Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/58D32390552211EDA1D13C8AF1222468.roa
File:                     58D32390552211EDA1D13C8AF1222468.roa (raw, json)
Hash identifier:          ksaECUPRlAo/1qh7E8JrEPtr7up6tgtTSVAsfd2E1PI=
Subject key identifier:   49:C0:70:60:FE:FE:76:1C:CB:7A:FB:9A:65:B2:80:C6:D6:22:2F:69
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A74
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/58D32390552211EDA1D13C8AF1222468.roa
Signing time:             Wed 26 Oct 2022 11:35:53 +0000
ROA not before:           Wed 26 Oct 2022 11:35:49 +0000
ROA not after:            Sun 27 Oct 2024 11:35:49 +0000
asID:                     36352
IP address blocks:        154.16.118.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2676 (0xa74)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 26 11:35:49 2022 GMT
            Not After : Oct 27 11:35:49 2024 GMT
        Subject: CN=63591b98-266d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:f1:68:d5:20:a2:65:f8:6a:4c:a2:fa:45:e2:
                    38:8e:a5:a3:65:87:5d:79:d9:07:4e:5d:4e:71:32:
                    9d:60:41:34:01:24:7b:4f:69:0c:8d:02:56:11:93:
                    fb:d9:c4:90:16:d9:4a:82:90:6a:b1:c2:85:ad:4c:
                    5b:27:6b:1b:cc:6a:af:cc:bb:19:da:cb:6b:1d:64:
                    a4:32:79:95:43:47:c6:a7:25:4f:a9:ed:06:92:f0:
                    ba:88:06:19:31:c5:8d:0a:34:61:97:cd:34:fa:aa:
                    a7:83:60:10:78:da:55:2e:58:67:fd:1d:57:27:ef:
                    15:43:37:4b:03:c0:fc:ab:0a:14:5d:94:ec:02:ce:
                    07:e6:24:0c:a1:82:69:b4:c8:ae:bf:76:94:93:79:
                    ac:a8:d8:1d:05:46:d8:cc:c0:66:ef:be:d2:24:94:
                    14:5b:17:6e:a3:2c:0a:f6:02:48:93:fa:a0:94:39:
                    2c:94:5d:6c:d4:56:74:8a:01:5c:2d:4e:8a:54:5a:
                    60:b1:c2:80:7f:18:a2:6d:f3:60:5e:26:ce:bd:d0:
                    09:ca:51:ed:ac:89:e8:6c:4e:bc:4a:a5:1b:0c:8a:
                    ac:7e:18:95:d6:42:ed:ca:c6:45:bf:6f:42:71:0c:
                    f4:cf:c9:36:36:9c:63:89:7f:0f:ff:21:aa:45:84:
                    35:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:C0:70:60:FE:FE:76:1C:CB:7A:FB:9A:65:B2:80:C6:D6:22:2F:69
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/58D32390552211EDA1D13C8AF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:14:80:3d:51:3c:b4:df:e4:c6:71:ad:08:bb:25:28:c7:43:
         20:04:76:73:17:a5:3b:7e:70:d7:70:8b:ba:dd:c1:ba:64:65:
         8c:c1:ce:6a:6f:7c:ae:c3:fd:a3:59:b4:0e:55:e9:d1:42:66:
         09:ce:fe:0d:b7:a7:3a:7e:ad:20:2a:27:00:46:be:7a:b4:7f:
         ca:1c:6b:09:87:87:fc:41:8c:44:a4:d4:20:6f:43:f3:f3:27:
         c2:60:7f:ee:3f:08:63:24:24:1b:d1:ae:75:e6:54:05:ef:ed:
         8e:c7:26:37:91:e3:48:35:5e:a1:52:ef:eb:d1:6f:cb:74:c8:
         f4:25:e0:5e:ee:4a:7c:90:ba:88:56:4a:51:6b:b5:e9:ac:b9:
         ff:5a:9f:40:4b:da:38:81:f5:a5:6d:e0:3f:ef:96:6c:0e:95:
         69:64:b0:1c:8d:83:a1:46:cf:4a:6b:7c:c8:d1:4d:ce:16:6b:
         04:5e:c1:de:ac:46:6c:a3:c5:23:ad:14:37:d4:ef:ad:07:9e:
         a2:8d:50:ab:41:eb:e1:06:00:58:36:f1:ed:cc:bb:07:41:5d:
         30:22:0b:8a:6e:68:71:f8:85:4f:1b:9f:cf:ce:28:b0:e4:8b:
         cf:ee:cc:71:3b:28:e2:aa:11:9c:64:2f:02:73:64:3a:6f:91:
         1b:4f:c2:75
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCnQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMjYxMTM1NDlaFw0yNDEwMjcxMTM1NDlaMBgxFjAU
BgNVBAMMDTYzNTkxYjk4LTI2NmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDy8WjVIKJl+GpMovpF4jiOpaNlh1152QdOXU5xMp1gQTQBJHtPaQyNAlYR
k/vZxJAW2UqCkGqxwoWtTFsnaxvMaq/Muxnay2sdZKQyeZVDR8anJU+p7QaS8LqI
BhkxxY0KNGGXzTT6qqeDYBB42lUuWGf9HVcn7xVDN0sDwPyrChRdlOwCzgfmJAyh
gmm0yK6/dpSTeayo2B0FRtjMwGbvvtIklBRbF26jLAr2AkiT+qCUOSyUXWzUVnSK
AVwtTopUWmCxwoB/GKJt82BeJs690AnKUe2siehsTrxKpRsMiqx+GJXWQu3KxkW/
b0JxDPTPyTY2nGOJfw//IapFhDUhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUScBw
YP7+dhzLevuaZbKAxtYiL2kwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU4RDMyMzkwNTUyMjExRURBMUQxM0M4QUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHYwDQYJKoZIhvcNAQEL
BQADggEBAJoUgD1RPLTf5MZxrQi7JSjHQyAEdnMXpTt+cNdwi7rdwbpkZYzBzmpv
fK7D/aNZtA5V6dFCZgnO/g23pzp+rSAqJwBGvnq0f8ocawmHh/xBjESk1CBvQ/Pz
J8Jgf+4/CGMkJBvRrnXmVAXv7Y7HJjeR40g1XqFS7+vRb8t0yPQl4F7uSnyQuohW
SlFrtemsuf9an0BL2jiB9aVt4D/vlmwOlWlksByNg6FGz0prfMjRTc4WawRewd6s
RmyjxSOtFDfU760HnqKNUKtB6+EGAFg28e3MuwdBXTAiC4puaHH4hU8bn8/OKLDk
i8/uzHE7KOKqEZxkLwJzZDpvkRtPwnU=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:52:03 2024 by rpki-client on console-fra.rpki-client.org