Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E8561/B0D720E01C3F11ECBA220D0BD8A014CE/71ACB1521C4C11ECB274F91DD8A014CE.roa
File:                     71ACB1521C4C11ECB274F91DD8A014CE.roa (raw, json)
Hash identifier:          EFUsQQjRMTzZd+qctTKgGOKkOIuOEUwZkFKmnmZz65w=
Subject key identifier:   49:1B:69:E3:06:1E:93:64:D0:42:28:35:74:2D:AD:B2:DB:EA:BC:A1
Certificate issuer:       /CN=F36E8561AF/serialNumber=BDF6F99CD082C13BEDA5DA0E89888DD532C86307
Certificate serial:       05
Authority key identifier: BD:F6:F9:9C:D0:82:C1:3B:ED:A5:DA:0E:89:88:8D:D5:32:C8:63:07
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/vfb5nNCCwTvtpdoOiYiN1TLIYwc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E8561/B0D720E01C3F11ECBA220D0BD8A014CE/71ACB1521C4C11ECB274F91DD8A014CE.roa
Signing time:             Thu 23 Sep 2021 08:58:39 +0000
ROA not before:           Thu 23 Sep 2021 08:58:33 +0000
ROA not after:            Fri 31 Dec 2049 08:58:33 +0000
asID:                     37254
IP address blocks:        102.69.176.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E8561/B0D720E01C3F11ECBA220D0BD8A014CE/vfb5nNCCwTvtpdoOiYiN1TLIYwc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E8561/B0D720E01C3F11ECBA220D0BD8A014CE/vfb5nNCCwTvtpdoOiYiN1TLIYwc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/vfb5nNCCwTvtpdoOiYiN1TLIYwc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 26 May 2024 00:04:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E8561AF/serialNumber=BDF6F99CD082C13BEDA5DA0E89888DD532C86307
        Validity
            Not Before: Sep 23 08:58:33 2021 GMT
            Not After : Dec 31 08:58:33 2049 GMT
        Subject: CN=614c41bf-8eb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:94:d2:7e:57:87:78:34:43:9a:71:5e:3b:a0:
                    8e:65:b8:0b:05:52:e5:63:da:91:ca:84:50:9f:f2:
                    ab:14:ae:fb:48:35:03:60:02:db:fe:95:bf:f5:21:
                    e9:b6:c5:40:9e:da:d2:64:f0:48:74:24:a7:54:60:
                    76:3b:e8:6f:77:1d:22:e5:94:66:f9:36:d6:3c:af:
                    cb:5a:d1:69:1d:35:91:18:d1:80:48:01:7e:ab:31:
                    cc:4c:4e:b7:92:d9:06:9f:c7:d2:c1:30:71:e2:48:
                    d9:a5:60:3b:e7:71:27:71:8a:ac:4a:4a:6d:05:b2:
                    ba:46:06:34:f9:49:74:a3:2e:b4:02:d2:38:7a:3d:
                    7f:b8:8e:d4:d4:09:ad:1e:b2:85:c9:ae:ca:9a:03:
                    a1:48:ab:d8:f4:01:c2:45:7e:ae:92:13:8a:b6:4e:
                    ed:40:d5:8b:b0:7e:6e:f0:c0:67:f9:a2:a9:06:a2:
                    38:d8:10:67:8e:67:8d:59:29:51:43:cc:ac:e4:41:
                    a5:45:96:4b:72:28:f5:14:ab:16:8e:5f:0e:7d:8d:
                    02:5a:b7:d5:e4:93:1a:0c:eb:4b:70:7f:cd:24:f8:
                    b8:67:77:fe:60:6e:a5:bb:8c:54:1e:ed:5d:86:17:
                    9a:24:89:09:4e:da:4b:17:ca:02:49:3f:b3:4e:5d:
                    32:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:1B:69:E3:06:1E:93:64:D0:42:28:35:74:2D:AD:B2:DB:EA:BC:A1
            X509v3 Authority Key Identifier:
                keyid:BD:F6:F9:9C:D0:82:C1:3B:ED:A5:DA:0E:89:88:8D:D5:32:C8:63:07

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E8561/B0D720E01C3F11ECBA220D0BD8A014CE/vfb5nNCCwTvtpdoOiYiN1TLIYwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vfb5nNCCwTvtpdoOiYiN1TLIYwc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E8561/B0D720E01C3F11ECBA220D0BD8A014CE/71ACB1521C4C11ECB274F91DD8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.69.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         00:d4:ac:b8:a2:f7:01:3b:33:c0:0e:23:c5:5e:8e:6c:a0:2d:
         02:24:bb:7e:a4:b0:a0:0b:99:68:45:47:6e:df:ee:b2:9f:48:
         00:2d:a5:e1:00:be:1c:fa:0d:f0:40:d6:07:fc:86:a6:92:99:
         e4:83:de:71:3c:06:f0:73:39:5c:8c:7d:1c:41:03:22:5c:02:
         81:02:74:5d:7f:4a:f0:cc:bb:0a:4e:ad:3c:7d:8d:50:d8:42:
         2d:da:ac:2b:03:36:85:f8:51:a1:57:8a:21:42:1b:ec:70:98:
         eb:29:9b:a7:4c:67:b1:50:e3:8e:b4:2a:ab:0b:49:ad:d3:04:
         d8:dc:f0:21:32:ca:bd:20:ab:68:e6:b6:b7:cc:8a:f6:01:9a:
         34:0b:ca:29:09:13:de:4a:d5:07:8d:22:7c:86:a0:01:ea:fa:
         08:5d:73:39:28:50:25:a8:d3:3d:20:28:29:a9:c2:01:76:7a:
         70:21:34:11:b3:7b:97:0b:f8:50:55:52:14:3b:ea:6e:1d:e2:
         2e:3f:23:04:e6:9c:5a:1e:ad:8f:8b:09:f5:f6:38:d3:66:b7:
         38:12:d9:16:dd:73:ab:2f:ef:7b:6a:54:ac:91:31:b5:52:a8:
         2a:94:c3:e2:d5:18:b3:e2:d4:22:4c:e7:be:76:69:6c:5f:ac:
         87:b6:fc:77
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZF
ODU2MUFGMTEwLwYDVQQFEyhCREY2Rjk5Q0QwODJDMTNCRURBNURBMEU4OTg4OERE
NTMyQzg2MzA3MB4XDTIxMDkyMzA4NTgzM1oXDTQ5MTIzMTA4NTgzM1owGDEWMBQG
A1UEAwwNNjE0YzQxYmYtOGViODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyU0n5Xh3g0Q5pxXjugjmW4CwVS5WPakcqEUJ/yqxSu+0g1A2AC2/6Vv/Uh
6bbFQJ7a0mTwSHQkp1Rgdjvob3cdIuWUZvk21jyvy1rRaR01kRjRgEgBfqsxzExO
t5LZBp/H0sEwceJI2aVgO+dxJ3GKrEpKbQWyukYGNPlJdKMutALSOHo9f7iO1NQJ
rR6yhcmuypoDoUir2PQBwkV+rpITirZO7UDVi7B+bvDAZ/miqQaiONgQZ45njVkp
UUPMrORBpUWWS3Io9RSrFo5fDn2NAlq31eSTGgzrS3B/zST4uGd3/mBupbuMVB7t
XYYXmiSJCU7aSxfKAkk/s05dMsECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRJG2nj
Bh6TZNBCKDV0La2y2+q8oTAfBgNVHSMEGDAWgBS99vmc0ILBO+2l2g6JiI3VMshj
BzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTg1NjEvQjBENzIwRTAxQzNGMTFFQ0JBMjIwRDBCRDhBMDE0Q0UvdmZiNW5O
Q0N3VHZ0cGRvT2lZaU4xVExJWXdjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdmZiNW5OQ0N3VHZ0cGRvT2lZaU4xVExJWXdjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTg1NjEvQjBENzIwRTAxQzNGMTFFQ0JBMjIwRDBCRDhB
MDE0Q0UvNzFBQ0IxNTIxQzRDMTFFQ0IyNzRGOTFERDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmZFsDANBgkqhkiG9w0BAQsF
AAOCAQEAANSsuKL3ATszwA4jxV6ObKAtAiS7fqSwoAuZaEVHbt/usp9IAC2l4QC+
HPoN8EDWB/yGppKZ5IPecTwG8HM5XIx9HEEDIlwCgQJ0XX9K8My7Ck6tPH2NUNhC
LdqsKwM2hfhRoVeKIUIb7HCY6ymbp0xnsVDjjrQqqwtJrdME2NzwITLKvSCraOa2
t8yK9gGaNAvKKQkT3krVB40ifIagAer6CF1zOShQJajTPSAoKanCAXZ6cCE0EbN7
lwv4UFVSFDvqbh3iLj8jBOacWh6tj4sJ9fY402a3OBLZFt1zqy/ve2pUrJExtVKo
KpTD4tUYs+LUIkznvnZpbF+sh7b8dw==
-----END CERTIFICATE-----