Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DA33AA40B75111EDA56CACF9F1222468.roa
File:                     DA33AA40B75111EDA56CACF9F1222468.roa (raw, json)
Hash identifier:          MFh222Hu8ICfA7KOHSphTpfXhaKprzzFr1QryYPjEtA=
Subject key identifier:   4A:DE:A5:9C:D7:A9:EC:63:C9:EB:C4:38:55:2F:82:04:D2:C8:F4:5E
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0C90
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DA33AA40B75111EDA56CACF9F1222468.roa
Signing time:             Tue 28 Feb 2023 10:22:50 +0000
ROA not before:           Tue 28 Feb 2023 10:22:45 +0000
ROA not after:            Wed 28 Feb 2024 10:22:45 +0000
asID:                     61317
IP address blocks:        154.16.54.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Jul 2023 00:03:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3216 (0xc90)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Feb 28 10:22:45 2023 GMT
            Not After : Feb 28 10:22:45 2024 GMT
        Subject: CN=63fdd5fa-bb80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:29:1d:be:0d:ec:e2:05:d3:c5:71:bf:c7:1e:
                    d1:a5:2c:eb:84:25:63:43:9f:be:32:05:a0:ee:14:
                    ba:1a:f5:2f:3a:dc:96:8a:90:15:93:25:32:14:a7:
                    ac:39:40:b0:22:e3:b5:8f:15:29:66:8c:3f:39:29:
                    a0:5a:36:25:e1:67:60:3e:65:0d:ef:bb:9f:0d:33:
                    8e:5d:b1:ed:fb:9c:8a:ef:48:e0:be:86:eb:ce:c2:
                    d8:e4:44:59:68:2a:8b:0b:c8:b5:03:f0:12:ce:9a:
                    6d:31:69:bc:9d:5a:38:a5:66:0b:36:e3:5e:53:a6:
                    f5:bc:38:31:71:9d:39:d6:38:91:bf:e8:b2:8e:6f:
                    ac:58:78:37:16:dc:ac:c4:9b:b0:bd:db:50:b8:f4:
                    bd:f1:1f:22:50:50:3b:06:ce:eb:74:a0:a2:0b:41:
                    ae:91:c8:55:0b:a1:a3:6d:c4:a9:c6:d8:19:e2:7e:
                    a8:72:1b:e0:76:99:e1:58:39:33:e8:76:89:81:72:
                    3f:f2:75:d8:55:46:dd:bf:61:26:79:4f:61:b6:bc:
                    ba:ba:ee:6e:5d:78:fa:22:1c:cd:98:1e:ad:bf:05:
                    ef:34:a8:33:6f:64:79:30:b1:29:4c:82:00:1b:81:
                    c5:26:b1:86:7e:1f:56:38:6e:e4:db:31:e0:e9:09:
                    81:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:DE:A5:9C:D7:A9:EC:63:C9:EB:C4:38:55:2F:82:04:D2:C8:F4:5E
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DA33AA40B75111EDA56CACF9F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:9a:e5:c7:c4:71:77:fc:11:a3:e3:f8:f4:34:db:d5:ef:e6:
         50:1c:9f:24:5e:f0:af:3e:61:8e:e2:d4:93:fe:71:1a:0d:57:
         d8:8c:bb:b0:76:11:62:a1:b7:57:dd:5c:84:4b:50:9d:b2:8f:
         4a:2b:73:78:56:55:dd:29:af:79:4e:1b:82:d6:45:55:0c:95:
         cb:0a:db:cb:fd:b9:6a:84:61:8b:33:b2:0f:f4:5c:c3:28:e9:
         ab:5a:df:48:b1:a6:04:79:f8:6f:c0:87:1b:4a:56:46:50:2a:
         49:d7:35:13:67:03:c9:32:16:07:40:3c:55:37:8e:63:b0:78:
         4b:b0:c4:f2:4e:c4:7c:fd:87:64:b9:d2:b4:3a:91:47:de:5d:
         27:80:54:6d:d5:f9:e2:71:0e:c4:03:0a:a5:23:5d:e6:87:0e:
         96:9c:50:cd:c5:9a:73:50:5c:d1:a5:9e:9e:df:64:bd:ea:a3:
         4d:df:e3:a3:21:0d:83:59:0f:c3:f5:33:0f:cc:49:df:17:14:
         f3:e6:20:fc:87:47:61:6d:bf:55:cc:3f:5d:0b:e9:04:b8:60:
         71:26:65:ad:59:d8:a2:1d:a5:8f:92:3f:a9:ef:42:66:e3:c0:
         65:2d:13:c6:c1:26:6e:4c:84:84:de:e2:8d:09:b9:4d:bd:eb:
         fc:1b:31:2c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDJAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjgxMDIyNDVaFw0yNDAyMjgxMDIyNDVaMBgxFjAU
BgNVBAMMDTYzZmRkNWZhLWJiODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRKR2+DeziBdPFcb/HHtGlLOuEJWNDn74yBaDuFLoa9S863JaKkBWTJTIU
p6w5QLAi47WPFSlmjD85KaBaNiXhZ2A+ZQ3vu58NM45dse37nIrvSOC+huvOwtjk
RFloKosLyLUD8BLOmm0xabydWjilZgs2415TpvW8ODFxnTnWOJG/6LKOb6xYeDcW
3KzEm7C921C49L3xHyJQUDsGzut0oKILQa6RyFULoaNtxKnG2BnifqhyG+B2meFY
OTPodomBcj/yddhVRt2/YSZ5T2G2vLq67m5dePoiHM2YHq2/Be80qDNvZHkwsSlM
ggAbgcUmsYZ+H1Y4buTbMeDpCYG/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUSt6l
nNep7GPJ68Q4VS+CBNLI9F4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RBMzNBQTQwQjc1MTExRURBNTZDQUNGOUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDYwDQYJKoZIhvcNAQEL
BQADggEBABWa5cfEcXf8EaPj+PQ029Xv5lAcnyRe8K8+YY7i1JP+cRoNV9iMu7B2
EWKht1fdXIRLUJ2yj0orc3hWVd0pr3lOG4LWRVUMlcsK28v9uWqEYYszsg/0XMMo
6ata30ixpgR5+G/AhxtKVkZQKknXNRNnA8kyFgdAPFU3jmOweEuwxPJOxHz9h2S5
0rQ6kUfeXSeAVG3V+eJxDsQDCqUjXeaHDpacUM3FmnNQXNGlnp7fZL3qo03f46Mh
DYNZD8P1Mw/MSd8XFPPmIPyHR2Ftv1XMP10L6QS4YHEmZa1Z2KIdpY+SP6nvQmbj
wGUtE8bBJm5MhITe4o0JuU296/wbMSw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:32:51 2023 by rpki-client on console-fra.rpki-client.org