Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/95F222F8552211ED9507BB8AF1222468.roa
File:                     95F222F8552211ED9507BB8AF1222468.roa (raw, json)
Hash identifier:          aUyniJay3iWRSTGvTQA3dl7ThHzT4UYAr6221SHc5J8=
Subject key identifier:   5C:2B:DA:9B:A4:D7:76:F1:EB:E0:AC:D9:E4:D5:6C:96:E3:18:BE:8B
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A78
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/95F222F8552211ED9507BB8AF1222468.roa
Signing time:             Wed 26 Oct 2022 11:37:35 +0000
ROA not before:           Wed 26 Oct 2022 11:37:31 +0000
ROA not after:            Sun 27 Oct 2024 11:37:31 +0000
asID:                     36352
IP address blocks:        154.16.144.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 18 Jul 2024 07:24:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2680 (0xa78)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 26 11:37:31 2022 GMT
            Not After : Oct 27 11:37:31 2024 GMT
        Subject: CN=63591bff-9486
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fd:f8:9f:7a:36:8d:29:11:99:ad:aa:4d:23:
                    45:a5:82:4e:65:d0:6a:49:40:cf:31:4f:08:13:7a:
                    b6:a2:53:3e:73:1a:5a:9e:61:59:7a:d7:2a:74:94:
                    e9:ef:53:65:58:28:e9:df:23:f5:51:b2:a6:59:77:
                    2f:3a:1c:31:6f:1d:47:bb:5e:fe:f5:95:71:36:44:
                    94:05:4d:cd:e0:b5:40:55:3c:2e:64:43:e5:bd:12:
                    28:0d:bf:97:a4:7e:cf:a8:d6:b7:d8:f8:3d:b4:ec:
                    4e:c7:a5:f6:de:2e:63:5a:cd:79:fe:be:12:b0:52:
                    2f:10:b7:9f:ae:15:47:0d:5e:69:3e:a7:fd:6d:dc:
                    9f:df:e9:40:00:15:00:8d:c4:45:99:a2:22:16:d5:
                    72:a2:c4:e1:c7:6d:7d:9a:65:dc:97:ba:e7:06:3d:
                    ff:55:66:bf:25:5a:ab:ec:44:0c:3d:87:23:bb:8b:
                    a5:98:c5:89:3b:55:9d:0b:b6:8d:72:77:13:b8:6f:
                    a9:85:29:99:f8:06:25:06:da:9f:7a:09:c3:bc:2f:
                    a9:9f:9c:76:42:c1:bf:29:19:d7:66:43:59:4e:20:
                    20:ea:d0:74:64:28:2b:46:b7:9e:32:56:fa:8c:69:
                    bf:17:f9:17:38:3b:2b:18:8b:81:6e:87:88:7f:27:
                    41:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:2B:DA:9B:A4:D7:76:F1:EB:E0:AC:D9:E4:D5:6C:96:E3:18:BE:8B
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/95F222F8552211ED9507BB8AF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6c:bc:87:a2:a1:46:af:dd:9f:2c:24:76:85:6a:4b:59:1c:8c:
         96:51:cc:39:1c:39:4b:a0:b4:a7:1a:3b:aa:04:4a:00:af:93:
         c0:d1:bf:ba:c0:4b:cd:54:84:74:fb:a7:c8:79:af:4d:86:5d:
         09:23:70:47:39:82:0a:97:51:fb:c0:84:42:c5:c5:ea:60:a0:
         d9:5f:68:36:79:0e:5b:82:9c:80:9b:e4:12:05:c4:38:bc:64:
         1b:27:50:7a:17:0a:a1:68:ad:79:c0:62:60:2e:3d:97:ca:1a:
         9a:a1:ad:23:47:ad:f8:bd:95:0a:f7:1f:e1:49:c0:7b:03:74:
         3c:e0:7c:de:46:6c:f1:43:c1:e4:52:ca:51:97:c0:be:d0:61:
         8a:f4:17:d9:ea:57:7f:03:1f:83:ea:73:73:99:7c:0f:aa:48:
         bd:ef:0c:b0:31:bf:01:f7:76:48:34:c7:e3:ce:62:17:a5:c1:
         b2:45:ad:37:c4:67:55:16:a7:de:c6:37:6b:9e:a5:ce:30:2c:
         69:70:e0:7f:b0:f2:f9:25:27:64:0c:29:e9:12:c3:6c:35:ff:
         3f:67:ee:4c:e2:1b:59:2f:74:df:c5:ac:97:2e:d1:6a:c4:31:
         52:00:93:cc:3a:3a:51:dd:78:95:fd:51:2b:32:7b:89:15:35:
         00:e4:e8:23
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCngwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMjYxMTM3MzFaFw0yNDEwMjcxMTM3MzFaMBgxFjAU
BgNVBAMMDTYzNTkxYmZmLTk0ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3/fifejaNKRGZrapNI0Wlgk5l0GpJQM8xTwgTeraiUz5zGlqeYVl61yp0
lOnvU2VYKOnfI/VRsqZZdy86HDFvHUe7Xv71lXE2RJQFTc3gtUBVPC5kQ+W9EigN
v5ekfs+o1rfY+D207E7HpfbeLmNazXn+vhKwUi8Qt5+uFUcNXmk+p/1t3J/f6UAA
FQCNxEWZoiIW1XKixOHHbX2aZdyXuucGPf9VZr8lWqvsRAw9hyO7i6WYxYk7VZ0L
to1ydxO4b6mFKZn4BiUG2p96CcO8L6mfnHZCwb8pGddmQ1lOICDq0HRkKCtGt54y
VvqMab8X+Rc4OysYi4Fuh4h/J0EFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUXCva
m6TXdvHr4KzZ5NVsluMYvoswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzk1RjIyMkY4NTUyMjExRUQ5NTA3QkI4QUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKaEJAwDQYJKoZIhvcNAQEL
BQADggEBAGy8h6KhRq/dnywkdoVqS1kcjJZRzDkcOUugtKcaO6oESgCvk8DRv7rA
S81UhHT7p8h5r02GXQkjcEc5ggqXUfvAhELFxepgoNlfaDZ5DluCnICb5BIFxDi8
ZBsnUHoXCqForXnAYmAuPZfKGpqhrSNHrfi9lQr3H+FJwHsDdDzgfN5GbPFDweRS
ylGXwL7QYYr0F9nqV38DH4Pqc3OZfA+qSL3vDLAxvwH3dkg0x+POYhelwbJFrTfE
Z1UWp97GN2uepc4wLGlw4H+w8vklJ2QMKekSw2w1/z9n7kziG1kvdN/FrJcu0WrE
MVIAk8w6OlHdeJX9USsye4kVNQDk6CM=
-----END CERTIFICATE-----
Generated at Tue Jul 16 11:33:46 2024 by rpki-client on console-ams.rpki-client.org