Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E1E4C446288E11EE99B351244AD9E6FC.roa
File:                     E1E4C446288E11EE99B351244AD9E6FC.roa (raw, json)
Hash identifier:          QzH5CJUGty/CYjaEnaqs/yzXI8ylB+oHdUBbvfjohBE=
Subject key identifier:   2C:F6:0B:16:55:FD:00:38:B0:24:97:E2:04:CD:71:7B:CB:AE:40:44
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       10CB
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E1E4C446288E11EE99B351244AD9E6FC.roa
Signing time:             Sat 22 Jul 2023 12:54:24 +0000
ROA not before:           Sat 22 Jul 2023 12:54:20 +0000
ROA not after:            Sat 26 Jul 2025 12:54:20 +0000
asID:                     61317
IP address blocks:        154.16.22.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4299 (0x10cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jul 22 12:54:20 2023 GMT
            Not After : Jul 26 12:54:20 2025 GMT
        Subject: CN=64bbd17f-8b72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:16:f6:e7:38:c2:8d:9f:46:ee:4b:cb:a5:83:
                    8f:0d:20:6e:cc:29:5a:b9:b3:76:b1:99:27:20:db:
                    a0:45:ef:d4:0e:21:af:63:07:a7:e0:61:9c:d2:1d:
                    df:16:90:75:9d:d0:8b:39:3e:49:68:2a:0c:2b:58:
                    e8:00:3d:02:f2:45:3b:dc:3e:cb:1f:63:f3:3b:40:
                    5a:5c:79:6f:22:7e:b1:fd:5a:06:b9:1c:1c:1c:76:
                    96:9f:f5:91:bc:da:df:a5:33:c9:f3:5d:09:41:e1:
                    ba:53:0c:13:39:b2:22:c9:39:8f:40:bd:4a:ca:ab:
                    77:6b:e1:b4:16:f4:92:45:d2:cc:37:e8:f6:e1:ca:
                    12:4c:2d:9d:8b:4a:b9:b7:54:94:54:e2:65:c4:35:
                    fc:48:d4:72:b2:40:e5:0d:f4:c7:6c:e2:3a:40:bb:
                    c4:81:79:9e:50:80:bf:00:4b:86:c5:38:af:cc:87:
                    32:4b:49:e1:52:b8:7e:a2:23:76:f1:52:a1:c1:98:
                    98:59:47:83:67:22:c8:07:ff:c3:1e:7e:30:42:e9:
                    a3:b6:03:9b:d0:8d:a7:a0:ce:6b:28:42:36:08:55:
                    9f:03:ee:8c:7a:da:98:09:18:be:4d:11:c1:a2:0a:
                    bf:21:4c:e3:46:4b:27:89:f5:37:24:e4:f0:fb:24:
                    da:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:F6:0B:16:55:FD:00:38:B0:24:97:E2:04:CD:71:7B:CB:AE:40:44
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E1E4C446288E11EE99B351244AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:5b:1d:94:e7:99:2b:7e:cd:32:91:9c:ff:8e:ae:80:6c:dc:
         dd:9b:b6:fe:3a:16:82:d1:e1:d4:f0:28:02:c4:49:02:b6:55:
         e7:cd:f9:8d:df:26:32:5d:f7:85:41:e3:a1:5d:d6:70:69:17:
         c8:51:95:87:ef:24:a1:e9:e9:7a:e1:5a:e7:a6:48:18:72:85:
         75:ac:ff:07:df:09:84:0d:d8:18:d0:d1:4c:f2:86:ec:28:99:
         f2:b9:39:b4:1f:ab:46:8d:f6:d6:6b:84:ec:51:78:74:47:39:
         48:7f:5a:e0:7e:14:71:ce:a8:26:a8:f9:95:fb:f4:7b:43:e2:
         6c:72:3f:90:82:92:fa:f6:bf:ab:7d:a7:0d:79:85:33:08:94:
         1f:dd:eb:8d:7c:f7:ba:47:3a:a3:39:47:e8:c4:58:39:0a:54:
         1b:19:e5:19:f5:92:a3:3d:0f:91:53:7b:39:28:65:1e:83:ef:
         ed:1d:5f:29:ba:27:78:d1:29:bd:2e:61:de:74:9d:fa:fe:eb:
         87:d1:ab:54:0a:33:19:3f:97:fd:6e:fc:c8:dc:74:83:6f:34:
         fc:90:21:23:6e:b5:76:3e:92:24:67:b8:fe:5d:da:db:7d:da:
         a9:6d:7e:85:d6:99:a7:5d:1a:a7:95:a5:fc:d7:4e:08:29:8e:
         81:53:46:07
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEMswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA3MjIxMjU0MjBaFw0yNTA3MjYxMjU0MjBaMBgxFjAU
BgNVBAMTDTY0YmJkMTdmLThiNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAFvbnOMKNn0buS8ulg48NIG7MKVq5s3axmScg26BF79QOIa9jB6fgYZzS
Hd8WkHWd0Is5PkloKgwrWOgAPQLyRTvcPssfY/M7QFpceW8ifrH9Wga5HBwcdpaf
9ZG82t+lM8nzXQlB4bpTDBM5siLJOY9AvUrKq3dr4bQW9JJF0sw36PbhyhJMLZ2L
Srm3VJRU4mXENfxI1HKyQOUN9Mds4jpAu8SBeZ5QgL8AS4bFOK/MhzJLSeFSuH6i
I3bxUqHBmJhZR4NnIsgH/8MefjBC6aO2A5vQjaegzmsoQjYIVZ8D7ox62pgJGL5N
EcGiCr8hTONGSyeJ9Tck5PD7JNrvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQULPYL
FlX9ADiwJJfiBM1xe8uuQEQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0UxRTRDNDQ2Mjg4RTExRUU5OUIzNTEyNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBYwDQYJKoZIhvcNAQEL
BQADggEBAINbHZTnmSt+zTKRnP+OroBs3N2btv46FoLR4dTwKALESQK2VefN+Y3f
JjJd94VB46Fd1nBpF8hRlYfvJKHp6XrhWuemSBhyhXWs/wffCYQN2BjQ0Uzyhuwo
mfK5ObQfq0aN9tZrhOxReHRHOUh/WuB+FHHOqCao+ZX79HtD4mxyP5CCkvr2v6t9
pw15hTMIlB/d641897pHOqM5R+jEWDkKVBsZ5Rn1kqM9D5FTezkoZR6D7+0dXym6
J3jRKb0uYd50nfr+64fRq1QKMxk/l/1u/MjcdINvNPyQISNutXY+kiRnuP5d2tt9
2qltfoXWmaddGqeVpfzXTggpjoFTRgc=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org