Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363460F/09B5B7B2986111EFBC3A7F6E762E951A/26DC05C4986311EFBE63827B762E951A.roa
File:                     26DC05C4986311EFBE63827B762E951A.roa (raw, json)
Hash identifier:          9xkZbyUzhuxbnuEDnds0Ogy4qS4HDRlvSKhOgozHOF4=
Subject key identifier:   1C:71:A3:52:3B:1E:EE:B1:EB:D2:0C:66:E6:18:1A:F2:92:F2:2B:42
Certificate issuer:       /CN=F363460FAF/serialNumber=255F6A203E4D4299976913A6F62DE8C48EEC93BD
Certificate serial:       04
Authority key identifier: 25:5F:6A:20:3E:4D:42:99:97:69:13:A6:F6:2D:E8:C4:8E:EC:93:BD
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JV9qID5NQpmXaROm9i3oxI7sk70.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363460F/09B5B7B2986111EFBC3A7F6E762E951A/26DC05C4986311EFBE63827B762E951A.roa
Signing time:             Fri 01 Nov 2024 15:08:29 +0000
ROA not before:           Fri 01 Nov 2024 15:08:26 +0000
ROA not after:            Sun 31 Dec 2034 15:08:26 +0000
asID:                     36976
IP address blocks:        41.223.164.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363460F/09B5B7B2986111EFBC3A7F6E762E951A/JV9qID5NQpmXaROm9i3oxI7sk70.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363460F/09B5B7B2986111EFBC3A7F6E762E951A/JV9qID5NQpmXaROm9i3oxI7sk70.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JV9qID5NQpmXaROm9i3oxI7sk70.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363460FAF/serialNumber=255F6A203E4D4299976913A6F62DE8C48EEC93BD
        Validity
            Not Before: Nov  1 15:08:26 2024 GMT
            Not After : Dec 31 15:08:26 2034 GMT
        Subject: CN=6724eeed-5ec4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:6e:70:68:e0:c5:bd:cd:ec:df:aa:a5:55:0a:
                    89:3b:ec:f2:11:12:4b:3f:ec:aa:9d:ec:84:c3:bd:
                    8d:fc:db:aa:c9:93:72:0d:a3:21:e2:dd:12:93:80:
                    f7:c1:29:fb:ce:92:c7:b1:94:94:ba:8a:3f:62:2f:
                    d1:2d:6c:d8:51:03:e9:45:f7:0c:7a:c2:ed:6e:fa:
                    2f:e3:b1:2f:bf:0d:b3:47:8d:6c:ee:07:f0:05:78:
                    81:a2:fc:92:59:bc:60:d3:bb:e4:d7:5f:62:66:d1:
                    b4:06:f8:23:c2:31:64:cc:1a:01:fb:cc:9c:05:87:
                    e0:ab:da:ea:b8:58:aa:ea:e1:b9:56:c1:bb:25:45:
                    0d:ce:92:1d:97:ae:49:b1:d7:17:71:a7:e4:66:6e:
                    64:fc:3f:05:7e:40:7d:19:7e:8f:9c:13:45:c0:af:
                    d4:13:3e:ab:2a:c4:b6:70:33:84:fb:f8:bc:72:3f:
                    ab:53:71:0f:86:27:43:19:ca:2e:ce:9c:e5:05:da:
                    c4:dc:f8:2f:92:b8:de:ab:60:c3:e6:41:99:95:cb:
                    63:53:60:4b:b5:d2:7d:e5:1f:49:11:9c:05:0b:c5:
                    24:db:b9:29:49:b0:f4:1b:57:44:d0:f4:a2:dd:f8:
                    3a:64:95:c8:95:1e:d3:69:75:05:cd:8d:09:02:0a:
                    f9:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:71:A3:52:3B:1E:EE:B1:EB:D2:0C:66:E6:18:1A:F2:92:F2:2B:42
            X509v3 Authority Key Identifier:
                keyid:25:5F:6A:20:3E:4D:42:99:97:69:13:A6:F6:2D:E8:C4:8E:EC:93:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363460F/09B5B7B2986111EFBC3A7F6E762E951A/JV9qID5NQpmXaROm9i3oxI7sk70.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JV9qID5NQpmXaROm9i3oxI7sk70.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363460F/09B5B7B2986111EFBC3A7F6E762E951A/26DC05C4986311EFBE63827B762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.223.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         95:f0:ac:d0:70:f3:f7:c3:90:08:e7:21:41:c9:6d:c7:0f:47:
         98:35:1c:5d:a8:e7:f3:b1:6c:82:84:dc:03:aa:9f:76:8e:5e:
         69:35:92:46:85:f8:43:52:5b:dc:72:1c:ee:c7:86:b6:90:38:
         66:4c:cf:ba:a9:76:c9:8a:d3:df:45:00:e8:a6:48:a9:5a:60:
         e8:72:ba:c0:e7:c5:44:88:60:7b:a2:61:7d:10:05:35:07:b5:
         d4:7e:fc:fd:f7:c0:32:15:94:62:d4:c5:ac:ee:5e:b4:85:42:
         28:31:ca:06:38:dd:4a:f7:8b:38:99:1c:76:2e:43:1e:c3:50:
         87:d0:5a:0a:d3:4e:b8:22:0c:e7:85:b3:2b:a2:ec:30:5b:79:
         1a:6b:67:b7:f8:cd:8b:e1:96:22:66:e6:eb:ed:75:0a:6f:4b:
         3b:19:a0:08:e3:06:60:87:6f:18:0c:90:e2:51:3b:18:97:b4:
         e5:8a:ae:91:9e:84:a8:a5:9d:a3:ba:5d:8d:5f:36:62:4e:db:
         8b:c0:c1:0d:8f:32:45:6b:13:dc:3e:e5:3c:7e:e7:b8:6c:9f:
         48:7d:1a:81:13:2e:08:6f:a3:2b:22:09:46:36:95:ec:37:cf:
         c3:59:c0:16:85:30:a3:1f:d4:76:88:3a:5c:40:6b:53:f6:67:
         54:2e:9d:6e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
NDYwRkFGMTEwLwYDVQQFEygyNTVGNkEyMDNFNEQ0Mjk5OTc2OTEzQTZGNjJERThD
NDhFRUM5M0JEMB4XDTI0MTEwMTE1MDgyNloXDTM0MTIzMTE1MDgyNlowGDEWMBQG
A1UEAxMNNjcyNGVlZWQtNWVjNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRucGjgxb3N7N+qpVUKiTvs8hESSz/sqp3shMO9jfzbqsmTcg2jIeLdEpOA
98Ep+86Sx7GUlLqKP2Iv0S1s2FED6UX3DHrC7W76L+OxL78Ns0eNbO4H8AV4gaL8
klm8YNO75NdfYmbRtAb4I8IxZMwaAfvMnAWH4Kva6rhYqurhuVbBuyVFDc6SHZeu
SbHXF3Gn5GZuZPw/BX5AfRl+j5wTRcCv1BM+qyrEtnAzhPv4vHI/q1NxD4YnQxnK
Ls6c5QXaxNz4L5K43qtgw+ZBmZXLY1NgS7XSfeUfSRGcBQvFJNu5KUmw9BtXRND0
ot34OmSVyJUe02l1Bc2NCQIK+YECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQccaNS
Ox7usevSDGbmGBrykvIrQjAfBgNVHSMEGDAWgBQlX2ogPk1CmZdpE6b2LejEjuyT
vTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzQ2MEYvMDlCNUI3QjI5ODYxMTFFRkJDM0E3RjZFNzYyRTk1MUEvSlY5cUlE
NU5RcG1YYVJPbTlpM294STdzazcwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSlY5cUlENU5RcG1YYVJPbTlpM294STdzazcwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzQ2MEYvMDlCNUI3QjI5ODYxMTFFRkJDM0E3RjZFNzYy
RTk1MUEvMjZEQzA1QzQ5ODYzMTFFRkJFNjM4MjdCNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAinfpDANBgkqhkiG9w0BAQsF
AAOCAQEAlfCs0HDz98OQCOchQcltxw9HmDUcXajn87FsgoTcA6qfdo5eaTWSRoX4
Q1Jb3HIc7seGtpA4ZkzPuql2yYrT30UA6KZIqVpg6HK6wOfFRIhge6JhfRAFNQe1
1H78/ffAMhWUYtTFrO5etIVCKDHKBjjdSveLOJkcdi5DHsNQh9BaCtNOuCIM54Wz
K6LsMFt5Gmtnt/jNi+GWImbm6+11Cm9LOxmgCOMGYIdvGAyQ4lE7GJe05YqukZ6E
qKWdo7pdjV82Yk7bi8DBDY8yRWsT3D7lPH7nuGyfSH0agRMuCG+jKyIJRjaV7DfP
w1nAFoUwox/Udog6XEBrU/ZnVC6dbg==
-----END CERTIFICATE-----