Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/E6558D341E8D11F0ABE96FE1DAE4EC9C.roa
File:                     E6558D341E8D11F0ABE96FE1DAE4EC9C.roa (raw, json)
Hash identifier:          ZTzqxURs/faFGv9LO4eqoUg3h/wlkjLYz//v+IAgiyw=
Subject key identifier:   35:0F:64:F7:B2:B2:CA:9F:3E:AC:F7:F4:55:87:E1:0F:96:F5:12:30
Certificate issuer:       /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial:       0940
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/E6558D341E8D11F0ABE96FE1DAE4EC9C.roa
Signing time:             Mon 21 Apr 2025 08:52:06 +0000
ROA not before:           Mon 21 Apr 2025 08:52:01 +0000
ROA not after:            Tue 21 Apr 2026 08:52:01 +0000
asID:                     18811
IP address blocks:        196.251.122.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 27 Apr 2025 00:06:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2368 (0x940)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363BA19AF, serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
        Validity
            Not Before: Apr 21 08:52:01 2025 GMT
            Not After : Apr 21 08:52:01 2026 GMT
        Subject: CN=68060735-c8b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:42:c4:0c:c1:62:91:45:c1:ea:e5:00:78:00:
                    56:45:92:69:99:49:d8:ab:6b:eb:2a:2f:b3:1e:5c:
                    72:fd:05:5c:49:28:dd:0d:e5:d6:94:7f:7f:57:f7:
                    01:d4:3c:95:20:78:83:a3:9e:b5:e0:c0:e1:53:83:
                    ec:7a:f9:e5:b1:c9:d6:94:01:84:7e:55:53:d7:95:
                    e8:35:8b:d8:34:97:6d:db:d2:82:9a:7b:63:f9:ae:
                    7f:49:8b:f5:e7:87:79:76:77:95:a0:20:be:30:a4:
                    0c:fa:ec:da:da:34:69:a3:de:6b:a2:ab:84:21:8f:
                    00:7a:ed:e8:99:60:b0:17:a2:ee:6f:2e:7a:e8:83:
                    52:e3:37:47:6f:8e:12:cb:aa:ae:28:8c:ca:87:85:
                    9b:19:8d:c5:81:05:e6:1e:02:a3:b0:bc:f3:1a:94:
                    01:69:a7:c7:45:9f:f6:4e:78:37:c1:f9:6f:d0:1f:
                    22:b6:bc:57:0d:f2:e0:7f:72:8e:c3:45:34:0a:fc:
                    b2:71:e0:b6:e6:69:1e:b1:51:90:78:f1:bc:23:7f:
                    6a:06:c7:34:55:bf:c5:26:4f:fd:13:aa:06:65:6c:
                    af:62:0b:34:bc:ef:c1:33:55:11:c6:68:15:80:47:
                    e5:31:8f:da:dc:f7:dc:55:61:91:09:12:2d:93:a9:
                    ac:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:0F:64:F7:B2:B2:CA:9F:3E:AC:F7:F4:55:87:E1:0F:96:F5:12:30
            X509v3 Authority Key Identifier:
                keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/E6558D341E8D11F0ABE96FE1DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.251.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:03:56:ab:78:7f:7d:dc:48:83:0c:1a:e6:df:6c:d4:2a:cd:
         d6:c0:32:fa:90:f0:9d:92:5f:ca:5f:41:f6:35:e5:f4:a9:1f:
         b1:61:e4:54:8f:3a:c8:3e:f6:80:76:b2:e3:bf:dd:34:11:2f:
         33:8a:7e:c9:e8:9c:ba:4f:17:f1:91:c9:c3:1a:ad:33:b3:b9:
         82:a6:d3:a5:1e:89:e9:f8:d3:39:a7:84:f0:0c:49:75:d7:2b:
         95:bf:dc:cd:7d:f8:30:85:0b:e2:34:cd:d0:46:48:5e:b4:22:
         09:c2:c2:fb:3c:de:b6:d4:0d:c1:ce:35:8f:7e:7b:10:91:75:
         8c:ae:a6:92:e0:db:64:da:90:e8:88:4b:ba:6b:82:9a:ed:44:
         78:92:ab:ff:cf:9e:8b:91:49:28:1c:c5:bf:6b:7b:a9:3f:52:
         da:86:6a:67:1e:d2:ee:90:27:56:da:24:72:07:d0:ac:2e:90:
         63:2a:0f:c3:2f:d8:07:b8:76:33:f6:07:01:88:b6:66:95:d9:
         e3:b4:6f:b5:c7:62:93:7e:b9:29:21:a6:d9:e0:5e:da:50:a3:
         b5:c1:71:d8:cb:0d:8c:04:a1:24:c9:77:51:69:ee:66:9a:b7:
         be:ef:4f:36:fb:31:ab:86:60:0a:b9:b9:aa:e8:a2:06:2c:df:
         c9:a5:6e:fb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCUAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNTA0MjEwODUyMDFaFw0yNjA0MjEwODUyMDFaMBgxFjAU
BgNVBAMTDTY4MDYwNzM1LWM4YjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCoQsQMwWKRRcHq5QB4AFZFkmmZSdira+sqL7MeXHL9BVxJKN0N5daUf39X
9wHUPJUgeIOjnrXgwOFTg+x6+eWxydaUAYR+VVPXleg1i9g0l23b0oKae2P5rn9J
i/Xnh3l2d5WgIL4wpAz67NraNGmj3muiq4QhjwB67eiZYLAXou5vLnrog1LjN0dv
jhLLqq4ojMqHhZsZjcWBBeYeAqOwvPMalAFpp8dFn/ZOeDfB+W/QHyK2vFcN8uB/
co7DRTQK/LJx4LbmaR6xUZB48bwjf2oGxzRVv8UmT/0TqgZlbK9iCzS878EzVRHG
aBWAR+Uxj9rc99xVYZEJEi2TqaxdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNQ9k
97Kyyp8+rPf0VYfhD5b1EjAwHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3L0U2NTU4RDM0MUU4RDExRjBBQkU5NkZFMURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADE+3owDQYJKoZIhvcNAQEL
BQADggEBAFsDVqt4f33cSIMMGubfbNQqzdbAMvqQ8J2SX8pfQfY15fSpH7Fh5FSP
Osg+9oB2suO/3TQRLzOKfsnonLpPF/GRycMarTOzuYKm06Ueien40zmnhPAMSXXX
K5W/3M19+DCFC+I0zdBGSF60IgnCwvs83rbUDcHONY9+exCRdYyuppLg22TakOiI
S7prgprtRHiSq//PnouRSSgcxb9re6k/UtqGamce0u6QJ1baJHIH0KwukGMqD8Mv
2Ae4djP2BwGItmaV2eO0b7XHYpN+uSkhptngXtpQo7XBcdjLDYwEoSTJd1Fp7maa
t77vTzb7MauGYAq5uaroogYs38mlbvs=
-----END CERTIFICATE-----