Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AD8D78CE8AA411ED8B5532AEF1222468.roa
File:                     AD8D78CE8AA411ED8B5532AEF1222468.roa (raw, json)
Hash identifier:          RxYnLg67aL2xM3KutkasCxWa6v7ghbTuYiw1i+j9Iic=
Subject key identifier:   6D:8D:62:DF:7F:DD:DD:97:C4:09:49:F0:BC:FA:2F:B5:F1:99:EC:B4
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0B29
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AD8D78CE8AA411ED8B5532AEF1222468.roa
Signing time:             Mon 02 Jan 2023 13:52:21 +0000
ROA not before:           Mon 02 Jan 2023 13:52:15 +0000
ROA not after:            Thu 02 Jan 2025 13:52:15 +0000
asID:                     20454
IP address blocks:        154.16.244.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Jul 2023 00:03:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2857 (0xb29)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jan  2 13:52:15 2023 GMT
            Not After : Jan  2 13:52:15 2025 GMT
        Subject: CN=63b2e195-b42b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:0f:3d:46:90:dd:76:6a:1d:72:f9:c6:f8:5e:
                    44:04:bb:f7:7f:07:37:b4:01:0f:ef:0c:b4:c8:bd:
                    de:d7:54:a4:d6:a8:0f:70:6e:65:6c:19:8b:17:56:
                    61:59:b0:dd:51:59:34:25:f3:71:31:3f:81:85:23:
                    a1:11:0c:1e:ed:43:44:0c:85:ab:26:39:fd:5d:f7:
                    15:29:58:db:21:5e:b6:f4:e2:6e:0e:a2:b8:02:98:
                    24:df:08:1d:ea:4c:05:c7:0a:6c:e8:56:98:ed:55:
                    bc:0c:80:cc:5d:1c:c2:d5:30:69:59:d1:c5:5f:e7:
                    6d:b8:bc:80:33:0f:7b:54:cb:a6:2e:e9:3b:b2:52:
                    a7:db:8d:65:7f:00:e8:25:95:95:88:ef:65:1b:13:
                    15:13:c0:b8:88:9d:ce:f5:40:b5:d4:f7:c9:2f:20:
                    28:50:2f:95:94:d8:55:f9:21:c8:04:4d:81:4c:a1:
                    3b:69:ab:2b:5f:83:c2:b9:6c:1b:43:f8:c2:bc:16:
                    58:42:f8:52:4e:c8:ab:a5:5f:49:19:76:43:51:5d:
                    f9:e8:ce:36:88:11:a1:cc:e0:ba:47:8a:01:b7:68:
                    db:43:4a:f5:70:6d:76:0f:34:c2:dc:28:7d:0d:89:
                    99:0f:39:d7:16:b1:5e:3c:73:23:b2:db:23:eb:a8:
                    87:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:8D:62:DF:7F:DD:DD:97:C4:09:49:F0:BC:FA:2F:B5:F1:99:EC:B4
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AD8D78CE8AA411ED8B5532AEF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:e5:c2:5c:28:d4:33:5b:fd:3a:af:76:1e:d1:0d:b0:1e:aa:
         de:29:46:ca:cf:99:26:07:d0:f1:0c:57:4d:bf:2d:d1:e8:fc:
         07:06:6c:c6:33:1e:44:c4:a0:3f:f5:3b:af:f0:4b:2b:e2:8d:
         75:48:69:33:53:60:94:d5:57:76:e8:11:f5:54:d3:b3:4c:04:
         7f:0a:c5:80:ae:8b:ba:d4:38:79:2a:24:38:44:b8:cb:76:06:
         e4:34:3b:7b:06:74:e8:6c:44:2c:e6:65:38:e1:70:ea:c7:30:
         97:3e:ee:84:6d:a9:cc:a7:07:99:9e:3b:5e:b0:5e:46:e8:df:
         3d:b2:55:4d:20:0a:e3:1d:62:bb:0a:3e:08:41:df:9e:45:ce:
         4b:ec:45:14:42:37:98:8d:50:ae:df:2b:7b:bf:c3:be:dd:4c:
         eb:81:87:c5:fd:10:31:07:42:17:7f:ab:7b:21:8a:cc:84:f2:
         d6:44:d0:62:77:15:86:6b:45:8d:01:c4:15:50:47:d1:01:02:
         ca:f9:37:a3:50:58:1a:85:b6:69:2c:14:63:28:5a:36:d8:98:
         4c:b3:9a:bd:33:62:f7:dc:9c:ad:d0:a9:b1:b8:2b:65:4b:3b:
         89:cf:c4:cc:ad:e6:9c:7f:2b:11:0b:12:c9:21:22:c2:48:bf:
         6e:77:09:07
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCykwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAxMDIxMzUyMTVaFw0yNTAxMDIxMzUyMTVaMBgxFjAU
BgNVBAMMDTYzYjJlMTk1LWI0MmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7Dz1GkN12ah1y+cb4XkQEu/d/Bze0AQ/vDLTIvd7XVKTWqA9wbmVsGYsX
VmFZsN1RWTQl83ExP4GFI6ERDB7tQ0QMhasmOf1d9xUpWNshXrb04m4OorgCmCTf
CB3qTAXHCmzoVpjtVbwMgMxdHMLVMGlZ0cVf5224vIAzD3tUy6Yu6TuyUqfbjWV/
AOgllZWI72UbExUTwLiInc71QLXU98kvIChQL5WU2FX5IcgETYFMoTtpqytfg8K5
bBtD+MK8FlhC+FJOyKulX0kZdkNRXfnozjaIEaHM4LpHigG3aNtDSvVwbXYPNMLc
KH0NiZkPOdcWsV48cyOy2yPrqIcjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUbY1i
33/d3ZfECUnwvPovtfGZ7LQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0FEOEQ3OENFOEFBNDExRUQ4QjU1MzJBRUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPQwDQYJKoZIhvcNAQEL
BQADggEBAKflwlwo1DNb/Tqvdh7RDbAeqt4pRsrPmSYH0PEMV02/LdHo/AcGbMYz
HkTEoD/1O6/wSyvijXVIaTNTYJTVV3boEfVU07NMBH8KxYCui7rUOHkqJDhEuMt2
BuQ0O3sGdOhsRCzmZTjhcOrHMJc+7oRtqcynB5meO16wXkbo3z2yVU0gCuMdYrsK
PghB355FzkvsRRRCN5iNUK7fK3u/w77dTOuBh8X9EDEHQhd/q3shisyE8tZE0GJ3
FYZrRY0BxBVQR9EBAsr5N6NQWBqFtmksFGMoWjbYmEyzmr0zYvfcnK3QqbG4K2VL
O4nPxMyt5px/KxELEskhIsJIv253CQc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:32:50 2023 by rpki-client on console-fra.rpki-client.org