Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36217DF/54BDBB24E93811EF998A6679762E951A/37CC6E4E240611F090616C78DAE4EC9C.roa
File:                     37CC6E4E240611F090616C78DAE4EC9C.roa (raw, json)
Hash identifier:          9bc6vNFaO6E7uVNH5SjzHhN+xV93XpM/OZ71WG5NHHg=
Subject key identifier:   24:FD:8D:04:CD:F2:46:C3:68:55:AE:CC:E3:E2:A5:ED:8E:75:3E:4F
Certificate issuer:       /CN=F36217DFAF/serialNumber=384F6A3D0C8A91C5F2DF37A11F5A7B9C525BEE16
Certificate serial:       50
Authority key identifier: 38:4F:6A:3D:0C:8A:91:C5:F2:DF:37:A1:1F:5A:7B:9C:52:5B:EE:16
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/OE9qPQyKkcXy3zehH1p7nFJb7hY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36217DF/54BDBB24E93811EF998A6679762E951A/37CC6E4E240611F090616C78DAE4EC9C.roa
Signing time:             Mon 28 Apr 2025 07:55:58 +0000
ROA not before:           Mon 28 Apr 2025 07:55:53 +0000
ROA not after:            Wed 08 Apr 2026 07:55:53 +0000
asID:                     9009
IP address blocks:        102.134.28.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36217DF/54BDBB24E93811EF998A6679762E951A/OE9qPQyKkcXy3zehH1p7nFJb7hY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36217DF/54BDBB24E93811EF998A6679762E951A/OE9qPQyKkcXy3zehH1p7nFJb7hY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/OE9qPQyKkcXy3zehH1p7nFJb7hY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 30 Apr 2025 00:06:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 80 (0x50)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36217DFAF, serialNumber=384F6A3D0C8A91C5F2DF37A11F5A7B9C525BEE16
        Validity
            Not Before: Apr 28 07:55:53 2025 GMT
            Not After : Apr  8 07:55:53 2026 GMT
        Subject: CN=680f348e-03fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:6e:5c:3d:79:32:0b:82:da:d8:55:45:32:15:
                    5d:63:60:a4:6a:9f:0a:79:4e:f9:2f:2a:c4:53:c4:
                    f2:5f:99:d7:f7:8d:b6:76:4e:8a:5c:4c:1e:e8:e0:
                    63:0d:c8:83:ac:01:3e:7e:9e:47:e7:e2:7e:2d:2e:
                    8b:66:d9:b0:43:9f:b5:44:f0:22:07:26:6d:5a:6a:
                    ac:76:a1:3d:65:86:54:f2:74:2f:d1:90:d4:2e:c4:
                    c6:1d:70:e6:2c:74:09:89:aa:24:ce:94:43:24:60:
                    7c:c3:1e:7b:ac:9c:6d:24:c0:07:f3:1d:5d:10:85:
                    94:12:da:d1:a8:bc:ba:97:2b:8a:7f:a6:13:a2:ce:
                    2e:bb:a5:7c:70:59:2f:a2:bf:c4:a9:6a:1f:95:64:
                    6a:cd:2c:5a:64:80:33:5f:dd:ab:e9:e0:d6:ac:89:
                    65:fe:c2:b3:25:7a:9a:51:2b:02:80:07:ee:8d:7b:
                    08:9c:b5:23:48:16:90:95:ba:ba:00:34:3d:b8:53:
                    5e:6b:a1:3c:f8:14:c2:16:2d:f4:bf:2a:a9:41:e3:
                    18:42:04:eb:17:6e:f3:27:9f:ff:70:60:86:02:35:
                    86:9c:f0:dc:56:2b:1c:c4:13:73:eb:12:69:d6:28:
                    a1:56:07:09:bb:63:94:9a:1b:88:9b:9c:d8:af:9f:
                    cb:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:FD:8D:04:CD:F2:46:C3:68:55:AE:CC:E3:E2:A5:ED:8E:75:3E:4F
            X509v3 Authority Key Identifier:
                keyid:38:4F:6A:3D:0C:8A:91:C5:F2:DF:37:A1:1F:5A:7B:9C:52:5B:EE:16

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36217DF/54BDBB24E93811EF998A6679762E951A/OE9qPQyKkcXy3zehH1p7nFJb7hY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OE9qPQyKkcXy3zehH1p7nFJb7hY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36217DF/54BDBB24E93811EF998A6679762E951A/37CC6E4E240611F090616C78DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.134.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ad:40:74:49:70:a5:67:a2:ba:36:01:cd:ce:a7:b6:bb:87:5a:
         7c:a6:16:50:2d:b9:f9:48:bb:2c:c9:56:2b:3e:af:ac:a9:09:
         86:6d:19:fc:35:eb:6d:08:be:c1:08:01:4d:f4:56:f8:76:5f:
         1d:80:53:63:f1:03:7e:b9:5b:7a:f0:78:ad:5c:da:f1:30:8c:
         5d:db:8d:53:01:96:44:79:26:d1:43:41:c5:dd:3c:ca:f2:5f:
         85:51:ea:d7:4c:d6:68:3a:c0:5e:1b:16:0b:fc:dd:00:0d:78:
         2c:81:18:98:cb:4a:1b:54:89:8d:38:fe:d0:b1:d3:f5:3a:c2:
         c6:53:d0:5c:32:75:96:e5:29:45:7c:51:9f:ae:87:03:0d:bc:
         83:bc:f6:08:1f:a3:3d:c7:db:53:72:d4:6e:c4:4e:27:da:50:
         35:99:be:0f:10:17:e5:b4:b4:c8:08:02:27:83:b1:2e:df:2c:
         b8:55:6e:b3:73:37:23:b9:ea:6e:21:94:a4:57:d8:1a:f4:02:
         ac:79:52:83:00:30:5e:eb:2f:b9:ef:5e:f4:40:2f:81:e8:c0:
         c4:0c:93:a2:9a:81:90:4f:93:c4:53:bb:6e:d5:9e:26:31:4d:
         49:92:33:b9:56:56:0a:34:d2:1f:fb:46:2d:c6:39:e0:39:ce:
         b1:37:46:fb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBUDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MTdERkFGMTEwLwYDVQQFEygzODRGNkEzRDBDOEE5MUM1RjJERjM3QTExRjVBN0I5
QzUyNUJFRTE2MB4XDTI1MDQyODA3NTU1M1oXDTI2MDQwODA3NTU1M1owGDEWMBQG
A1UEAxMNNjgwZjM0OGUtMDNmYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpuXD15MguC2thVRTIVXWNgpGqfCnlO+S8qxFPE8l+Z1/eNtnZOilxMHujg
Yw3Ig6wBPn6eR+fifi0ui2bZsEOftUTwIgcmbVpqrHahPWWGVPJ0L9GQ1C7Exh1w
5ix0CYmqJM6UQyRgfMMee6ycbSTAB/MdXRCFlBLa0ai8upcrin+mE6LOLrulfHBZ
L6K/xKlqH5Vkas0sWmSAM1/dq+ng1qyJZf7CsyV6mlErAoAH7o17CJy1I0gWkJW6
ugA0PbhTXmuhPPgUwhYt9L8qqUHjGEIE6xdu8yef/3BghgI1hpzw3FYrHMQTc+sS
adYooVYHCbtjlJobiJuc2K+fy0cCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQk/Y0E
zfJGw2hVrszj4qXtjnU+TzAfBgNVHSMEGDAWgBQ4T2o9DIqRxfLfN6EfWnucUlvu
FjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjE3REYvNTRCREJCMjRFOTM4MTFFRjk5OEE2Njc5NzYyRTk1MUEvT0U5cVBR
eUtrY1h5M3plaEgxcDduRkpiN2hZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT0U5cVBReUtrY1h5M3plaEgxcDduRkpiN2hZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjE3REYvNTRCREJCMjRFOTM4MTFFRjk5OEE2Njc5NzYy
RTk1MUEvMzdDQzZFNEUyNDA2MTFGMDkwNjE2Qzc4REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmaGHDANBgkqhkiG9w0BAQsF
AAOCAQEArUB0SXClZ6K6NgHNzqe2u4dafKYWUC25+Ui7LMlWKz6vrKkJhm0Z/DXr
bQi+wQgBTfRW+HZfHYBTY/EDfrlbevB4rVza8TCMXduNUwGWRHkm0UNBxd08yvJf
hVHq10zWaDrAXhsWC/zdAA14LIEYmMtKG1SJjTj+0LHT9TrCxlPQXDJ1luUpRXxR
n66HAw28g7z2CB+jPcfbU3LUbsROJ9pQNZm+DxAX5bS0yAgCJ4OxLt8suFVus3M3
I7nqbiGUpFfYGvQCrHlSgwAwXusvue9e9EAvgejAxAyTopqBkE+TxFO7btWeJjFN
SZIzuVZWCjTSH/tGLcY54DnOsTdG+w==
-----END CERTIFICATE-----