Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/2FEA641C485311F08923BFACDAE4EC9C.roa
File:                     2FEA641C485311F08923BFACDAE4EC9C.roa (raw, json)
Hash identifier:          KrmkGcXSOHZjvHM521hXcvE4TQGOXbe+7WGEKu+U5mM=
Subject key identifier:   E9:A3:3C:D8:EA:38:F5:D4:12:EF:20:60:41:C3:E7:87:26:80:DD:1E
Certificate issuer:       /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial:       0B2C
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/2FEA641C485311F08923BFACDAE4EC9C.roa
Signing time:             Fri 13 Jun 2025 12:37:38 +0000
ROA not before:           Fri 13 Jun 2025 12:37:32 +0000
ROA not after:            Tue 01 Dec 2026 12:37:32 +0000
asID:                     329007
IP address blocks:        102.135.101.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 17 Jun 2025 00:06:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2860 (0xb2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363BA19AF, serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
        Validity
            Not Before: Jun 13 12:37:32 2025 GMT
            Not After : Dec  1 12:37:32 2026 GMT
        Subject: CN=684c1b92-1417
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:28:11:ab:d6:1c:e1:b0:a8:bb:69:7b:04:0a:
                    a8:00:0a:e1:e7:e4:e5:07:06:39:93:5c:13:62:00:
                    eb:bf:03:96:84:d0:03:66:fc:63:74:34:dc:8c:c5:
                    8c:c9:a1:58:83:af:d1:55:a2:e8:59:a0:4f:93:3e:
                    aa:81:6e:91:d2:fb:e8:dc:36:d8:e6:9d:dd:56:20:
                    e7:77:1b:c7:4d:27:87:7f:e9:18:48:32:a7:59:61:
                    ce:f8:f5:30:67:6d:89:ed:d1:24:80:37:81:a6:a8:
                    b6:60:fa:92:30:53:0a:e9:49:9d:2c:f1:8a:88:d6:
                    d1:67:ef:8c:f8:8e:38:18:33:15:9b:7f:cb:c8:e8:
                    58:46:30:0a:84:f1:db:d2:aa:c9:89:fb:e0:74:17:
                    11:1b:2c:30:4f:cd:92:aa:20:79:d4:44:7c:3e:00:
                    c2:5c:8b:04:ed:5a:83:5c:aa:c5:67:0d:21:12:ff:
                    08:f0:a1:69:9b:1a:68:73:c1:1c:b0:76:02:d7:15:
                    12:cc:8a:8a:7a:01:cd:5e:95:c7:bf:bf:2e:ac:ad:
                    3c:fa:76:48:ae:5c:e3:52:74:9b:04:62:9a:f6:c9:
                    98:13:71:6b:d1:ff:3a:79:56:1a:16:2a:4d:4b:e4:
                    3e:f7:67:43:fe:0f:1c:1b:36:97:90:50:bc:1b:a6:
                    63:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:A3:3C:D8:EA:38:F5:D4:12:EF:20:60:41:C3:E7:87:26:80:DD:1E
            X509v3 Authority Key Identifier:
                keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/2FEA641C485311F08923BFACDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.135.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d2:7e:c6:ec:31:7b:7b:c6:77:1a:73:b1:46:f8:60:ff:3f:a8:
         27:eb:94:8a:2c:19:93:87:62:72:a8:9a:2a:fd:d7:d5:9d:5f:
         e7:7f:b5:32:4c:bd:fd:47:26:2b:5b:3d:1e:7a:a6:61:0e:06:
         f7:f4:19:f3:e3:51:eb:20:84:43:e5:c0:4a:23:34:f8:4d:e7:
         af:44:f4:34:9b:63:fa:35:27:3b:e8:21:98:c2:a8:2d:05:1d:
         cd:fd:99:93:c2:2e:05:a2:ff:8c:64:ea:bd:4b:36:a0:6d:6f:
         86:9e:b0:09:97:06:93:0c:85:f7:cf:ce:2f:7f:a9:f5:c2:25:
         21:68:96:b1:64:7d:97:b6:b8:f1:27:f3:a3:f8:1b:fc:6b:fc:
         b8:85:6c:df:8d:f7:42:bb:0b:d0:33:8a:fb:9c:7a:5b:48:95:
         54:21:57:e7:1b:ee:10:e2:19:87:45:43:e4:84:85:4d:13:54:
         90:4f:d8:41:74:d1:b1:d5:b4:8c:f4:a3:68:e8:a0:ae:41:1a:
         ae:83:17:32:10:f2:d0:5f:c2:30:91:fe:57:55:59:1d:32:9b:
         1e:7b:22:1a:4e:e1:c8:73:c8:94:e9:7b:c2:69:0d:72:5e:fc:
         0b:06:5b:b9:91:e3:da:6f:ae:43:4d:19:94:96:ef:0a:d1:31:
         88:38:a1:ae
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCywwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNTA2MTMxMjM3MzJaFw0yNjEyMDExMjM3MzJaMBgxFjAU
BgNVBAMTDTY4NGMxYjkyLTE0MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCnKBGr1hzhsKi7aXsECqgACuHn5OUHBjmTXBNiAOu/A5aE0ANm/GN0NNyM
xYzJoViDr9FVouhZoE+TPqqBbpHS++jcNtjmnd1WIOd3G8dNJ4d/6RhIMqdZYc74
9TBnbYnt0SSAN4GmqLZg+pIwUwrpSZ0s8YqI1tFn74z4jjgYMxWbf8vI6FhGMAqE
8dvSqsmJ++B0FxEbLDBPzZKqIHnURHw+AMJciwTtWoNcqsVnDSES/wjwoWmbGmhz
wRywdgLXFRLMiop6Ac1elce/vy6srTz6dkiuXONSdJsEYpr2yZgTcWvR/zp5VhoW
Kk1L5D73Z0P+DxwbNpeQULwbpmPPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6aM8
2Oo49dQS7yBgQcPnhyaA3R4wHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3LzJGRUE2NDFDNDg1MzExRjA4OTIzQkZBQ0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmh2UwDQYJKoZIhvcNAQEL
BQADggEBANJ+xuwxe3vGdxpzsUb4YP8/qCfrlIosGZOHYnKomir919WdX+d/tTJM
vf1HJitbPR56pmEOBvf0GfPjUesghEPlwEojNPhN569E9DSbY/o1JzvoIZjCqC0F
Hc39mZPCLgWi/4xk6r1LNqBtb4aesAmXBpMMhffPzi9/qfXCJSFolrFkfZe2uPEn
86P4G/xr/LiFbN+N90K7C9AzivuceltIlVQhV+cb7hDiGYdFQ+SEhU0TVJBP2EF0
0bHVtIz0o2jooK5BGq6DFzIQ8tBfwjCR/ldVWR0ymx57IhpO4chzyJTpe8JpDXJe
/AsGW7mR49pvrkNNGZSW7wrRMYg4oa4=
-----END CERTIFICATE-----