Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/1F32A9483B1211F0978FEFE8DAE4EC9C.roa
File:                     1F32A9483B1211F0978FEFE8DAE4EC9C.roa (raw, json)
Hash identifier:          nYabbDnuVLUJQTyxU+UCVZek8zipwMdBD3Ty9i13z2c=
Subject key identifier:   65:7D:05:28:95:BF:CB:75:22:2A:99:B1:90:2C:56:61:59:D9:D2:3C
Certificate issuer:       /CN=F36862C7AF/serialNumber=D154ABC2A31E0FD603D7C705CC0F95DD1A9CE208
Certificate serial:       05A3
Authority key identifier: D1:54:AB:C2:A3:1E:0F:D6:03:D7:C7:05:CC:0F:95:DD:1A:9C:E2:08
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/0VSrwqMeD9YD18cFzA-V3Rqc4gg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/1F32A9483B1211F0978FEFE8DAE4EC9C.roa
Signing time:             Tue 27 May 2025 15:49:07 +0000
ROA not before:           Tue 27 May 2025 15:49:02 +0000
ROA not after:            Mon 31 Dec 2035 15:49:02 +0000
asID:                     37334
IP address blocks:        197.221.96.0/19 maxlen: 19
                          197.221.101.0/24 maxlen: 24
                          197.221.102.0/24 maxlen: 24
                          197.221.103.0/24 maxlen: 24
                          197.221.104.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/0VSrwqMeD9YD18cFzA-V3Rqc4gg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/0VSrwqMeD9YD18cFzA-V3Rqc4gg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/0VSrwqMeD9YD18cFzA-V3Rqc4gg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 12 Jun 2025 02:28:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1443 (0x5a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36862C7AF, serialNumber=D154ABC2A31E0FD603D7C705CC0F95DD1A9CE208
        Validity
            Not Before: May 27 15:49:02 2025 GMT
            Not After : Dec 31 15:49:02 2035 GMT
        Subject: CN=6835def3-1555
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:7c:f0:02:a7:5b:bb:3b:f5:f4:cb:60:d3:8b:
                    2b:83:df:2d:54:dc:c9:bb:ab:d1:a5:05:06:03:ce:
                    52:74:ca:2a:97:e7:09:f1:80:97:d1:18:de:69:da:
                    55:77:6d:4e:0a:3e:f1:9e:73:47:c3:79:8c:2e:03:
                    b2:2a:61:0c:62:22:57:1e:6a:1d:6a:ba:0f:f4:59:
                    77:1d:ba:99:92:1f:ed:2b:34:57:43:c1:78:02:57:
                    5d:cf:c3:6d:2a:c5:0c:97:d7:3f:35:02:01:79:6b:
                    47:51:e2:b9:5c:ae:ba:21:35:07:7e:d0:bf:f8:4c:
                    05:96:af:69:59:e5:c1:32:c3:b4:40:63:1a:38:d8:
                    9b:17:f3:05:88:f0:a6:d3:84:c6:a9:6b:3c:89:b6:
                    aa:f6:b9:3d:6e:61:5d:d0:8d:71:76:68:c5:8e:f6:
                    77:05:cc:07:fc:bf:03:d0:1d:a3:30:8f:46:90:b9:
                    cc:62:6b:d4:c2:b3:b0:93:82:b1:e1:dc:e2:eb:66:
                    bf:07:89:83:f2:77:91:4d:86:94:02:60:ba:b9:ce:
                    56:b6:48:8c:c2:c8:4e:2f:ac:b8:a2:36:e1:73:b7:
                    fb:8f:f9:5b:0e:24:89:cf:75:63:0e:fc:b9:59:db:
                    ba:29:d0:cc:9f:b3:23:55:7e:10:11:64:e9:5f:f9:
                    fb:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:7D:05:28:95:BF:CB:75:22:2A:99:B1:90:2C:56:61:59:D9:D2:3C
            X509v3 Authority Key Identifier:
                keyid:D1:54:AB:C2:A3:1E:0F:D6:03:D7:C7:05:CC:0F:95:DD:1A:9C:E2:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/0VSrwqMeD9YD18cFzA-V3Rqc4gg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0VSrwqMeD9YD18cFzA-V3Rqc4gg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/1F32A9483B1211F0978FEFE8DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.221.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         48:ba:9e:48:47:66:91:bd:25:22:d7:ec:23:1e:be:c8:a4:ed:
         8e:68:93:dc:3a:51:51:57:97:41:5c:50:fd:e0:b2:63:14:c3:
         54:8f:bd:b9:f4:ff:30:d0:f9:a2:ea:57:e0:7d:b4:71:a4:0a:
         ed:1f:22:40:91:3c:61:f9:04:0f:6a:87:51:0a:91:e9:3c:c9:
         30:18:8f:cc:28:d1:b4:db:1d:30:16:ce:c6:c8:40:92:a7:c3:
         32:af:b9:f9:9d:0b:4c:05:ec:88:0d:a6:d1:f2:95:51:58:84:
         98:cd:2d:b6:78:26:46:d2:03:d9:f5:e4:b6:df:d5:d5:21:ad:
         5a:ed:10:e2:f4:17:78:86:a9:67:d3:16:09:f3:77:46:31:ed:
         a5:57:5f:21:7f:5b:01:b4:8b:ab:72:0c:dc:69:91:be:36:59:
         82:b7:55:5a:64:de:e5:0b:64:ef:84:61:ca:d8:a2:bf:f7:42:
         f7:49:96:66:97:00:08:7a:41:dc:ef:81:bd:8d:a3:c8:42:3b:
         6c:e1:7d:e4:d9:ec:77:c3:0d:cc:e6:cd:9e:c3:fb:0c:fa:a0:
         ff:e1:d7:59:b2:8c:52:2f:ab:f4:f6:62:da:53:3d:2e:73:a9:
         dd:6d:4b:81:3f:d9:70:f5:fb:43:9c:62:13:28:60:97:35:32:
         ca:0b:b3:f9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBaMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODYyQzdBRjExMC8GA1UEBRMoRDE1NEFCQzJBMzFFMEZENjAzRDdDNzA1Q0MwRjk1
REQxQTlDRTIwODAeFw0yNTA1MjcxNTQ5MDJaFw0zNTEyMzExNTQ5MDJaMBgxFjAU
BgNVBAMTDTY4MzVkZWYzLTE1NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEfPACp1u7O/X0y2DTiyuD3y1U3Mm7q9GlBQYDzlJ0yiqX5wnxgJfRGN5p
2lV3bU4KPvGec0fDeYwuA7IqYQxiIlceah1qug/0WXcdupmSH+0rNFdDwXgCV13P
w20qxQyX1z81AgF5a0dR4rlcrrohNQd+0L/4TAWWr2lZ5cEyw7RAYxo42JsX8wWI
8KbThMapazyJtqr2uT1uYV3QjXF2aMWO9ncFzAf8vwPQHaMwj0aQucxia9TCs7CT
grHh3OLrZr8HiYPyd5FNhpQCYLq5zla2SIzCyE4vrLiiNuFzt/uP+VsOJInPdWMO
/LlZ27op0MyfsyNVfhARZOlf+fsxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZX0F
KJW/y3UiKpmxkCxWYVnZ0jwwHwYDVR0jBBgwFoAU0VSrwqMeD9YD18cFzA+V3Rqc
4ggwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjg2MkM3LzUxRjJCQzQwRjBGNDExRUJCMTgyM0YzMEQ4QTAxNENFLzBWU3J3
cU1lRDlZRDE4Y0Z6QS1WM1JxYzRnZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzBWU3J3cU1lRDlZRDE4Y0Z6QS1WM1JxYzRnZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjg2MkM3LzUxRjJCQzQwRjBGNDExRUJCMTgyM0YzMEQ4
QTAxNENFLzFGMzJBOTQ4M0IxMjExRjA5NzhGRUZFOERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXF3WAwDQYJKoZIhvcNAQEL
BQADggEBAEi6nkhHZpG9JSLX7CMevsik7Y5ok9w6UVFXl0FcUP3gsmMUw1SPvbn0
/zDQ+aLqV+B9tHGkCu0fIkCRPGH5BA9qh1EKkek8yTAYj8wo0bTbHTAWzsbIQJKn
wzKvufmdC0wF7IgNptHylVFYhJjNLbZ4JkbSA9n15Lbf1dUhrVrtEOL0F3iGqWfT
Fgnzd0Yx7aVXXyF/WwG0i6tyDNxpkb42WYK3VVpk3uULZO+EYcrYor/3QvdJlmaX
AAh6Qdzvgb2No8hCO2zhfeTZ7HfDDczmzZ7D+wz6oP/h11myjFIvq/T2YtpTPS5z
qd1tS4E/2XD1+0OcYhMoYJc1MsoLs/k=
-----END CERTIFICATE-----
Generated at Wed Jun 11 01:25:51 2025 by rpki-client