Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5860DEBC8AA511EDA02E14B0F1222468.roa
File:                     5860DEBC8AA511EDA02E14B0F1222468.roa (raw, json)
Hash identifier:          nUpiFxtxizN7ahfZs6pbSZV4tJ2uj5weo1pc5OVWQbA=
Subject key identifier:   88:23:12:BD:C6:4D:B2:AB:02:4D:B9:EE:F9:D1:8F:63:2E:85:9A:98
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0B2E
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5860DEBC8AA511EDA02E14B0F1222468.roa
Signing time:             Mon 02 Jan 2023 13:57:08 +0000
ROA not before:           Mon 02 Jan 2023 13:57:04 +0000
ROA not after:            Thu 02 Jan 2025 13:57:04 +0000
asID:                     400040
IP address blocks:        154.16.37.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 17 Mar 2023 00:03:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2862 (0xb2e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jan  2 13:57:04 2023 GMT
            Not After : Jan  2 13:57:04 2025 GMT
        Subject: CN=63b2e2b3-009c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d8:e4:20:03:a4:bd:16:a5:cd:79:39:25:a2:
                    7c:48:25:8c:2d:d3:b0:0c:04:ba:b2:ee:f5:e7:82:
                    63:84:6b:de:ba:43:ea:bc:a8:05:73:0b:aa:5b:22:
                    a6:51:3c:db:8c:e9:2b:16:b7:3a:fd:cd:3e:9a:7a:
                    f4:7a:99:5a:2c:56:02:c8:b6:17:b3:58:34:d6:71:
                    69:26:33:0a:80:e5:fe:be:27:9e:a1:82:0c:fe:f6:
                    dd:4c:79:d3:89:1a:93:d3:4f:da:70:e7:9c:0e:0e:
                    d3:28:4a:dc:89:d3:45:a1:7e:62:e3:09:01:bf:0a:
                    6f:8a:d5:46:3a:e1:74:18:83:9e:e0:00:78:97:05:
                    29:83:1b:19:17:f7:58:70:d2:9b:98:fb:8c:fa:c2:
                    d2:a3:1f:d7:db:a3:4e:03:93:21:95:3c:84:cd:4b:
                    63:81:d9:af:8d:5d:aa:07:e8:c0:be:db:7e:90:0e:
                    9f:69:4f:c8:45:e4:c4:b4:a1:51:0e:df:3e:75:c8:
                    78:29:fa:ef:b8:7d:f8:97:77:c9:e7:06:72:e9:6b:
                    71:7a:1a:85:05:6c:5c:a8:6e:3e:f3:5e:41:8a:b6:
                    69:60:bc:0e:d4:72:34:ed:eb:48:0e:f2:4d:0a:db:
                    f5:4c:73:06:9c:5e:65:a8:87:23:3c:82:29:0d:30:
                    62:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                88:23:12:BD:C6:4D:B2:AB:02:4D:B9:EE:F9:D1:8F:63:2E:85:9A:98
            X509v3 Authority Key Identifier: 
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5860DEBC8AA511EDA02E14B0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:59:e2:79:40:ce:28:17:5c:72:ce:c0:17:ff:1c:0f:cc:91:
         76:8b:cc:06:28:9e:61:a8:42:13:5a:96:cb:01:c4:23:0b:3b:
         8c:1b:09:3d:c7:7e:5e:50:a6:0c:f6:3b:72:de:aa:23:a6:91:
         ff:a4:b9:12:c0:49:d3:16:7f:46:f7:12:c2:70:49:48:00:3a:
         e6:5b:49:c2:e5:a6:1e:59:4a:f5:51:01:2b:c3:64:c7:1e:97:
         71:14:aa:b6:ff:b5:38:34:4e:87:2e:e8:24:62:46:d5:12:06:
         1c:67:01:36:b0:40:4c:e5:c0:23:c8:06:55:5f:e2:3a:81:18:
         26:ea:b2:1e:0a:e7:cb:28:c5:70:33:03:01:ed:db:64:67:32:
         1d:66:a8:83:51:3a:58:4b:bc:81:1c:b1:76:7c:2a:02:21:d6:
         cb:e1:99:bd:d5:e9:f6:ba:ea:af:7b:01:0e:f9:94:89:f6:6f:
         10:e4:43:35:7f:bd:55:ed:59:5b:e6:a6:b3:a0:92:9a:a7:ba:
         73:37:19:c0:1a:85:98:33:22:c0:8e:4f:98:59:e7:13:95:fe:
         c0:d6:60:cd:34:ac:f5:12:c8:fe:53:ff:a1:f1:3f:6f:15:be:
         f3:7d:61:c8:e4:b6:17:3d:7c:d2:53:65:38:44:b7:15:7e:f2:
         56:23:7b:f1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCy4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAxMDIxMzU3MDRaFw0yNTAxMDIxMzU3MDRaMBgxFjAU
BgNVBAMMDTYzYjJlMmIzLTAwOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCz2OQgA6S9FqXNeTklonxIJYwt07AMBLqy7vXngmOEa966Q+q8qAVzC6pb
IqZRPNuM6SsWtzr9zT6aevR6mVosVgLIthezWDTWcWkmMwqA5f6+J56hggz+9t1M
edOJGpPTT9pw55wODtMoStyJ00WhfmLjCQG/Cm+K1UY64XQYg57gAHiXBSmDGxkX
91hw0puY+4z6wtKjH9fbo04DkyGVPITNS2OB2a+NXaoH6MC+236QDp9pT8hF5MS0
oVEO3z51yHgp+u+4ffiXd8nnBnLpa3F6GoUFbFyobj7zXkGKtmlgvA7UcjTt60gO
8k0K2/VMcwacXmWohyM8gikNMGJlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUiCMS
vcZNsqsCTbnu+dGPYy6FmpgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU4NjBERUJDOEFBNTExRURBMDJFMTRCMEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECUwDQYJKoZIhvcNAQEL
BQADggEBAGdZ4nlAzigXXHLOwBf/HA/MkXaLzAYonmGoQhNalssBxCMLO4wbCT3H
fl5Qpgz2O3LeqiOmkf+kuRLASdMWf0b3EsJwSUgAOuZbScLlph5ZSvVRASvDZMce
l3EUqrb/tTg0Tocu6CRiRtUSBhxnATawQEzlwCPIBlVf4jqBGCbqsh4K58soxXAz
AwHt22RnMh1mqINROlhLvIEcsXZ8KgIh1svhmb3V6fa66q97AQ75lIn2bxDkQzV/
vVXtWVvmprOgkpqnunM3GcAahZgzIsCOT5hZ5xOV/sDWYM00rPUSyP5T/6HxP28V
vvN9Ycjkthc9fNJTZThEtxV+8lYje/E=
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:52:59 2023 by rpki-client on console-fra.rpki-client.org