Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/4AE8CA1ABEB611EEA24E4355775412E6.roa
File:                     4AE8CA1ABEB611EEA24E4355775412E6.roa (raw, json)
Hash identifier:          6xGplpcSO+x7fDbdx9ixELJb7z+gA66jql4m5bkFDig=
Subject key identifier:   D3:DB:E9:E6:11:FC:02:2F:03:59:E6:05:AD:8D:64:E0:1C:5D:CD:9E
Certificate issuer:       /CN=F363ADF7AF/serialNumber=E73D301F910D56EBAB7A11103BE8BE275388B72B
Certificate serial:       04B0
Authority key identifier: E7:3D:30:1F:91:0D:56:EB:AB:7A:11:10:3B:E8:BE:27:53:88:B7:2B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/5z0wH5ENVuurehEQO-i-J1OItys.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/4AE8CA1ABEB611EEA24E4355775412E6.roa
Signing time:             Mon 29 Jan 2024 14:54:24 +0000
ROA not before:           Mon 29 Jan 2024 14:54:21 +0000
ROA not after:            Tue 29 Jan 2030 14:54:21 +0000
asID:                     327899
IP address blocks:        197.243.124.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/5z0wH5ENVuurehEQO-i-J1OItys.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/5z0wH5ENVuurehEQO-i-J1OItys.mft
                          rsync://rpki.afrinic.net/repository/afrinic/5z0wH5ENVuurehEQO-i-J1OItys.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 29 May 2024 00:04:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1200 (0x4b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363ADF7AF/serialNumber=E73D301F910D56EBAB7A11103BE8BE275388B72B
        Validity
            Not Before: Jan 29 14:54:21 2024 GMT
            Not After : Jan 29 14:54:21 2030 GMT
        Subject: CN=65b7bc20-8f77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:03:8a:dd:ed:c7:00:77:36:c0:e5:d0:df:58:
                    80:6a:e6:c9:3e:76:3a:3d:c4:ac:ff:fe:2a:37:f4:
                    57:6e:4b:9f:f7:6d:0f:47:3a:c4:55:01:6b:c4:0f:
                    0f:2e:d9:c2:bf:2b:5f:e8:3f:28:66:ac:1e:46:51:
                    3c:39:92:6a:4d:73:66:9d:e4:36:f0:b6:be:07:de:
                    09:e6:8f:eb:4d:b8:cd:80:37:69:2d:73:2c:f9:f5:
                    96:49:ad:42:14:02:14:b7:0a:29:c9:10:18:c2:20:
                    77:6f:12:88:82:bb:1a:a9:9c:f4:76:7c:46:d2:9f:
                    76:fb:cb:27:91:7e:b0:06:f9:a7:74:06:be:59:41:
                    58:dd:cc:13:d2:bb:50:52:41:d6:8f:17:ec:47:97:
                    62:09:20:3b:eb:33:17:8c:f4:33:b9:8c:cb:64:ff:
                    fe:3c:6a:27:f3:f8:ac:29:a9:14:68:28:b5:e5:89:
                    cb:77:93:fa:de:92:2e:f6:83:92:d8:11:2b:3f:9c:
                    b8:a9:3a:6b:aa:a2:5c:70:47:75:47:ac:cd:fc:71:
                    d6:66:63:7e:46:2e:ab:9e:9b:e5:35:02:92:e2:fc:
                    21:a9:64:e3:68:a7:34:3c:4d:83:e6:12:8f:9c:20:
                    a1:e5:0d:fe:4a:f5:c7:e5:0a:7b:15:35:00:c9:44:
                    5a:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:DB:E9:E6:11:FC:02:2F:03:59:E6:05:AD:8D:64:E0:1C:5D:CD:9E
            X509v3 Authority Key Identifier:
                keyid:E7:3D:30:1F:91:0D:56:EB:AB:7A:11:10:3B:E8:BE:27:53:88:B7:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/5z0wH5ENVuurehEQO-i-J1OItys.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/5z0wH5ENVuurehEQO-i-J1OItys.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/4AE8CA1ABEB611EEA24E4355775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.243.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:92:78:4f:4d:8e:ee:93:d2:e2:f6:99:6e:34:cd:6c:9d:e5:
         ab:78:9f:26:42:3c:a7:18:e8:88:aa:62:89:ea:61:21:98:96:
         ab:05:6e:91:67:f5:44:88:3b:15:4b:54:e2:f8:d6:05:8a:a7:
         72:51:6e:66:5b:57:8f:39:52:9c:30:62:aa:de:b1:1d:74:87:
         e3:d5:6c:47:96:bc:e5:70:98:dd:9b:db:c6:b1:b0:ae:fc:bd:
         cb:92:d6:ed:ce:72:b0:f2:ec:b2:1b:6b:7b:3f:61:a3:d1:d3:
         2e:a7:1b:7e:81:f4:9f:ef:9b:01:d7:56:ef:1c:c4:82:69:5e:
         1c:e1:7e:66:27:a7:09:1e:bd:32:fb:9f:6c:43:4f:3e:2e:8b:
         de:b2:b6:79:b9:e9:0a:e4:4e:ab:ce:bd:ff:f7:1d:a5:90:22:
         cc:42:d8:4f:8d:35:82:59:0f:0c:4d:6e:6b:8e:34:2c:23:5a:
         58:d3:ff:f7:a0:7b:9e:e8:bb:c0:a1:bc:56:ca:d4:8a:51:2c:
         10:69:37:54:35:50:51:41:eb:a7:f8:63:83:ac:ac:73:f2:9d:
         b3:91:92:fd:b4:82:ab:ed:22:60:1e:c9:3c:f9:fa:77:b5:a0:
         f9:f9:76:2f:4a:26:fa:b8:5a:64:d8:cb:a3:5d:74:31:12:87:
         63:f7:11:78
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBLAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0FERjdBRjExMC8GA1UEBRMoRTczRDMwMUY5MTBENTZFQkFCN0ExMTEwM0JFOEJF
Mjc1Mzg4QjcyQjAeFw0yNDAxMjkxNDU0MjFaFw0zMDAxMjkxNDU0MjFaMBgxFjAU
BgNVBAMTDTY1YjdiYzIwLThmNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDlA4rd7ccAdzbA5dDfWIBq5sk+djo9xKz//io39FduS5/3bQ9HOsRVAWvE
Dw8u2cK/K1/oPyhmrB5GUTw5kmpNc2ad5Dbwtr4H3gnmj+tNuM2AN2ktcyz59ZZJ
rUIUAhS3CinJEBjCIHdvEoiCuxqpnPR2fEbSn3b7yyeRfrAG+ad0Br5ZQVjdzBPS
u1BSQdaPF+xHl2IJIDvrMxeM9DO5jMtk//48aifz+KwpqRRoKLXlict3k/reki72
g5LYESs/nLipOmuqolxwR3VHrM38cdZmY35GLquem+U1ApLi/CGpZONopzQ8TYPm
Eo+cIKHlDf5K9cflCnsVNQDJRFpDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU09vp
5hH8Ai8DWeYFrY1k4BxdzZ4wHwYDVR0jBBgwFoAU5z0wH5ENVuurehEQO+i+J1OI
tyswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNBREY3L0IzMTIzRjkwM0JCQTExRUJBOTRFOUIxRkY4QUVBMjI4LzV6MHdI
NUVOVnV1cmVoRVFPLWktSjFPSXR5cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzV6MHdINUVOVnV1cmVoRVFPLWktSjFPSXR5cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNBREY3L0IzMTIzRjkwM0JCQTExRUJBOTRFOUIxRkY4
QUVBMjI4LzRBRThDQTFBQkVCNjExRUVBMjRFNDM1NTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADF83wwDQYJKoZIhvcNAQEL
BQADggEBAFGSeE9Nju6T0uL2mW40zWyd5at4nyZCPKcY6IiqYonqYSGYlqsFbpFn
9USIOxVLVOL41gWKp3JRbmZbV485UpwwYqresR10h+PVbEeWvOVwmN2b28axsK78
vcuS1u3OcrDy7LIba3s/YaPR0y6nG36B9J/vmwHXVu8cxIJpXhzhfmYnpwkevTL7
n2xDTz4ui96ytnm56QrkTqvOvf/3HaWQIsxC2E+NNYJZDwxNbmuONCwjWljT//eg
e57ou8ChvFbK1IpRLBBpN1Q1UFFB66f4Y4OsrHPynbORkv20gqvtImAeyTz5+ne1
oPn5di9KJvq4WmTYy6NddDESh2P3EXg=
-----END CERTIFICATE-----