Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BB12F/5C09C380A7E511EFB56A0C52762E951A/ACD5EF52A92D11EFB660CA57762E951A.roa
File:                     ACD5EF52A92D11EFB660CA57762E951A.roa (raw, json)
Hash identifier:          x+lXF/o9k7izJiAJeM43TTxxkhFqOAoIEnFPFeHdVRM=
Subject key identifier:   68:2D:32:D7:9A:A1:33:11:94:F9:52:47:5A:D9:7F:77:67:22:A1:7E
Certificate issuer:       /CN=F36BB12FAF/serialNumber=1744BC20B7060579C93E4E2AA7E654289C2AF7CA
Certificate serial:       06
Authority key identifier: 17:44:BC:20:B7:06:05:79:C9:3E:4E:2A:A7:E6:54:28:9C:2A:F7:CA
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/F0S8ILcGBXnJPk4qp-ZUKJwq98o.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BB12F/5C09C380A7E511EFB56A0C52762E951A/ACD5EF52A92D11EFB660CA57762E951A.roa
Signing time:             Fri 22 Nov 2024 23:58:31 +0000
ROA not before:           Fri 22 Nov 2024 23:58:27 +0000
ROA not after:            Wed 31 Dec 2036 23:58:27 +0000
asID:                     37012
IP address blocks:        197.159.132.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BB12F/5C09C380A7E511EFB56A0C52762E951A/F0S8ILcGBXnJPk4qp-ZUKJwq98o.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BB12F/5C09C380A7E511EFB56A0C52762E951A/F0S8ILcGBXnJPk4qp-ZUKJwq98o.mft
                          rsync://rpki.afrinic.net/repository/afrinic/F0S8ILcGBXnJPk4qp-ZUKJwq98o.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 13 Apr 2025 00:12:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BB12FAF
        Validity
            Not Before: Nov 22 23:58:27 2024 GMT
            Not After : Dec 31 23:58:27 2036 GMT
        Subject: CN=67411aa7-18ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:44:62:d3:b3:2f:33:89:91:0e:98:55:cc:de:
                    59:a4:e1:7f:e4:14:4d:f7:f5:db:f5:61:43:0e:dd:
                    c2:af:7d:f8:f6:80:57:92:d8:f5:bf:be:4a:fb:89:
                    34:b5:7e:40:07:28:31:35:7f:0b:b5:44:eb:65:ff:
                    7d:c5:5a:0f:5c:49:a4:e3:6e:fc:9b:dd:d1:09:9b:
                    1c:29:ef:7d:34:c3:9b:5e:6c:d1:0d:72:20:b3:d1:
                    74:05:88:eb:2b:ba:fa:73:c8:41:2d:3b:d6:22:87:
                    97:82:65:dd:b3:d8:11:ec:42:7d:32:17:58:7b:b3:
                    0c:7c:0f:b3:f0:d5:34:73:89:0e:d3:4f:ad:5c:fb:
                    82:87:c5:da:2d:92:8e:a4:0b:ea:ce:fb:cf:1b:4d:
                    4f:5f:8a:d4:b3:af:ea:10:71:c8:51:87:ec:92:df:
                    12:f0:0e:e5:57:df:7f:11:53:6e:e8:de:8e:9c:60:
                    88:1f:88:57:77:49:53:5f:f1:11:a6:83:28:52:ee:
                    88:ec:1c:f7:00:b2:af:5a:0a:db:a2:e4:ba:04:9e:
                    37:12:9c:c7:b3:31:7b:66:27:5e:b6:ca:9e:cc:25:
                    1c:f8:4b:43:7f:aa:05:9d:3e:ba:0e:a4:0f:0e:9e:
                    87:a1:3b:6c:f2:fc:da:67:73:45:51:d8:1a:d9:d0:
                    5f:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:2D:32:D7:9A:A1:33:11:94:F9:52:47:5A:D9:7F:77:67:22:A1:7E
            X509v3 Authority Key Identifier:
                keyid:17:44:BC:20:B7:06:05:79:C9:3E:4E:2A:A7:E6:54:28:9C:2A:F7:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BB12F/5C09C380A7E511EFB56A0C52762E951A/F0S8ILcGBXnJPk4qp-ZUKJwq98o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/F0S8ILcGBXnJPk4qp-ZUKJwq98o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BB12F/5C09C380A7E511EFB56A0C52762E951A/ACD5EF52A92D11EFB660CA57762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.159.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:5d:8c:31:f9:b4:98:cc:5e:73:8f:fc:87:73:2b:e5:3a:dc:
         42:55:2a:e9:2f:a6:88:2c:6a:e3:0e:3e:52:22:39:3e:d4:a5:
         3b:a9:11:c5:28:f1:cf:ea:27:82:29:98:b5:93:2c:e9:2f:79:
         28:91:44:63:dd:e8:0e:fd:46:b1:a1:7c:49:06:c9:9b:8e:58:
         1a:f4:2b:ba:ee:3f:4b:ac:d6:98:3e:79:e9:37:a9:d8:88:7a:
         c6:3d:c0:1a:93:bf:75:61:2c:cc:2b:1c:a5:13:88:e8:a1:0f:
         a3:f3:ab:53:96:e3:40:a7:cd:22:36:15:d6:b8:39:e7:a6:38:
         14:8f:e5:93:06:e3:52:54:06:01:a1:58:df:1f:80:4f:09:a7:
         40:da:c6:e9:52:94:b8:5e:34:91:56:22:bf:71:c0:9b:79:a2:
         30:02:a5:a4:9f:42:0f:e5:67:58:fa:fb:d6:36:82:09:d8:44:
         96:a6:44:90:52:de:75:d2:8d:68:23:ec:c1:34:f5:82:d2:b7:
         52:e3:82:a3:8d:91:dd:a5:c8:49:8b:c4:21:32:22:ce:6c:82:
         36:af:8c:74:2c:72:2d:01:64:92:7d:89:0d:74:1f:c0:61:b6:
         1a:b9:ff:bd:60:27:d6:33:ca:3b:16:a0:21:8d:d8:4e:21:21:
         9a:3f:ba:6b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
QjEyRkFGMTEwLwYDVQQFEygxNzQ0QkMyMEI3MDYwNTc5QzkzRTRFMkFBN0U2NTQy
ODlDMkFGN0NBMB4XDTI0MTEyMjIzNTgyN1oXDTM2MTIzMTIzNTgyN1owGDEWMBQG
A1UEAxMNNjc0MTFhYTctMThlZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1EYtOzLzOJkQ6YVczeWaThf+QUTff12/VhQw7dwq99+PaAV5LY9b++SvuJ
NLV+QAcoMTV/C7VE62X/fcVaD1xJpONu/Jvd0QmbHCnvfTTDm15s0Q1yILPRdAWI
6yu6+nPIQS071iKHl4Jl3bPYEexCfTIXWHuzDHwPs/DVNHOJDtNPrVz7gofF2i2S
jqQL6s77zxtNT1+K1LOv6hBxyFGH7JLfEvAO5VfffxFTbujejpxgiB+IV3dJU1/x
EaaDKFLuiOwc9wCyr1oK26LkugSeNxKcx7Mxe2YnXrbKnswlHPhLQ3+qBZ0+ug6k
Dw6eh6E7bPL82mdzRVHYGtnQX8MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRoLTLX
mqEzEZT5Ukda2X93ZyKhfjAfBgNVHSMEGDAWgBQXRLwgtwYFeck+Tiqn5lQonCr3
yjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkIxMkYvNUMwOUMzODBBN0U1MTFFRkI1NkEwQzUyNzYyRTk1MUEvRjBTOElM
Y0dCWG5KUGs0cXAtWlVLSndxOThvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRjBTOElMY0dCWG5KUGs0cXAtWlVLSndxOThvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkIxMkYvNUMwOUMzODBBN0U1MTFFRkI1NkEwQzUyNzYy
RTk1MUEvQUNENUVGNTJBOTJEMTFFRkI2NjBDQTU3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMWfhDANBgkqhkiG9w0BAQsF
AAOCAQEAhl2MMfm0mMxec4/8h3Mr5TrcQlUq6S+miCxq4w4+UiI5PtSlO6kRxSjx
z+ongimYtZMs6S95KJFEY93oDv1GsaF8SQbJm45YGvQruu4/S6zWmD556Tep2Ih6
xj3AGpO/dWEszCscpROI6KEPo/OrU5bjQKfNIjYV1rg556Y4FI/lkwbjUlQGAaFY
3x+ATwmnQNrG6VKUuF40kVYiv3HAm3miMAKlpJ9CD+VnWPr71jaCCdhElqZEkFLe
ddKNaCPswTT1gtK3UuOCo42R3aXISYvEITIizmyCNq+MdCxyLQFkkn2JDXQfwGG2
Grn/vWAn1jPKOxagIY3YTiEhmj+6aw==
-----END CERTIFICATE-----