Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/ADC9EADA3F1C11EDB4A666D4F1222468.roa
File:                     ADC9EADA3F1C11EDB4A666D4F1222468.roa (raw, json)
Hash identifier:          zf+HF4m1hIRsrWAg5uKQM4omEAgOT8hMHJdYMUftl0Q=
Subject key identifier:   39:93:7B:52:FC:0E:62:F9:FB:89:90:1C:8C:FB:13:A3:C4:8C:5F:D6
Certificate issuer:       /CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Certificate serial:       0B8B
Authority key identifier: 8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/ADC9EADA3F1C11EDB4A666D4F1222468.roa
Signing time:             Wed 28 Sep 2022 10:59:52 +0000
ROA not before:           Wed 28 Sep 2022 10:59:49 +0000
ROA not after:            Tue 28 Sep 2027 10:59:49 +0000
asID:                     33764
IP address blocks:        2001:42d0:1::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.mft
                          rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 03 Jun 2024 00:05:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2955 (0xb8b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
        Validity
            Not Before: Sep 28 10:59:49 2022 GMT
            Not After : Sep 28 10:59:49 2027 GMT
        Subject: CN=63342928-b62b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:09:e8:04:b2:cf:b6:57:49:b8:0b:f7:47:f6:
                    87:10:f9:5a:81:95:30:d1:98:f4:be:0c:9a:9f:f2:
                    0f:2a:1a:29:46:ad:8c:b4:e2:4a:ff:85:ad:15:51:
                    d0:0a:11:76:ad:15:e2:03:fb:c9:64:d4:1f:d2:60:
                    0e:7b:d7:50:29:c6:dd:a5:96:fd:24:e2:15:d5:a6:
                    1f:00:6d:36:c4:67:cd:70:5b:40:b4:fa:58:76:21:
                    5c:33:17:3e:4b:62:41:02:2c:75:f0:07:69:ea:1a:
                    06:b7:3b:89:63:f3:25:54:6a:ff:fb:e4:35:b5:4f:
                    cd:c4:b6:81:06:ff:77:b6:df:76:b7:36:99:08:c4:
                    02:f6:eb:96:06:9e:24:03:52:96:6f:19:9b:ed:be:
                    87:5b:4a:09:99:57:11:dc:02:3d:94:54:f2:1b:8a:
                    aa:07:81:2b:82:fc:e8:ce:66:ce:e9:fe:1e:45:8a:
                    78:18:df:aa:ec:69:c0:27:b5:0a:c7:87:8d:ec:3a:
                    51:eb:a1:33:e9:ab:a0:21:90:12:0d:f7:24:86:1b:
                    95:f0:80:a8:f6:e3:e3:50:64:e0:89:ce:16:7b:41:
                    90:f8:43:62:56:5c:39:4f:bd:23:79:6c:5b:f1:bf:
                    af:70:01:b3:b9:8f:68:4e:c8:19:6d:b5:39:94:36:
                    c5:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:93:7B:52:FC:0E:62:F9:FB:89:90:1C:8C:FB:13:A3:C4:8C:5F:D6
            X509v3 Authority Key Identifier:
                keyid:8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/ADC9EADA3F1C11EDB4A666D4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:42d0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         cf:7b:a5:95:00:b8:40:74:50:a7:67:28:23:1f:54:0f:9c:13:
         7e:67:02:18:65:45:e7:35:8a:ff:97:c9:5f:10:6f:21:31:07:
         30:fe:82:6e:1c:76:5c:dd:b2:43:dd:48:10:ac:6c:5d:c7:ff:
         f7:02:e6:30:56:98:d0:df:08:a1:43:75:28:3a:93:e3:fe:b2:
         4c:01:79:f5:54:26:b2:ef:4f:e3:eb:14:5d:33:3e:88:8c:75:
         d0:cb:3f:2d:d0:6e:fc:77:9c:81:b6:25:2d:20:43:2b:70:3d:
         f8:98:23:46:47:4d:a3:cf:c9:40:4e:ef:f2:be:30:b9:9e:28:
         ba:f1:4f:9d:6f:c4:47:fc:32:42:bc:5d:38:bd:da:9d:72:81:
         79:6f:79:01:17:06:27:4b:ea:9d:6c:44:4f:fc:38:92:69:19:
         3d:9d:e2:89:03:c6:28:a2:c0:a3:98:92:87:c8:ce:1b:a0:17:
         0b:59:72:67:98:c3:d7:8d:be:e5:10:fa:d2:f0:0f:b1:d3:13:
         5b:01:c0:e1:02:43:21:56:06:9c:42:dd:9e:b7:a2:7f:4e:4a:
         53:f0:62:9d:cd:0d:43:22:8b:bf:1b:79:97:7f:61:f6:df:f8:
         9c:1e:06:be:a6:29:4c:0b:d8:6f:15:1b:ed:87:c6:ac:32:28:
         1d:7d:83:04
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICC4swDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MzREMjJBRjExMC8GA1UEBRMoOEQwMUQ4MDhFODk3NzQ1NDNERTIyRDBEQTg0NDM3
OEVDRUE4QkI5QjAeFw0yMjA5MjgxMDU5NDlaFw0yNzA5MjgxMDU5NDlaMBgxFjAU
BgNVBAMMDTYzMzQyOTI4LWI2MmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLCegEss+2V0m4C/dH9ocQ+VqBlTDRmPS+DJqf8g8qGilGrYy04kr/ha0V
UdAKEXatFeID+8lk1B/SYA5711Apxt2llv0k4hXVph8AbTbEZ81wW0C0+lh2IVwz
Fz5LYkECLHXwB2nqGga3O4lj8yVUav/75DW1T83EtoEG/3e233a3NpkIxAL265YG
niQDUpZvGZvtvodbSgmZVxHcAj2UVPIbiqoHgSuC/OjOZs7p/h5FingY36rsacAn
tQrHh43sOlHroTPpq6AhkBIN9ySGG5XwgKj24+NQZOCJzhZ7QZD4Q2JWXDlPvSN5
bFvxv69wAbO5j2hOyBlttTmUNsU3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOZN7
UvwOYvn7iZAcjPsTo8SMX9YwHwYDVR0jBBgwFoAUjQHYCOiXdFQ94i0NqEQ3js6o
u5swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4QUVBMjI4L2pRSFlD
T2lYZEZROTRpME5xRVEzanM2b3U1cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pRSFlDT2lYZEZROTRpME5xRVEzanM2b3U1cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4
QUVBMjI4L0FEQzlFQURBM0YxQzExRURCNEE2NjZENEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAULQAAEwDQYJKoZIhvcN
AQELBQADggEBAM97pZUAuEB0UKdnKCMfVA+cE35nAhhlRec1iv+XyV8QbyExBzD+
gm4cdlzdskPdSBCsbF3H//cC5jBWmNDfCKFDdSg6k+P+skwBefVUJrLvT+PrFF0z
PoiMddDLPy3Qbvx3nIG2JS0gQytwPfiYI0ZHTaPPyUBO7/K+MLmeKLrxT51vxEf8
MkK8XTi92p1ygXlveQEXBidL6p1sRE/8OJJpGT2d4okDxiiiwKOYkofIzhugFwtZ
cmeYw9eNvuUQ+tLwD7HTE1sBwOECQyFWBpxC3Z63on9OSlPwYp3NDUMii78beZd/
Yfbf+JweBr6mKUwL2G8VG+2HxqwyKB19gwQ=
-----END CERTIFICATE-----