Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/731820EAFD6B11EFA5FAAE9C762E951A.roa
File:                     731820EAFD6B11EFA5FAAE9C762E951A.roa (raw, json)
Hash identifier:          WBg3iidspfXKbYNsCa9+4QR22QeQEUUkOPouJHSY0gU=
Subject key identifier:   D1:3C:0F:8B:FC:F6:17:FC:EF:13:73:5B:64:7F:A1:17:B1:51:F5:AF
Certificate issuer:       /CN=F36BC80AAF/serialNumber=8C8F8CE2AD55B9366BEC6EDF492CD9C1498E0664
Certificate serial:       0452
Authority key identifier: 8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/731820EAFD6B11EFA5FAAE9C762E951A.roa
Signing time:             Mon 10 Mar 2025 04:52:21 +0000
ROA not before:           Mon 10 Mar 2025 04:52:16 +0000
ROA not after:            Sat 31 Mar 2035 04:52:16 +0000
asID:                     59895
IP address blocks:        196.46.190.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1106 (0x452)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BC80AAF
        Validity
            Not Before: Mar 10 04:52:16 2025 GMT
            Not After : Mar 31 04:52:16 2035 GMT
        Subject: CN=67ce7005-9ed6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e8:6d:77:f5:12:94:c8:ed:79:50:5e:66:e0:
                    f7:db:b2:ee:30:55:8a:2a:71:94:94:a6:6b:18:26:
                    b6:c9:60:0a:52:75:97:82:6c:76:be:3a:e6:d5:dc:
                    dd:ea:50:99:85:fe:55:40:1a:af:bf:eb:28:09:50:
                    88:35:64:92:99:ba:4e:07:90:3e:f8:85:53:16:cb:
                    87:61:76:68:f7:14:f8:95:ad:6b:9e:69:55:b4:10:
                    83:c3:eb:0c:19:64:e2:9d:0e:88:11:ac:a6:a8:d2:
                    bd:7a:d8:ff:3a:9f:de:1b:ad:ea:dd:70:54:5c:90:
                    b4:4f:fd:80:cd:25:98:74:8b:37:b9:a5:89:95:9e:
                    3e:c6:0e:17:10:ab:27:a3:e9:65:d6:4d:bd:70:b9:
                    82:62:60:77:4f:1a:95:79:52:49:01:bc:9a:fd:10:
                    b6:dd:ea:f6:a9:00:90:47:3c:35:73:2f:46:6c:a9:
                    19:8f:b3:bc:0a:0c:0e:47:bc:4d:ae:a9:8d:07:30:
                    85:92:96:e5:c1:a6:96:10:9e:18:f0:35:03:af:a4:
                    7e:1c:61:e5:83:6a:0d:23:46:f5:78:fc:69:7e:5b:
                    55:c1:9e:c7:34:d7:07:15:c9:6f:76:83:14:fc:79:
                    dd:29:9a:16:5b:38:77:69:c3:00:ed:dc:b7:73:3e:
                    bb:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:3C:0F:8B:FC:F6:17:FC:EF:13:73:5B:64:7F:A1:17:B1:51:F5:AF
            X509v3 Authority Key Identifier:
                keyid:8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/731820EAFD6B11EFA5FAAE9C762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.46.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:09:4d:c6:52:e0:a8:c5:0f:3f:a5:a6:4d:9e:a1:f0:36:4c:
         85:bc:8a:e3:78:dc:14:8e:ab:a6:85:9d:41:f5:e2:b2:d3:0b:
         41:c0:09:84:9d:d2:a8:39:92:a8:41:08:25:13:dc:27:97:2e:
         5e:0e:86:47:c3:40:9a:5d:24:79:78:ec:7a:48:0d:5a:a1:99:
         54:b2:51:7f:0d:99:43:09:88:67:ae:8d:5a:09:81:75:89:ee:
         23:f6:b1:28:f3:a7:d7:40:1b:29:52:06:62:8b:9e:50:93:0e:
         56:f1:06:02:08:7d:4b:02:be:cc:1d:42:43:ca:27:44:79:38:
         c8:f9:68:70:d6:8d:ba:4e:af:46:d6:04:31:e6:7b:b5:18:50:
         be:9b:a6:f1:a9:95:2a:f3:ba:cb:df:da:94:cf:b5:39:23:bf:
         dd:8d:2b:12:ff:3f:48:c1:2d:8e:0d:40:e0:3b:3d:9f:e7:72:
         7c:7d:40:98:88:ee:01:e2:02:c2:a8:53:2f:73:d7:1c:26:93:
         95:6b:59:bd:9c:e0:ee:6a:a6:0a:b9:27:48:25:d4:54:39:c6:
         60:ec:4c:28:25:20:28:86:80:58:fc:b8:39:a1:1e:dc:94:81:
         a5:ed:01:29:33:03:d0:e1:e2:39:57:56:10:48:cf:23:ce:76:
         78:a0:7d:d5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBFIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkM4MEFBRjExMC8GA1UEBRMoOEM4RjhDRTJBRDU1QjkzNjZCRUM2RURGNDkyQ0Q5
QzE0OThFMDY2NDAeFw0yNTAzMTAwNDUyMTZaFw0zNTAzMzEwNDUyMTZaMBgxFjAU
BgNVBAMTDTY3Y2U3MDA1LTllZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCW6G139RKUyO15UF5m4Pfbsu4wVYoqcZSUpmsYJrbJYApSdZeCbHa+OubV
3N3qUJmF/lVAGq+/6ygJUIg1ZJKZuk4HkD74hVMWy4dhdmj3FPiVrWueaVW0EIPD
6wwZZOKdDogRrKao0r162P86n94brerdcFRckLRP/YDNJZh0ize5pYmVnj7GDhcQ
qyej6WXWTb1wuYJiYHdPGpV5UkkBvJr9ELbd6vapAJBHPDVzL0ZsqRmPs7wKDA5H
vE2uqY0HMIWSluXBppYQnhjwNQOvpH4cYeWDag0jRvV4/Gl+W1XBnsc01wcVyW92
gxT8ed0pmhZbOHdpwwDt3LdzPruHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0TwP
i/z2F/zvE3NbZH+hF7FR9a8wHwYDVR0jBBgwFoAUjI+M4q1VuTZr7G7fSSzZwUmO
BmQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYxMjIyNDY4L2pJLU00
cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pJLU00cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYx
MjIyNDY4LzczMTgyMEVBRkQ2QjExRUZBNUZBQUU5Qzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADELr4wDQYJKoZIhvcNAQEL
BQADggEBAGIJTcZS4KjFDz+lpk2eofA2TIW8iuN43BSOq6aFnUH14rLTC0HACYSd
0qg5kqhBCCUT3CeXLl4OhkfDQJpdJHl47HpIDVqhmVSyUX8NmUMJiGeujVoJgXWJ
7iP2sSjzp9dAGylSBmKLnlCTDlbxBgIIfUsCvswdQkPKJ0R5OMj5aHDWjbpOr0bW
BDHme7UYUL6bpvGplSrzusvf2pTPtTkjv92NKxL/P0jBLY4NQOA7PZ/ncnx9QJiI
7gHiAsKoUy9z1xwmk5VrWb2c4O5qpgq5J0gl1FQ5xmDsTCglICiGgFj8uDmhHtyU
gaXtASkzA9Dh4jlXVhBIzyPOdnigfdU=
-----END CERTIFICATE-----