Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/672EC43C552011ED9F33A885F1222468.roa
File:                     672EC43C552011ED9F33A885F1222468.roa (raw, json)
Hash identifier:          0UnIh629JAO41XS18ogOr06rgdpMF0MFjT3vA9iHqWY=
Subject key identifier:   0F:DB:97:3C:24:8A:54:4F:81:43:4B:66:F1:BF:EB:37:1E:9D:98:BA
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A58
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/672EC43C552011ED9F33A885F1222468.roa
Signing time:             Wed 26 Oct 2022 11:21:58 +0000
ROA not before:           Wed 26 Oct 2022 11:21:54 +0000
ROA not after:            Sun 27 Oct 2024 11:21:54 +0000
asID:                     212238
IP address blocks:        154.16.97.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2648 (0xa58)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 26 11:21:54 2022 GMT
            Not After : Oct 27 11:21:54 2024 GMT
        Subject: CN=63591856-200d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:4a:cc:60:fc:8b:93:a8:84:93:7b:5c:a3:1c:
                    36:24:3b:42:69:1a:dc:2d:4c:14:05:cb:93:da:00:
                    b1:a9:63:ac:a3:a6:c2:a4:f6:98:3e:b7:0c:f9:82:
                    9e:a6:a3:99:0e:d2:2a:71:48:6a:af:bd:5c:83:2e:
                    b1:48:7f:24:64:37:c7:c0:12:41:b7:28:e0:8d:95:
                    72:b6:5c:b7:42:0c:fa:70:8b:80:d4:67:3f:20:19:
                    48:5c:6a:c0:1b:8e:5a:b6:c3:d7:4f:d8:86:1a:a3:
                    01:4f:ad:98:c9:b0:48:88:67:a1:55:ad:68:ab:04:
                    61:32:9f:b5:17:3f:ef:e2:8b:0a:07:7f:5b:be:a2:
                    7d:48:54:8a:a3:32:7a:62:b6:0a:b2:7e:ca:e9:37:
                    3c:ab:ee:a7:44:fc:91:48:5c:56:9b:a7:89:a5:ac:
                    1d:b6:14:4f:27:d9:7b:f9:bf:d9:d4:43:7b:43:f8:
                    8a:8f:fc:49:10:fd:97:69:27:1b:f4:8a:e5:5c:23:
                    77:52:bb:16:3e:67:18:8b:cd:77:d3:36:e7:3b:5d:
                    89:4a:4a:c3:01:25:c3:4d:16:72:a3:3b:4e:1d:70:
                    14:9a:a0:b4:69:d3:9a:3e:9b:74:60:94:a2:31:7c:
                    71:0c:c0:d4:6e:b7:e3:fd:b2:79:01:fd:b9:64:33:
                    e5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:DB:97:3C:24:8A:54:4F:81:43:4B:66:F1:BF:EB:37:1E:9D:98:BA
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/672EC43C552011ED9F33A885F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:20:fb:58:9c:56:cf:ea:49:9a:e0:ef:11:ae:d2:9c:eb:3d:
         e7:37:64:54:9a:85:8f:d0:29:4c:31:72:61:4b:c7:3a:b5:24:
         41:e5:c4:12:a0:4a:61:b0:71:f8:b6:35:a7:37:1c:26:9d:31:
         48:d2:ec:81:ae:bf:57:44:61:b9:5e:d9:a0:5f:69:8b:f3:eb:
         9e:9c:78:b1:aa:ad:e9:f8:33:9c:35:fb:2a:43:60:71:09:58:
         82:ad:fb:ee:7d:3a:85:67:3f:15:c5:f0:e3:a4:7e:64:f7:97:
         8e:87:ca:27:3b:ef:ac:cd:ff:31:ed:e0:be:21:eb:d9:49:be:
         af:40:bb:68:76:8e:b0:fd:7a:8f:c3:13:83:b7:b9:1a:5d:2e:
         98:40:ca:02:39:d4:6a:61:f1:c6:70:fd:e3:30:b1:3b:b6:35:
         44:82:35:25:73:64:a1:9a:cc:1d:99:cb:a3:11:ee:01:b7:d0:
         52:52:f0:82:37:a6:18:08:02:fe:b8:3d:45:78:50:ab:9c:b5:
         d4:05:bd:ed:61:c7:33:7d:34:ae:c8:64:c4:5c:c3:6d:0c:2b:
         58:50:9f:6e:c0:2a:cc:08:a0:ae:b9:b1:42:d5:0a:3e:a2:b0:
         ae:79:c6:91:72:27:0b:44:20:a2:5f:15:b1:8c:3f:19:a6:b5:
         cf:9a:85:9b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICClgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMjYxMTIxNTRaFw0yNDEwMjcxMTIxNTRaMBgxFjAU
BgNVBAMMDTYzNTkxODU2LTIwMGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpSsxg/IuTqISTe1yjHDYkO0JpGtwtTBQFy5PaALGpY6yjpsKk9pg+twz5
gp6mo5kO0ipxSGqvvVyDLrFIfyRkN8fAEkG3KOCNlXK2XLdCDPpwi4DUZz8gGUhc
asAbjlq2w9dP2IYaowFPrZjJsEiIZ6FVrWirBGEyn7UXP+/iiwoHf1u+on1IVIqj
MnpitgqyfsrpNzyr7qdE/JFIXFabp4mlrB22FE8n2Xv5v9nUQ3tD+IqP/EkQ/Zdp
Jxv0iuVcI3dSuxY+ZxiLzXfTNuc7XYlKSsMBJcNNFnKjO04dcBSaoLRp05o+m3Rg
lKIxfHEMwNRut+P9snkB/blkM+XPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUD9uX
PCSKVE+BQ0tm8b/rNx6dmLowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzY3MkVDNDNDNTUyMDExRUQ5RjMzQTg4NUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGEwDQYJKoZIhvcNAQEL
BQADggEBAA0g+1icVs/qSZrg7xGu0pzrPec3ZFSahY/QKUwxcmFLxzq1JEHlxBKg
SmGwcfi2Nac3HCadMUjS7IGuv1dEYble2aBfaYvz656ceLGqren4M5w1+ypDYHEJ
WIKt++59OoVnPxXF8OOkfmT3l46Hyic776zN/zHt4L4h69lJvq9Au2h2jrD9eo/D
E4O3uRpdLphAygI51Gph8cZw/eMwsTu2NUSCNSVzZKGazB2Zy6MR7gG30FJS8II3
phgIAv64PUV4UKuctdQFve1hxzN9NK7IZMRcw20MK1hQn27AKswIoK65sULVCj6i
sK55xpFyJwtEIKJfFbGMPxmmtc+ahZs=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:17:40 2024 by rpki-client on console-ams.rpki-client.org