Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7DE99DD0552211EDA75F838AF1222468.roa
File:                     7DE99DD0552211EDA75F838AF1222468.roa (raw, json)
Hash identifier:          D+CKxmCGKIRvO/U10foLL9jaxBrLJt4MHYDSO+phWz0=
Subject key identifier:   F3:5D:0B:5A:79:B5:91:B9:58:DC:4E:4A:FE:25:04:1B:8F:12:1B:38
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A76
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7DE99DD0552211EDA75F838AF1222468.roa
Signing time:             Wed 26 Oct 2022 11:36:55 +0000
ROA not before:           Wed 26 Oct 2022 11:36:51 +0000
ROA not after:            Sun 27 Oct 2024 11:36:51 +0000
asID:                     36352
IP address blocks:        154.16.119.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2678 (0xa76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 26 11:36:51 2022 GMT
            Not After : Oct 27 11:36:51 2024 GMT
        Subject: CN=63591bd7-9cfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9e:f9:fa:4c:d9:9b:56:00:b2:02:a2:08:48:
                    e8:f7:9f:8d:04:44:ff:5e:ff:98:74:7e:0f:fd:32:
                    2b:15:a4:b4:2d:d6:5e:36:aa:d0:e3:22:79:7d:79:
                    ee:ac:b7:43:99:0e:e7:73:74:e7:74:f5:fa:68:ae:
                    5d:ea:25:41:84:c8:48:e9:fc:f3:bc:af:30:c8:d3:
                    15:11:a2:c8:22:56:3e:99:df:57:85:39:30:b1:a6:
                    3e:a8:cb:9d:8f:a5:2a:ee:96:f5:e1:29:15:27:e6:
                    a6:02:95:86:f8:b2:36:fc:c6:4a:30:c5:5b:7f:17:
                    08:b2:a0:d2:dc:bf:3e:e0:b1:21:12:be:a0:7f:91:
                    a6:91:7e:b5:be:9c:2c:6a:f8:2c:8b:02:55:26:b1:
                    d3:9e:2b:ed:47:41:11:0d:60:84:bb:ee:d2:da:95:
                    f5:aa:45:81:75:7d:e3:e4:21:12:c1:a6:28:44:48:
                    a3:4f:61:40:dc:95:8c:54:7b:6d:41:92:ed:20:c2:
                    8f:c7:05:46:82:8d:3b:0e:cc:ae:4c:e0:bc:db:ce:
                    6b:2b:c9:1d:2e:c1:bb:98:fe:be:34:c3:bc:ca:47:
                    10:ad:42:40:0f:f2:05:19:7a:85:72:a3:56:5e:6c:
                    d3:3b:84:1d:57:a6:96:e6:7e:e2:81:25:e1:52:2c:
                    e6:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:5D:0B:5A:79:B5:91:B9:58:DC:4E:4A:FE:25:04:1B:8F:12:1B:38
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7DE99DD0552211EDA75F838AF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:36:55:00:b4:83:7f:a0:96:3e:3e:b9:1f:3e:3f:81:ab:03:
         8e:ee:34:4a:93:c5:8a:89:46:db:80:eb:96:ea:b5:84:3f:ca:
         5e:bf:86:46:fb:fa:b7:d5:36:27:0a:9b:db:92:c7:82:ae:7c:
         7a:0d:0b:09:d3:9d:67:0b:82:38:23:44:04:74:f0:be:37:73:
         eb:fd:30:db:b6:41:38:43:b8:34:41:96:8a:0a:cf:52:e4:16:
         65:e4:3d:8b:0c:bd:49:6c:20:91:96:ec:eb:05:d5:aa:83:9a:
         8d:3f:e2:43:75:62:5a:ec:ee:ca:ab:5b:2b:b0:60:2b:50:e2:
         cb:93:72:a9:a2:e3:c8:d5:90:f7:1a:6e:e7:0d:19:fb:5c:16:
         8d:0b:f8:65:80:fb:d7:db:21:9c:3d:02:d5:51:56:fc:11:c7:
         a3:43:e7:f4:01:49:f9:93:e7:b9:68:d0:88:9c:82:0c:6b:67:
         d8:47:c1:aa:3a:50:bd:be:16:2d:c5:e6:31:14:04:a7:19:21:
         6d:06:41:1a:06:1d:38:5a:52:32:84:2f:89:b2:92:34:cc:4d:
         c6:52:87:06:b4:9c:7f:9a:37:38:cd:4c:83:e5:8b:a4:b1:dc:
         b7:97:b7:74:10:de:36:2c:e4:c6:33:4f:ff:35:29:d4:86:dd:
         78:be:24:60
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCnYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMjYxMTM2NTFaFw0yNDEwMjcxMTM2NTFaMBgxFjAU
BgNVBAMMDTYzNTkxYmQ3LTljZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC1nvn6TNmbVgCyAqIISOj3n40ERP9e/5h0fg/9MisVpLQt1l42qtDjInl9
ee6st0OZDudzdOd09fporl3qJUGEyEjp/PO8rzDI0xURosgiVj6Z31eFOTCxpj6o
y52PpSrulvXhKRUn5qYClYb4sjb8xkowxVt/FwiyoNLcvz7gsSESvqB/kaaRfrW+
nCxq+CyLAlUmsdOeK+1HQRENYIS77tLalfWqRYF1fePkIRLBpihESKNPYUDclYxU
e21Bku0gwo/HBUaCjTsOzK5M4LzbzmsryR0uwbuY/r40w7zKRxCtQkAP8gUZeoVy
o1ZebNM7hB1XppbmfuKBJeFSLOZTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU810L
Wnm1kblY3E5K/iUEG48SGzgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzdERTk5REQwNTUyMjExRURBNzVGODM4QUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHcwDQYJKoZIhvcNAQEL
BQADggEBAGA2VQC0g3+glj4+uR8+P4GrA47uNEqTxYqJRtuA65bqtYQ/yl6/hkb7
+rfVNicKm9uSx4KufHoNCwnTnWcLgjgjRAR08L43c+v9MNu2QThDuDRBlooKz1Lk
FmXkPYsMvUlsIJGW7OsF1aqDmo0/4kN1Ylrs7sqrWyuwYCtQ4suTcqmi48jVkPca
bucNGftcFo0L+GWA+9fbIZw9AtVRVvwRx6ND5/QBSfmT57lo0IicggxrZ9hHwao6
UL2+Fi3F5jEUBKcZIW0GQRoGHThaUjKEL4mykjTMTcZShwa0nH+aNzjNTIPli6Sx
3LeXt3QQ3jYs5MYzT/81KdSG3Xi+JGA=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:17:40 2024 by rpki-client on console-ams.rpki-client.org