Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D3586744493111EDB712157DF1222468.roa
File:                     D3586744493111EDB712157DF1222468.roa (raw, json)
Hash identifier:          1mnSmU3HJJGp5smT7wfq9z0qZbA69gsrYoVQ4SKtma0=
Subject key identifier:   74:E0:B0:95:E1:4B:14:E6:CD:59:B4:5A:AD:A3:BC:24:4F:CD:04:B5
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       09FB
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D3586744493111EDB712157DF1222468.roa
Signing time:             Tue 11 Oct 2022 06:56:27 +0000
ROA not before:           Tue 11 Oct 2022 06:56:23 +0000
ROA not after:            Fri 11 Oct 2024 06:56:23 +0000
asID:                     174
IP address blocks:        154.16.49.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2555 (0x9fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 11 06:56:23 2022 GMT
            Not After : Oct 11 06:56:23 2024 GMT
        Subject: CN=6345139a-d8c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:09:96:29:0a:18:33:bf:80:1f:98:bc:62:b9:
                    ff:5a:b2:c8:ba:6f:26:4a:07:91:11:d3:3c:3a:17:
                    43:7f:0f:b6:07:ed:a2:7d:0a:fe:56:1d:89:45:92:
                    e1:bb:f5:5b:2b:97:31:bf:54:41:af:b5:58:76:c1:
                    b7:fd:8f:e5:5e:9f:3d:d9:ae:0a:41:8c:17:ca:40:
                    f1:82:29:43:62:0c:ca:fb:13:c3:fd:32:67:a7:a4:
                    4a:28:30:03:16:b3:78:01:8a:9c:14:aa:e9:44:3c:
                    ed:fb:a1:f5:eb:12:71:ac:d8:a2:88:90:9e:1b:d5:
                    db:cd:6b:21:79:72:68:18:e3:74:02:19:13:a0:f4:
                    49:8f:01:b0:e5:ee:91:86:75:61:e3:48:17:20:a5:
                    02:8d:dd:6e:f9:17:fd:bc:0c:41:6f:b3:ac:2e:6f:
                    ee:2d:e2:b4:ef:fa:b2:ad:9b:be:b6:42:bc:95:f8:
                    2a:bf:c7:66:e3:a1:dc:4b:b8:66:0b:42:6c:5d:54:
                    72:c5:da:15:75:4b:e5:a3:47:a7:5b:27:9a:42:90:
                    1e:42:f3:44:58:f1:de:0f:d3:19:db:61:2d:3f:87:
                    73:ee:b7:24:d7:bc:b7:2f:fd:00:41:3f:18:6e:33:
                    21:24:c0:78:83:2a:3f:a0:2c:6c:41:8a:e7:2a:8b:
                    af:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:E0:B0:95:E1:4B:14:E6:CD:59:B4:5A:AD:A3:BC:24:4F:CD:04:B5
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D3586744493111EDB712157DF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:48:69:d6:7b:ab:fe:1c:64:86:cc:bf:74:09:2b:ed:f9:18:
         99:22:da:11:1a:9c:c4:44:cc:74:8c:8f:b5:1c:53:0c:69:51:
         39:26:f1:ff:73:59:e1:09:30:7e:c9:00:4a:f1:a5:83:8e:47:
         91:12:75:ad:95:18:fe:a8:6a:a9:12:59:26:7c:3f:03:ca:58:
         89:b2:e0:11:cb:c6:6f:7f:e6:b3:7a:18:a1:41:5d:f3:ea:41:
         29:7c:0d:bd:e1:c3:be:53:e3:78:05:c8:ac:43:f4:6d:91:f8:
         c3:3a:83:27:96:92:f7:c5:c8:71:a6:b4:f3:35:97:c3:54:4d:
         31:e3:e7:dc:b0:ec:e6:49:b3:9c:0b:81:26:d2:28:5c:3b:0d:
         5f:bc:3a:b9:91:19:3c:95:28:0d:4a:cc:e0:a9:28:d3:15:26:
         aa:62:03:73:65:30:46:f6:cb:fc:93:0b:f7:27:8e:43:26:50:
         de:df:6e:12:e1:3d:60:eb:57:4b:26:09:08:4a:c1:87:24:83:
         bd:2b:61:cc:d6:93:cd:4a:91:e2:bc:56:73:6c:79:b2:a7:ed:
         7b:2d:bd:23:6f:e8:ae:4a:26:80:75:16:76:70:fe:3c:38:a0:
         43:d7:e1:cb:4b:16:f7:03:84:11:f5:bc:3e:4c:e7:b2:d5:f5:
         c4:26:ae:9c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCfswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMTEwNjU2MjNaFw0yNDEwMTEwNjU2MjNaMBgxFjAU
BgNVBAMMDTYzNDUxMzlhLWQ4YzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCrCZYpChgzv4AfmLxiuf9assi6byZKB5ER0zw6F0N/D7YH7aJ9Cv5WHYlF
kuG79VsrlzG/VEGvtVh2wbf9j+Venz3ZrgpBjBfKQPGCKUNiDMr7E8P9MmenpEoo
MAMWs3gBipwUqulEPO37ofXrEnGs2KKIkJ4b1dvNayF5cmgY43QCGROg9EmPAbDl
7pGGdWHjSBcgpQKN3W75F/28DEFvs6wub+4t4rTv+rKtm762QryV+Cq/x2bjodxL
uGYLQmxdVHLF2hV1S+WjR6dbJ5pCkB5C80RY8d4P0xnbYS0/h3PutyTXvLcv/QBB
PxhuMyEkwHiDKj+gLGxBiucqi69jAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdOCw
leFLFObNWbRaraO8JE/NBLUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0QzNTg2NzQ0NDkzMTExRURCNzEyMTU3REYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDEwDQYJKoZIhvcNAQEL
BQADggEBABNIadZ7q/4cZIbMv3QJK+35GJki2hEanMREzHSMj7UcUwxpUTkm8f9z
WeEJMH7JAErxpYOOR5ESda2VGP6oaqkSWSZ8PwPKWImy4BHLxm9/5rN6GKFBXfPq
QSl8Db3hw75T43gFyKxD9G2R+MM6gyeWkvfFyHGmtPM1l8NUTTHj59yw7OZJs5wL
gSbSKFw7DV+8OrmRGTyVKA1KzOCpKNMVJqpiA3NlMEb2y/yTC/cnjkMmUN7fbhLh
PWDrV0smCQhKwYckg70rYczWk81KkeK8VnNsebKn7XstvSNv6K5KJoB1FnZw/jw4
oEPX4ctLFvcDhBH1vD5M57LV9cQmrpw=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:06 2024 by rpki-client on console-ams.rpki-client.org