Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DB283D6E77A811ED8020697CF1222468.roa
File:                     DB283D6E77A811ED8020697CF1222468.roa (raw, json)
Hash identifier:          SBqTPVgy2+n5p+0eRtOlBEzCEuV8jHkL7JVEw4ROM0s=
Subject key identifier:   62:8E:16:D9:B4:7F:F3:C6:29:FB:86:F3:4D:1B:91:B3:48:E2:05:7A
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0AFB
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DB283D6E77A811ED8020697CF1222468.roa
Signing time:             Fri 09 Dec 2022 10:04:23 +0000
ROA not before:           Fri 09 Dec 2022 10:04:19 +0000
ROA not after:            Mon 09 Dec 2024 10:04:19 +0000
asID:                     211415
IP address blocks:        154.70.155.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 18 Jul 2024 07:24:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2811 (0xafb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Dec  9 10:04:19 2022 GMT
            Not After : Dec  9 10:04:19 2024 GMT
        Subject: CN=63930827-b4c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:8e:58:ba:1f:08:13:15:df:96:69:dd:0a:39:
                    d9:b7:04:2b:55:41:5b:ac:4e:78:93:01:ad:61:d2:
                    91:b1:9c:c6:e3:ee:3c:a8:e3:0c:46:30:02:89:f8:
                    12:af:f2:5e:2e:8e:1d:07:44:59:3c:0f:d8:d8:93:
                    bf:14:fc:46:69:6a:78:0c:15:4e:96:10:cb:fb:d9:
                    94:b3:a1:2e:d6:21:e4:e2:9e:6d:5a:30:56:de:05:
                    77:03:5e:83:a9:a8:87:74:04:3d:77:20:b2:26:b4:
                    e4:db:8e:d3:64:88:4d:0e:b9:b0:c0:2d:9e:0d:2b:
                    35:09:22:c6:5f:05:ae:42:57:a1:bc:42:1a:8b:39:
                    7b:a9:4a:2f:7e:db:c1:bf:ae:ff:d3:ea:f3:4f:c8:
                    07:7f:04:d4:16:09:75:67:81:b6:5b:18:03:52:a3:
                    57:a8:95:b6:bc:10:91:39:58:77:56:fd:53:9f:49:
                    94:2b:fd:04:ec:44:dd:6e:8f:7f:16:9c:1d:06:95:
                    1f:6c:80:25:74:5f:f2:af:f0:33:9c:67:53:7f:a5:
                    62:86:4c:93:5a:80:0a:5f:91:b2:cb:31:13:09:a2:
                    66:4e:79:94:aa:3a:74:62:6c:b8:8a:4b:5d:fa:57:
                    1d:13:87:08:0f:d4:ee:27:33:8d:55:08:94:17:d5:
                    3f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:8E:16:D9:B4:7F:F3:C6:29:FB:86:F3:4D:1B:91:B3:48:E2:05:7A
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DB283D6E77A811ED8020697CF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.70.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:ad:5b:2f:bf:ae:c2:fc:9f:85:23:1e:17:25:4e:a0:b1:b4:
         b9:aa:30:2d:22:d8:bd:b2:bf:ec:af:de:ab:af:34:1e:df:2c:
         94:bd:b9:7a:9d:38:51:a0:0f:06:a6:8d:e4:8d:6d:a6:79:44:
         ce:8b:04:f1:df:26:7a:a2:38:b3:e9:e3:f1:6b:d1:4b:f3:ee:
         ac:7e:33:a1:26:36:d7:84:be:5a:81:b1:f2:86:27:08:56:57:
         88:dc:66:82:a7:c7:7f:5c:35:3b:37:76:1a:f3:c2:45:e0:cb:
         b1:21:1c:d3:e6:ae:fb:7c:e3:9e:61:06:bb:e0:c6:09:ca:8e:
         ee:d0:c6:a5:76:0a:7b:4c:d9:38:13:ce:08:82:2d:7a:8c:ac:
         a8:31:fa:8e:4e:89:9a:08:5f:7e:47:2f:c6:b0:ac:e2:73:44:
         a8:bb:49:65:4e:05:dd:52:42:35:8d:99:1e:ff:6a:41:bc:3c:
         7b:f9:64:80:e5:2b:c5:08:8a:e3:17:19:9d:31:6a:44:75:77:
         5f:28:aa:cc:32:87:27:fa:d5:39:ad:f5:b4:e9:25:d3:f2:61:
         f2:13:fa:6c:79:0e:cb:ba:70:2a:aa:08:10:ac:26:ae:f6:de:
         57:80:5b:f3:9e:39:ba:1a:57:74:1d:47:00:13:3b:2b:f6:47:
         d8:2b:23:d9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCvswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEyMDkxMDA0MTlaFw0yNDEyMDkxMDA0MTlaMBgxFjAU
BgNVBAMMDTYzOTMwODI3LWI0YzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCZjli6HwgTFd+Wad0KOdm3BCtVQVusTniTAa1h0pGxnMbj7jyo4wxGMAKJ
+BKv8l4ujh0HRFk8D9jYk78U/EZpangMFU6WEMv72ZSzoS7WIeTinm1aMFbeBXcD
XoOpqId0BD13ILImtOTbjtNkiE0OubDALZ4NKzUJIsZfBa5CV6G8QhqLOXupSi9+
28G/rv/T6vNPyAd/BNQWCXVngbZbGANSo1eolba8EJE5WHdW/VOfSZQr/QTsRN1u
j38WnB0GlR9sgCV0X/Kv8DOcZ1N/pWKGTJNagApfkbLLMRMJomZOeZSqOnRibLiK
S136Vx0ThwgP1O4nM41VCJQX1T/RAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYo4W
2bR/88Yp+4bzTRuRs0jiBXowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RCMjgzRDZFNzdBODExRUQ4MDIwNjk3Q0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaRpswDQYJKoZIhvcNAQEL
BQADggEBAMStWy+/rsL8n4UjHhclTqCxtLmqMC0i2L2yv+yv3quvNB7fLJS9uXqd
OFGgDwamjeSNbaZ5RM6LBPHfJnqiOLPp4/Fr0Uvz7qx+M6EmNteEvlqBsfKGJwhW
V4jcZoKnx39cNTs3dhrzwkXgy7EhHNPmrvt8455hBrvgxgnKju7QxqV2CntM2TgT
zgiCLXqMrKgx+o5OiZoIX35HL8awrOJzRKi7SWVOBd1SQjWNmR7/akG8PHv5ZIDl
K8UIiuMXGZ0xakR1d18oqswyhyf61Tmt9bTpJdPyYfIT+mx5Dsu6cCqqCBCsJq72
3leAW/OeOboaV3QdRwATOyv2R9grI9k=
-----END CERTIFICATE-----
Generated at Tue Jul 16 10:30:37 2024 by rpki-client on console-fra.rpki-client.org