Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E354CEEE552011EDAF63F586F1222468.roa
File:                     E354CEEE552011EDAF63F586F1222468.roa (raw, json)
Hash identifier:          e2MDD5vHzh8M1mSXSgdAxPHQ4C1A9+T7V3xJdlo6A5c=
Subject key identifier:   EB:76:27:C7:21:CB:F0:D7:2F:1B:53:7E:DE:8B:86:89:4A:B3:52:D0
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0A66
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E354CEEE552011EDAF63F586F1222468.roa
Signing time:             Wed 26 Oct 2022 11:25:26 +0000
ROA not before:           Wed 26 Oct 2022 11:25:23 +0000
ROA not after:            Sun 27 Oct 2024 11:25:23 +0000
asID:                     212238
IP address blocks:        154.16.224.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Jul 2023 00:03:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2662 (0xa66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Oct 26 11:25:23 2022 GMT
            Not After : Oct 27 11:25:23 2024 GMT
        Subject: CN=63591926-7fd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:1a:62:37:50:94:65:f4:32:69:d6:a1:27:b0:
                    8a:67:fa:cc:0b:e9:2a:cf:35:86:73:09:35:1b:59:
                    a8:08:04:b8:53:81:aa:8e:f3:cd:c1:15:55:d3:3c:
                    96:8a:8f:81:ca:06:dc:ec:59:73:fb:76:83:79:ba:
                    98:cf:2e:d4:c0:f3:ef:fa:d6:fa:0f:62:25:ac:15:
                    ad:d5:c8:d8:c3:3a:a0:c2:93:fc:85:c2:01:b6:45:
                    67:94:dd:80:b3:bd:f6:c5:ba:90:35:b9:5a:29:a3:
                    1b:91:74:b5:46:f0:a3:98:cb:72:3c:41:90:7b:b1:
                    ae:49:93:bd:1a:79:0d:42:41:00:a4:9c:b2:a2:c6:
                    b9:22:b5:dd:d7:4d:fe:86:67:01:6d:01:30:b5:94:
                    e1:b4:02:f5:50:7a:4d:3d:f4:d0:b4:98:dc:96:ed:
                    e5:8e:50:03:6c:de:c0:f1:d2:da:df:74:c4:99:82:
                    0a:c2:5e:c6:bd:00:f3:fd:50:72:3c:d6:d3:cd:f9:
                    e6:0c:55:7d:65:73:53:60:65:f0:ab:8c:71:85:50:
                    eb:b7:cf:77:f9:6d:34:ed:1a:11:54:fb:0c:b4:38:
                    a4:44:54:59:0a:5e:b2:79:e7:f3:1d:31:38:b4:f8:
                    56:33:58:47:bc:26:c2:c2:50:b2:a5:1f:b6:2e:8f:
                    6c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:76:27:C7:21:CB:F0:D7:2F:1B:53:7E:DE:8B:86:89:4A:B3:52:D0
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E354CEEE552011EDAF63F586F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:d3:48:1b:69:4a:0d:28:e4:75:c6:e1:31:76:d0:f2:88:61:
         23:7d:38:05:20:50:af:36:8b:3b:cf:86:12:8f:2f:b9:a7:ca:
         c4:15:c5:e3:8a:60:97:0c:52:f2:9c:e5:b5:9d:8a:9e:25:31:
         dd:f6:8f:5e:2a:dd:9d:32:16:74:12:c8:b9:94:bc:d7:cb:59:
         b0:6a:e3:4b:0e:a9:d2:5b:18:7b:4e:f8:34:ca:96:d6:a3:d6:
         15:3c:99:ae:ed:1b:47:da:67:35:6a:dd:f4:e1:2c:51:42:00:
         77:1a:6b:ee:a9:9d:f2:97:7b:cd:19:cb:93:61:db:61:eb:73:
         d2:8d:3c:15:c0:29:c4:4c:ff:87:6b:19:63:08:93:e0:02:33:
         64:d6:3d:1c:70:58:af:a0:9a:a8:4d:5a:60:5c:3f:4f:84:1a:
         7d:92:ff:77:5b:7d:5b:2b:af:f2:89:96:65:c6:0b:88:b3:5e:
         b3:a8:2f:1c:2e:81:a8:62:42:81:60:63:9a:07:3b:7a:bc:a0:
         a9:7d:96:3d:8c:3c:05:9e:b8:e1:78:3a:6f:26:a2:2b:a9:a0:
         06:9b:78:81:f7:e9:86:2f:1b:77:da:b3:fb:76:b1:d0:b6:81:
         38:3e:79:48:ed:77:51:94:aa:2c:38:4f:9d:0c:21:d8:de:10:
         43:15:56:a8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCmYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjEwMjYxMTI1MjNaFw0yNDEwMjcxMTI1MjNaMBgxFjAU
BgNVBAMMDTYzNTkxOTI2LTdmZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWGmI3UJRl9DJp1qEnsIpn+swL6SrPNYZzCTUbWagIBLhTgaqO883BFVXT
PJaKj4HKBtzsWXP7doN5upjPLtTA8+/61voPYiWsFa3VyNjDOqDCk/yFwgG2RWeU
3YCzvfbFupA1uVopoxuRdLVG8KOYy3I8QZB7sa5Jk70aeQ1CQQCknLKixrkitd3X
Tf6GZwFtATC1lOG0AvVQek099NC0mNyW7eWOUANs3sDx0trfdMSZggrCXsa9APP9
UHI81tPN+eYMVX1lc1NgZfCrjHGFUOu3z3f5bTTtGhFU+wy0OKREVFkKXrJ55/Md
MTi0+FYzWEe8JsLCULKlH7Yuj2zrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU63Yn
xyHL8NcvG1N+3ouGiUqzUtAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0UzNTRDRUVFNTUyMDExRURBRjYzRjU4NkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOAwDQYJKoZIhvcNAQEL
BQADggEBAJjTSBtpSg0o5HXG4TF20PKIYSN9OAUgUK82izvPhhKPL7mnysQVxeOK
YJcMUvKc5bWdip4lMd32j14q3Z0yFnQSyLmUvNfLWbBq40sOqdJbGHtO+DTKltaj
1hU8ma7tG0faZzVq3fThLFFCAHcaa+6pnfKXe80Zy5Nh22Hrc9KNPBXAKcRM/4dr
GWMIk+ACM2TWPRxwWK+gmqhNWmBcP0+EGn2S/3dbfVsrr/KJlmXGC4izXrOoLxwu
gahiQoFgY5oHO3q8oKl9lj2MPAWeuOF4Om8moiupoAabeIH36YYvG3fas/t2sdC2
gTg+eUjtd1GUqiw4T50MIdjeEEMVVqg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:34:10 2023 by rpki-client on console-ams.rpki-client.org