Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/8F299E2C7BEC11EFA9BB029E762E951A.roa
File:                     8F299E2C7BEC11EFA9BB029E762E951A.roa (raw, json)
Hash identifier:          tfHTBK6vnY+YBhFxpvxT4QzHXlDBW8NE/EQetOrIEuQ=
Subject key identifier:   1C:61:1C:2D:19:25:EE:F9:C3:82:40:F4:CB:7A:B0:2B:B2:30:E9:AE
Certificate issuer:       /CN=F36B35B7AF/serialNumber=E38937DE377A183822308BE399F0E16DD21E730D
Certificate serial:       19
Authority key identifier: E3:89:37:DE:37:7A:18:38:22:30:8B:E3:99:F0:E1:6D:D2:1E:73:0D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/44k33jd6GDgiMIvjmfDhbdIecw0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/8F299E2C7BEC11EFA9BB029E762E951A.roa
Signing time:             Thu 26 Sep 2024 09:49:02 +0000
ROA not before:           Thu 26 Sep 2024 09:48:58 +0000
ROA not after:            Sun 17 Nov 2030 09:48:58 +0000
asID:                     37395
IP address blocks:        102.165.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/44k33jd6GDgiMIvjmfDhbdIecw0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/44k33jd6GDgiMIvjmfDhbdIecw0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/44k33jd6GDgiMIvjmfDhbdIecw0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Feb 2025 03:12:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25 (0x19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B35B7AF
        Validity
            Not Before: Sep 26 09:48:58 2024 GMT
            Not After : Nov 17 09:48:58 2030 GMT
        Subject: CN=66f52e0d-90c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:08:c8:65:91:c3:1f:ad:01:89:d4:69:f5:21:
                    0c:61:31:ba:49:93:83:0e:11:28:ab:d7:18:7a:ae:
                    80:ed:13:fc:ee:b1:6e:65:e6:ff:d6:34:b0:76:d8:
                    fd:ae:bf:83:73:f3:46:0f:92:be:f7:c5:7d:c4:87:
                    09:34:c8:e8:e3:46:4a:5b:0e:42:5d:63:5f:e0:28:
                    ba:77:76:b5:00:94:38:e1:05:69:7c:2c:1f:60:35:
                    60:89:44:50:1f:97:00:13:0e:44:a2:72:14:b8:d7:
                    ba:0e:b6:28:a0:51:e1:41:87:be:b2:a2:d1:38:1f:
                    ef:08:a7:37:e8:38:b1:d6:c4:08:bf:ad:2b:0b:61:
                    a1:b3:c3:f8:5d:61:8b:5c:a7:83:4b:0a:a2:ef:aa:
                    d4:a1:94:95:25:f3:85:27:91:34:fe:9e:a0:00:11:
                    7b:38:66:d4:77:a0:3f:02:0c:e3:b7:c2:3d:10:ef:
                    7e:75:49:a9:dd:bb:ed:96:77:4a:00:b7:d4:80:d3:
                    57:92:1a:9a:a7:68:f6:b1:23:21:10:27:14:c2:9f:
                    98:09:2f:cf:0d:17:04:7c:65:ba:5d:d2:f1:7c:2b:
                    3a:25:b0:0f:09:a7:4f:e3:9d:d2:90:96:b2:64:44:
                    35:8c:ee:ca:01:0f:35:d5:ed:2f:c9:0d:d0:5b:d8:
                    a5:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:61:1C:2D:19:25:EE:F9:C3:82:40:F4:CB:7A:B0:2B:B2:30:E9:AE
            X509v3 Authority Key Identifier:
                keyid:E3:89:37:DE:37:7A:18:38:22:30:8B:E3:99:F0:E1:6D:D2:1E:73:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/44k33jd6GDgiMIvjmfDhbdIecw0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/44k33jd6GDgiMIvjmfDhbdIecw0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B35B7/86A7F99073F111EF93569567762E951A/8F299E2C7BEC11EFA9BB029E762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.165.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:01:60:3d:b7:bb:b1:9b:32:45:98:62:67:e4:2b:26:59:4b:
         b3:0c:87:d7:97:40:74:c9:5b:3c:27:76:f1:5a:89:ca:7b:1c:
         ea:03:5c:c9:69:46:9b:bd:70:91:d0:f3:56:f1:74:84:09:f9:
         84:89:dd:1b:fc:eb:91:87:1e:83:d1:b9:3e:af:81:1d:31:fc:
         32:4e:83:f0:9a:fa:3f:49:6f:be:91:8f:e4:06:ba:c2:4b:33:
         b5:50:6a:9a:db:c3:c8:2b:92:77:b0:8a:b0:ff:a1:bc:f5:16:
         55:af:6f:57:3a:db:d2:7f:c4:39:6b:f7:1b:41:b5:f0:e8:32:
         7f:b0:64:ff:f9:1f:2e:f7:27:c6:66:83:01:73:56:1c:6a:39:
         a5:e4:af:c8:59:74:b0:a4:94:05:05:e4:04:03:65:46:f6:81:
         ce:91:f3:4a:b0:b5:36:b2:d5:44:c5:49:46:bc:fd:18:2f:ff:
         9b:d6:e5:9d:91:7c:fa:a6:53:aa:db:b9:65:0f:dc:38:7b:d4:
         9a:19:18:bb:1c:6f:b8:cb:42:ac:4e:21:94:52:3f:ed:9f:c1:
         db:67:52:b8:d6:66:65:58:92:9d:1a:9a:b6:e7:1b:58:04:2e:
         21:1a:ec:26:83:2b:89:fc:03:65:30:f3:41:cf:e0:9f:52:89:
         c9:ec:19:37
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBGTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
MzVCN0FGMTEwLwYDVQQFEyhFMzg5MzdERTM3N0ExODM4MjIzMDhCRTM5OUYwRTE2
REQyMUU3MzBEMB4XDTI0MDkyNjA5NDg1OFoXDTMwMTExNzA5NDg1OFowGDEWMBQG
A1UEAxMNNjZmNTJlMGQtOTBjNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsIyGWRwx+tAYnUafUhDGExukmTgw4RKKvXGHqugO0T/O6xbmXm/9Y0sHbY
/a6/g3PzRg+SvvfFfcSHCTTI6ONGSlsOQl1jX+Aound2tQCUOOEFaXwsH2A1YIlE
UB+XABMORKJyFLjXug62KKBR4UGHvrKi0Tgf7winN+g4sdbECL+tKwthobPD+F1h
i1yng0sKou+q1KGUlSXzhSeRNP6eoAARezhm1HegPwIM47fCPRDvfnVJqd277ZZ3
SgC31IDTV5Iamqdo9rEjIRAnFMKfmAkvzw0XBHxlul3S8XwrOiWwDwmnT+Od0pCW
smRENYzuygEPNdXtL8kN0FvYpeUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQcYRwt
GSXu+cOCQPTLerArsjDprjAfBgNVHSMEGDAWgBTjiTfeN3oYOCIwi+OZ8OFt0h5z
DTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjM1QjcvODZBN0Y5OTA3M0YxMTFFRjkzNTY5NTY3NzYyRTk1MUEvNDRrMzNq
ZDZHRGdpTUl2am1mRGhiZEllY3cwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNDRrMzNqZDZHRGdpTUl2am1mRGhiZEllY3cwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjM1QjcvODZBN0Y5OTA3M0YxMTFFRjkzNTY5NTY3NzYy
RTk1MUEvOEYyOTlFMkM3QkVDMTFFRkE5QkIwMjlFNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGalgDANBgkqhkiG9w0BAQsF
AAOCAQEAtAFgPbe7sZsyRZhiZ+QrJllLswyH15dAdMlbPCd28VqJynsc6gNcyWlG
m71wkdDzVvF0hAn5hIndG/zrkYceg9G5Pq+BHTH8Mk6D8Jr6P0lvvpGP5Aa6wksz
tVBqmtvDyCuSd7CKsP+hvPUWVa9vVzrb0n/EOWv3G0G18Ogyf7Bk//kfLvcnxmaD
AXNWHGo5peSvyFl0sKSUBQXkBANlRvaBzpHzSrC1NrLVRMVJRrz9GC//m9blnZF8
+qZTqtu5ZQ/cOHvUmhkYuxxvuMtCrE4hlFI/7Z/B22dSuNZmZViSnRqatucbWAQu
IRrsJoMrifwDZTDzQc/gn1KJyewZNw==
-----END CERTIFICATE-----