e8:50:ef:27:31:3d:fb:e4:0c:80:81:f2:dd:f6:
                    c6:ed:21:3b:c2:3a:72:6f:04:42:74:33:18:18:b1:
                    3b:73:1a:dc:e2:51:21:22:25:ae:82:4b:2c:ce:45:
                    d6:b3:d4:59:17:6a:a1:2b:a5:b2:ff:e7:4a:34:c2:
                    8c:fd:f7:63:57:cc:5e:8d:c7:89:c6:12:89:0d:09:
                    c6:7d:ef:09:5e:a0:99:35:9a:60:43:58:b1:40:a9:
                    9d:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:9D:C9:7A:38:FE:8D:C5:B4:AF:5C:41:6A:34:2E:D9:82:52:D8:88
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4C328B82124A11ED9EEB1BC7F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:15:35:f5:e0:f4:01:83:50:df:3d:3e:3a:6a:85:9c:d8:88:
         dc:a9:58:af:cc:40:9d:b2:b8:f1:56:58:ef:76:ea:1d:37:42:
         c6:10:07:92:3d:2b:88:1c:ec:09:b5:52:d7:bf:6a:56:f5:a9:
         b2:b3:da:79:29:b3:8f:91:07:ce:14:57:c9:d4:34:9d:24:6f:
         f3:58:f0:bb:a3:16:39:af:f8:d9:95:08:3e:e2:19:58:74:3a:
         eb:4f:aa:9a:a3:89:5e:6e:b8:fa:b6:9f:ea:14:5b:c8:43:a6:
         27:de:1a:bb:cc:17:ff:fa:77:4e:1a:bb:dc:f4:18:a9:bd:81:
         fb:ea:30:79:3f:8a:44:4c:2a:a5:67:a8:6d:24:4a:ac:bd:78:
         30:20:0a:15:04:2c:ce:94:1f:d4:f9:f2:98:10:ce:eb:31:6f:
         2b:da:0e:6b:1d:e7:ed:04:70:15:d3:cb:1e:3b:3d:14:91:6c:
         0f:97:fc:43:05:ee:7f:35:38:3a:15:35:05:c9:f9:b3:fc:c4:
         79:9c:62:75:36:7b:9d:ca:b3:f4:8a:e2:ac:0b:dd:4e:61:64:
         0f:02:1b:fe:f2:40:9d:c3:b9:cb:5c:0f:49:74:88:40:0e:bf:
         76:d2:6b:c9:ad:de:54:6f:5d:df:5e:4e:0f:63:a2:dd:2b:2b:
         e2:49:b9:d7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCRkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjA4MDIxMDAzMDBaFw0yNDA4MDIxMDAzMDBaMBgxFjAU
BgNVBAMMDTYyZThmNjU3LTYxZmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0OcuB5aPq2n04rcUPo0lOrutCYPrJiJmX/PI523nv6iF8OBlMDlQpDBCO
q+YSBToWz2RL2oneIq786Vzf2qLtLOknlZzEqryCNJi3lrB40BHNbHI//xhZMgpI
RebkacqCAASbKjkHlfX1ebqcr9OgNQxc6u4bIGdhghvPe7/F3EAoOJhiPU+DTKZr
RhasORxKFn99wlxr87AaY+YvmnW3rLFTCtvoUO8nMT375AyAgfLd9sbtITvCOnJv
BEJ0MxgYsTtzGtziUSEiJa6CSyzORdaz1FkXaqErpbL/50o0woz992NXzF6Nx4nG
EokNCcZ97wleoJk1mmBDWLFAqZ3rAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdJ3J
ejj+jcW0r1xBajQu2YJS2IgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzRDMzI4QjgyMTI0QTExRUQ5RUVCMUJDN0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDswDQYJKoZIhvcNAQEL
BQADggEBAL4VNfXg9AGDUN89PjpqhZzYiNypWK/MQJ2yuPFWWO926h03QsYQB5I9
K4gc7Am1Ute/alb1qbKz2nkps4+RB84UV8nUNJ0kb/NY8LujFjmv+NmVCD7iGVh0
OutPqpqjiV5uuPq2n+oUW8hDpifeGrvMF//6d04au9z0GKm9gfvqMHk/ikRMKqVn
qG0kSqy9eDAgChUELM6UH9T58pgQzusxbyvaDmsd5+0EcBXTyx47PRSRbA+X/EMF
7n81ODoVNQXJ+bP8xHmcYnU2e53Ks/SK4qwL3U5hZA8CG/7yQJ3DuctcD0l0iEAO
v3bSa8mt3lRvXd9eTg9jot0rK+JJudc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:34:09 2023 by rpki-client on console-ams.rpki-client.org