Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/45A131960E8911EFB58ADB5E017001B1.roa
File:                     45A131960E8911EFB58ADB5E017001B1.roa (raw, json)
Hash identifier:          h14yox0jQvTPprZRCXkBDOwPFxmyJDOyS+ltHOkYJCY=
Subject key identifier:   13:5B:AD:E1:91:A0:62:EB:20:30:22:73:31:A5:29:EF:63:81:49:33
Certificate issuer:       /CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
Certificate serial:       1C
Authority key identifier: 4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/45A131960E8911EFB58ADB5E017001B1.roa
Signing time:             Fri 10 May 2024 04:53:41 +0000
ROA not before:           Fri 10 May 2024 04:53:38 +0000
ROA not after:            Mon 10 May 2027 04:53:38 +0000
asID:                     36867
IP address blocks:        196.1.125.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.mft
                          rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 04 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 28 (0x1c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
        Validity
            Not Before: May 10 04:53:38 2024 GMT
            Not After : May 10 04:53:38 2027 GMT
        Subject: CN=663da855-638d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:de:0a:fc:98:6c:ab:d7:24:03:2c:c1:ab:78:
                    04:80:dc:59:39:62:c6:ed:d5:1e:f8:f8:34:4a:b0:
                    06:c7:35:59:eb:e0:5c:3a:40:ee:c0:85:4e:37:35:
                    db:d6:54:9e:fb:4b:b3:1e:51:8a:69:d2:a3:b3:b0:
                    90:74:86:58:51:26:94:80:46:b6:04:26:34:86:46:
                    5e:07:31:43:b4:b3:eb:a9:d7:de:88:4c:ca:fa:06:
                    a8:aa:3f:a7:d8:35:e6:59:5a:41:cb:df:34:1e:3e:
                    72:dc:d8:e5:5b:d5:ce:1d:26:1e:3f:78:56:8b:a3:
                    f6:44:4b:29:9c:7f:81:aa:e1:5a:18:51:2b:32:ce:
                    c3:de:e2:79:52:24:00:b3:18:c6:2d:06:a6:29:f2:
                    e6:21:9e:ac:22:34:08:1b:e2:48:c7:0e:37:aa:11:
                    67:71:87:69:07:3a:9d:a2:ea:63:5a:e3:26:9f:4a:
                    ff:88:81:87:93:c4:02:63:64:3b:14:9f:68:9b:32:
                    d1:76:2f:88:b1:e9:b4:d9:fa:b8:2f:5b:b8:90:4e:
                    3c:98:64:43:59:72:6a:6d:4d:ce:a8:27:30:9f:1c:
                    ac:28:ca:4f:33:9f:66:ef:1e:ce:ea:59:c7:45:0c:
                    7f:3d:5a:80:7e:f8:6d:3e:82:ba:f0:4c:93:89:27:
                    fb:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:5B:AD:E1:91:A0:62:EB:20:30:22:73:31:A5:29:EF:63:81:49:33
            X509v3 Authority Key Identifier:
                keyid:4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/45A131960E8911EFB58ADB5E017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.1.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:4e:de:e0:67:62:76:ca:c7:6f:ef:fe:0f:fe:8f:60:43:ea:
         bc:24:90:57:76:17:99:99:17:00:e8:45:42:ef:fe:29:4a:f5:
         cc:d8:c4:9d:4b:7e:27:c3:2b:10:51:40:be:77:82:f7:43:39:
         9c:7d:4d:37:17:b5:55:0b:80:1f:c8:4f:a2:a0:ae:9f:cc:4a:
         ab:b7:49:6e:29:cf:27:4c:70:b1:bf:b6:de:7e:71:7f:d0:eb:
         43:47:28:52:06:4a:f4:65:24:aa:17:28:18:67:bb:26:07:a1:
         83:22:a2:d0:d3:ee:22:2f:e8:fe:4b:87:0e:4a:65:e9:ce:6e:
         01:c4:05:cf:5d:16:a8:ea:10:92:12:aa:6b:88:f2:0f:b8:f3:
         28:a8:5a:78:27:5e:7f:9c:75:ba:06:12:12:a5:58:a2:21:80:
         e6:4f:c1:78:16:2d:b8:8a:f5:c8:3f:e7:f6:ef:ca:dd:27:4f:
         3c:3a:58:36:1c:9e:fd:0b:71:5c:60:cb:49:34:f4:1c:ba:c1:
         5b:78:eb:07:7d:6c:63:1d:9c:6d:43:87:fd:51:bc:6c:d9:11:
         c6:af:54:ae:5d:73:ad:20:d4:c4:5a:58:6e:64:59:65:f0:1d:
         d3:16:f3:88:18:d7:49:1f:1e:85:67:90:dd:e5:2e:0f:fe:a1:
         fd:b7:95:3e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBHDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NzAyMUFGMTEwLwYDVQQFEyg0QjQ4NjYyMDA0MDg5RjVCQjY4MTk0QUIwNEI4MzBD
RDQzM0EyQjcwMB4XDTI0MDUxMDA0NTMzOFoXDTI3MDUxMDA0NTMzOFowGDEWMBQG
A1UEAxMNNjYzZGE4NTUtNjM4ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/eCvyYbKvXJAMswat4BIDcWTlixu3VHvj4NEqwBsc1WevgXDpA7sCFTjc1
29ZUnvtLsx5RimnSo7OwkHSGWFEmlIBGtgQmNIZGXgcxQ7Sz66nX3ohMyvoGqKo/
p9g15llaQcvfNB4+ctzY5VvVzh0mHj94Vouj9kRLKZx/garhWhhRKzLOw97ieVIk
ALMYxi0Gpiny5iGerCI0CBviSMcON6oRZ3GHaQc6naLqY1rjJp9K/4iBh5PEAmNk
OxSfaJsy0XYviLHptNn6uC9buJBOPJhkQ1lyam1NzqgnMJ8crCjKTzOfZu8ezupZ
x0UMfz1agH74bT6CuvBMk4kn+20CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQTW63h
kaBi6yAwInMxpSnvY4FJMzAfBgNVHSMEGDAWgBRLSGYgBAifW7aBlKsEuDDNQzor
cDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3MDAxQjEvUzBobUlB
UUluMXUyZ1pTckJMZ3d6VU02SzNBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUzBobUlBUUluMXUyZ1pTckJMZ3d6VU02SzNBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3
MDAxQjEvNDVBMTMxOTYwRTg5MTFFRkI1OEFEQjVFMDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMQBfTANBgkqhkiG9w0BAQsF
AAOCAQEAL07e4GdidsrHb+/+D/6PYEPqvCSQV3YXmZkXAOhFQu/+KUr1zNjEnUt+
J8MrEFFAvneC90M5nH1NNxe1VQuAH8hPoqCun8xKq7dJbinPJ0xwsb+23n5xf9Dr
Q0coUgZK9GUkqhcoGGe7JgehgyKi0NPuIi/o/kuHDkpl6c5uAcQFz10WqOoQkhKq
a4jyD7jzKKhaeCdef5x1ugYSEqVYoiGA5k/BeBYtuIr1yD/n9u/K3SdPPDpYNhye
/QtxXGDLSTT0HLrBW3jrB31sYx2cbUOH/VG8bNkRxq9Url1zrSDUxFpYbmRZZfAd
0xbziBjXSR8ehWeQ3eUuD/6h/beVPg==
-----END CERTIFICATE-----