Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F3D9A04C18C511ED8D00C2E3F1222468.roa
File:                     F3D9A04C18C511ED8D00C2E3F1222468.roa (raw, json)
Hash identifier:          jJxXS6sxIqRZbhlK4CnGLMec1dULqrXSQENTwxNTdjs=
Subject key identifier:   7D:03:86:30:11:A3:61:6E:30:B1:46:AF:24:AB:D2:72:58:1F:67:25
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       092C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F3D9A04C18C511ED8D00C2E3F1222468.roa
Signing time:             Wed 10 Aug 2022 16:03:20 +0000
ROA not before:           Wed 10 Aug 2022 16:03:14 +0000
ROA not after:            Sat 10 Aug 2024 16:03:14 +0000
asID:                     60721
IP address blocks:        154.16.77.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2348 (0x92c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug 10 16:03:14 2022 GMT
            Not After : Aug 10 16:03:14 2024 GMT
        Subject: CN=62f3d6c8-c202
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:60:50:f5:1f:5c:c0:ea:b0:d0:6c:88:d0:ec:
                    15:0d:17:b5:0c:67:a3:94:55:f7:19:99:07:b6:a5:
                    06:33:c9:05:d8:eb:85:5a:0a:e7:74:1f:0f:72:6b:
                    be:eb:d3:31:aa:8f:3e:64:e1:d6:c2:d7:8b:4f:f5:
                    de:dc:25:42:07:38:9a:bd:f7:bd:81:b1:fc:54:29:
                    24:95:b2:24:21:7d:ba:ec:28:65:48:5a:23:ed:34:
                    1e:ea:18:4b:b0:24:23:78:08:59:ba:9d:25:7c:ca:
                    e7:0e:fe:93:af:aa:7f:9f:29:cb:ca:9c:30:09:63:
                    68:b9:37:b9:c3:d4:29:a0:4a:28:e8:66:e4:78:a2:
                    83:be:fb:b8:71:fa:62:26:e4:91:a9:ea:74:57:c9:
                    45:cd:e6:d2:a4:6d:8e:08:0c:8e:19:9c:da:6e:5a:
                    76:cf:70:9e:7b:a2:19:41:ff:fd:b4:00:8b:cb:11:
                    7a:be:05:6e:66:ef:6b:8c:94:d3:d3:9e:1e:fa:5f:
                    81:83:65:01:f4:44:7e:69:e2:1b:e7:6b:72:46:cb:
                    ae:d3:09:27:b8:bb:72:41:a3:ba:a4:a0:31:99:69:
                    39:d3:23:4b:1a:15:9e:a9:cd:1a:2e:d1:99:56:3a:
                    a4:9a:ac:ba:84:c0:7b:a6:78:c2:9d:60:d7:63:64:
                    75:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:03:86:30:11:A3:61:6E:30:B1:46:AF:24:AB:D2:72:58:1F:67:25
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/F3D9A04C18C511ED8D00C2E3F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:a8:c9:ec:b4:f8:73:ce:19:41:b4:c1:0e:bb:34:3c:bd:61:
         b7:5b:af:0e:95:cf:36:0c:b5:ff:f7:0a:79:2d:9a:65:b9:ff:
         90:cd:bb:35:b8:1b:76:96:bb:04:cb:fc:e6:ed:a7:95:cc:4d:
         4a:53:86:26:44:38:2c:e6:0b:10:39:3d:fe:1b:b0:26:9b:ba:
         7c:d2:72:2b:84:4a:d3:bd:0f:db:bd:61:e2:77:ab:87:00:a9:
         8d:3e:2a:e2:cb:8a:2a:93:52:85:e8:cb:40:8a:ef:e3:f1:c9:
         c2:64:eb:aa:86:6b:ad:a0:c4:67:01:2c:61:d0:21:e5:e2:28:
         3d:60:a1:2b:56:a1:a3:c3:44:1a:33:64:b9:93:e7:6f:37:06:
         8a:b5:01:57:22:c5:52:e6:ad:ff:6d:0e:02:27:8f:17:47:2f:
         ad:0e:bd:45:46:28:5d:ef:92:63:e2:5a:37:e8:80:84:bf:db:
         9e:90:98:56:de:87:d4:74:90:1e:54:52:72:ab:d0:0e:d7:66:
         2c:a9:12:0e:a6:8b:ae:f2:40:a0:74:c8:07:ac:57:01:3f:d7:
         05:b8:d2:b2:55:9c:36:08:29:56:0a:e9:2f:e8:ef:22:82:7d:
         d8:48:dc:eb:35:5c:23:1d:91:a9:17:ce:d0:cd:25:6e:c7:80:
         4b:bc:af:40
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCSwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjA4MTAxNjAzMTRaFw0yNDA4MTAxNjAzMTRaMBgxFjAU
BgNVBAMMDTYyZjNkNmM4LWMyMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCqYFD1H1zA6rDQbIjQ7BUNF7UMZ6OUVfcZmQe2pQYzyQXY64VaCud0Hw9y
a77r0zGqjz5k4dbC14tP9d7cJUIHOJq9972BsfxUKSSVsiQhfbrsKGVIWiPtNB7q
GEuwJCN4CFm6nSV8yucO/pOvqn+fKcvKnDAJY2i5N7nD1CmgSijoZuR4ooO++7hx
+mIm5JGp6nRXyUXN5tKkbY4IDI4ZnNpuWnbPcJ57ohlB//20AIvLEXq+BW5m72uM
lNPTnh76X4GDZQH0RH5p4hvna3JGy67TCSe4u3JBo7qkoDGZaTnTI0saFZ6pzRou
0ZlWOqSarLqEwHumeMKdYNdjZHU3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfQOG
MBGjYW4wsUavJKvSclgfZyUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0YzRDlBMDRDMThDNTExRUQ4RDAwQzJFM0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEE0wDQYJKoZIhvcNAQEL
BQADggEBACGoyey0+HPOGUG0wQ67NDy9Ybdbrw6VzzYMtf/3CnktmmW5/5DNuzW4
G3aWuwTL/Obtp5XMTUpThiZEOCzmCxA5Pf4bsCabunzSciuEStO9D9u9YeJ3q4cA
qY0+KuLLiiqTUoXoy0CK7+PxycJk66qGa62gxGcBLGHQIeXiKD1goStWoaPDRBoz
ZLmT5283Boq1AVcixVLmrf9tDgInjxdHL60OvUVGKF3vkmPiWjfogIS/256QmFbe
h9R0kB5UUnKr0A7XZiypEg6mi67yQKB0yAesVwE/1wW40rJVnDYIKVYK6S/o7yKC
fdhI3Os1XCMdkakXztDNJW7HgEu8r0A=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:04 2024 by rpki-client on console-ams.rpki-client.org