Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/7C4F95340BA911F0B72BFF6D762E951A.roa
File:                     7C4F95340BA911F0B72BFF6D762E951A.roa (raw, json)
Hash identifier:          wQsXfcY17ALNj3m3NpLuAW/uC5x5FHlFx/tv0frZ2aQ=
Subject key identifier:   40:B1:4E:C0:A7:F8:E9:C4:3F:7F:7D:BC:60:31:2D:A8:62:25:D2:E9
Certificate issuer:       /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial:       069F
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/7C4F95340BA911F0B72BFF6D762E951A.roa
Signing time:             Fri 28 Mar 2025 07:51:41 +0000
ROA not before:           Fri 28 Mar 2025 07:51:37 +0000
ROA not after:            Thu 24 Apr 2025 07:51:37 +0000
asID:                     211826
IP address blocks:        102.177.177.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 05 Apr 2025 01:37:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1695 (0x69f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367DFA4AF
        Validity
            Not Before: Mar 28 07:51:37 2025 GMT
            Not After : Apr 24 07:51:37 2025 GMT
        Subject: CN=67e6550d-921b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f7:0c:0b:22:90:4b:c9:44:bf:ed:6d:75:ba:
                    42:79:e8:31:7b:14:22:55:21:fa:f7:65:fe:6e:fb:
                    5a:94:d4:8e:35:f4:53:7e:0c:ed:64:cf:0a:3d:01:
                    9f:03:34:b5:c2:12:4f:57:d8:08:c2:52:6a:db:46:
                    cd:50:9f:51:bd:0f:19:e8:8f:c3:ea:3a:fd:24:9c:
                    88:54:97:2f:14:2d:11:5e:b7:b5:d9:87:93:57:8c:
                    b0:69:07:77:af:f0:a2:15:f5:17:48:71:fe:01:7c:
                    68:87:20:fb:75:44:b9:0d:04:62:92:a7:5c:fe:6b:
                    32:b9:93:61:62:b4:fe:4d:10:6e:bc:b7:98:94:5a:
                    ce:a3:da:01:64:e0:30:ab:d0:f4:2c:85:df:48:59:
                    e7:d8:09:84:1a:38:9b:36:6e:d5:c9:14:a1:29:f5:
                    45:6a:7b:a8:39:c9:d5:4b:30:91:32:74:f4:dc:ed:
                    e1:bb:4a:ec:f9:bf:cf:79:2e:cd:aa:5d:a5:b7:43:
                    cf:03:4c:8f:fb:f7:4b:e9:0f:c5:99:5e:4e:52:0b:
                    ee:fd:05:6a:c6:be:b3:22:ff:63:87:87:06:9d:03:
                    a0:3d:f0:04:13:6e:fb:37:d7:57:cb:58:50:1a:5f:
                    c1:fb:7c:14:ab:51:15:87:90:f3:50:82:55:76:1b:
                    05:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:B1:4E:C0:A7:F8:E9:C4:3F:7F:7D:BC:60:31:2D:A8:62:25:D2:E9
            X509v3 Authority Key Identifier:
                keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/7C4F95340BA911F0B72BFF6D762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:b3:3b:0b:e7:39:1a:e1:5f:d4:28:89:b0:51:e9:c7:89:a1:
         93:2f:f3:88:39:66:58:c0:47:a2:f6:38:2e:9b:78:5c:30:6c:
         e8:97:e3:03:58:65:6f:1d:0c:d6:78:23:fd:02:ff:5c:3e:f2:
         f7:c0:68:31:d2:91:70:55:71:be:bd:cf:ed:15:bf:fa:e0:3c:
         5a:21:b0:05:fc:5a:bf:a8:23:65:90:eb:12:0d:0a:17:40:4e:
         83:e6:d6:e5:39:75:e5:cd:8d:eb:64:d3:3f:db:b3:7a:77:28:
         c4:6a:86:4c:91:45:6d:47:f1:df:c4:a2:bc:f9:77:04:4f:36:
         3e:28:51:83:aa:fa:ea:8f:54:eb:55:34:34:73:8c:cc:82:36:
         02:66:66:3b:7e:62:f3:27:58:a6:17:62:51:f2:74:97:c8:42:
         ff:07:0e:08:56:c7:2d:96:1c:3e:d1:68:96:77:c1:6e:11:4f:
         36:43:f0:f3:f6:6d:8e:29:66:3f:00:8b:18:e2:2c:c3:2e:ef:
         9d:e5:7b:08:6b:49:fb:db:bc:a8:3b:ce:66:cf:1a:20:66:3a:
         a8:ff:89:9c:c9:85:b6:a2:f2:f5:75:61:a2:48:22:69:2e:2b:
         ee:c1:f4:bd:dd:e0:96:b5:38:ca:fa:e3:4d:58:75:c7:7d:64:
         27:59:e1:03
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBp8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNTAzMjgwNzUxMzdaFw0yNTA0MjQwNzUxMzdaMBgxFjAU
BgNVBAMTDTY3ZTY1NTBkLTkyMWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC09wwLIpBLyUS/7W11ukJ56DF7FCJVIfr3Zf5u+1qU1I419FN+DO1kzwo9
AZ8DNLXCEk9X2AjCUmrbRs1Qn1G9Dxnoj8PqOv0knIhUly8ULRFet7XZh5NXjLBp
B3ev8KIV9RdIcf4BfGiHIPt1RLkNBGKSp1z+azK5k2FitP5NEG68t5iUWs6j2gFk
4DCr0PQshd9IWefYCYQaOJs2btXJFKEp9UVqe6g5ydVLMJEydPTc7eG7Suz5v895
Ls2qXaW3Q88DTI/790vpD8WZXk5SC+79BWrGvrMi/2OHhwadA6A98AQTbvs311fL
WFAaX8H7fBSrURWHkPNQglV2GwUTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQLFO
wKf46cQ/f328YDEtqGIl0ukwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzdDNEY5NTM0MEJBOTExRjBCNzJCRkY2RDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsbEwDQYJKoZIhvcNAQEL
BQADggEBABKzOwvnORrhX9QoibBR6ceJoZMv84g5ZljAR6L2OC6beFwwbOiX4wNY
ZW8dDNZ4I/0C/1w+8vfAaDHSkXBVcb69z+0Vv/rgPFohsAX8Wr+oI2WQ6xINChdA
ToPm1uU5deXNjetk0z/bs3p3KMRqhkyRRW1H8d/Eorz5dwRPNj4oUYOq+uqPVOtV
NDRzjMyCNgJmZjt+YvMnWKYXYlHydJfIQv8HDghWxy2WHD7RaJZ3wW4RTzZD8PP2
bY4pZj8AixjiLMMu753lewhrSfvbvKg7zmbPGiBmOqj/iZzJhbai8vV1YaJIImku
K+7B9L3d4Ja1OMr6401Ydcd9ZCdZ4QM=
-----END CERTIFICATE-----