Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BBD22492551711ED9CF452F0F1222468.roa
File:                     BBD22492551711ED9CF452F0F1222468.roa (raw, json)
Hash identifier:          L4v//YBTFCU7weX29NWsvp6qPO+9fsf9do1PCWkSwGU=
Subject key identifier:   DA:03:34:BD:F3:D4:C1:48:BC:AA:36:15:C4:79:71:50:6C:EB:1C:A7
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A33
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BBD22492551711ED9CF452F0F1222468.roa
Signing time:             Wed 26 Oct 2022 10:19:54 +0000
ROA not before:           Wed 26 Oct 2022 10:19:50 +0000
ROA not after:            Sun 27 Oct 2024 10:19:50 +0000
asID:                     397384
IP address blocks:        154.16.159.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Jul 2024 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2611 (0xa33)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 26 10:19:50 2022 GMT
            Not After : Oct 27 10:19:50 2024 GMT
        Subject: CN=635909ca-88c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:6e:50:7a:cb:e3:49:0d:f1:5e:5e:10:ce:30:
                    54:25:fa:d8:5c:de:9b:06:c9:c1:b0:94:f5:b1:cb:
                    80:60:3f:10:73:71:98:18:0f:a3:77:dd:ac:7d:36:
                    70:12:9b:b4:cd:51:db:d8:4a:48:69:c0:a3:76:1b:
                    21:bc:4c:67:5e:29:66:df:76:d9:83:ce:2a:a9:7e:
                    00:f5:ee:23:b9:9b:b9:09:07:ff:a0:02:08:df:3a:
                    5b:ae:dd:c4:19:77:40:30:01:c5:78:82:db:e1:22:
                    8a:1e:06:18:71:27:30:84:71:55:78:1a:97:16:35:
                    03:77:c8:cf:45:78:54:77:08:18:96:91:49:b2:47:
                    b3:11:6c:91:b7:71:63:46:7a:3c:73:6c:28:07:e1:
                    91:42:7a:36:32:e0:3d:14:85:bc:05:87:ee:bb:69:
                    03:b4:de:a4:d4:97:9f:08:2f:81:05:da:bf:94:91:
                    d6:a6:a3:8d:31:c4:b5:66:06:f0:f7:7a:51:c8:ac:
                    43:25:ac:77:0a:7b:41:ad:cd:c1:6e:db:b7:05:20:
                    36:60:95:cf:d0:f0:88:51:b5:b1:62:c4:65:96:b7:
                    da:d0:a9:f3:52:d9:44:e8:b9:a1:dd:72:01:5f:4e:
                    94:b6:ce:0b:07:97:3e:c3:23:76:6c:c3:70:4c:a7:
                    6c:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:03:34:BD:F3:D4:C1:48:BC:AA:36:15:C4:79:71:50:6C:EB:1C:A7
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BBD22492551711ED9CF452F0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:ec:59:7c:a0:17:de:3a:15:3e:91:02:24:2e:bb:13:27:59:
         17:d9:58:e7:08:79:a1:e1:bd:6f:bb:54:24:5b:fb:94:0b:a0:
         5c:0a:72:fd:e0:d4:0e:b5:59:e3:44:e3:fa:70:cb:b0:0f:6d:
         96:b9:8c:98:74:fa:ff:fe:bd:2a:9b:de:c6:86:cd:66:05:f7:
         d0:64:fc:2a:76:a5:86:c0:62:f5:3f:5f:7d:ac:28:9a:13:c1:
         e9:ce:e0:4f:6e:0b:e1:f1:15:cd:d5:ee:79:24:e3:d9:d6:78:
         c1:e6:8c:72:36:8d:80:2b:6d:c1:64:2b:df:55:cd:ee:3a:02:
         aa:0a:fa:5f:31:54:63:4a:89:4e:f3:de:37:38:d5:b1:ea:34:
         1e:ff:ad:c5:c2:5e:c3:9f:14:68:c2:26:94:48:be:40:e8:99:
         0d:96:8d:f1:52:64:02:70:9b:03:b5:45:9c:23:16:e0:66:5c:
         0c:83:53:dd:04:86:99:7d:da:52:56:69:d8:67:77:e1:23:a9:
         06:26:56:bc:bf:3b:91:9d:15:51:d7:94:88:85:cb:4f:a8:cf:
         7b:2d:f1:95:52:b5:e9:d7:11:f4:36:5b:0a:56:0a:a2:fa:58:
         71:be:07:26:41:65:e5:b6:f5:fb:1e:f7:93:91:65:0a:ac:c8:
         90:af:a6:c5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCjMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMjYxMDE5NTBaFw0yNDEwMjcxMDE5NTBaMBgxFjAU
BgNVBAMMDTYzNTkwOWNhLTg4YzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjblB6y+NJDfFeXhDOMFQl+thc3psGycGwlPWxy4BgPxBzcZgYD6N33ax9
NnASm7TNUdvYSkhpwKN2GyG8TGdeKWbfdtmDziqpfgD17iO5m7kJB/+gAgjfOluu
3cQZd0AwAcV4gtvhIooeBhhxJzCEcVV4GpcWNQN3yM9FeFR3CBiWkUmyR7MRbJG3
cWNGejxzbCgH4ZFCejYy4D0UhbwFh+67aQO03qTUl58IL4EF2r+Ukdamo40xxLVm
BvD3elHIrEMlrHcKe0GtzcFu27cFIDZglc/Q8IhRtbFixGWWt9rQqfNS2UTouaHd
cgFfTpS2zgsHlz7DI3Zsw3BMp2w1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2gM0
vfPUwUi8qjYVxHlxUGzrHKcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0JCRDIyNDkyNTUxNzExRUQ5Q0Y0NTJGMEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJ8wDQYJKoZIhvcNAQEL
BQADggEBAATsWXygF946FT6RAiQuuxMnWRfZWOcIeaHhvW+7VCRb+5QLoFwKcv3g
1A61WeNE4/pwy7APbZa5jJh0+v/+vSqb3saGzWYF99Bk/Cp2pYbAYvU/X32sKJoT
wenO4E9uC+HxFc3V7nkk49nWeMHmjHI2jYArbcFkK99Vze46AqoK+l8xVGNKiU7z
3jc41bHqNB7/rcXCXsOfFGjCJpRIvkDomQ2WjfFSZAJwmwO1RZwjFuBmXAyDU90E
hpl92lJWadhnd+EjqQYmVry/O5GdFVHXlIiFy0+oz3st8ZVStenXEfQ2WwpWCqL6
WHG+ByZBZeW29fse95ORZQqsyJCvpsU=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:17:41 2024 by rpki-client on console-ams.rpki-client.org