Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/88D1A05E3EA911EFA31B0ABC762E951A.roa
File:                     88D1A05E3EA911EFA31B0ABC762E951A.roa (raw, json)
Hash identifier:          bXcO/37y+rhlqRw/LihGQC+3phToXw7DI3XAF6SD5cE=
Subject key identifier:   9B:1F:38:2E:2F:59:C6:C1:85:89:0D:EE:EC:A9:A9:A2:23:A9:73:97
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       067F
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/88D1A05E3EA911EFA31B0ABC762E951A.roa
Signing time:             Wed 10 Jul 2024 10:45:34 +0000
ROA not before:           Wed 10 Jul 2024 10:45:30 +0000
ROA not after:            Sun 31 Dec 2034 10:45:30 +0000
asID:                     20011
IP address blocks:        41.132.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1663 (0x67f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Jul 10 10:45:30 2024 GMT
            Not After : Dec 31 10:45:30 2034 GMT
        Subject: CN=668e664e-3820
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:f5:44:c0:b6:6a:67:70:dd:9d:d7:ef:f8:11:
                    f0:d3:70:6d:4f:d3:85:df:c8:27:b0:59:ec:73:dd:
                    a6:ad:72:5f:0e:54:40:1c:09:22:e9:65:66:cc:dd:
                    98:47:98:fa:73:cb:d3:7e:af:ea:37:15:31:f3:78:
                    ec:28:2b:8c:2f:d5:0d:c8:35:8f:0b:b9:fa:91:75:
                    92:86:ec:14:a5:17:0c:7d:35:a1:ef:63:c7:f4:28:
                    de:5e:c6:66:15:9e:fa:55:97:ef:19:3f:31:dc:ce:
                    55:2c:1e:fd:14:ee:c2:ff:81:70:f8:1b:c8:8a:9e:
                    ae:f0:45:3e:4f:27:82:58:2a:26:2b:62:cf:31:f4:
                    c3:5b:94:48:ab:98:a0:36:51:cc:b1:22:be:82:d7:
                    be:3c:b6:9f:f1:1d:75:0c:98:08:40:25:49:12:88:
                    56:f1:c8:d8:6d:a8:0a:4f:ff:bf:45:08:fa:27:09:
                    56:07:ac:f4:32:0d:9e:1f:8e:92:09:26:82:3c:b3:
                    52:f6:dc:0d:45:c7:ef:db:f3:e0:2c:26:92:86:38:
                    c1:e6:83:50:7e:39:bc:2a:0d:15:d5:33:71:e9:dc:
                    25:f1:c5:42:4f:c2:5a:6c:d8:51:33:56:b3:67:5b:
                    de:68:70:86:73:26:8f:2c:b3:5e:8b:ea:2e:8e:c3:
                    1d:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:1F:38:2E:2F:59:C6:C1:85:89:0D:EE:EC:A9:A9:A2:23:A9:73:97
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/88D1A05E3EA911EFA31B0ABC762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.132.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         30:e9:49:05:13:6c:fa:40:8a:0f:e7:36:6b:7c:7c:64:0b:4c:
         b7:e3:f2:37:70:20:d7:e8:8d:17:a4:83:31:eb:c5:02:c3:f2:
         a9:70:7b:c1:1d:1c:4e:7d:ca:be:ff:c3:c1:b1:29:38:61:5d:
         84:de:0e:d9:98:cc:95:6f:30:5d:07:2c:25:4b:50:88:a9:95:
         7e:0d:2e:d8:b9:0b:d2:1a:e7:b1:ff:80:7a:30:4f:03:a4:cb:
         a1:57:10:2a:0d:84:3a:97:d6:5a:12:98:4f:1e:b3:64:88:ce:
         f2:11:b0:cd:7e:52:d9:23:fb:65:d9:9f:40:2d:5e:e5:8a:a0:
         4a:0e:50:f7:c4:e2:15:98:5b:93:4f:35:e1:2b:3a:fe:01:53:
         32:55:4d:04:38:08:a8:c2:67:8c:08:3e:e1:3d:2d:8a:04:94:
         22:3b:8d:c7:c8:eb:47:39:89:6f:f8:2d:bb:e2:ca:b8:11:78:
         33:f5:d8:f2:89:d6:32:27:d4:1c:0b:3a:4b:f5:ab:23:64:52:
         12:7f:e6:af:b8:eb:ec:23:d4:ed:ba:10:e6:0a:a7:8b:f4:e3:
         c1:32:0c:55:7d:7c:5e:6f:9a:88:d5:82:27:48:82:eb:b8:55:
         8b:8f:6c:39:1c:6f:0f:1c:42:77:9f:3d:b8:1a:de:14:b9:5a:
         cb:e2:93:08
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBn8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yNDA3MTAxMDQ1MzBaFw0zNDEyMzExMDQ1MzBaMBgxFjAU
BgNVBAMTDTY2OGU2NjRlLTM4MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJ9UTAtmpncN2d1+/4EfDTcG1P04XfyCewWexz3aatcl8OVEAcCSLpZWbM
3ZhHmPpzy9N+r+o3FTHzeOwoK4wv1Q3INY8LufqRdZKG7BSlFwx9NaHvY8f0KN5e
xmYVnvpVl+8ZPzHczlUsHv0U7sL/gXD4G8iKnq7wRT5PJ4JYKiYrYs8x9MNblEir
mKA2UcyxIr6C1748tp/xHXUMmAhAJUkSiFbxyNhtqApP/79FCPonCVYHrPQyDZ4f
jpIJJoI8s1L23A1Fx+/b8+AsJpKGOMHmg1B+ObwqDRXVM3Hp3CXxxUJPwlps2FEz
VrNnW95ocIZzJo8ss16L6i6Owx3NAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUmx84
Li9ZxsGFiQ3u7KmpoiOpc5cwHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4Lzg4RDFBMDVFM0VBOTExRUZBMzFCMEFCQzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwIphDANBgkqhkiG9w0BAQsF
AAOCAQEAMOlJBRNs+kCKD+c2a3x8ZAtMt+PyN3Ag1+iNF6SDMevFAsPyqXB7wR0c
Tn3Kvv/DwbEpOGFdhN4O2ZjMlW8wXQcsJUtQiKmVfg0u2LkL0hrnsf+AejBPA6TL
oVcQKg2EOpfWWhKYTx6zZIjO8hGwzX5S2SP7ZdmfQC1e5YqgSg5Q98TiFZhbk081
4Ss6/gFTMlVNBDgIqMJnjAg+4T0tigSUIjuNx8jrRzmJb/gtu+LKuBF4M/XY8onW
MifUHAs6S/WrI2RSEn/mr7jr7CPU7boQ5gqni/TjwTIMVX18Xm+aiNWCJ0iC67hV
i49sORxvDxxCd589uBreFLlay+KTCA==
-----END CERTIFICATE-----