Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CC8EB/B8DAD9A6B0ED11EC8494D0815A40D577/79EE3F02B0EE11ECBF890E845A40D577.roa
File:                     79EE3F02B0EE11ECBF890E845A40D577.roa (raw, json)
Hash identifier:          Ubonh4WupVYX7KDVzMvxh6Y6MxDnvCg7ttFECjnjgfI=
Subject key identifier:   A2:EE:3C:D2:FC:80:51:A3:3E:92:AC:72:4C:7F:40:CE:1B:38:BE:47
Certificate issuer:       /CN=F36CC8EBAF/serialNumber=86D5F6042E46689FE5A503E7D2DF89F0E3FC9214
Certificate serial:       02
Authority key identifier: 86:D5:F6:04:2E:46:68:9F:E5:A5:03:E7:D2:DF:89:F0:E3:FC:92:14
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/htX2BC5GaJ_lpQPn0t-J8OP8khQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36CC8EB/B8DAD9A6B0ED11EC8494D0815A40D577/79EE3F02B0EE11ECBF890E845A40D577.roa
Signing time:             Thu 31 Mar 2022 12:31:24 +0000
ROA not before:           Thu 31 Mar 2022 12:31:19 +0000
ROA not after:            Wed 31 Mar 2027 12:31:19 +0000
asID:                     29091
IP address blocks:        41.184.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36CC8EB/B8DAD9A6B0ED11EC8494D0815A40D577/htX2BC5GaJ_lpQPn0t-J8OP8khQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36CC8EB/B8DAD9A6B0ED11EC8494D0815A40D577/htX2BC5GaJ_lpQPn0t-J8OP8khQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/htX2BC5GaJ_lpQPn0t-J8OP8khQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 23 Jun 2024 00:04:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36CC8EBAF/serialNumber=86D5F6042E46689FE5A503E7D2DF89F0E3FC9214
        Validity
            Not Before: Mar 31 12:31:19 2022 GMT
            Not After : Mar 31 12:31:19 2027 GMT
        Subject: CN=62459f1c-d563
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:94:cc:29:38:74:26:8b:34:38:98:fc:ba:4a:
                    5a:3f:c7:92:89:ed:f5:87:50:0a:39:fb:7d:5c:89:
                    21:4d:25:94:f1:4c:68:61:47:2d:d9:6e:04:19:f9:
                    6f:ac:cd:33:ad:b1:97:fc:ac:71:e4:1a:86:24:fb:
                    1f:58:00:51:d4:62:1a:be:0b:f5:39:73:4f:ac:8c:
                    53:6b:74:24:8a:b1:43:e9:8a:f5:c1:c0:8b:c2:7e:
                    c0:3d:34:52:3f:87:30:4b:a4:f7:7c:7f:44:ae:1b:
                    3e:fe:31:e8:93:65:55:92:4f:f7:b7:70:b8:a4:b7:
                    72:bb:69:7b:2c:ad:aa:70:91:ad:65:3a:70:df:06:
                    e8:ae:64:2e:ca:80:54:7e:97:56:cc:f4:5d:a2:e5:
                    30:2c:91:fe:c1:7d:08:d0:00:77:94:30:54:9f:7b:
                    8d:15:b6:c3:00:93:0a:ce:ab:86:d2:07:73:1e:6d:
                    48:54:a7:1d:2e:1a:6b:30:a5:fb:aa:c2:aa:ac:18:
                    a3:fc:0a:cb:ba:49:68:a5:ad:6b:17:28:19:87:58:
                    35:fa:b7:74:f2:85:6b:73:40:f3:fd:a9:56:83:6a:
                    95:46:77:7b:ef:0e:db:20:21:06:46:78:1b:37:84:
                    80:6e:86:34:37:d2:63:91:93:6c:cc:a1:d5:70:3a:
                    6b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:EE:3C:D2:FC:80:51:A3:3E:92:AC:72:4C:7F:40:CE:1B:38:BE:47
            X509v3 Authority Key Identifier:
                keyid:86:D5:F6:04:2E:46:68:9F:E5:A5:03:E7:D2:DF:89:F0:E3:FC:92:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36CC8EB/B8DAD9A6B0ED11EC8494D0815A40D577/htX2BC5GaJ_lpQPn0t-J8OP8khQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/htX2BC5GaJ_lpQPn0t-J8OP8khQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CC8EB/B8DAD9A6B0ED11EC8494D0815A40D577/79EE3F02B0EE11ECBF890E845A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.184.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ad:53:dc:7b:3a:6d:cd:77:ee:95:55:3b:73:0e:2d:94:c3:6e:
         d8:e2:64:f8:a6:90:08:3e:5b:98:7c:48:6f:a2:1a:c6:a4:ed:
         c4:b0:60:0c:fe:f2:db:d6:8e:2b:45:32:d1:89:33:e3:a1:e7:
         6e:24:50:6f:5e:6a:26:99:bb:e0:36:7d:82:4f:07:50:21:c9:
         a7:40:9c:33:7a:a7:49:46:56:74:3e:85:8c:25:14:e4:9c:79:
         e2:0b:2f:e7:18:58:eb:d6:31:d8:18:06:60:9b:d0:a7:9e:eb:
         7e:d8:04:3c:e3:05:30:8c:86:29:1d:60:12:4f:3e:91:d3:cc:
         61:e3:30:9a:62:3c:21:31:a8:e4:6a:43:eb:51:01:15:9f:d3:
         4e:5c:30:b5:d5:5f:56:20:e3:ac:a6:5e:3d:72:73:bc:ba:d1:
         02:1d:ad:e5:f6:7d:5a:41:75:f0:3a:7d:f0:0d:d1:a8:b9:ca:
         1b:cd:98:a5:f1:56:1a:27:28:e8:93:ae:77:73:88:33:e9:42:
         08:7b:d9:16:03:00:b6:d6:07:a9:8f:07:58:19:95:2b:25:27:
         d7:e8:c5:60:03:36:7e:d5:ec:4e:d1:24:60:10:05:da:c1:d8:
         60:50:7b:f2:bc:17:85:75:7f:0a:4f:64:8d:55:93:86:69:fc:
         8b:d9:6d:2a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZD
QzhFQkFGMTEwLwYDVQQFEyg4NkQ1RjYwNDJFNDY2ODlGRTVBNTAzRTdEMkRGODlG
MEUzRkM5MjE0MB4XDTIyMDMzMTEyMzExOVoXDTI3MDMzMTEyMzExOVowGDEWMBQG
A1UEAwwNNjI0NTlmMWMtZDU2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+UzCk4dCaLNDiY/LpKWj/Hkont9YdQCjn7fVyJIU0llPFMaGFHLdluBBn5
b6zNM62xl/ysceQahiT7H1gAUdRiGr4L9TlzT6yMU2t0JIqxQ+mK9cHAi8J+wD00
Uj+HMEuk93x/RK4bPv4x6JNlVZJP97dwuKS3crtpeyytqnCRrWU6cN8G6K5kLsqA
VH6XVsz0XaLlMCyR/sF9CNAAd5QwVJ97jRW2wwCTCs6rhtIHcx5tSFSnHS4aazCl
+6rCqqwYo/wKy7pJaKWtaxcoGYdYNfq3dPKFa3NA8/2pVoNqlUZ3e+8O2yAhBkZ4
GzeEgG6GNDfSY5GTbMyh1XA6a9UCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBSi7jzS
/IBRoz6SrHJMf0DOGzi+RzAfBgNVHSMEGDAWgBSG1fYELkZon+WlA+fS34nw4/yS
FDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0M4RUIvQjhEQUQ5QTZCMEVEMTFFQzg0OTREMDgxNUE0MEQ1NzcvaHRYMkJD
NUdhSl9scFFQbjB0LUo4T1A4a2hRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaHRYMkJDNUdhSl9scFFQbjB0LUo4T1A4a2hRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0M4RUIvQjhEQUQ5QTZCMEVEMTFFQzg0OTREMDgxNUE0
MEQ1NzcvNzlFRTNGMDJCMEVFMTFFQ0JGODkwRTg0NUE0MEQ1Nzcucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDACm4MA0GCSqGSIb3DQEBCwUA
A4IBAQCtU9x7Om3Nd+6VVTtzDi2Uw27Y4mT4ppAIPluYfEhvohrGpO3EsGAM/vLb
1o4rRTLRiTPjoeduJFBvXmommbvgNn2CTwdQIcmnQJwzeqdJRlZ0PoWMJRTknHni
Cy/nGFjr1jHYGAZgm9Cnnut+2AQ84wUwjIYpHWASTz6R08xh4zCaYjwhMajkakPr
UQEVn9NOXDC11V9WIOOspl49cnO8utECHa3l9n1aQXXwOn3wDdGoucobzZil8VYa
Jyjok653c4gz6UIIe9kWAwC21gepjwdYGZUrJSfX6MVgAzZ+1exO0SRgEAXawdhg
UHvyvBeFdX8KT2SNVZOGafyL2W0q
-----END CERTIFICATE-----