Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/E67C4F66FD2A11EFAFF97E57762E951A.roa
File:                     E67C4F66FD2A11EFAFF97E57762E951A.roa (raw, json)
Hash identifier:          0KEac1L9NXZHhaATxDUbvggLHQuqEfxaMAc1BKGdXv0=
Subject key identifier:   01:81:9D:94:85:4F:99:6D:4B:10:B0:FA:B3:18:67:2C:9E:17:F5:B2
Certificate issuer:       /CN=F36BC80AAF/serialNumber=8C8F8CE2AD55B9366BEC6EDF492CD9C1498E0664
Certificate serial:       044D
Authority key identifier: 8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/E67C4F66FD2A11EFAFF97E57762E951A.roa
Signing time:             Sun 09 Mar 2025 21:10:17 +0000
ROA not before:           Sun 09 Mar 2025 21:10:13 +0000
ROA not after:            Sat 31 Mar 2035 21:10:13 +0000
asID:                     59895
IP address blocks:        196.46.191.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1101 (0x44d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BC80AAF
        Validity
            Not Before: Mar  9 21:10:13 2025 GMT
            Not After : Mar 31 21:10:13 2035 GMT
        Subject: CN=67ce03b9-263b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:39:07:4b:c8:38:ce:ca:d0:30:b7:66:c1:d3:
                    96:20:bd:f4:b3:17:5a:01:af:e9:e4:bc:00:23:d8:
                    c8:92:08:2d:ca:72:b2:3d:68:5c:66:a2:b7:2a:e2:
                    6a:90:6a:a9:3c:07:53:57:e9:f0:51:ee:b1:70:55:
                    5f:2f:41:9e:03:ec:85:f0:d8:59:09:5d:e4:02:3e:
                    90:ca:41:6a:70:67:2e:44:26:0a:cd:96:69:ef:53:
                    c0:2e:81:cd:33:13:da:1b:bc:a8:2e:28:b8:0f:6b:
                    cc:fd:20:96:14:93:3f:1b:b5:85:b1:38:7e:ae:e8:
                    a1:1a:b5:55:22:7f:44:64:9f:cc:1a:fe:73:c6:09:
                    18:9c:90:68:4d:66:1b:a9:51:52:97:70:db:25:58:
                    c8:8c:14:b1:76:1a:62:22:fc:b4:53:2a:fc:31:c5:
                    2d:2a:37:bd:d9:09:d3:84:68:6c:9b:84:4a:ec:6b:
                    ef:b6:57:61:fb:c9:3e:b7:db:3a:86:30:a5:e4:56:
                    64:6e:17:6e:64:29:13:0c:ef:ed:ba:91:40:10:2d:
                    7e:fd:7b:05:ea:f2:d6:65:72:7a:d1:32:03:77:1a:
                    cd:69:88:78:17:2e:f7:b1:23:27:29:c7:5b:13:6a:
                    20:1f:76:20:66:e5:5c:2a:ea:1b:d3:6d:5c:9a:c0:
                    19:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:81:9D:94:85:4F:99:6D:4B:10:B0:FA:B3:18:67:2C:9E:17:F5:B2
            X509v3 Authority Key Identifier:
                keyid:8C:8F:8C:E2:AD:55:B9:36:6B:EC:6E:DF:49:2C:D9:C1:49:8E:06:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jI-M4q1VuTZr7G7fSSzZwUmOBmQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BC80A/472EF5B2E75C11EC9D7F90D8F1222468/E67C4F66FD2A11EFAFF97E57762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.46.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:c1:bd:ae:ed:6c:78:79:93:50:f0:65:1f:c1:c1:34:e4:bf:
         98:0d:4b:ca:5a:ce:5b:9e:cd:6d:3a:a7:51:d9:30:ee:6a:f0:
         12:97:c7:7e:59:98:b2:b9:86:7a:10:c1:d3:4a:81:50:07:44:
         dd:e3:b3:bb:a7:44:7c:16:e2:8e:94:fc:fe:3a:bf:17:fe:27:
         96:35:b3:a9:d0:75:f9:b8:f2:20:af:88:3b:7b:17:b3:d9:ce:
         2a:24:52:9c:23:a7:ef:57:75:a7:9d:3f:8f:84:ff:43:ad:8c:
         6b:b8:da:3f:ec:96:99:13:b6:46:86:52:93:f5:99:b5:c7:d5:
         d2:b9:4e:ef:8a:9b:ae:c0:6a:f4:4f:4a:b7:20:ff:4c:a9:a3:
         47:e7:3c:9d:64:dc:29:8f:a1:42:5a:20:c2:34:65:e9:35:47:
         1e:b7:e1:f5:5f:5c:80:b9:56:82:7f:6d:af:ff:3b:b4:7f:6f:
         98:e6:1e:24:49:0c:48:b6:0b:1d:6b:fb:c8:ec:6f:37:28:4b:
         67:ca:a2:fd:32:10:df:3a:94:77:18:4a:65:5d:50:6d:64:58:
         67:8b:09:e0:f7:c1:68:15:b3:d4:d1:e0:ce:46:d9:4c:7f:81:
         bd:06:6e:77:3d:be:e1:cf:ee:da:88:4e:b7:88:6f:c1:c7:33:
         8d:af:66:a1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBE0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QkM4MEFBRjExMC8GA1UEBRMoOEM4RjhDRTJBRDU1QjkzNjZCRUM2RURGNDkyQ0Q5
QzE0OThFMDY2NDAeFw0yNTAzMDkyMTEwMTNaFw0zNTAzMzEyMTEwMTNaMBgxFjAU
BgNVBAMTDTY3Y2UwM2I5LTI2M2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDIOQdLyDjOytAwt2bB05YgvfSzF1oBr+nkvAAj2MiSCC3KcrI9aFxmorcq
4mqQaqk8B1NX6fBR7rFwVV8vQZ4D7IXw2FkJXeQCPpDKQWpwZy5EJgrNlmnvU8Au
gc0zE9obvKguKLgPa8z9IJYUkz8btYWxOH6u6KEatVUif0Rkn8wa/nPGCRickGhN
ZhupUVKXcNslWMiMFLF2GmIi/LRTKvwxxS0qN73ZCdOEaGybhErsa++2V2H7yT63
2zqGMKXkVmRuF25kKRMM7+26kUAQLX79ewXq8tZlcnrRMgN3Gs1piHgXLvexIycp
x1sTaiAfdiBm5Vwq6hvTbVyawBmVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUAYGd
lIVPmW1LELD6sxhnLJ4X9bIwHwYDVR0jBBgwFoAUjI+M4q1VuTZr7G7fSSzZwUmO
BmQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYxMjIyNDY4L2pJLU00
cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pJLU00cTFWdVRacjdHN2ZTU3pad1VtT0JtUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkJDODBBLzQ3MkVGNUIyRTc1QzExRUM5RDdGOTBEOEYx
MjIyNDY4L0U2N0M0RjY2RkQyQTExRUZBRkY5N0U1Nzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADELr8wDQYJKoZIhvcNAQEL
BQADggEBABXBva7tbHh5k1DwZR/BwTTkv5gNS8pazluezW06p1HZMO5q8BKXx35Z
mLK5hnoQwdNKgVAHRN3js7unRHwW4o6U/P46vxf+J5Y1s6nQdfm48iCviDt7F7PZ
ziokUpwjp+9XdaedP4+E/0OtjGu42j/slpkTtkaGUpP1mbXH1dK5Tu+Km67AavRP
Srcg/0ypo0fnPJ1k3CmPoUJaIMI0Zek1Rx634fVfXIC5VoJ/ba//O7R/b5jmHiRJ
DEi2Cx1r+8jsbzcoS2fKov0yEN86lHcYSmVdUG1kWGeLCeD3wWgVs9TR4M5G2Ux/
gb0Gbnc9vuHP7tqITreIb8HHM42vZqE=
-----END CERTIFICATE-----