Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/FBFA4C90E06E11EF87F2F9A9762E951A.roa
File:                     FBFA4C90E06E11EF87F2F9A9762E951A.roa (raw, json)
Hash identifier:          oV526bUSVjnbh/hqM0EEIKGSmaWKBsdnxNGAaxT6u1Y=
Subject key identifier:   C9:2B:F2:D1:BD:5A:6B:8D:D6:C8:1C:AE:35:87:89:72:3C:6C:A8:AD
Certificate issuer:       /CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Certificate serial:       02B3
Authority key identifier: 87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/FBFA4C90E06E11EF87F2F9A9762E951A.roa
Signing time:             Sat 01 Feb 2025 07:34:35 +0000
ROA not before:           Sat 01 Feb 2025 07:34:31 +0000
ROA not after:            Tue 01 Jan 2030 07:34:31 +0000
asID:                     37684
IP address blocks:        2c0f:f408:1000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 691 (0x2b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E2B8CAF
        Validity
            Not Before: Feb  1 07:34:31 2025 GMT
            Not After : Jan  1 07:34:31 2030 GMT
        Subject: CN=679dce8b-b5f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:69:46:b6:51:4c:7d:39:a0:2a:6a:e3:e3:f0:
                    d5:bc:81:b9:dd:9b:43:86:19:4a:21:89:18:b3:ae:
                    39:86:5b:31:04:53:8a:3b:59:a8:78:83:a2:a0:8c:
                    68:00:ed:39:cc:7b:ba:38:8b:1b:0e:e2:26:43:b8:
                    55:f7:e3:ce:e8:a6:b7:f2:7d:34:4a:11:6d:05:de:
                    73:f3:e5:9e:2e:33:1b:b1:5a:ea:fa:b5:b7:76:60:
                    68:b1:1b:72:2a:45:88:fb:95:ec:68:15:ea:5d:55:
                    15:75:8e:d2:ae:ca:df:ad:80:5d:e2:b7:92:55:e0:
                    84:da:59:0a:c9:ba:1b:fc:39:4f:43:e0:fc:66:3e:
                    ac:3c:3d:72:36:f4:67:db:06:e4:76:79:14:93:9a:
                    fd:6a:b4:a7:98:38:42:c0:ba:e3:6f:69:11:d7:8d:
                    91:87:9b:9e:65:ec:a7:14:7f:70:1c:5c:ef:35:7c:
                    8d:f0:11:f4:ba:9e:05:90:74:90:50:d6:5d:a6:a4:
                    3b:bf:c8:25:fb:ff:6a:d0:65:1f:38:91:6e:8d:d5:
                    50:c2:86:e5:dc:81:83:ec:e0:dc:2a:d3:08:f0:bb:
                    fa:c0:c1:46:2b:ad:7a:a7:9c:06:e3:f7:8d:7c:8a:
                    0c:ca:65:25:e9:8e:88:2a:1e:e8:c6:f9:8d:e3:b5:
                    69:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:2B:F2:D1:BD:5A:6B:8D:D6:C8:1C:AE:35:87:89:72:3C:6C:A8:AD
            X509v3 Authority Key Identifier:
                keyid:87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/FBFA4C90E06E11EF87F2F9A9762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f408:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         56:e8:51:20:12:c0:9b:10:13:89:b0:20:9f:08:92:89:a7:c9:
         be:80:21:79:ef:9d:3a:b8:b8:a1:ee:11:b6:fb:13:9a:28:5d:
         d0:14:20:3d:27:e0:de:22:4b:2e:c1:90:72:86:3e:7d:b9:ae:
         65:2d:13:43:95:9d:19:bc:76:b6:f9:12:64:27:c3:c6:c1:a2:
         52:fb:00:28:73:51:8d:cd:cb:e0:ee:56:bb:1b:33:0f:58:0f:
         7b:76:de:75:48:e9:23:af:f3:53:6c:8e:79:f8:06:2b:d5:b7:
         5d:e6:9c:e9:33:01:a4:21:c8:ad:e2:e8:6f:f4:b1:91:c8:33:
         93:be:b1:6a:0b:55:b9:14:6b:62:9d:56:1f:ef:c5:6e:ce:51:
         69:3e:89:8e:9d:30:fe:3e:37:8e:e2:e5:e1:94:03:56:36:02:
         85:2f:26:b6:0a:8d:af:5d:02:31:cf:3b:1a:b4:40:11:8b:68:
         ae:cb:66:0c:41:92:bf:fa:b8:04:b6:b4:bc:4e:1b:ed:16:2b:
         15:1c:4e:48:b1:e0:bf:df:16:69:dd:b9:d3:f4:54:56:57:a6:
         07:84:42:df:21:13:01:a5:5a:a9:2e:18:6d:d5:3f:d0:16:7d:
         d2:6a:1f:7f:9a:6f:1e:de:02:18:07:c3:8e:78:ce:b4:1b:e6:
         f5:4b:c0:76
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICArMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTJCOENBRjExMC8GA1UEBRMoODcyMTMwRTY5QjNGQjgwMzVCMUIyNUQzRjZGQjk3
NEEyQTA3OEVDQzAeFw0yNTAyMDEwNzM0MzFaFw0zMDAxMDEwNzM0MzFaMBgxFjAU
BgNVBAMTDTY3OWRjZThiLWI1ZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDOaUa2UUx9OaAqauPj8NW8gbndm0OGGUohiRizrjmGWzEEU4o7Wah4g6Kg
jGgA7TnMe7o4ixsO4iZDuFX3487oprfyfTRKEW0F3nPz5Z4uMxuxWur6tbd2YGix
G3IqRYj7lexoFepdVRV1jtKuyt+tgF3it5JV4ITaWQrJuhv8OU9D4PxmPqw8PXI2
9GfbBuR2eRSTmv1qtKeYOELAuuNvaRHXjZGHm55l7KcUf3AcXO81fI3wEfS6ngWQ
dJBQ1l2mpDu/yCX7/2rQZR84kW6N1VDChuXcgYPs4Nwq0wjwu/rAwUYrrXqnnAbj
9418igzKZSXpjogqHujG+Y3jtWnfAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUySvy
0b1aa43WyByuNYeJcjxsqK0wHwYDVR0jBBgwFoAUhyEw5ps/uANbGyXT9vuXSioH
jswwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRBRDlFNkZDL2h5RXc1
cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2h5RXc1cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRB
RDlFNkZDL0ZCRkE0QzkwRTA2RTExRUY4N0YyRjlBOTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAsD/QIEDANBgkqhkiG9w0B
AQsFAAOCAQEAVuhRIBLAmxATibAgnwiSiafJvoAhee+dOri4oe4RtvsTmihd0BQg
PSfg3iJLLsGQcoY+fbmuZS0TQ5WdGbx2tvkSZCfDxsGiUvsAKHNRjc3L4O5Wuxsz
D1gPe3bedUjpI6/zU2yOefgGK9W3Xeac6TMBpCHIreLob/Sxkcgzk76xagtVuRRr
Yp1WH+/Fbs5RaT6Jjp0w/j43juLl4ZQDVjYChS8mtgqNr10CMc87GrRAEYtorstm
DEGSv/q4BLa0vE4b7RYrFRxOSLHgv98Wad250/RUVlemB4RC3yETAaVaqS4YbdU/
0BZ90moff5pvHt4CGAfDjnjOtBvm9UvAdg==
-----END CERTIFICATE-----