Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/A95DA852523411EE8C7406564AD9E6FC.roa
File:                     A95DA852523411EE8C7406564AD9E6FC.roa (raw, json)
Hash identifier:          e3ZITgjxW9QiqQDZ0EL1B5lhtUIGyRmPctQAP3i6r3o=
Subject key identifier:   85:28:E1:97:D6:30:20:AB:0A:EF:D2:1C:9A:70:FF:8D:7D:24:39:EB
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       04FE
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/A95DA852523411EE8C7406564AD9E6FC.roa
Signing time:             Wed 13 Sep 2023 12:54:23 +0000
ROA not before:           Wed 13 Sep 2023 12:54:19 +0000
ROA not after:            Fri 30 Sep 2033 12:54:19 +0000
asID:                     3741
IP address blocks:        196.1.8.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1278 (0x4fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Sep 13 12:54:19 2023 GMT
            Not After : Sep 30 12:54:19 2033 GMT
        Subject: CN=6501b0ff-8276
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:3b:99:de:4b:cd:a5:38:82:e2:2a:62:c5:75:
                    cc:13:ee:53:36:ec:c5:63:6c:52:cb:52:bc:30:8d:
                    85:3f:d5:68:44:2c:29:51:56:7e:2f:60:34:09:c1:
                    20:47:ea:bd:99:64:64:bb:63:7f:5c:d7:98:83:fb:
                    15:5c:69:b0:8f:4e:b5:81:cf:90:f3:7e:82:a6:e7:
                    fb:54:7f:b1:72:29:09:45:df:02:72:f1:74:1c:76:
                    c0:13:4d:06:2b:ee:4b:00:f7:35:61:0b:f6:d8:33:
                    27:d2:0e:80:cd:dd:6a:73:9e:9f:7c:1b:f5:fb:7e:
                    d1:75:86:47:dc:5b:1c:8c:d9:56:79:42:df:de:32:
                    43:2f:7e:4f:b8:52:ea:9a:cd:38:8b:be:68:00:99:
                    60:66:57:20:48:81:16:16:fa:df:a8:8e:1a:53:1d:
                    0a:4a:f9:8b:5d:02:7b:c3:12:6d:02:88:56:fc:db:
                    6b:ef:b7:32:44:1b:55:ae:68:a7:79:ab:db:54:e0:
                    bf:29:00:ec:a7:34:81:dd:77:6c:5e:de:83:9a:49:
                    b2:58:5e:1c:3c:c2:c1:93:b8:c1:e2:6b:6d:01:64:
                    f5:fe:be:11:f6:3b:12:63:32:6c:e4:23:95:b9:7f:
                    fe:9b:fe:2e:e4:be:7b:18:ad:15:84:e3:b7:96:55:
                    8b:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:28:E1:97:D6:30:20:AB:0A:EF:D2:1C:9A:70:FF:8D:7D:24:39:EB
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/A95DA852523411EE8C7406564AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.1.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c3:9a:e5:c8:a2:1f:6a:38:ab:14:0a:35:95:4a:8c:e2:12:e3:
         7b:26:f1:17:9b:2f:0b:5d:4c:a7:03:bd:5d:dd:e1:5e:1f:47:
         6f:43:83:ce:d2:c9:b2:c4:67:98:af:db:d6:40:42:be:08:42:
         50:9d:13:62:de:b4:76:d5:a6:21:57:67:1e:b2:c6:2d:e5:dc:
         39:23:73:2c:3c:2d:88:5a:2c:d3:f6:c9:14:09:e2:59:81:6d:
         77:78:ee:b4:11:4e:d3:ec:d7:2e:e8:10:7f:4a:d0:17:0b:ac:
         b2:ab:06:bc:14:49:56:29:93:5b:da:e9:b4:97:5c:b5:52:5c:
         4e:9e:7a:46:03:75:bd:7c:f6:da:c2:88:e1:28:e1:eb:b5:18:
         5b:a7:4c:19:e7:00:be:e9:48:9a:c7:fa:ba:92:3b:7c:df:26:
         26:ea:c0:59:e5:fe:25:7e:aa:ff:e4:ac:3c:52:4b:14:d6:09:
         56:52:ea:95:78:d9:23:f3:ad:46:48:4f:32:00:6d:a8:21:63:
         2a:a9:3c:3c:b4:72:40:bc:7f:4a:12:ee:43:01:77:8d:8d:de:
         27:52:bc:e8:2e:70:da:5a:73:ba:b5:0b:c9:42:93:fe:0c:93:
         f9:db:15:7c:29:ab:58:aa:b1:1f:f7:a6:84:cf:f2:c5:c6:d8:
         aa:15:57:ff
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBP4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMzA5MTMxMjU0MTlaFw0zMzA5MzAxMjU0MTlaMBgxFjAU
BgNVBAMTDTY1MDFiMGZmLTgyNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6O5neS82lOILiKmLFdcwT7lM27MVjbFLLUrwwjYU/1WhELClRVn4vYDQJ
wSBH6r2ZZGS7Y39c15iD+xVcabCPTrWBz5DzfoKm5/tUf7FyKQlF3wJy8XQcdsAT
TQYr7ksA9zVhC/bYMyfSDoDN3Wpznp98G/X7ftF1hkfcWxyM2VZ5Qt/eMkMvfk+4
UuqazTiLvmgAmWBmVyBIgRYW+t+ojhpTHQpK+YtdAnvDEm0CiFb822vvtzJEG1Wu
aKd5q9tU4L8pAOynNIHdd2xe3oOaSbJYXhw8wsGTuMHia20BZPX+vhH2OxJjMmzk
I5W5f/6b/i7kvnsYrRWE47eWVYu5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhSjh
l9YwIKsK79IcmnD/jX0kOeswHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4L0E5NURBODUyNTIzNDExRUU4Qzc0MDY1NjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALEAQgwDQYJKoZIhvcNAQEL
BQADggEBAMOa5ciiH2o4qxQKNZVKjOIS43sm8RebLwtdTKcDvV3d4V4fR29Dg87S
ybLEZ5iv29ZAQr4IQlCdE2LetHbVpiFXZx6yxi3l3Dkjcyw8LYhaLNP2yRQJ4lmB
bXd47rQRTtPs1y7oEH9K0BcLrLKrBrwUSVYpk1va6bSXXLVSXE6eekYDdb189trC
iOEo4eu1GFunTBnnAL7pSJrH+rqSO3zfJibqwFnl/iV+qv/krDxSSxTWCVZS6pV4
2SPzrUZITzIAbaghYyqpPDy0ckC8f0oS7kMBd42N3idSvOgucNpac7q1C8lCk/4M
k/nbFXwpq1iqsR/3poTP8sXG2KoVV/8=
-----END CERTIFICATE-----