Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/9125716808A211F0BB9F4D79762E951A.roa
File:                     9125716808A211F0BB9F4D79762E951A.roa (raw, json)
Hash identifier:          iJ55iGy0ucAISnmFbtD9sSQ+EErdsbGP8meUG41DYmg=
Subject key identifier:   72:C9:EA:7E:16:A7:46:08:11:7A:54:67:36:B6:2A:C6:1B:EB:73:7E
Certificate issuer:       /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial:       07E6
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/9125716808A211F0BB9F4D79762E951A.roa
Signing time:             Mon 24 Mar 2025 11:24:36 +0000
ROA not before:           Mon 24 Mar 2025 11:24:33 +0000
ROA not after:            Tue 24 Mar 2026 11:24:33 +0000
asID:                     2914
IP address blocks:        196.251.111.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2022 (0x7e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363BA19AF
        Validity
            Not Before: Mar 24 11:24:33 2025 GMT
            Not After : Mar 24 11:24:33 2026 GMT
        Subject: CN=67e140f4-2a6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:55:f1:25:ab:18:bb:fe:69:3f:c6:c8:d0:f3:
                    0f:13:2e:66:38:90:8f:ee:2e:a4:19:8a:bd:1a:58:
                    45:a8:d1:61:f9:12:18:ce:af:ed:e3:1d:16:8e:e8:
                    91:06:13:6a:af:27:d6:d1:a3:cc:f4:28:b9:1f:ab:
                    da:3c:e7:8c:f8:9e:e6:58:81:55:32:a7:08:0b:a4:
                    33:a6:d9:9f:88:bb:ac:39:f4:9c:af:c6:87:d4:02:
                    fb:92:52:74:d5:29:d9:eb:da:36:f8:64:50:aa:0c:
                    f7:e8:85:23:3d:ff:32:5a:34:9c:2e:5a:0a:18:82:
                    f6:8f:4b:b7:64:49:06:4a:49:9a:57:b9:8f:e7:8c:
                    63:62:57:24:93:d6:e8:7b:59:f3:f4:70:d6:f2:78:
                    7b:a2:e6:fd:08:5a:1c:33:51:e7:08:5e:01:76:6e:
                    5b:f5:56:b4:8d:fd:bf:52:54:64:4a:99:16:a1:ca:
                    ba:bb:ac:e3:71:a0:21:fa:de:2d:ae:87:13:41:5f:
                    7f:6b:42:a1:86:5d:51:c4:4b:7f:21:23:79:1a:c5:
                    7f:7e:2a:0d:e9:63:62:f9:52:12:90:b8:c3:89:6f:
                    c4:23:12:c1:2a:7c:16:0d:9e:d2:a0:61:32:66:24:
                    99:70:16:31:ba:fc:e2:68:ec:c9:13:ac:60:95:9d:
                    e6:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:C9:EA:7E:16:A7:46:08:11:7A:54:67:36:B6:2A:C6:1B:EB:73:7E
            X509v3 Authority Key Identifier:
                keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/9125716808A211F0BB9F4D79762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.251.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:7f:41:2f:c0:71:19:d9:23:0c:66:39:62:60:db:06:3f:58:
         2e:c0:ff:33:e9:b0:ad:87:82:11:6c:19:b9:82:6e:b1:a7:e8:
         6a:df:76:fd:fe:30:a7:28:87:02:df:a1:17:d4:c7:86:c6:9f:
         26:4a:8e:b6:26:bf:cf:00:ff:ac:a2:90:4c:c9:05:52:ed:12:
         e3:7a:cd:99:ff:3b:bf:44:ac:e3:e6:56:c3:6b:a3:67:10:b1:
         d2:ea:bd:56:c7:11:0e:29:df:47:8c:b8:3a:87:af:7d:3d:01:
         2c:18:c5:ff:7b:b4:6c:12:a2:99:b7:85:8c:d7:85:44:0a:e2:
         d1:05:9f:e9:56:65:8c:0b:20:01:e9:6c:0f:fb:44:d0:ee:7e:
         aa:3d:c3:07:cf:0c:3e:a1:ca:a4:26:67:59:49:c3:4a:93:eb:
         dc:9d:05:ba:72:5f:73:87:30:27:7b:ce:19:8e:9a:7f:01:bf:
         5c:ac:88:38:81:91:a5:f2:db:f3:97:17:52:84:a9:71:a2:ec:
         0a:38:d0:fc:43:26:c1:0f:de:8b:d1:8c:b1:dd:0f:23:a1:51:
         b6:68:eb:34:e3:7f:48:48:d6:58:23:b8:90:a9:8f:ae:df:7e:
         7c:49:a6:03:90:da:03:32:69:55:fd:ea:23:21:55:21:0a:b1:
         ba:43:0d:56
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB+YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNTAzMjQxMTI0MzNaFw0yNjAzMjQxMTI0MzNaMBgxFjAU
BgNVBAMTDTY3ZTE0MGY0LTJhNmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDgVfElqxi7/mk/xsjQ8w8TLmY4kI/uLqQZir0aWEWo0WH5EhjOr+3jHRaO
6JEGE2qvJ9bRo8z0KLkfq9o854z4nuZYgVUypwgLpDOm2Z+Iu6w59JyvxofUAvuS
UnTVKdnr2jb4ZFCqDPfohSM9/zJaNJwuWgoYgvaPS7dkSQZKSZpXuY/njGNiVyST
1uh7WfP0cNbyeHui5v0IWhwzUecIXgF2blv1VrSN/b9SVGRKmRahyrq7rONxoCH6
3i2uhxNBX39rQqGGXVHES38hI3kaxX9+Kg3pY2L5UhKQuMOJb8QjEsEqfBYNntKg
YTJmJJlwFjG6/OJo7MkTrGCVneYfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUcsnq
fhanRggRelRnNrYqxhvrc34wHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3LzkxMjU3MTY4MDhBMjExRjBCQjlGNEQ3OTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADE+28wDQYJKoZIhvcNAQEL
BQADggEBAJl/QS/AcRnZIwxmOWJg2wY/WC7A/zPpsK2HghFsGbmCbrGn6Grfdv3+
MKcohwLfoRfUx4bGnyZKjrYmv88A/6yikEzJBVLtEuN6zZn/O79ErOPmVsNro2cQ
sdLqvVbHEQ4p30eMuDqHr309ASwYxf97tGwSopm3hYzXhUQK4tEFn+lWZYwLIAHp
bA/7RNDufqo9wwfPDD6hyqQmZ1lJw0qT69ydBbpyX3OHMCd7zhmOmn8Bv1ysiDiB
kaXy2/OXF1KEqXGi7Ao40PxDJsEP3ovRjLHdDyOhUbZo6zTjf0hI1lgjuJCpj67f
fnxJpgOQ2gMyaVX96iMhVSEKsbpDDVY=
-----END CERTIFICATE-----