Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/54964A9CB49C11EA954A5910F8AEA228.roa
File:                     54964A9CB49C11EA954A5910F8AEA228.roa (raw, json)
Hash identifier:          Sz8kShfd3kR/xyiKfp0ikKE/RLPnZrOAd+EAh5NYAxA=
Subject key identifier:   B9:F4:8D:4A:1D:38:EA:9E:0B:F8:4B:13:16:3A:80:5A:8E:21:B9:C8
Certificate issuer:       /CN=F36FDDEEAF/serialNumber=2CD31C3C251F5EDA183F938E7FCB3A4A1DBA89DD
Certificate serial:       02
Authority key identifier: 2C:D3:1C:3C:25:1F:5E:DA:18:3F:93:8E:7F:CB:3A:4A:1D:BA:89:DD
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/54964A9CB49C11EA954A5910F8AEA228.roa
Signing time:             Mon 22 Jun 2020 15:23:32 +0000
ROA not before:           Mon 22 Jun 2020 15:23:26 +0000
ROA not after:            Sun 22 Jun 2025 15:23:26 +0000
asID:                     29465
IP address blocks:        197.210.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FDDEEAF/serialNumber=2CD31C3C251F5EDA183F938E7FCB3A4A1DBA89DD
        Validity
            Not Before: Jun 22 15:23:26 2020 GMT
            Not After : Jun 22 15:23:26 2025 GMT
        Subject: CN=5ef0ccf4-124f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:76:31:11:53:30:a3:ec:3a:fa:c3:03:b7:40:
                    5b:49:ad:95:1d:f8:21:52:f2:2a:7c:0f:c5:e3:9d:
                    70:bd:b4:74:81:7a:60:3d:7d:1f:c5:7e:aa:ba:66:
                    6c:50:de:5b:ad:cd:64:1f:0a:cf:8a:04:7e:c2:b4:
                    a0:13:32:97:d9:a3:14:0f:53:15:c2:28:00:80:2d:
                    06:87:04:6d:bb:47:83:a8:9e:57:a0:2d:c8:a6:17:
                    a8:63:7d:e8:6d:7a:47:a6:74:f6:cf:52:42:97:fa:
                    c0:24:d2:79:07:de:83:91:25:49:1a:4c:8d:e7:0c:
                    20:c0:8a:ad:78:09:cc:16:36:6f:64:3f:e6:d3:72:
                    a9:d8:45:4a:16:41:eb:e8:b7:74:a4:df:e5:4d:73:
                    a5:fc:da:d7:01:7f:64:f7:01:61:c9:5d:2f:bd:b2:
                    6d:b2:83:46:cb:d7:b4:d8:9e:a8:33:ef:06:12:18:
                    41:91:07:dd:63:72:15:f4:18:7c:4d:b6:00:a9:ab:
                    42:35:5e:65:a2:ff:c3:ab:b5:0b:f8:c7:86:9e:d3:
                    3d:d5:53:48:86:4e:90:8d:ea:a0:c3:00:dc:ec:fa:
                    6c:01:01:03:cf:b3:d9:d2:9c:99:ba:50:17:0b:9a:
                    3e:d9:16:82:ec:60:9c:08:75:e3:50:c2:cc:2e:df:
                    af:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F4:8D:4A:1D:38:EA:9E:0B:F8:4B:13:16:3A:80:5A:8E:21:B9:C8
            X509v3 Authority Key Identifier:
                keyid:2C:D3:1C:3C:25:1F:5E:DA:18:3F:93:8E:7F:CB:3A:4A:1D:BA:89:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/LNMcPCUfXtoYP5OOf8s6Sh26id0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/LNMcPCUfXtoYP5OOf8s6Sh26id0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDEE/214C5AECB49B11EAA3F61F0FF8AEA228/54964A9CB49C11EA954A5910F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.210.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         93:2b:40:f7:b2:0a:5c:6e:e7:7b:ef:43:0b:f9:c4:6f:60:e8:
         dc:5d:44:f9:01:80:e6:db:ba:6f:9e:c9:a3:f3:36:8c:d9:02:
         dc:32:83:58:6c:ac:59:b0:e4:6d:bb:63:5a:aa:a9:13:ba:8f:
         2b:c6:07:91:7e:a7:7f:a2:62:29:67:62:30:9d:84:94:57:fb:
         0d:36:a2:09:3c:7f:00:12:66:37:85:f3:8e:a7:b3:b6:a8:3a:
         5b:ab:91:fc:0a:59:5b:46:f6:f6:7c:dc:01:76:a4:be:f1:65:
         40:6e:30:6c:cb:82:6f:a2:3d:72:6f:2e:7f:0c:7e:3e:0f:76:
         bc:00:0c:6e:9e:83:db:3c:1e:01:21:21:3e:20:f8:ca:56:bf:
         05:9c:df:fe:e7:b7:f2:56:5a:6f:d5:c7:d3:d4:92:e5:39:bc:
         55:b4:b1:08:07:0b:e4:73:5a:f1:70:1f:6d:7f:20:91:de:93:
         ee:69:8c:0c:90:da:0f:b1:10:f6:64:79:6a:eb:a8:c5:fc:20:
         5e:8b:ef:bb:c4:05:53:ec:76:f4:0a:62:42:19:84:67:b3:56:
         5e:50:49:6b:f8:a6:bd:c3:80:db:4f:b0:46:96:af:e6:9f:8c:
         a7:99:be:a4:62:df:6e:d3:1f:7b:62:35:d1:70:9b:25:0c:8c:
         16:cf:8e:47
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
RERFRUFGMTEwLwYDVQQFEygyQ0QzMUMzQzI1MUY1RURBMTgzRjkzOEU3RkNCM0E0
QTFEQkE4OUREMB4XDTIwMDYyMjE1MjMyNloXDTI1MDYyMjE1MjMyNlowGDEWMBQG
A1UEAxMNNWVmMGNjZjQtMTI0ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMd2MRFTMKPsOvrDA7dAW0mtlR34IVLyKnwPxeOdcL20dIF6YD19H8V+qrpm
bFDeW63NZB8Kz4oEfsK0oBMyl9mjFA9TFcIoAIAtBocEbbtHg6ieV6AtyKYXqGN9
6G16R6Z09s9SQpf6wCTSeQfeg5ElSRpMjecMIMCKrXgJzBY2b2Q/5tNyqdhFShZB
6+i3dKTf5U1zpfza1wF/ZPcBYcldL72ybbKDRsvXtNieqDPvBhIYQZEH3WNyFfQY
fE22AKmrQjVeZaL/w6u1C/jHhp7TPdVTSIZOkI3qoMMA3Oz6bAEBA8+z2dKcmbpQ
FwuaPtkWguxgnAh141DCzC7fr6cCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBS59I1K
HTjqngv4SxMWOoBajiG5yDAfBgNVHSMEGDAWgBQs0xw8JR9e2hg/k45/yzpKHbqJ
3TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkRERUUvMjE0QzVBRUNCNDlCMTFFQUEzRjYxRjBGRjhBRUEyMjgvTE5NY1BD
VWZYdG9ZUDVPT2Y4czZTaDI2aWQwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTE5NY1BDVWZYdG9ZUDVPT2Y4czZTaDI2aWQwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkRERUUvMjE0QzVBRUNCNDlCMTFFQUEzRjYxRjBGRjhB
RUEyMjgvNTQ5NjRBOUNCNDlDMTFFQTk1NEE1OTEwRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMXSMA0GCSqGSIb3DQEBCwUA
A4IBAQCTK0D3sgpcbud770ML+cRvYOjcXUT5AYDm27pvnsmj8zaM2QLcMoNYbKxZ
sORtu2NaqqkTuo8rxgeRfqd/omIpZ2IwnYSUV/sNNqIJPH8AEmY3hfOOp7O2qDpb
q5H8CllbRvb2fNwBdqS+8WVAbjBsy4Jvoj1yby5/DH4+D3a8AAxunoPbPB4BISE+
IPjKVr8FnN/+57fyVlpv1cfT1JLlObxVtLEIBwvkc1rxcB9tfyCR3pPuaYwMkNoP
sRD2ZHlq66jF/CBei++7xAVT7Hb0CmJCGYRns1ZeUElr+Ka9w4DbT7BGlq/mn4yn
mb6kYt9u0x97YjXRcJslDIwWz45H
-----END CERTIFICATE-----