Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5922876C518711EDA2C6AF9BF1222468.roa
File:                     5922876C518711EDA2C6AF9BF1222468.roa (raw, json)
Hash identifier:          J+hgSSjZKnsEfPO8zL6NhvCPROC8X5aiZK7UHA/5SiI=
Subject key identifier:   D7:6F:47:B8:E4:39:09:C7:3E:11:06:F2:23:BC:19:65:12:E6:35:D9
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A1C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5922876C518711EDA2C6AF9BF1222468.roa
Signing time:             Fri 21 Oct 2022 21:28:48 +0000
ROA not before:           Sat 22 Oct 2022 21:28:44 +0000
ROA not after:            Tue 22 Oct 2024 21:28:44 +0000
asID:                     212238
IP address blocks:        154.16.140.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2588 (0xa1c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 22 21:28:44 2022 GMT
            Not After : Oct 22 21:28:44 2024 GMT
        Subject: CN=63530f10-99a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:62:f2:04:1a:ce:05:6b:c4:f3:62:96:b9:ea:
                    bd:42:4e:94:87:bc:43:b4:e8:c6:80:b0:e1:88:6d:
                    00:eb:8e:fb:7f:81:2f:a6:11:33:da:81:33:6b:0f:
                    64:27:5c:52:31:8a:d5:1c:fa:43:f8:5f:e1:05:50:
                    d1:d4:8b:d9:81:d7:4d:71:82:ed:6b:00:ed:c6:c3:
                    9c:d4:f2:c0:19:c8:01:c3:82:4e:7c:36:87:5a:5b:
                    bd:07:d6:74:47:89:58:d0:62:5c:ac:31:a7:94:b5:
                    f2:52:c4:b5:30:a5:10:cf:ae:6c:ea:d6:dc:c1:99:
                    c4:17:30:4c:f1:33:31:5c:44:09:fa:42:bf:67:9f:
                    60:04:31:0b:3e:e2:13:4b:f0:58:ae:98:90:d7:55:
                    19:f6:93:a2:2d:9c:35:68:1a:20:4f:be:61:b6:97:
                    dc:86:e8:14:72:61:07:c4:fb:77:c1:2d:11:42:91:
                    1c:5d:ad:fc:29:77:d4:2e:10:65:5f:40:ee:bf:d1:
                    18:ae:78:31:44:85:9e:70:a6:37:d6:90:94:62:ca:
                    cc:0c:bf:1b:72:37:b9:17:a3:d5:aa:f9:f1:f9:e2:
                    21:fc:2d:c4:4f:1a:df:e0:64:20:9e:86:6b:c3:ef:
                    4b:e4:30:a4:57:6d:52:3d:7f:bc:20:96:33:de:9b:
                    44:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:6F:47:B8:E4:39:09:C7:3E:11:06:F2:23:BC:19:65:12:E6:35:D9
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5922876C518711EDA2C6AF9BF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:98:14:a7:ef:6d:f5:35:35:88:f6:d2:1d:8b:57:da:af:20:
         81:78:4c:3b:32:a7:80:dc:fc:a8:af:0d:72:80:84:58:0d:16:
         95:c7:d9:ce:95:01:0f:92:20:1e:81:0c:55:a4:e9:e8:50:2a:
         a9:83:20:96:2f:44:6a:8a:f3:26:fb:46:50:bd:12:54:ec:f7:
         a8:09:1f:81:6a:fe:76:75:08:20:f7:67:d5:91:f5:9a:53:77:
         54:fa:30:da:cc:c4:03:7b:0d:64:b7:9f:a5:9b:82:43:17:a7:
         9a:db:84:55:49:7f:4a:7b:ab:a3:2a:24:ce:11:b5:a5:b6:66:
         4e:1e:90:c9:d5:42:f7:3b:85:09:8f:2c:cc:96:4e:70:37:10:
         7e:12:85:20:5d:1d:b2:c6:fd:b3:9b:05:62:16:c3:71:3c:6d:
         bc:5e:88:de:3a:81:35:4a:01:56:40:31:f4:69:94:ab:aa:81:
         3a:23:90:38:4f:43:ed:53:b0:f6:88:2a:20:15:af:32:4a:cd:
         33:3d:b7:56:de:b6:68:97:54:55:1f:e2:d0:65:04:cd:09:a2:
         eb:9b:44:f7:52:4f:28:2b:21:f1:eb:06:e8:9b:bc:25:f9:7c:
         a5:e2:41:6b:6c:c4:fe:a6:9e:a0:20:85:da:73:8e:da:54:e2:
         a4:2a:fd:54
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICChwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMjIyMTI4NDRaFw0yNDEwMjIyMTI4NDRaMBgxFjAU
BgNVBAMMDTYzNTMwZjEwLTk5YTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3YvIEGs4Fa8TzYpa56r1CTpSHvEO06MaAsOGIbQDrjvt/gS+mETPagTNr
D2QnXFIxitUc+kP4X+EFUNHUi9mB101xgu1rAO3Gw5zU8sAZyAHDgk58NodaW70H
1nRHiVjQYlysMaeUtfJSxLUwpRDPrmzq1tzBmcQXMEzxMzFcRAn6Qr9nn2AEMQs+
4hNL8FiumJDXVRn2k6ItnDVoGiBPvmG2l9yG6BRyYQfE+3fBLRFCkRxdrfwpd9Qu
EGVfQO6/0RiueDFEhZ5wpjfWkJRiyswMvxtyN7kXo9Wq+fH54iH8LcRPGt/gZCCe
hmvD70vkMKRXbVI9f7wgljPem0RLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU129H
uOQ5Ccc+EQbyI7wZZRLmNdkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU5MjI4NzZDNTE4NzExRURBMkM2QUY5QkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIwwDQYJKoZIhvcNAQEL
BQADggEBAI6YFKfvbfU1NYj20h2LV9qvIIF4TDsyp4Dc/KivDXKAhFgNFpXH2c6V
AQ+SIB6BDFWk6ehQKqmDIJYvRGqK8yb7RlC9ElTs96gJH4Fq/nZ1CCD3Z9WR9ZpT
d1T6MNrMxAN7DWS3n6WbgkMXp5rbhFVJf0p7q6MqJM4RtaW2Zk4ekMnVQvc7hQmP
LMyWTnA3EH4ShSBdHbLG/bObBWIWw3E8bbxeiN46gTVKAVZAMfRplKuqgTojkDhP
Q+1TsPaIKiAVrzJKzTM9t1betmiXVFUf4tBlBM0JouubRPdSTygrIfHrBuibvCX5
fKXiQWtsxP6mnqAghdpzjtpU4qQq/VQ=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:32:54 2024 by rpki-client on console-fra.rpki-client.org