Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/56F9816A552011EDADE18D85F1222468.roa
File:                     56F9816A552011EDADE18D85F1222468.roa (raw, json)
Hash identifier:          Bm1sUqou1Z71ekfUSYHCsj8FMQPnA+OUyiKxSex0xfU=
Subject key identifier:   8E:6A:8C:05:2C:9B:73:57:EE:F7:42:E3:25:35:25:25:DD:36:45:ED
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A56
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/56F9816A552011EDADE18D85F1222468.roa
Signing time:             Wed 26 Oct 2022 11:21:31 +0000
ROA not before:           Wed 26 Oct 2022 11:21:27 +0000
ROA not after:            Sun 27 Oct 2024 11:21:27 +0000
asID:                     212238
IP address blocks:        154.16.29.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2646 (0xa56)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 26 11:21:27 2022 GMT
            Not After : Oct 27 11:21:27 2024 GMT
        Subject: CN=6359183a-c146
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:f1:78:df:a1:a5:c0:d5:01:95:d5:09:1a:96:
                    b9:62:50:41:e8:aa:9f:a0:86:67:9a:ce:c7:29:d5:
                    d9:5f:ff:4f:81:2c:fc:ea:b2:03:bb:c3:a9:04:f5:
                    ba:91:c3:e8:ad:c8:0d:8d:e6:d4:48:3e:1c:5e:37:
                    cd:71:3e:5d:b7:1a:fe:ec:b0:5b:0c:6d:48:de:2b:
                    1a:79:4e:bb:57:7e:6a:1a:bd:82:8d:b8:56:bc:bd:
                    e8:23:14:e5:bd:b2:73:03:a0:85:8e:b3:68:6f:9b:
                    7c:dd:5f:53:40:31:2f:18:a0:a2:63:f2:5a:ac:be:
                    18:01:41:b6:39:e9:03:84:7d:d8:b0:a9:90:14:98:
                    b3:8d:75:8d:fa:ab:92:2b:6a:39:1e:b3:8c:17:8c:
                    be:e2:0e:ba:95:b4:aa:08:15:69:d3:60:e2:f3:c5:
                    66:e7:b6:3d:0f:ab:dc:70:52:fb:42:69:be:01:7d:
                    52:b5:26:fa:58:7a:6d:d8:ec:52:f9:3a:a0:2a:ff:
                    6e:da:d0:05:c8:88:a8:3b:fa:0f:1c:5c:44:a9:87:
                    50:bb:3b:80:09:ef:e6:b3:09:d5:ac:8d:dc:6a:be:
                    a0:c4:6d:98:f8:de:4b:fa:5e:6a:ce:f9:70:8a:da:
                    14:10:eb:b5:e6:b9:2a:0f:2e:e0:6d:d4:79:63:f2:
                    a0:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:6A:8C:05:2C:9B:73:57:EE:F7:42:E3:25:35:25:25:DD:36:45:ED
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/56F9816A552011EDADE18D85F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:fb:5b:b0:d3:64:68:43:c9:b0:0e:3a:75:7f:ff:31:88:51:
         ba:11:a3:d3:dd:d4:e4:ef:37:d1:99:4b:7d:14:0f:18:dc:72:
         56:c2:fc:24:8d:85:13:6a:82:5d:31:6a:68:c2:bf:2d:b8:09:
         20:68:c2:bd:71:6f:56:ca:41:84:f1:da:65:cd:af:fb:f8:ea:
         a5:22:e6:42:fb:40:12:66:59:95:bb:06:07:9a:c5:ef:a8:ed:
         fe:44:52:0f:f6:18:2c:98:ef:86:fc:50:45:8a:08:ea:a0:48:
         a9:ef:0e:01:00:19:e2:30:24:28:8a:9b:fa:eb:f6:a5:75:13:
         8e:8b:b4:b0:8d:9c:5e:2b:75:e8:f7:55:c5:2e:04:29:b4:d7:
         09:86:a3:a3:0a:45:13:09:b0:a7:81:a3:e7:5e:c5:a9:15:b0:
         fa:ef:ee:12:b4:cf:d8:79:b2:fc:51:8d:3e:9f:0f:af:e6:62:
         1c:1d:89:68:52:f4:10:5c:2c:2f:fd:7a:5d:23:c0:bf:72:0e:
         25:b4:d4:dc:71:13:b3:87:aa:6d:c2:c3:02:35:49:1a:cc:b0:
         6f:46:6a:5b:f9:40:7e:9f:7a:33:31:a1:08:c2:3d:61:17:5e:
         04:b4:42:51:3d:67:9d:ca:48:33:88:26:7b:44:ea:67:ae:90:
         96:91:33:cd
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICClYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMjYxMTIxMjdaFw0yNDEwMjcxMTIxMjdaMBgxFjAU
BgNVBAMMDTYzNTkxODNhLWMxNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD68XjfoaXA1QGV1QkalrliUEHoqp+ghmeazscp1dlf/0+BLPzqsgO7w6kE
9bqRw+ityA2N5tRIPhxeN81xPl23Gv7ssFsMbUjeKxp5TrtXfmoavYKNuFa8vegj
FOW9snMDoIWOs2hvm3zdX1NAMS8YoKJj8lqsvhgBQbY56QOEfdiwqZAUmLONdY36
q5Irajkes4wXjL7iDrqVtKoIFWnTYOLzxWbntj0Pq9xwUvtCab4BfVK1JvpYem3Y
7FL5OqAq/27a0AXIiKg7+g8cXESph1C7O4AJ7+azCdWsjdxqvqDEbZj43kv6XmrO
+XCK2hQQ67XmuSoPLuBt1Hlj8qCBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUjmqM
BSybc1fu90LjJTUlJd02Re0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU2Rjk4MTZBNTUyMDExRURBREUxOEQ4NUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEB0wDQYJKoZIhvcNAQEL
BQADggEBAMT7W7DTZGhDybAOOnV//zGIUboRo9Pd1OTvN9GZS30UDxjcclbC/CSN
hRNqgl0xamjCvy24CSBowr1xb1bKQYTx2mXNr/v46qUi5kL7QBJmWZW7Bgeaxe+o
7f5EUg/2GCyY74b8UEWKCOqgSKnvDgEAGeIwJCiKm/rr9qV1E46LtLCNnF4rdej3
VcUuBCm01wmGo6MKRRMJsKeBo+dexakVsPrv7hK0z9h5svxRjT6fD6/mYhwdiWhS
9BBcLC/9el0jwL9yDiW01NxxE7OHqm3CwwI1SRrMsG9Galv5QH6fejMxoQjCPWEX
XgS0QlE9Z53KSDOIJntE6meukJaRM80=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:05 2024 by rpki-client on console-ams.rpki-client.org