Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/E1240ACEE8B811ECAE6643B2F1222468.roa
File:                     E1240ACEE8B811ECAE6643B2F1222468.roa (raw, json)
Hash identifier:          h1gR+P3WOafo6bpPlG+f1EKSDqO7gfqJXziW4MoASB0=
Subject key identifier:   E2:42:36:74:35:1E:7A:14:26:36:9F:63:95:1F:E0:80:C9:5D:2B:CF
Certificate issuer:       /CN=F369C94EAF/serialNumber=8272C2B8B3B389EE2B7BBD4FBD5509676F3279BB
Certificate serial:       14
Authority key identifier: 82:72:C2:B8:B3:B3:89:EE:2B:7B:BD:4F:BD:55:09:67:6F:32:79:BB
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gnLCuLOzie4re71PvVUJZ28yebs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/E1240ACEE8B811ECAE6643B2F1222468.roa
Signing time:             Fri 10 Jun 2022 12:28:49 +0000
ROA not before:           Fri 10 Jun 2022 12:28:44 +0000
ROA not after:            Thu 10 Jun 2032 12:28:44 +0000
asID:                     37280
IP address blocks:        41.76.192.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/gnLCuLOzie4re71PvVUJZ28yebs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/gnLCuLOzie4re71PvVUJZ28yebs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gnLCuLOzie4re71PvVUJZ28yebs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 19 May 2024 00:04:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20 (0x14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369C94EAF/serialNumber=8272C2B8B3B389EE2B7BBD4FBD5509676F3279BB
        Validity
            Not Before: Jun 10 12:28:44 2022 GMT
            Not After : Jun 10 12:28:44 2032 GMT
        Subject: CN=62a33901-4343
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:76:bb:52:04:15:f5:74:98:0d:d6:65:21:80:
                    2c:7d:18:64:8a:79:e7:ba:be:bc:35:3c:6e:28:0d:
                    ea:00:aa:44:ec:ec:d1:90:ef:50:38:db:fe:f0:82:
                    bb:c4:38:3d:17:1b:6f:16:9a:2c:9d:f0:09:b1:50:
                    0c:82:eb:d7:02:b5:c3:ca:a4:c4:32:a6:be:bd:40:
                    a6:e2:a8:98:e6:fb:09:26:e8:c6:ad:b7:f0:cf:4b:
                    c9:9d:01:1d:02:b4:68:86:e8:07:f0:9b:1f:87:32:
                    89:f7:8a:1a:0d:b3:14:5f:c5:53:61:27:1c:9c:b3:
                    4d:1f:c6:56:d3:bc:82:ff:1e:18:92:44:5d:dd:eb:
                    ea:5b:0f:b1:3b:a1:15:4a:b0:c6:5b:e1:43:02:21:
                    67:5a:41:27:6c:14:2d:df:f8:51:a0:c2:f9:b5:50:
                    ab:34:4e:eb:13:26:77:77:ba:de:c3:58:5c:eb:c4:
                    36:6e:8c:72:6d:9d:a6:a7:de:38:aa:a3:5a:cc:a9:
                    58:77:4d:ea:41:f3:83:bc:51:6f:da:96:76:5c:26:
                    66:f0:76:c9:01:2c:5b:49:75:37:9f:45:2f:05:a3:
                    6c:9b:fb:ca:4f:ae:89:85:84:dd:93:8f:18:1c:a9:
                    c1:b9:39:5c:7a:25:a0:5a:f9:9d:67:e8:9b:a8:9c:
                    c6:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:42:36:74:35:1E:7A:14:26:36:9F:63:95:1F:E0:80:C9:5D:2B:CF
            X509v3 Authority Key Identifier:
                keyid:82:72:C2:B8:B3:B3:89:EE:2B:7B:BD:4F:BD:55:09:67:6F:32:79:BB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/gnLCuLOzie4re71PvVUJZ28yebs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gnLCuLOzie4re71PvVUJZ28yebs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369C94E/E9D7D8AEE80D11EC977C9690F1222468/E1240ACEE8B811ECAE6643B2F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.192.0/21

    Signature Algorithm: sha256WithRSAEncryption
         02:ba:1f:83:18:be:72:e0:2e:80:1e:e0:62:91:88:6e:55:4c:
         a2:dd:44:52:35:22:4a:cb:97:e1:67:4d:d0:f9:a6:52:5a:77:
         f9:01:ec:4b:63:94:d0:b7:b9:7e:93:1b:34:ca:d1:56:0d:9a:
         52:37:bc:6d:9c:72:5c:e9:03:b1:97:db:90:6d:f2:47:1b:72:
         17:13:18:5a:ab:8a:54:0f:87:d4:43:18:25:4f:7c:85:ce:fc:
         05:85:06:77:57:6c:b2:88:8f:11:b2:9f:09:89:0d:65:11:51:
         a3:17:de:6b:f9:4a:40:0e:73:ca:5e:a6:00:47:90:cd:56:b4:
         f2:13:3f:69:9f:6f:95:42:64:06:e6:48:d9:29:bc:dd:83:4e:
         5f:91:6f:99:b6:6a:e3:d6:55:03:f2:43:32:6f:38:ee:0f:d0:
         54:af:28:68:04:8d:4e:51:48:77:45:82:21:a3:b8:a2:97:a0:
         da:aa:93:43:ab:1a:76:5e:34:1d:89:a4:9e:61:4d:77:08:74:
         39:a1:33:4a:ca:28:5a:b2:e8:65:e3:30:fa:76:dd:9a:a5:15:
         7d:14:20:d0:9a:af:9c:68:95:3c:5e:2f:29:bb:ad:ae:7b:7a:
         b5:66:53:52:8e:b0:99:87:08:88:f1:94:35:90:08:79:03:5b:
         00:92:cc:c1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY5
Qzk0RUFGMTEwLwYDVQQFEyg4MjcyQzJCOEIzQjM4OUVFMkI3QkJENEZCRDU1MDk2
NzZGMzI3OUJCMB4XDTIyMDYxMDEyMjg0NFoXDTMyMDYxMDEyMjg0NFowGDEWMBQG
A1UEAwwNNjJhMzM5MDEtNDM0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALd2u1IEFfV0mA3WZSGALH0YZIp557q+vDU8bigN6gCqROzs0ZDvUDjb/vCC
u8Q4PRcbbxaaLJ3wCbFQDILr1wK1w8qkxDKmvr1ApuKomOb7CSboxq238M9LyZ0B
HQK0aIboB/CbH4cyifeKGg2zFF/FU2EnHJyzTR/GVtO8gv8eGJJEXd3r6lsPsTuh
FUqwxlvhQwIhZ1pBJ2wULd/4UaDC+bVQqzRO6xMmd3e63sNYXOvENm6Mcm2dpqfe
OKqjWsypWHdN6kHzg7xRb9qWdlwmZvB2yQEsW0l1N59FLwWjbJv7yk+uiYWE3ZOP
GBypwbk5XHoloFr5nWfom6icxv0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTiQjZ0
NR56FCY2n2OVH+CAyV0rzzAfBgNVHSMEGDAWgBSCcsK4s7OJ7it7vU+9VQlnbzJ5
uzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUM5NEUvRTlEN0Q4QUVFODBEMTFFQzk3N0M5NjkwRjEyMjI0NjgvZ25MQ3VM
T3ppZTRyZTcxUHZWVUpaMjh5ZWJzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ25MQ3VMT3ppZTRyZTcxUHZWVUpaMjh5ZWJzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUM5NEUvRTlEN0Q4QUVFODBEMTFFQzk3N0M5NjkwRjEy
MjI0NjgvRTEyNDBBQ0VFOEI4MTFFQ0FFNjY0M0IyRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAylMwDANBgkqhkiG9w0BAQsF
AAOCAQEAArofgxi+cuAugB7gYpGIblVMot1EUjUiSsuX4WdN0PmmUlp3+QHsS2OU
0Le5fpMbNMrRVg2aUje8bZxyXOkDsZfbkG3yRxtyFxMYWquKVA+H1EMYJU98hc78
BYUGd1dssoiPEbKfCYkNZRFRoxfea/lKQA5zyl6mAEeQzVa08hM/aZ9vlUJkBuZI
2Sm83YNOX5FvmbZq49ZVA/JDMm847g/QVK8oaASNTlFId0WCIaO4opeg2qqTQ6sa
dl40HYmknmFNdwh0OaEzSsooWrLoZeMw+nbdmqUVfRQg0JqvnGiVPF4vKbutrnt6
tWZTUo6wmYcIiPGUNZAIeQNbAJLMwQ==
-----END CERTIFICATE-----