Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7E573F00493011ED84AB28F8F1222468.roa
File:                     7E573F00493011ED84AB28F8F1222468.roa (raw, json)
Hash identifier:          bQpkTOXbVxJuX9Smg4jLUdt6nen+EYKD7f7k2Ukv2ss=
Subject key identifier:   C6:78:4B:4C:E0:C2:89:C7:9D:23:FF:D5:7C:AF:89:F6:CE:78:A2:DD
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       09F7
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7E573F00493011ED84AB28F8F1222468.roa
Signing time:             Tue 11 Oct 2022 06:46:55 +0000
ROA not before:           Tue 11 Oct 2022 06:46:51 +0000
ROA not after:            Fri 11 Oct 2024 06:46:51 +0000
asID:                     6461
IP address blocks:        154.16.173.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 18 Jul 2024 07:24:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2551 (0x9f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 11 06:46:51 2022 GMT
            Not After : Oct 11 06:46:51 2024 GMT
        Subject: CN=6345115e-d19c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:12:16:8b:d7:57:44:b9:6c:d0:48:3f:c6:73:
                    ba:74:59:23:83:a0:23:8d:e3:9d:9d:fe:45:52:25:
                    36:e9:e2:72:f8:21:0e:0c:7e:6d:28:f1:84:06:97:
                    2e:a4:fa:5d:86:fa:52:65:a0:23:b7:35:ce:fb:03:
                    b6:cd:2f:d0:f8:33:eb:ed:0d:b4:12:d3:95:16:04:
                    fd:3d:16:d0:f4:3a:4a:90:ec:bd:18:07:d0:42:f1:
                    b9:6b:02:06:66:f8:00:e2:b1:86:05:31:8e:1d:f8:
                    26:5f:81:d0:03:1f:d5:01:5e:34:00:43:27:3c:12:
                    83:9e:ff:84:6c:ea:96:27:04:09:a2:8a:23:d2:0b:
                    11:59:78:9e:25:0d:24:25:a8:7a:27:6a:af:c6:4c:
                    64:d5:ce:ba:9b:72:10:82:56:80:55:ac:02:a5:76:
                    b5:c9:14:dd:2f:a1:a4:bc:e1:d1:c4:03:da:05:12:
                    68:c8:4b:7d:79:ae:45:bf:98:c9:7a:14:d3:2b:84:
                    63:64:43:15:49:61:b2:0b:08:c5:db:16:3e:ea:35:
                    e0:5a:4a:c8:db:bf:ad:1c:ba:a7:ad:ad:de:ef:2e:
                    6a:90:db:d7:d9:48:64:fd:96:e5:15:63:8b:33:a6:
                    74:44:b7:ab:67:7f:b2:f5:bb:8d:08:3c:d4:58:90:
                    6b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:78:4B:4C:E0:C2:89:C7:9D:23:FF:D5:7C:AF:89:F6:CE:78:A2:DD
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7E573F00493011ED84AB28F8F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:96:99:58:6d:7b:60:14:fa:b6:b9:85:a9:63:51:ec:67:4a:
         b4:3e:0e:43:ca:b0:44:ac:69:7e:39:83:4b:aa:62:dc:bb:3f:
         10:b8:cd:db:14:d7:e9:8f:18:33:ba:cd:99:b4:dc:bd:20:00:
         0a:8d:51:46:db:59:db:fc:52:9c:65:57:3b:50:4a:cf:5a:1f:
         90:9d:0f:72:cf:aa:25:1a:63:a9:0e:99:08:77:75:21:68:43:
         ab:a7:01:62:b7:1a:7b:82:29:91:d6:5a:b8:57:e9:1a:ca:68:
         1b:49:fc:51:f0:ab:19:19:48:f9:31:28:f4:15:64:fb:bc:af:
         8b:31:88:88:5e:dd:af:5c:50:61:f3:f4:01:b6:be:ed:dd:c7:
         a6:63:ba:ad:1b:c5:3b:df:69:79:e1:3e:b9:d2:15:7e:48:48:
         e0:72:81:b0:f3:2e:76:bf:fb:32:ba:1c:56:c8:61:87:c9:dd:
         99:1a:f7:84:58:db:fc:1a:3c:eb:86:ce:38:e7:7e:48:0f:e8:
         e0:14:c7:c1:d3:6b:db:03:91:25:fb:82:56:88:31:2e:b7:8a:
         cf:a9:2c:9b:2a:05:ff:23:08:4a:49:7e:3f:bc:65:43:78:1e:
         96:b8:72:74:5d:34:30:8c:f1:5e:53:6a:c8:42:8d:d7:7a:cc:
         0e:d5:6e:d4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCfcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMTEwNjQ2NTFaFw0yNDEwMTEwNjQ2NTFaMBgxFjAU
BgNVBAMMDTYzNDUxMTVlLWQxOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDMEhaL11dEuWzQSD/Gc7p0WSODoCON452d/kVSJTbp4nL4IQ4Mfm0o8YQG
ly6k+l2G+lJloCO3Nc77A7bNL9D4M+vtDbQS05UWBP09FtD0OkqQ7L0YB9BC8blr
AgZm+ADisYYFMY4d+CZfgdADH9UBXjQAQyc8EoOe/4Rs6pYnBAmiiiPSCxFZeJ4l
DSQlqHonaq/GTGTVzrqbchCCVoBVrAKldrXJFN0voaS84dHEA9oFEmjIS315rkW/
mMl6FNMrhGNkQxVJYbILCMXbFj7qNeBaSsjbv60cuqetrd7vLmqQ29fZSGT9luUV
Y4szpnREt6tnf7L1u40IPNRYkGspAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxnhL
TODCicedI//VfK+J9s54ot0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzdFNTczRjAwNDkzMDExRUQ4NEFCMjhGOEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEK0wDQYJKoZIhvcNAQEL
BQADggEBAI6WmVhte2AU+ra5haljUexnSrQ+DkPKsESsaX45g0uqYty7PxC4zdsU
1+mPGDO6zZm03L0gAAqNUUbbWdv8UpxlVztQSs9aH5CdD3LPqiUaY6kOmQh3dSFo
Q6unAWK3GnuCKZHWWrhX6RrKaBtJ/FHwqxkZSPkxKPQVZPu8r4sxiIhe3a9cUGHz
9AG2vu3dx6Zjuq0bxTvfaXnhPrnSFX5ISOBygbDzLna/+zK6HFbIYYfJ3Zka94RY
2/waPOuGzjjnfkgP6OAUx8HTa9sDkSX7glaIMS63is+pLJsqBf8jCEpJfj+8ZUN4
Hpa4cnRdNDCM8V5TashCjdd6zA7VbtQ=
-----END CERTIFICATE-----
Generated at Tue Jul 16 11:33:45 2024 by rpki-client on console-ams.rpki-client.org