Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/78E5B57E136E11EFA22D8244017001B1.roa
File:                     78E5B57E136E11EFA22D8244017001B1.roa (raw, json)
Hash identifier:          hhm0rN/+Uod2zgnqV5AlLN6vEP7WFXoASCy2/yp/Rws=
Subject key identifier:   51:A7:19:AF:29:E3:55:9E:6C:89:4D:67:EA:B3:40:E8:FF:6B:9F:CA
Certificate issuer:       /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial:       050A
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/78E5B57E136E11EFA22D8244017001B1.roa
Signing time:             Thu 16 May 2024 10:24:27 +0000
ROA not before:           Thu 16 May 2024 10:24:23 +0000
ROA not after:            Mon 21 Oct 2024 10:24:23 +0000
asID:                     273219
IP address blocks:        102.177.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 04 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1290 (0x50a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
        Validity
            Not Before: May 16 10:24:23 2024 GMT
            Not After : Oct 21 10:24:23 2024 GMT
        Subject: CN=6645dedb-2df2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:34:6c:7f:f3:3c:27:a0:31:0d:e7:b1:a9:90:
                    15:79:1e:29:e9:66:1f:c0:69:0a:5c:b8:eb:42:d6:
                    6f:42:0b:e9:a3:4b:0d:67:61:a7:ea:9f:08:91:39:
                    da:f4:47:0a:94:78:c0:60:89:91:5c:b3:01:64:55:
                    fc:e6:00:a0:70:e5:a1:2c:cc:31:14:b1:19:55:32:
                    30:00:d7:2e:ef:12:06:c3:f3:c4:10:46:a8:ee:f5:
                    08:5e:2f:62:20:7b:5a:41:d1:d3:19:2c:c0:d8:c7:
                    ab:18:11:cd:f4:13:58:5b:79:7d:c0:f3:74:7c:85:
                    b3:04:b8:a7:a9:e4:c4:6e:2b:36:39:bd:fe:ff:20:
                    90:62:36:49:95:95:48:53:5a:51:d5:0b:8c:05:b9:
                    41:8b:1e:1d:e8:1e:71:ee:65:29:01:f5:e1:aa:64:
                    73:10:78:a3:51:2e:97:70:1b:61:39:8e:3a:d2:e7:
                    a6:44:89:71:8e:79:d9:50:01:be:5d:83:ac:8c:9b:
                    dc:89:34:52:d1:b6:a1:f2:df:9f:1a:b9:99:5e:c6:
                    19:eb:4a:9e:8e:48:d7:27:16:57:de:0d:e7:97:ca:
                    93:d9:41:84:9d:c6:24:72:34:8b:10:fd:42:18:93:
                    8a:d7:4d:57:c2:cd:e4:12:fb:40:02:df:8c:60:dd:
                    50:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:A7:19:AF:29:E3:55:9E:6C:89:4D:67:EA:B3:40:E8:FF:6B:9F:CA
            X509v3 Authority Key Identifier:
                keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/78E5B57E136E11EFA22D8244017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:65:31:56:15:f9:b8:cd:92:04:65:29:4e:73:9f:f1:11:f8:
         59:cd:91:af:bd:f8:73:3c:7f:85:0d:5c:d0:39:c7:18:bf:f6:
         78:00:19:67:4d:a6:ec:a2:8a:66:51:28:a8:23:14:0d:cd:23:
         8b:48:17:e9:5f:e0:69:6a:f9:c6:9a:aa:bc:34:80:26:44:a3:
         5f:93:b0:a4:c0:1b:9a:29:90:a8:11:43:eb:d5:c6:3d:ee:e2:
         1d:23:40:d7:85:7b:f9:ef:d7:35:1e:90:f7:1c:61:2d:3f:83:
         d9:75:e1:64:fb:89:94:8d:79:b4:e6:13:b9:83:79:e9:22:05:
         bb:4e:51:25:35:03:49:93:8a:d0:13:ee:ac:89:a5:b2:20:03:
         5f:de:6d:ca:f0:bd:ec:5b:06:1d:43:96:c9:00:e5:e5:6d:cb:
         d9:32:44:13:4d:59:84:f8:b9:65:30:86:9f:3a:58:65:17:2a:
         17:d6:de:54:c1:df:a9:45:b3:d9:6d:fd:27:4c:38:fc:03:27:
         39:c3:99:f5:07:2b:b5:35:03:e8:a8:e2:7a:8f:87:1d:78:f3:
         d4:a2:09:0b:75:df:51:2f:2e:e0:b1:23:fc:83:93:66:6a:45:
         d1:65:ad:a9:d1:81:18:64:c0:68:5f:38:ea:33:13:d5:c9:d5:
         f1:c4:2b:bc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBQowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNDA1MTYxMDI0MjNaFw0yNDEwMjExMDI0MjNaMBgxFjAU
BgNVBAMTDTY2NDVkZWRiLTJkZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6NGx/8zwnoDEN57GpkBV5HinpZh/AaQpcuOtC1m9CC+mjSw1nYafqnwiR
Odr0RwqUeMBgiZFcswFkVfzmAKBw5aEszDEUsRlVMjAA1y7vEgbD88QQRqju9Qhe
L2Ige1pB0dMZLMDYx6sYEc30E1hbeX3A83R8hbMEuKep5MRuKzY5vf7/IJBiNkmV
lUhTWlHVC4wFuUGLHh3oHnHuZSkB9eGqZHMQeKNRLpdwG2E5jjrS56ZEiXGOedlQ
Ab5dg6yMm9yJNFLRtqHy358auZlexhnrSp6OSNcnFlfeDeeXypPZQYSdxiRyNIsQ
/UIYk4rXTVfCzeQS+0AC34xg3VB7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUUacZ
rynjVZ5siU1n6rNA6P9rn8owHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4Lzc4RTVCNTdFMTM2RTExRUZBMjJEODI0NDAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsbwwDQYJKoZIhvcNAQEL
BQADggEBALdlMVYV+bjNkgRlKU5zn/ER+FnNka+9+HM8f4UNXNA5xxi/9ngAGWdN
puyiimZRKKgjFA3NI4tIF+lf4Glq+caaqrw0gCZEo1+TsKTAG5opkKgRQ+vVxj3u
4h0jQNeFe/nv1zUekPccYS0/g9l14WT7iZSNebTmE7mDeekiBbtOUSU1A0mTitAT
7qyJpbIgA1/ebcrwvexbBh1DlskA5eVty9kyRBNNWYT4uWUwhp86WGUXKhfW3lTB
36lFs9lt/SdMOPwDJznDmfUHK7U1A+io4nqPhx1489SiCQt131EvLuCxI/yDk2Zq
RdFlranRgRhkwGhfOOozE9XJ1fHEK7w=
-----END CERTIFICATE-----